diff options
| author | Luke Shumaker <lukeshu@lukeshu.com> | 2018-07-19 12:42:17 -0400 |
|---|---|---|
| committer | Luke Shumaker <lukeshu@lukeshu.com> | 2018-07-19 12:42:17 -0400 |
| commit | 021fdbe02956e745b579f49fc0585747c2aec458 (patch) | |
| tree | d74b6c6eaa8130e55e9b52f310acb23fcc033d73 | |
| parent | d54b7826fa34ee1af5d28023f1847f3ae55ff10c (diff) | |
| parent | 8e0c6d2655f83927ffdce8ed2edf6d7b80423178 (diff) | |
Merge tag 'systemd/v238.0-3.parabola1' into systemd/parabola
440 files changed, 16621 insertions, 6532 deletions
diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 6f197441cb..2f266f2934 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -24,8 +24,8 @@ If you discover a security vulnerability, we'd appreciate a non-public disclosur ## Posting Pull Requests * Make sure to post PRs only relative to a very recent git master. -* Follow our [Coding Style](https://raw.githubusercontent.com/systemd/systemd/master/CODING_STYLE) when contributing code. This is a requirement for all code we merge. -* Please make sure to test your change before submitting the PR. See [HACKING](https://raw.githubusercontent.com/systemd/systemd/master/HACKING) for details how to do this. +* Follow our [Coding Style](https://raw.githubusercontent.com/systemd/systemd/master/doc/CODING_STYLE) when contributing code. This is a requirement for all code we merge. +* Please make sure to test your change before submitting the PR. See [HACKING](https://raw.githubusercontent.com/systemd/systemd/master/doc/HACKING) for details how to do this. * Make sure to run the test suite locally, before posting your PR. We use a CI system, meaning we don't even look at your PR, if the build and tests don't pass. * If you need to update the code in an existing PR, force-push into the same branch, overriding old commits with new versions. * After you have pushed a new version, add a comment about the new version (no notification is sent just for the commits, so it's easy to miss the update without an explicit comment). If you are a member of the systemd project on GitHub, remove the `reviewed/needs-rework` label. @@ -149,3 +149,5 @@ Zachary Winnerman <33329648+winnerman-pythian@users.noreply.github.com> Vladislav Vishnyakov <split7fire@yandex.ru> Robert Kolchmeyer <rkolchmeyer@google.com> <rkolchmeyer@users.noreply.github.com> George Gaydarov <git@gg7.io> <gg7@users.noreply.github.com> +Bill Yodlowsky <bill@redhat.com> <itsbill@users.noreply.github.com> +Mao Huang <littlecvr@gmail.com> diff --git a/.mkosi/mkosi.arch b/.mkosi/mkosi.arch index d7f6bc866a..dac80d38f7 100644 --- a/.mkosi/mkosi.arch +++ b/.mkosi/mkosi.arch @@ -41,11 +41,11 @@ BuildPackages= docbook-xsl elfutils gcc + gettext git gnu-efi-libs gnutls gperf - intltool iptables kmod libcap diff --git a/.mkosi/mkosi.debian b/.mkosi/mkosi.debian index a93eb7b539..de47df1847 100644 --- a/.mkosi/mkosi.debian +++ b/.mkosi/mkosi.debian @@ -37,10 +37,10 @@ BuildPackages= docbook-xml docbook-xsl gcc + gettext git gnu-efi gperf - intltool iptables-dev libacl1-dev libaudit-dev diff --git a/.mkosi/mkosi.fedora b/.mkosi/mkosi.fedora index 4d7168c00b..0aeb7751cb 100644 --- a/.mkosi/mkosi.fedora +++ b/.mkosi/mkosi.fedora @@ -22,7 +22,7 @@ [Distribution] Distribution=fedora -Release=26 +Release=27 [Output] Format=raw_btrfs @@ -41,12 +41,12 @@ BuildPackages= docbook-style-xsl elfutils-devel gcc + gettext git gnu-efi gnu-efi-devel gnutls-devel gperf - intltool iptables-devel kmod-devel libacl-devel @@ -67,6 +67,7 @@ BuildPackages= m4 meson pam-devel + pcre2-devel pkgconfig python3-devel python3-lxml @@ -1,5 +1,161 @@ systemd System and Service Manager +CHANGES WITH 238: + + * The MemoryAccounting= unit property now defaults to on. After + discussions with the upstream control group maintainers we learnt + that the negative impact of cgroup memory accounting on current + kernels is finally relatively minimal, so that it should be safe to + enable this by default without affecting system performance. Besides + memory accounting only task accounting is turned on by default, all + other forms of resource accounting (CPU, IO, IP) remain off for now, + because it's not clear yet that their impact is small enough to move + from opt-in to opt-out. We recommend downstreams to leave memory + accounting on by default if kernel 4.14 or higher is are primarily + used. On very resource constrained systems or when support for old + kernels is a necessity, -Dmemory-accounting-default=false can be used + to revert this change. + + * rpm scriptlets to update the udev hwdb and rules (%udev_hwdb_update, + %udev_rules_update) and the journal catalog (%journal_catalog_update) + from the upgrade scriptlets of individual packages now do nothing. + Transfiletriggers have been added which will perform those updates + once at the end of the transaction. + + Similar transfiletriggers have been added to execute any sysctl.d + and binfmt.d rules. Thus, it should be unnecessary to provide any + scriptlets to execute this configuration from package installation + scripts. + + * systemd-sysusers gained a mode where the configuration to execute is + specified on the command line, but this configuration is not executed + directly, but instead it is merged with the configuration on disk, + and the result is executed. This is useful for package installation + scripts which want to create the user before installing any files on + disk (in case some of those files are owned by that user), while + still allowing local admin overrides. + + This functionality is exposed to rpm scriplets through a new + %sysusers_create_package macro. Old %sysusers_create and + %sysusers_create_inline macros are deprecated. + + A transfiletrigger for sysusers.d configuration is now installed, + which means that it should be uncessary to call systemd-sysusers from + package installation scripts, unless the package installs any files + owned by those newly-created users, in which case + %sysusers_create_package should be used. + + * Analogous change has been done for systemd-tmpfiles: it gained a mode + where the command-line configuration is merged with the configuration + on disk. This is exposed as the new %tmpfiles_create_package macro, + and %tmpfiles_create is deprecated. A transfiletrigger is installed + for tmpfiles.d, hence it should be unnecessary to call systemd-tmpfiles + from package installation scripts. + + * sysusers.d configuration for a user may now also specify the group + number, in addition to the user number ("u username 123:456"), or + without the user number ("u username -:456"). + + * Configution items for systemd-sysusers can now be specified as + positional arguments when the new --inline switch is used. + + * The login shell of users created through sysusers.d may now be + specified (previously, it was always /bin/sh for root and + /sbin/nologin for other users). + + * systemd-analyze gained a new --global switch to look at global user + configuration. It also gained a unit-paths verb to list the unit load + paths that are compiled into systemd (which can be used with + --systemd, --user, or --global). + + * udevadm trigger gained a new --settle/-w option to wait for any + triggered events to finish (but just those, and not any other events + which are triggered meanwhile). + + * The action that systemd-logind takes when the lid is closed and the + machine is connected to external power can now be configured using + HandleLidSwitchExternalPower= in logind.conf. Previously, this action + was determined by HandleLidSwitch=, and, for backwards compatibility, + is still is, if HandleLidSwitchExternalPower= is not explicitly set. + + * journalctl will periodically call sd_journal_process() to make it + resilient against inotify queue overruns when journal files are + rotated very quickly. + + * Two new functions in libsystemd — sd_bus_get_n_queued_read and + sd_bus_get_n_queued_write — may be used to check the number of + pending bus messages. + + * systemd gained a new + org.freedesktop.systemd1.Manager.AttachProcessesToUnit dbus call + which can be used to migrate foreign processes to scope and service + units. The primary user for this new API is systemd itself: the + systemd --user instance uses this call of the systemd --system + instance to migrate processes if it itself gets the request to + migrate processes and the kernel refuses this due to access + restrictions. Thanks to this "systemd-run --scope --user …" works + again in pure cgroups v2 environments when invoked from the user + session scope. + + * A new TemporaryFileSystem= setting can be used to mask out part of + the real file system tree with tmpfs mounts. This may be combined + with BindPaths= and BindReadOnlyPaths= to hide files or directories + not relevant to the unit, while still allowing some paths lower in + the tree to be accessed. + + ProtectHome=tmpfs may now be used to hide user home and runtime + directories from units, in a way that is mostly equivalent to + "TemporaryFileSystem=/home /run/user /root". + + * Non-service units are now started with KeyringMode=shared by default. + This means that mount and swapon and other mount tools have access + to keys in the main keyring. + + * /sys/fs/bpf is now mounted automatically. + + * QNX virtualization is now detected by systemd-detect-virt and may + be used in ConditionVirtualization=. + + * IPAccounting= may now be enabled also for slice units. + + * A new -Dsplit-bin= build configuration switch may be used to specify + whether bin and sbin directories are merged, or if they should be + included separately in $PATH and various listings of executable + directories. The build configuration scripts will try to autodetect + the proper values of -Dsplit-usr= and -Dsplit-bin= based on build + system, but distributions are encouraged to configure this + explicitly. + + * A new -Dok-color= build configuration switch may be used to change + the colour of "OK" status messages. + + * UPGRADE ISSUE: serialization of units using JoinsNamespaceOf= with + PrivateNetwork=yes was buggy in previous versions of systemd. This + means that after the upgrade and daemon-reexec, any such units must + be restarted. + + * INCOMPATIBILITY: as announced in the NEWS for 237, systemd-tmpfiles + will not exclude read-only files owned by root from cleanup. + + Contributions from: Alan Jenkins, Alexander F Rødseth, Alexis Jeandet, + Andika Triwidada, Andrei Gherzan, Ansgar Burchardt, antizealot1337, + Batuhan Osman Taşkaya, Beniamino Galvani, Bill Yodlowsky, Caio Marcelo + de Oliveira Filho, CuBiC, Daniele Medri, Daniel Mouritzen, Daniel + Rusek, Davide Cavalca, Dimitri John Ledkov, Douglas Christman, Evgeny + Vereshchagin, Faalagorn, Filipe Brandenburger, Franck Bui, futpib, + Giacomo Longo, Gunnar Hjalmarsson, Hans de Goede, Hermann Gausterer, + Iago López Galeiras, Jakub Filak, Jan Synacek, Jason A. Donenfeld, + Javier Martinez Canillas, Jérémy Rosen, Lennart Poettering, Lucas + Werkmeister, Mao Huang, Marco Gulino, Michael Biebl, Michael Vogt, + MilhouseVH, Neal Gompa (ニール・ゴンパ), Oleander Reis, Olof Mogren, + Patrick Uiterwijk, Peter Hutterer, Peter Portante, Piotr Drąg, Robert + Antoni Buj Gelonch, Sergey Ptashnick, Shawn Landden, Shuang Liu, Simon + Fowler, SjonHortensius, snorreflorre, Susant Sahani, Sylvain + Plantefève, Thomas Blume, Thomas Haller, Vito Caputo, Yu Watanabe, + Zbigniew Jędrzejewski-Szmek, Марко М. Костић (Marko M. Kostić) + + — Warsaw, 2018-03-05 + CHANGES WITH 237: * Some keyboards come with a zoom see-saw or rocker which until now got @@ -357,8 +513,8 @@ CHANGES WITH 236: store again, ahead of POLLHUP or POLLERR when they are removed anyway. - * A new document UIDS-GIDS.md has been added to the source tree, that - documents the UID/GID range and assignment assumptions and + * A new document doc/UIDS-GIDS.md has been added to the source tree, + that documents the UID/GID range and assignment assumptions and requirements of systemd. * The watchdog device PID 1 will ping may now be configured through the @@ -1090,7 +1246,7 @@ CHANGES WITH 233: * Documentation has been added that lists all of systemd's low-level environment variables: - https://github.com/systemd/systemd/blob/master/ENVIRONMENT.md + https://github.com/systemd/systemd/blob/master/doc/ENVIRONMENT.md * sd-daemon gained a new API sd_is_socket_sockaddr() for determining whether a specific socket file descriptor matches a specified socket @@ -1801,7 +1957,7 @@ CHANGES WITH 231: booted up with "systemd-nspawn -b -i", qemu-kvm or on any physical UEFI PC. This functionality is particularly useful to easily test local changes made to systemd in a pristine, defined environment. See - HACKING for details. + doc/HACKING for details. * configure learned the --with-support-url= option to specify the distribution's bugtracker. @@ -14,10 +14,10 @@ Information about build requirements are provided in the [README file](../master Consult our [NEWS file](../master/NEWS) for information about what's new in the most recent systemd versions. -Please see the [HACKING file](../master/HACKING) for information how to hack on systemd and test your modifications. +Please see the [HACKING file](../master/doc/HACKING) for information how to hack on systemd and test your modifications. Please see our [Contribution Guidelines](../master/.github/CONTRIBUTING.md) for more information about filing GitHub Issues and posting GitHub Pull Requests. -When preparing patches for systemd, please follow our [Coding Style Guidelines](../master/CODING_STYLE). +When preparing patches for systemd, please follow our [Coding Style Guidelines](../master/doc/CODING_STYLE). If you are looking for support, please contact our [mailing list](https://lists.freedesktop.org/mailman/listinfo/systemd-devel) or join our [IRC channel](irc://irc.freenode.org/%23systemd). @@ -24,38 +24,42 @@ Janitorial Clean-ups: Features: +* add proper dbus APIs for the various sd_notify() commands, such as MAINPID=1 + and so on, which would mean we could report errors and such. + +* nss-systemd: implement enumeration, that shows all dynamic users plus the + synthesized ones if necessary, so that "getent passwd" shows useful data. + +* teach tmpfiles.d q/Q logic something sensible in the context of XFS/ext4 + project quota + +* introduce DefaultSlice= or so in system.conf that allows changing where we + place our units by default, i.e. change system.slice to something + else. Similar, ManagerSlice= should exist so that PID1's own scope unit could + be moved somewhere else too. Finally machined and logind should get similar + options so that it is possible to move user session scopes and machines to a + different slice too by default. Usecase: people who want to put resources on + the entire system, with the exception of one specific service. See: + https://lists.freedesktop.org/archives/systemd-devel/2018-February/040369.html + * maybe rework get_user_creds() to query the user database if $SHELL is used for root, but only then. -* there should be path_hash_ops and we should use it in tmpfiles' hashmap object to deal with identical but differently spelt paths - * be stricter with fds we receive for the fdstore: close them asynchronously * calenderspec: add support for week numbers and day numbers within a year. This would allow us to define "bi-weekly" triggers safely. -* add support for recursive bpf firewalling as supported by the newest kernel - -* add bpf-based implementation of devices cgroup controller logic for compat with cgroupsv2 as supported by newest kernel +* add bpf-based implementation of devices cgroup controller logic for compat + with cgroupsv2 as supported by newest kernel * introduce sd_id128_get_boot_app_specific() which is like sd_id128_get_machine_app_specific(). After all on long-running systems both IDs have similar properties. -* emulate properties of the root cgroup on controllers that don't support such - properties natively on cpu/io/memory, the way we already do it for - "pids". Also, add the same logic to cgtop. - -* set TasksAccounting=1 on the root slice if we are running on the root cgroup, - and similar for the others, as soon as we emulate them properly. After all, - Linux keeps these system-wide stats anyway, and it costs nothing to expose - them. - * sd-bus: add vtable flag, that may be used to request client creds implicitly and asynchronously before dispatching the operation -* implement transient socket unit. - * make use of ethtool veth peer info in machined, for automatically finding out host-side interface pointing to the container. @@ -65,7 +69,7 @@ Features: systemd-journald writes to /var/log/journal, which could be useful when we doing disk usage calculations and so on. -* taint systemd if there are fewer than 65536 users assigned to the system. +* taint systemd if there are fewer than 65536 users assigned (userns) to the system. * deprecate PermissionsStartOnly= and RootDirectoryStartOnly= in favour of the ExecStart= prefix chars @@ -375,8 +379,6 @@ Features: * what to do about udev db binary stability for apps? (raw access is not an option) -* maybe provide an API to allow migration of foreign PIDs into existing scopes. - * man: maybe use the word "inspect" rather than "introspect"? * systemctl: if some operation fails, show log output? diff --git a/coccinelle/close-above-stdio.cocci b/coccinelle/close-above-stdio.cocci new file mode 100644 index 0000000000..44b3b1c9f1 --- /dev/null +++ b/coccinelle/close-above-stdio.cocci @@ -0,0 +1,36 @@ +@@ +expression fd; +@@ +- if (fd > 2) +- safe_close(fd); ++ safe_close_above_stdio(fd); +@@ +expression fd; +@@ +- if (fd > 2) +- fd = safe_close(fd); ++ fd = safe_close_above_stdio(fd); +@@ +expression fd; +@@ +- if (fd >= 3) +- safe_close(fd); ++ safe_close_above_stdio(fd); +@@ +expression fd; +@@ +- if (fd >= 3) +- fd = safe_close(fd); ++ fd = safe_close_above_stdio(fd); +@@ +expression fd; +@@ +- if (fd > STDERR_FILENO) +- safe_close(fd); ++ safe_close_above_stdio(fd); +@@ +expression fd; +@@ +- if (fd > STDERR_FILENO) +- fd = safe_close(fd); ++ fd = safe_close_above_stdio(fd); diff --git a/coccinelle/empty-if.cocci b/coccinelle/empty-if.cocci deleted file mode 100644 index 026c461ee6..0000000000 --- a/coccinelle/empty-if.cocci +++ /dev/null @@ -1,56 +0,0 @@ -@@ -expression e, f, g, h, i, j; -statement s, t; -@@ -( -if (e) { -( -if (h) s -| -if (h) s else t -| -while (h) s -| -for (h; i; j) s -) -} -| -while (e) { -( -if (h) s -| -if (h) s else t -| -while (h) s -| -for (h; i; j) s -) -} -| -for (e; f; g) { -( -if (h) s -| -if (h) s else t -| -while (h) s -| -for (h; i; j) s -) -} -| -- if (e) { -+ if (e) -s -- } -| -- while (e) { -+ while (e) -s -- } -| -- for (e; f; g) { -+ for (e; f; g) -s -- } -) diff --git a/coccinelle/malloc_multiply.cocci b/coccinelle/malloc_multiply.cocci new file mode 100644 index 0000000000..3284edf737 --- /dev/null +++ b/coccinelle/malloc_multiply.cocci @@ -0,0 +1,20 @@ +@@ +expression q, n, m; +@@ +- q = malloc((n)*(m)) ++ q = malloc_multiply(n, m) +@@ +expression q, n, m; +@@ +- q = malloc(n*(m)) ++ q = malloc_multiply(n, m) +@@ +expression q, n, m; +@@ +- q = malloc((n)*m) ++ q = malloc_multiply(n, m) +@@ +expression q, n, m; +@@ +- q = malloc(n*m) ++ q = malloc_multiply(n, m) diff --git a/coccinelle/reallocarray.cocci b/coccinelle/reallocarray.cocci new file mode 100644 index 0000000000..21fe9dfbfd --- /dev/null +++ b/coccinelle/reallocarray.cocci @@ -0,0 +1,20 @@ +@@ +expression q, p, n, m; +@@ +- q = realloc(p, (n)*(m)) ++ q = reallocarray(p, n, m) +@@ +expression q, p, n, m; +@@ +- q = realloc(p, n*(m)) ++ q = reallocarray(p, n, m) +@@ +expression q, p, n, m; +@@ +- q = realloc(p, (n)*m) ++ q = reallocarray(p, n, m) +@@ +expression q, p, n, m; +@@ +- q = realloc(p, n*m) ++ q = reallocarray(p, n, m) diff --git a/coccinelle/run-coccinelle.sh b/coccinelle/run-coccinelle.sh index 1373b53c5f..de23546f19 100755 --- a/coccinelle/run-coccinelle.sh +++ b/coccinelle/run-coccinelle.sh @@ -1,11 +1,10 @@ #!/bin/bash -e for SCRIPT in ${@-*.cocci} ; do - [ "$SCRIPT" = "empty-if.cocci" ] && continue - echo "--x-- Processing $SCRIPT --x--" + echo "--x-- Processing: spatch --sp-file $SCRIPT --dir $(pwd)/.. --x--" TMPFILE=`mktemp` spatch --sp-file $SCRIPT --dir $(pwd)/.. 2> "$TMPFILE" || cat "$TMPFILE" rm "$TMPFILE" - echo "--x-- Processed $SCRIPT --x--" + echo "--x-- Processed: spatch --sp-file $SCRIPT --dir $(pwd)/.. --x--" echo "" done diff --git a/CODING_STYLE b/doc/CODING_STYLE index ae818126cb..ae818126cb 100644 --- a/CODING_STYLE +++ b/doc/CODING_STYLE diff --git a/DISTRO_PORTING b/doc/DISTRO_PORTING index d1a187aa41..d1a187aa41 100644 --- a/DISTRO_PORTING +++ b/doc/DISTRO_PORTING diff --git a/ENVIRONMENT.md b/doc/ENVIRONMENT.md index 581bf3c238..581bf3c238 100644 --- a/ENVIRONMENT.md +++ b/doc/ENVIRONMENT.md @@ -7,7 +7,7 @@ Request (PR): https://github.com/systemd/systemd/pull/new Please make sure to follow our Coding Style when submitting patches. See -CODING_STYLE for details. Also have a look at our Contribution Guidelines: +doc/CODING_STYLE for details. Also have a look at our Contribution Guidelines: https://github.com/systemd/systemd/blob/master/.github/CONTRIBUTING.md diff --git a/TRANSIENT-SETTINGS.md b/doc/TRANSIENT-SETTINGS.md index 3614456acf..ca9e8387b7 100644 --- a/TRANSIENT-SETTINGS.md +++ b/doc/TRANSIENT-SETTINGS.md @@ -170,6 +170,7 @@ All execution-related settings are available for transient units. ✓ InaccessiblePaths= ✓ BindPaths= ✓ BindReadOnlyPaths= +✓ TemporaryFileSystem= ✓ PrivateTmp= ✓ PrivateDevices= ✓ ProtectKernelTunables= diff --git a/doc/TRANSLATORS b/doc/TRANSLATORS new file mode 100644 index 0000000000..873ec7b01c --- /dev/null +++ b/doc/TRANSLATORS @@ -0,0 +1,27 @@ +Notes for translators +===================== + +systemd depends on gettext for multilingual support. +In po/ directory you'll find the needed files. + +POT (Portable Object Template) +------------------------------ +A text file with .pot extension, with all the extracted labels from code. + +To update the template: + +$ cd systemd/ +$ ninja -C build systemd-pot + +To start a new translation: + +$ cd po/ +$ cp systemd.pot <YOUR-LANG-CODE>.po + +Replace <YOUR-LANG-CODE> with the two-letters codes of ISO 639 standard. + +PO (Portable Object) +-------------------- +A text file with .po extension, with all the available labels and some additional +metadata fields. Any editor is ok, but a good standard is 'poedit', a graphical +application specifically designed for this kind of task. diff --git a/UIDS-GIDS.md b/doc/UIDS-GIDS.md index e19cc88162..e19cc88162 100644 --- a/UIDS-GIDS.md +++ b/doc/UIDS-GIDS.md diff --git a/hwdb/.gitattributes b/hwdb/.gitattributes new file mode 100644 index 0000000000..830cae66c7 --- /dev/null +++ b/hwdb/.gitattributes @@ -0,0 +1,2 @@ +/*.txt -whitespace +/pci.ids -whitespace diff --git a/hwdb/20-OUI.hwdb b/hwdb/20-OUI.hwdb index 294101ff0b..4bd1e1e07f 100644 --- a/hwdb/20-OUI.hwdb +++ b/hwdb/20-OUI.hwdb @@ -1938,7 +1938,7 @@ OUI:000283* ID_OUI_FROM_DATABASE=Spectrum Controls, Inc. OUI:000284* - ID_OUI_FROM_DATABASE=AREVA T&D + ID_OUI_FROM_DATABASE=UK Grid Solutions Limited OUI:000285* ID_OUI_FROM_DATABASE=Riverstone Networks @@ -3135,7 +3135,7 @@ OUI:000412* ID_OUI_FROM_DATABASE=WaveSmith Networks, Inc. OUI:000413* - ID_OUI_FROM_DATABASE=SNOM Technology AG + ID_OUI_FROM_DATABASE=snom technology GmbH OUI:000414* ID_OUI_FROM_DATABASE=Umezawa Musen Denki Co., Ltd. @@ -7506,7 +7506,7 @@ OUI:0009DE* ID_OUI_FROM_DATABASE=Samjin Information & Communications Co., Ltd. OUI:0009DF* - ID_OUI_FROM_DATABASE=Vestel Komunikasyon Sanayi ve Ticaret A.S. + ID_OUI_FROM_DATABASE=Vestel Elektronik San ve Tic. A.Ş. OUI:0009E0* ID_OUI_FROM_DATABASE=XEMICS S.A. @@ -8259,7 +8259,7 @@ OUI:000ADA* ID_OUI_FROM_DATABASE=Vindicator Technologies OUI:000ADB* - ID_OUI_FROM_DATABASE=SkyPilot Network, Inc + ID_OUI_FROM_DATABASE=Trilliant OUI:000ADC* ID_OUI_FROM_DATABASE=RuggedCom Inc. @@ -10296,7 +10296,7 @@ OUI:000D81* ID_OUI_FROM_DATABASE=Pepperl+Fuchs GmbH OUI:000D82* - ID_OUI_FROM_DATABASE=PHS srl + ID_OUI_FROM_DATABASE=PHSNET SRLS OUI:000D83* ID_OUI_FROM_DATABASE=Sanmina-SCI Hungary Ltd. @@ -11103,7 +11103,7 @@ OUI:000E8E* ID_OUI_FROM_DATABASE=SparkLAN Communications, Inc. OUI:000E8F* - ID_OUI_FROM_DATABASE=Sercomm Corp. + ID_OUI_FROM_DATABASE=Sercomm Corporation. OUI:000E90* ID_OUI_FROM_DATABASE=PONICO CORP. @@ -13068,7 +13068,7 @@ OUI:00111D* ID_OUI_FROM_DATABASE=Hectrix Limited OUI:00111E* - ID_OUI_FROM_DATABASE=EPSG (Ethernet Powerlink Standardization Group) + ID_OUI_FROM_DATABASE=ETHERNET Powerlink Standarization Group (EPSG) OUI:00111F* ID_OUI_FROM_DATABASE=Doremi Labs, Inc. @@ -14751,7 +14751,7 @@ OUI:00134E* ID_OUI_FROM_DATABASE=Valox Systems, Inc. OUI:00134F* - ID_OUI_FROM_DATABASE=Tranzeo Wireless Technologies Inc. + ID_OUI_FROM_DATABASE=Rapidus Wireless Networks Inc. OUI:001350* ID_OUI_FROM_DATABASE=Silver Spring Networks, Inc @@ -14928,7 +14928,7 @@ OUI:001389* ID_OUI_FROM_DATABASE=Redes de Telefonía Móvil S.A. OUI:00138A* - ID_OUI_FROM_DATABASE=QINGDAO GOERTEK ELECTRONICS CO.,LTD. + ID_OUI_FROM_DATABASE=Qingdao GoerTek Technology Co., Ltd. OUI:00138B* ID_OUI_FROM_DATABASE=Phantom Technologies LLC @@ -15624,7 +15624,7 @@ OUI:001471* ID_OUI_FROM_DATABASE=Eastern Asia Technology Limited OUI:001472* - ID_OUI_FROM_DATABASE=China Broadband Wireless IP Standard Group + ID_OUI_FROM_DATABASE=China Broadband Wireless IP Standard group(ChinaBWIPS) OUI:001473* ID_OUI_FROM_DATABASE=Bookham Inc @@ -15639,7 +15639,7 @@ OUI:001476* ID_OUI_FROM_DATABASE=MultiCom Industries Limited OUI:001477* - ID_OUI_FROM_DATABASE=Nertec Inc. + ID_OUI_FROM_DATABASE=Trilliant OUI:001478* ID_OUI_FROM_DATABASE=TP-LINK TECHNOLOGIES CO.,LTD. @@ -16140,7 +16140,7 @@ OUI:00151D* ID_OUI_FROM_DATABASE=M2I CORPORATION OUI:00151E* - ID_OUI_FROM_DATABASE=Ethernet Powerlink Standardization Group (EPSG) + ID_OUI_FROM_DATABASE=ETHERNET Powerlink Standarization Group (EPSG) OUI:00151F* ID_OUI_FROM_DATABASE=Multivision Intelligent Surveillance (Hong Kong) Ltd @@ -30249,7 +30249,7 @@ OUI:0026BC* ID_OUI_FROM_DATABASE=General Jack Technology Ltd. OUI:0026BD* - ID_OUI_FROM_DATABASE=JTEC Card & Communication Co., Ltd. + ID_OUI_FROM_DATABASE=JTEC Card & Communication Co., Ltd OUI:0026BE* ID_OUI_FROM_DATABASE=Schoonderbeek Elektronica Systemen B.V. @@ -31917,7 +31917,7 @@ OUI:00409C* ID_OUI_FROM_DATABASE=TRANSWARE OUI:00409D* - ID_OUI_FROM_DATABASE=DIGIBOARD, INC. + ID_OUI_FROM_DATABASE=DigiBoard OUI:00409E* ID_OUI_FROM_DATABASE=CONCURRENT TECHNOLOGIES LTD. @@ -34494,7 +34494,7 @@ OUI:0080B5* ID_OUI_FROM_DATABASE=UNITED NETWORKS INC. OUI:0080B6* - ID_OUI_FROM_DATABASE=THEMIS COMPUTER + ID_OUI_FROM_DATABASE=Mercury Systems – Trusted Mission Solutions, Inc. OUI:0080B7* ID_OUI_FROM_DATABASE=STELLAR COMPUTER @@ -35151,7 +35151,7 @@ OUI:00907E* ID_OUI_FROM_DATABASE=VETRONIX CORP. OUI:00907F* - ID_OUI_FROM_DATABASE=WatchGuard Technologies, Inc. + ID_OUI_FROM_DATABASE=Watchguard Technologies, Inc. OUI:009080* ID_OUI_FROM_DATABASE=NOT LIMITED, INC. @@ -36539,6 +36539,9 @@ OUI:00B69F* OUI:00B78D* ID_OUI_FROM_DATABASE=Nanjing Shining Electric Automation Co., Ltd +OUI:00B8C2* + ID_OUI_FROM_DATABASE=Heights Telecom T ltd + OUI:00B9F6* ID_OUI_FROM_DATABASE=Shenzhen Super Rich Electronics Co.,Ltd @@ -36549,7 +36552,7 @@ OUI:00BB01* ID_OUI_FROM_DATABASE=OCTOTHORPE CORP. OUI:00BB3A* - ID_OUI_FROM_DATABASE=Private + ID_OUI_FROM_DATABASE=Amazon Technologies Inc. OUI:00BB8E* ID_OUI_FROM_DATABASE=HME Co., Ltd. @@ -36594,7 +36597,7 @@ OUI:00C001* ID_OUI_FROM_DATABASE=DIATEK PATIENT MANAGMENT OUI:00C002* - ID_OUI_FROM_DATABASE=SERCOMM CORPORATION + ID_OUI_FROM_DATABASE=Sercomm Corporation. OUI:00C003* ID_OUI_FROM_DATABASE=GLOBALNET COMMUNICATIONS @@ -37367,6 +37370,9 @@ OUI:00C1B1* OUI:00C2C6* ID_OUI_FROM_DATABASE=Intel Corporate +OUI:00C3F4* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + OUI:00C5DB* ID_OUI_FROM_DATABASE=Datatech Sistemas Digitales Avanzados SL @@ -37388,6 +37394,9 @@ OUI:00CBB4* OUI:00CBBD* ID_OUI_FROM_DATABASE=Cambridge Broadband Networks Ltd. +OUI:00CC3F* + ID_OUI_FROM_DATABASE=Universal Electronics, Inc. + OUI:00CCFC* ID_OUI_FROM_DATABASE=Cisco Systems, Inc @@ -39116,6 +39125,9 @@ OUI:00FC8B* OUI:00FC8D* ID_OUI_FROM_DATABASE=Hitron Technologies. Inc +OUI:00FCBA* + ID_OUI_FROM_DATABASE=Cisco Systems, Inc + OUI:00FD45* ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise @@ -39560,6 +39572,9 @@ OUI:04A3F3* OUI:04A82A* ID_OUI_FROM_DATABASE=Nokia Corporation +OUI:04AB18* + ID_OUI_FROM_DATABASE=ELECOM CO.,LTD. + OUI:04AC44* ID_OUI_FROM_DATABASE=Holtek Semiconductor Inc. @@ -40352,6 +40367,9 @@ OUI:0840F3* OUI:084656* ID_OUI_FROM_DATABASE=VEO-LABS +OUI:0847D0* + ID_OUI_FROM_DATABASE=Nokia Shanghai Bell Co. Ltd.) + OUI:08482C* ID_OUI_FROM_DATABASE=Raycore Taiwan Co., LTD. @@ -40580,6 +40598,9 @@ OUI:08BEAC* OUI:08C021* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD +OUI:08C5E1* + ID_OUI_FROM_DATABASE=SAMSUNG ELECTRO-MECHANICS(THAILAND) + OUI:08C6B3* ID_OUI_FROM_DATABASE=QTECH LLC @@ -40613,6 +40634,9 @@ OUI:08D40C* OUI:08D42B* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd +OUI:08D46A* + ID_OUI_FROM_DATABASE=LG Electronics (Mobile Communications) + OUI:08D5C0* ID_OUI_FROM_DATABASE=Seers Technology Co., Ltd @@ -40742,6 +40766,9 @@ OUI:08FC88* OUI:08FD0E* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd +OUI:0C01DB* + ID_OUI_FROM_DATABASE=Infinix mobility limited + OUI:0C0227* ID_OUI_FROM_DATABASE=Technicolor CH USA Inc. @@ -41165,6 +41192,9 @@ OUI:0CB4EF* OUI:0CB5DE* ID_OUI_FROM_DATABASE=Alcatel Lucent +OUI:0CB6D2* + ID_OUI_FROM_DATABASE=D-Link International + OUI:0CB912* ID_OUI_FROM_DATABASE=JM-DATA GmbH @@ -41276,6 +41306,9 @@ OUI:0CDDEF* OUI:0CDFA4* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd +OUI:0CE0DC* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + OUI:0CE0E4* ID_OUI_FROM_DATABASE=PLANTRONICS, INC. @@ -41723,6 +41756,9 @@ OUI:107A86* OUI:107B44* ID_OUI_FROM_DATABASE=ASUSTek COMPUTER INC. +OUI:107BA4* + ID_OUI_FROM_DATABASE=Olive & Dove Co.,Ltd. + OUI:107BEF* ID_OUI_FROM_DATABASE=Zyxel Communications Corporation @@ -41747,6 +41783,9 @@ OUI:108A1B* OUI:108CCF* ID_OUI_FROM_DATABASE=Cisco Systems, Inc +OUI:108EE0* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + OUI:109266* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd @@ -41834,6 +41873,9 @@ OUI:10BF48* OUI:10C07C* ID_OUI_FROM_DATABASE=Blu-ray Disc Association +OUI:10C172* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:10C25A* ID_OUI_FROM_DATABASE=Technicolor CH USA Inc. @@ -42035,6 +42077,9 @@ OUI:1414E6* OUI:14157C* ID_OUI_FROM_DATABASE=TOKYO COSMOS ELECTRIC CO.,LTD. +OUI:14169E* + ID_OUI_FROM_DATABASE=Wingtech Group (HongKong)Limited + OUI:141877* ID_OUI_FROM_DATABASE=Dell Inc. @@ -42212,6 +42257,9 @@ OUI:144D67* OUI:144E34* ID_OUI_FROM_DATABASE=Remote Solution +OUI:144F8A* + ID_OUI_FROM_DATABASE=Intel Corporate + OUI:144FD70* ID_OUI_FROM_DATABASE=annapurnalabs @@ -42266,6 +42314,9 @@ OUI:145645* OUI:14568E* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd +OUI:14579F* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:1458D0* ID_OUI_FROM_DATABASE=Hewlett Packard @@ -42800,6 +42851,9 @@ OUI:186571* OUI:186590* ID_OUI_FROM_DATABASE=Apple, Inc. +OUI:1866C7* + ID_OUI_FROM_DATABASE=Shenzhen Libre Technology Co., Ltd + OUI:1866DA* ID_OUI_FROM_DATABASE=Dell Inc. @@ -42824,6 +42878,9 @@ OUI:186882* OUI:1868CB* ID_OUI_FROM_DATABASE=Hangzhou Hikvision Digital Technology Co.,Ltd. +OUI:1869DA* + ID_OUI_FROM_DATABASE=China Mobile Group Device Co.,Ltd. + OUI:186D99* ID_OUI_FROM_DATABASE=Adanis Inc. @@ -42968,6 +43025,9 @@ OUI:189BA5D* OUI:189BA5E* ID_OUI_FROM_DATABASE=Taiwan Name Plate Co.,LTD +OUI:189C27* + ID_OUI_FROM_DATABASE=ARRIS Group, Inc. + OUI:189C5D* ID_OUI_FROM_DATABASE=Cisco Systems, Inc @@ -43425,7 +43485,7 @@ OUI:1C5FFF* ID_OUI_FROM_DATABASE=Beijing Ereneben Information Technology Co.,Ltd Shenzhen Branch OUI:1C60DE* - ID_OUI_FROM_DATABASE=SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. + ID_OUI_FROM_DATABASE=MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. OUI:1C62B8* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd @@ -43731,7 +43791,7 @@ OUI:1C959F* ID_OUI_FROM_DATABASE=Veethree Electronics And Marine LLC OUI:1C965A* - ID_OUI_FROM_DATABASE=Weifang GoerTek Technology Co.,Ltd. + ID_OUI_FROM_DATABASE=WEIFANG GOERTEK ELECTRONICS CO.,LTD OUI:1C973D* ID_OUI_FROM_DATABASE=PRICOM Design @@ -44159,6 +44219,9 @@ OUI:203706* OUI:2037BC* ID_OUI_FROM_DATABASE=Kuipers Electronic Engineering BV +OUI:203956* + ID_OUI_FROM_DATABASE=HMD Global Oy + OUI:203A07* ID_OUI_FROM_DATABASE=Cisco Systems, Inc @@ -44174,6 +44237,9 @@ OUI:203D66* OUI:203DB2* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD +OUI:203DBD* + ID_OUI_FROM_DATABASE=LG Innotek + OUI:204005* ID_OUI_FROM_DATABASE=feno GmbH @@ -44384,6 +44450,9 @@ OUI:20A2E4* OUI:20A2E7* ID_OUI_FROM_DATABASE=Lee-Dickens Ltd +OUI:20A60C* + ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd + OUI:20A680* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD @@ -45095,6 +45164,9 @@ OUI:24EA40* OUI:24EB65* ID_OUI_FROM_DATABASE=SAET I.S. S.r.l. +OUI:24EC51* + ID_OUI_FROM_DATABASE=ADF Technologies Sdn Bhd + OUI:24EC99* ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP @@ -45137,6 +45209,9 @@ OUI:24FD52* OUI:24FD5B* ID_OUI_FROM_DATABASE=SmartThings, Inc. +OUI:280245* + ID_OUI_FROM_DATABASE=Konze System Technology Co.,Ltd. + OUI:2802D8* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd @@ -45173,6 +45248,9 @@ OUI:28101B* OUI:28107B* ID_OUI_FROM_DATABASE=D-Link International +OUI:2811A5* + ID_OUI_FROM_DATABASE=Bose Corporation + OUI:281471* ID_OUI_FROM_DATABASE=Lantis co., LTD. @@ -46178,11 +46256,59 @@ OUI:2C441B* OUI:2C44FD* ID_OUI_FROM_DATABASE=Hewlett Packard +OUI:2C4759* + ID_OUI_FROM_DATABASE=Beijing MEGA preponderance Science & Technology Co. Ltd + +OUI:2C48350* + ID_OUI_FROM_DATABASE=Progress Rail Services, Inspection and Information Systems + +OUI:2C48351* + ID_OUI_FROM_DATABASE=Advanced Electronics Company Ltd + +OUI:2C48352* + ID_OUI_FROM_DATABASE=Rheonik Messtechnik GmbH + +OUI:2C48353* + ID_OUI_FROM_DATABASE=Newtrax Technologies Inc + +OUI:2C48354* + ID_OUI_FROM_DATABASE=GEARTECH LTD + +OUI:2C48355* + ID_OUI_FROM_DATABASE=Scout Security, Inc. + +OUI:2C48356* + ID_OUI_FROM_DATABASE=Exertus Oy + +OUI:2C48357* + ID_OUI_FROM_DATABASE=FAST + +OUI:2C48358* + ID_OUI_FROM_DATABASE=DPS Electronics + +OUI:2C48359* + ID_OUI_FROM_DATABASE=SureFlap Ltd + +OUI:2C4835A* + ID_OUI_FROM_DATABASE=Collatz+Trojan GmbH + +OUI:2C4835B* + ID_OUI_FROM_DATABASE=Shanghai Visteon Automotive Electronics System CO. Ltd. + +OUI:2C4835C* + ID_OUI_FROM_DATABASE=Santec Corporation + +OUI:2C4835D* + ID_OUI_FROM_DATABASE=Phasor Solutions Ltd + +OUI:2C4835E* + ID_OUI_FROM_DATABASE=IROOTECH TECHNOLOGY CO.,LTD + OUI:2C4D54* ID_OUI_FROM_DATABASE=ASUSTek COMPUTER INC. OUI:2C4D79* - ID_OUI_FROM_DATABASE=Weifang GoerTek Technology Co.,Ltd. + ID_OUI_FROM_DATABASE=WEIFANG GOERTEK ELECTRONICS CO.,LTD OUI:2C5089* ID_OUI_FROM_DATABASE=Shenzhen Kaixuan Visual Technology Co.,Limited @@ -46211,6 +46337,9 @@ OUI:2C56DC* OUI:2C5731* ID_OUI_FROM_DATABASE=Wingtech Group (HongKong)Limited +OUI:2C584F* + ID_OUI_FROM_DATABASE=ARRIS Group, Inc. + OUI:2C598A* ID_OUI_FROM_DATABASE=LG Electronics (Mobile Communications) @@ -46388,6 +46517,9 @@ OUI:2C9662* OUI:2C9717* ID_OUI_FROM_DATABASE=I.C.Y. B.V. +OUI:2C97B1* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:2C9924* ID_OUI_FROM_DATABASE=ARRIS Group, Inc. @@ -46805,6 +46937,9 @@ OUI:3044A1* OUI:304511* ID_OUI_FROM_DATABASE=Texas Instruments +OUI:304596* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:30469A* ID_OUI_FROM_DATABASE=NETGEAR @@ -46931,6 +47066,9 @@ OUI:308730* OUI:3087D9* ID_OUI_FROM_DATABASE=Ruckus Wireless +OUI:308841* + ID_OUI_FROM_DATABASE=Sichuan AI-Link Technology Co., Ltd. + OUI:308976* ID_OUI_FROM_DATABASE=DALIAN LAMBA TECHNOLOGY CO.,LTD @@ -48173,6 +48311,9 @@ OUI:38521A* OUI:385610* ID_OUI_FROM_DATABASE=CANDY HOUSE, Inc. +OUI:3856B5* + ID_OUI_FROM_DATABASE=Peerbridge Health Inc + OUI:38580C* ID_OUI_FROM_DATABASE=Panaccess Systems GmbH @@ -48209,6 +48350,9 @@ OUI:3866F0* OUI:386793* ID_OUI_FROM_DATABASE=Asia Optical Co., Inc. +OUI:3868DD* + ID_OUI_FROM_DATABASE=INVENTEC CORPORATION + OUI:386B1C* ID_OUI_FROM_DATABASE=SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. @@ -48773,18 +48917,27 @@ OUI:3C24F00* OUI:3C24F01* ID_OUI_FROM_DATABASE=Abrites Ltd. +OUI:3C24F02* + ID_OUI_FROM_DATABASE=Laipac Technology Inc. + OUI:3C24F03* ID_OUI_FROM_DATABASE=Wisycom OUI:3C24F04* ID_OUI_FROM_DATABASE=Inter-Coastal Electronics +OUI:3C24F05* + ID_OUI_FROM_DATABASE=CASKY eTech Co., Ltd. + OUI:3C24F06* ID_OUI_FROM_DATABASE=Inter Action Corporation OUI:3C24F07* ID_OUI_FROM_DATABASE=Swissdotnet SA +OUI:3C24F08* + ID_OUI_FROM_DATABASE=Sivat Technology Co.,Ltd. + OUI:3C24F09* ID_OUI_FROM_DATABASE=Siemens AG - Siemens Deutschland Mobility @@ -48800,6 +48953,9 @@ OUI:3C24F0C* OUI:3C24F0D* ID_OUI_FROM_DATABASE=Travis Holding B.V. +OUI:3C24F0E* + ID_OUI_FROM_DATABASE=GETMOBIT LLC + OUI:3C25D7* ID_OUI_FROM_DATABASE=Nokia Corporation @@ -48941,6 +49097,9 @@ OUI:3C5282* OUI:3C574F* ID_OUI_FROM_DATABASE=China Mobile Group Device Co.,Ltd. +OUI:3C576C* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + OUI:3C57BD* ID_OUI_FROM_DATABASE=Kessler Crane Inc. @@ -48992,6 +49151,9 @@ OUI:3C6A7D* OUI:3C6A9D* ID_OUI_FROM_DATABASE=Dexatek Technology LTD. +OUI:3C6AA7* + ID_OUI_FROM_DATABASE=Intel Corporate + OUI:3C6E63* ID_OUI_FROM_DATABASE=Mitron OY @@ -49304,12 +49466,18 @@ OUI:3CEF8C* OUI:3CF392* ID_OUI_FROM_DATABASE=Virtualtek. Co. Ltd +OUI:3CF4F9* + ID_OUI_FROM_DATABASE=Moda-InnoChips + OUI:3CF52C* ID_OUI_FROM_DATABASE=DSPECIALISTS GmbH OUI:3CF591* ID_OUI_FROM_DATABASE=GUANGDONG OPPO MOBILE TELECOMMUNICATIONS CORP.,LTD +OUI:3CF5CC* + ID_OUI_FROM_DATABASE=New H3C Technologies Co., Ltd + OUI:3CF72A* ID_OUI_FROM_DATABASE=Nokia Corporation @@ -49352,6 +49520,9 @@ OUI:4001C6* OUI:40040C* ID_OUI_FROM_DATABASE=A&T +OUI:4006A0* + ID_OUI_FROM_DATABASE=Texas Instruments + OUI:4007C0* ID_OUI_FROM_DATABASE=Railtec Systems GmbH @@ -49395,7 +49566,7 @@ OUI:4018D7* ID_OUI_FROM_DATABASE=Smartronix, Inc. OUI:401B5F* - ID_OUI_FROM_DATABASE=Weifang GoerTek Technology Co.,Ltd. + ID_OUI_FROM_DATABASE=WEIFANG GOERTEK ELECTRONICS CO.,LTD OUI:401D59* ID_OUI_FROM_DATABASE=Biometric Associates, LP @@ -50561,6 +50732,9 @@ OUI:44EE02* OUI:44EE30* ID_OUI_FROM_DATABASE=Budelmann Elektronik GmbH +OUI:44EFCF* + ID_OUI_FROM_DATABASE=UGENE SOLUTION inc. + OUI:44F034* ID_OUI_FROM_DATABASE=Kaonmedia CO., LTD. @@ -50693,6 +50867,9 @@ OUI:4827EA* OUI:48282F* ID_OUI_FROM_DATABASE=zte corporation +OUI:482AE3* + ID_OUI_FROM_DATABASE=Wistron InfoComm(Kunshan)Co.,Ltd. + OUI:482CEA* ID_OUI_FROM_DATABASE=Motorola Inc Business Light Radios @@ -50904,7 +51081,7 @@ OUI:4888CA* ID_OUI_FROM_DATABASE=Motorola (Wuhan) Mobility Technologies Communication Co., Ltd. OUI:488AD2* - ID_OUI_FROM_DATABASE=SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. + ID_OUI_FROM_DATABASE=MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. OUI:488D36* ID_OUI_FROM_DATABASE=Arcadyan Corporation @@ -51186,7 +51363,7 @@ OUI:4C0F6E* ID_OUI_FROM_DATABASE=Hon Hai Precision Ind. Co.,Ltd. OUI:4C0FC7* - ID_OUI_FROM_DATABASE=Earda Electronics Co.,Ltd + ID_OUI_FROM_DATABASE=Earda Technologies co Ltd OUI:4C11BF* ID_OUI_FROM_DATABASE=Zhejiang Dahua Technology Co., Ltd. @@ -51284,6 +51461,9 @@ OUI:4C3B74* OUI:4C3C16* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd +OUI:4C3FD3* + ID_OUI_FROM_DATABASE=Texas Instruments + OUI:4C48DA* ID_OUI_FROM_DATABASE=Beijing Autelan Technology Co.,Ltd @@ -51692,6 +51872,9 @@ OUI:4CECEF* OUI:4CEDDE* ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP +OUI:4CEDFB* + ID_OUI_FROM_DATABASE=ASUSTek COMPUTER INC. + OUI:4CEEB0* ID_OUI_FROM_DATABASE=SHC Netzwerktechnik GmbH @@ -51989,6 +52172,9 @@ OUI:505800* OUI:50584F* ID_OUI_FROM_DATABASE=waytotec,Inc. +OUI:505967* + ID_OUI_FROM_DATABASE=Intent Solutions Inc + OUI:505AC6* ID_OUI_FROM_DATABASE=GUANGDONG SUPER TELECOM CO.,LTD. @@ -52004,6 +52190,9 @@ OUI:506028* OUI:506184* ID_OUI_FROM_DATABASE=Avaya Inc +OUI:5061BF* + ID_OUI_FROM_DATABASE=Cisco Systems, Inc + OUI:5061D6* ID_OUI_FROM_DATABASE=Indu-Sol GmbH @@ -52592,6 +52781,9 @@ OUI:544408* OUI:54466B* ID_OUI_FROM_DATABASE=Shenzhen CZTIC Electronic Technology Co., Ltd +OUI:544810* + ID_OUI_FROM_DATABASE=Dell Inc. + OUI:54489C* ID_OUI_FROM_DATABASE=CDOUBLES ELECTRONICS CO. LTD. @@ -52838,6 +53030,9 @@ OUI:54AE27* OUI:54B121* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD +OUI:54B203* + ID_OUI_FROM_DATABASE=PEGATRON CORPORATION + OUI:54B56C* ID_OUI_FROM_DATABASE=Xi'an NovaStar Tech Co., Ltd @@ -52865,6 +53060,9 @@ OUI:54BE53* OUI:54BEF7* ID_OUI_FROM_DATABASE=PEGATRON CORPORATION +OUI:54BF64* + ID_OUI_FROM_DATABASE=Dell Inc. + OUI:54C415* ID_OUI_FROM_DATABASE=Hangzhou Hikvision Digital Technology Co.,Ltd. @@ -53183,6 +53381,9 @@ OUI:5856E8* OUI:58570D* ID_OUI_FROM_DATABASE=Danfoss Solar Inverters +OUI:585FF6* + ID_OUI_FROM_DATABASE=zte corporation + OUI:58605F* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD @@ -53351,6 +53552,9 @@ OUI:58B035* OUI:58B0D4* ID_OUI_FROM_DATABASE=ZuniData Systems Inc. +OUI:58B10F* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + OUI:58B3FC* ID_OUI_FROM_DATABASE=SHENZHEN RF-LINK TECHNOLOGY CO.,LTD. @@ -53936,6 +54140,9 @@ OUI:5CB066* OUI:5CB395* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD +OUI:5CB3F6* + ID_OUI_FROM_DATABASE=Human, Incorporated + OUI:5CB43E* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD @@ -53993,6 +54200,9 @@ OUI:5CCCA0* OUI:5CCCFF* ID_OUI_FROM_DATABASE=Techroutes Network Pvt Ltd +OUI:5CCD7C* + ID_OUI_FROM_DATABASE=MEIZU Technology Co.,Ltd. + OUI:5CCEAD* ID_OUI_FROM_DATABASE=CDYNE Corporation @@ -54191,6 +54401,9 @@ OUI:600347* OUI:600417* ID_OUI_FROM_DATABASE=POSBANK CO.,LTD +OUI:60058A* + ID_OUI_FROM_DATABASE=Hitachi Metals, Ltd. + OUI:600810* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD @@ -54623,12 +54836,18 @@ OUI:60CDA9* OUI:60CDC5* ID_OUI_FROM_DATABASE=Taiwan Carol Electronics., Ltd +OUI:60D02C* + ID_OUI_FROM_DATABASE=Ruckus Wireless + OUI:60D0A9* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd OUI:60D1AA* ID_OUI_FROM_DATABASE=Vishal Telecommunications Pvt Ltd +OUI:60D21C* + ID_OUI_FROM_DATABASE=Sunnovo International Limited + OUI:60D262* ID_OUI_FROM_DATABASE=Tzukuri Pty Ltd @@ -54770,6 +54989,9 @@ OUI:60F677* OUI:60F81D* ID_OUI_FROM_DATABASE=Apple, Inc. +OUI:60FA9D* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:60FACD* ID_OUI_FROM_DATABASE=Apple, Inc. @@ -54941,6 +55163,9 @@ OUI:644BF0* OUI:644D70* ID_OUI_FROM_DATABASE=dSPACE GmbH +OUI:644F42* + ID_OUI_FROM_DATABASE=JETTER CO., Ltd. + OUI:644F74* ID_OUI_FROM_DATABASE=LENUS Co., Ltd. @@ -55145,6 +55370,9 @@ OUI:64A0E7* OUI:64A232* ID_OUI_FROM_DATABASE=OOO Samlight +OUI:64A2F9* + ID_OUI_FROM_DATABASE=OnePlus Technology (Shenzhen) Co., Ltd + OUI:64A341* ID_OUI_FROM_DATABASE=Wonderlan (Beijing) Technology Co., Ltd. @@ -55502,6 +55730,9 @@ OUI:6836B5* OUI:6837E9* ID_OUI_FROM_DATABASE=Amazon Technologies Inc. +OUI:683A1E* + ID_OUI_FROM_DATABASE=Cisco Meraki + OUI:683B1E* ID_OUI_FROM_DATABASE=Countwise LTD @@ -55886,6 +56117,9 @@ OUI:68E166* OUI:68E41F* ID_OUI_FROM_DATABASE=Unglaube Identech GmbH +OUI:68E7C2* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + OUI:68E8EB* ID_OUI_FROM_DATABASE=Linktel Technologies Co.,Ltd @@ -56121,7 +56355,7 @@ OUI:6C5779* ID_OUI_FROM_DATABASE=Aclima, Inc. OUI:6C5940* - ID_OUI_FROM_DATABASE=SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. + ID_OUI_FROM_DATABASE=MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. OUI:6C5976* ID_OUI_FROM_DATABASE=Shanghai Tricheer Technology Co.,Ltd. @@ -56474,6 +56708,9 @@ OUI:7006AC* OUI:700BC0* ID_OUI_FROM_DATABASE=Dewav Technology Company +OUI:700F6A* + ID_OUI_FROM_DATABASE=Cisco Systems, Inc + OUI:700FC7* ID_OUI_FROM_DATABASE=SHENZHEN IKINLOOP TECHNOLOGY CO.,LTD. @@ -56663,6 +56900,9 @@ OUI:7052C5* OUI:70533F* ID_OUI_FROM_DATABASE=Alfa Instrumentos Eletronicos Ltda. +OUI:7054B4* + ID_OUI_FROM_DATABASE=Vestel Elektronik San ve Tic. A.Ş. + OUI:7054D2* ID_OUI_FROM_DATABASE=PEGATRON CORPORATION @@ -56879,6 +57119,9 @@ OUI:70886BB* OUI:70886BC* ID_OUI_FROM_DATABASE=MAX4G, Inc. +OUI:7089CC* + ID_OUI_FROM_DATABASE=China Mobile Group Device Co.,Ltd. + OUI:708A09* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD @@ -56930,6 +57173,9 @@ OUI:709E86* OUI:709F2D* ID_OUI_FROM_DATABASE=zte corporation +OUI:709FA9* + ID_OUI_FROM_DATABASE=TECNO MOBILE LIMITED + OUI:70A191* ID_OUI_FROM_DATABASE=Trendsetter Medical, LLC @@ -56987,6 +57233,9 @@ OUI:70B3D5007* OUI:70B3D5009* ID_OUI_FROM_DATABASE=HolidayCoro +OUI:70B3D500A* + ID_OUI_FROM_DATABASE=FUJICOM Co.,Ltd. + OUI:70B3D500D* ID_OUI_FROM_DATABASE=Scrona AG @@ -57002,6 +57251,9 @@ OUI:70B3D5011* OUI:70B3D5012* ID_OUI_FROM_DATABASE=KST technology +OUI:70B3D5015* + ID_OUI_FROM_DATABASE=EN ElectronicNetwork Hamburg GmbH + OUI:70B3D5016* ID_OUI_FROM_DATABASE=Guardian Controls International Ltd @@ -57035,6 +57287,9 @@ OUI:70B3D5025* OUI:70B3D5026* ID_OUI_FROM_DATABASE=Telstra +OUI:70B3D5027* + ID_OUI_FROM_DATABASE=Redcap Solutions s.r.o. + OUI:70B3D5028* ID_OUI_FROM_DATABASE=AT-Automation Technology GmbH @@ -57065,6 +57320,9 @@ OUI:70B3D5033* OUI:70B3D5035* ID_OUI_FROM_DATABASE=HKW-Elektronik GmbH +OUI:70B3D5037* + ID_OUI_FROM_DATABASE=EIFFAGE ENERGIE ELECTRONIQUE + OUI:70B3D5039* ID_OUI_FROM_DATABASE=DoWoo Digitech @@ -57131,6 +57389,9 @@ OUI:70B3D505A* OUI:70B3D505D* ID_OUI_FROM_DATABASE=KOMS Co.,Ltd. +OUI:70B3D505E* + ID_OUI_FROM_DATABASE=VITEC + OUI:70B3D505F* ID_OUI_FROM_DATABASE=UNISOR MULTISYSTEMS LTD @@ -57188,6 +57449,9 @@ OUI:70B3D5081* OUI:70B3D5083* ID_OUI_FROM_DATABASE=ZAO ZEO +OUI:70B3D5085* + ID_OUI_FROM_DATABASE=Human Systems Integration + OUI:70B3D5086* ID_OUI_FROM_DATABASE=Husty M.Styczen J.Hupert Sp.J. @@ -57272,6 +57536,9 @@ OUI:70B3D50AA* OUI:70B3D50AB* ID_OUI_FROM_DATABASE=KST technology +OUI:70B3D50AC* + ID_OUI_FROM_DATABASE=RoboCore Tecnologia + OUI:70B3D50AE* ID_OUI_FROM_DATABASE=Norsat International Inc. @@ -57338,6 +57605,9 @@ OUI:70B3D50CD* OUI:70B3D50CE* ID_OUI_FROM_DATABASE=Innominds Software Inc +OUI:70B3D50D1* + ID_OUI_FROM_DATABASE=Common Sense Monitoring Solutions Ltd. + OUI:70B3D50D2* ID_OUI_FROM_DATABASE=UNMANNED SPA @@ -57438,7 +57708,7 @@ OUI:70B3D5108* ID_OUI_FROM_DATABASE=TEX COMPUTER SRL OUI:70B3D5109* - ID_OUI_FROM_DATABASE=DITEST FAHRZEUGDIAGNOSE GMBH + ID_OUI_FROM_DATABASE=DiTEST Fahrzeugdiagnose GmbH OUI:70B3D510A* ID_OUI_FROM_DATABASE=SEASON DESIGN TECHNOLOGY @@ -57659,6 +57929,9 @@ OUI:70B3D5179* OUI:70B3D517A* ID_OUI_FROM_DATABASE=Gencoa Ltd +OUI:70B3D517B* + ID_OUI_FROM_DATABASE=Vistec Electron Beam GmbH + OUI:70B3D517D* ID_OUI_FROM_DATABASE=Entech Electronics @@ -57728,6 +58001,9 @@ OUI:70B3D519C* OUI:70B3D519E* ID_OUI_FROM_DATABASE=J-Factor Embedded Technologies +OUI:70B3D519F* + ID_OUI_FROM_DATABASE=Koizumi Lighting Technology Corp. + OUI:70B3D51A0* ID_OUI_FROM_DATABASE=UFATECH LTD @@ -57779,6 +58055,9 @@ OUI:70B3D51B9* OUI:70B3D51BB* ID_OUI_FROM_DATABASE=EFENTO T P SZYDŁOWSKI K ZARĘBA SPÓŁKA JAWNA +OUI:70B3D51BE* + ID_OUI_FROM_DATABASE=Potter Electric Signal Co. LLC + OUI:70B3D51C4* ID_OUI_FROM_DATABASE=Smeg S.p.A. @@ -57800,6 +58079,12 @@ OUI:70B3D51CD* OUI:70B3D51D0* ID_OUI_FROM_DATABASE=Shenzhen INVT Electric Co.,Ltd +OUI:70B3D51D1* + ID_OUI_FROM_DATABASE=Eurotek Srl + +OUI:70B3D51D3* + ID_OUI_FROM_DATABASE=AIROBOT OÜ + OUI:70B3D51D4* ID_OUI_FROM_DATABASE=Brinkmann Audio GmbH @@ -57914,6 +58199,9 @@ OUI:70B3D5217* OUI:70B3D521B* ID_OUI_FROM_DATABASE=Lab241 Co.,Ltd. +OUI:70B3D521C* + ID_OUI_FROM_DATABASE=Enyx SA + OUI:70B3D521D* ID_OUI_FROM_DATABASE=iRF - Intelligent RF Solutions, LLC @@ -57971,6 +58259,9 @@ OUI:70B3D5238* OUI:70B3D523A* ID_OUI_FROM_DATABASE=Mesa Labs, Inc. +OUI:70B3D523B* + ID_OUI_FROM_DATABASE=Fink Telecom Services + OUI:70B3D523C* ID_OUI_FROM_DATABASE=Quasonix, LLC @@ -58124,6 +58415,9 @@ OUI:70B3D528E* OUI:70B3D528F* ID_OUI_FROM_DATABASE=Overline Systems +OUI:70B3D5292* + ID_OUI_FROM_DATABASE=Private + OUI:70B3D5295* ID_OUI_FROM_DATABASE=Cello Electronics (UK) Ltd @@ -58160,6 +58454,9 @@ OUI:70B3D52A5* OUI:70B3D52A7* ID_OUI_FROM_DATABASE=Plasmability, LLC +OUI:70B3D52A9* + ID_OUI_FROM_DATABASE=Power Electronics Espana, S.L. + OUI:70B3D52AA* ID_OUI_FROM_DATABASE=Flirtey Inc @@ -58238,6 +58535,9 @@ OUI:70B3D52CF* OUI:70B3D52D0* ID_OUI_FROM_DATABASE=ijin co.,ltd. +OUI:70B3D52D2* + ID_OUI_FROM_DATABASE=SHANGHAI IRISIAN OPTRONICS TECHNOLOGY CO.,LTD. + OUI:70B3D52D4* ID_OUI_FROM_DATABASE=CT Company @@ -58481,6 +58781,9 @@ OUI:70B3D5361* OUI:70B3D5362* ID_OUI_FROM_DATABASE=Asiga +OUI:70B3D5363* + ID_OUI_FROM_DATABASE=Contec DTx + OUI:70B3D5364* ID_OUI_FROM_DATABASE=ADAMCZEWSKI elektronische Messtechnik GmbH @@ -58514,6 +58817,9 @@ OUI:70B3D5371* OUI:70B3D5374* ID_OUI_FROM_DATABASE=OOO NPP Mars-Energo +OUI:70B3D5375* + ID_OUI_FROM_DATABASE=Adel System srl + OUI:70B3D5376* ID_OUI_FROM_DATABASE=Private @@ -58544,6 +58850,9 @@ OUI:70B3D537F* OUI:70B3D5381* ID_OUI_FROM_DATABASE=CRDE +OUI:70B3D5382* + ID_OUI_FROM_DATABASE=Naval Group + OUI:70B3D5383* ID_OUI_FROM_DATABASE=LPA Excil Electronics @@ -58655,6 +58964,9 @@ OUI:70B3D53C5* OUI:70B3D53C6* ID_OUI_FROM_DATABASE=ACD Elekronik GmbH +OUI:70B3D53C9* + ID_OUI_FROM_DATABASE=Duerkopp-Adler + OUI:70B3D53CA* ID_OUI_FROM_DATABASE=TTI Ltd @@ -58916,6 +59228,9 @@ OUI:70B3D5475* OUI:70B3D5476* ID_OUI_FROM_DATABASE=FR-Team International SA +OUI:70B3D5478* + ID_OUI_FROM_DATABASE=Touchnet/OneCard + OUI:70B3D5479* ID_OUI_FROM_DATABASE=LINEAGE POWER PVT LTD., @@ -59051,6 +59366,9 @@ OUI:70B3D54BD* OUI:70B3D54BE* ID_OUI_FROM_DATABASE=GY-FX SAS +OUI:70B3D54C0* + ID_OUI_FROM_DATABASE=Technica Engineering GmbH + OUI:70B3D54C1* ID_OUI_FROM_DATABASE=QUERCUS TECHNOLOGIES, S. L. @@ -59120,6 +59438,9 @@ OUI:70B3D54E9* OUI:70B3D54EB* ID_OUI_FROM_DATABASE=INFOSOFT DIGITAL DESIGN & SERVICES PRIVATE LIMITED +OUI:70B3D54EC* + ID_OUI_FROM_DATABASE=Hangzhou Youshi Industry Co., Ltd. + OUI:70B3D54EF* ID_OUI_FROM_DATABASE=CMI, Inc. @@ -59597,6 +59918,9 @@ OUI:70B3D5610* OUI:70B3D5611* ID_OUI_FROM_DATABASE=Avionica +OUI:70B3D5613* + ID_OUI_FROM_DATABASE=Suprock Technologies + OUI:70B3D5615* ID_OUI_FROM_DATABASE=JSC OTZVUK @@ -59684,6 +60008,9 @@ OUI:70B3D5649* OUI:70B3D564A* ID_OUI_FROM_DATABASE=Netbric Technology Co.,Ltd. +OUI:70B3D564B* + ID_OUI_FROM_DATABASE=Kalfire + OUI:70B3D564C* ID_OUI_FROM_DATABASE=ACEMIS FRANCE @@ -59759,6 +60086,9 @@ OUI:70B3D5672* OUI:70B3D5674* ID_OUI_FROM_DATABASE=Fortress Cyber Security +OUI:70B3D5676* + ID_OUI_FROM_DATABASE=samwooeleco + OUI:70B3D5677* ID_OUI_FROM_DATABASE=Fraunhofer-Institut IIS @@ -59852,6 +60182,9 @@ OUI:70B3D56B5* OUI:70B3D56B6* ID_OUI_FROM_DATABASE=INRADIOS GmbH +OUI:70B3D56B7* + ID_OUI_FROM_DATABASE=Grossenbacher Systeme AG + OUI:70B3D56BB* ID_OUI_FROM_DATABASE=LUCEO @@ -60026,6 +60359,9 @@ OUI:70B3D5720* OUI:70B3D5721* ID_OUI_FROM_DATABASE=Zoe Medical +OUI:70B3D5722* + ID_OUI_FROM_DATABASE=UMAN + OUI:70B3D5723* ID_OUI_FROM_DATABASE=LG Electronics @@ -60149,6 +60485,9 @@ OUI:70B3D575D* OUI:70B3D575E* ID_OUI_FROM_DATABASE=Cardinal Health +OUI:70B3D575F* + ID_OUI_FROM_DATABASE=Vocality international T/A Cubic + OUI:70B3D5760* ID_OUI_FROM_DATABASE=QUALITTEQ LLC @@ -60215,6 +60554,9 @@ OUI:70B3D577B* OUI:70B3D577C* ID_OUI_FROM_DATABASE=HUSTY M.Styczen J.Hupert Sp.J. +OUI:70B3D577E* + ID_OUI_FROM_DATABASE=Blue Marble Communications, Inc. + OUI:70B3D5781* ID_OUI_FROM_DATABASE=Project Service S.a.s. @@ -60242,6 +60584,9 @@ OUI:70B3D578C* OUI:70B3D578E* ID_OUI_FROM_DATABASE=effectas GmbH +OUI:70B3D5790* + ID_OUI_FROM_DATABASE=AVI Pty Ltd + OUI:70B3D5791* ID_OUI_FROM_DATABASE=Romteck Australia @@ -60377,6 +60722,9 @@ OUI:70B3D57D2* OUI:70B3D57D5* ID_OUI_FROM_DATABASE=SICS Swedish ICT +OUI:70B3D57D6* + ID_OUI_FROM_DATABASE=Yukilab + OUI:70B3D57D7* ID_OUI_FROM_DATABASE=Gedomo GmbH @@ -60866,6 +61214,9 @@ OUI:70B3D58F7* OUI:70B3D58F8* ID_OUI_FROM_DATABASE=Wi6labs +OUI:70B3D58FA* + ID_OUI_FROM_DATABASE=DEA SYSTEM SPA + OUI:70B3D58FF* ID_OUI_FROM_DATABASE=IMST GmbH @@ -60935,6 +61286,9 @@ OUI:70B3D591E* OUI:70B3D591F* ID_OUI_FROM_DATABASE=JSC InformInvestGroup +OUI:70B3D5920* + ID_OUI_FROM_DATABASE=SLAT + OUI:70B3D5923* ID_OUI_FROM_DATABASE=eumig industrie-tv GmbH @@ -60956,6 +61310,9 @@ OUI:70B3D592A* OUI:70B3D592B* ID_OUI_FROM_DATABASE=ENTEC Electric & Electronic Co., LTD. +OUI:70B3D592F* + ID_OUI_FROM_DATABASE=SiFive + OUI:70B3D5930* ID_OUI_FROM_DATABASE=The Institute of Mine Seismology @@ -61052,6 +61409,9 @@ OUI:70B3D5963* OUI:70B3D5967* ID_OUI_FROM_DATABASE=TATTILE SRL +OUI:70B3D5968* + ID_OUI_FROM_DATABASE=LGM Ingénierie + OUI:70B3D5969* ID_OUI_FROM_DATABASE=Emtel System Sp. z o.o. @@ -61085,6 +61445,9 @@ OUI:70B3D597F* OUI:70B3D5981* ID_OUI_FROM_DATABASE=Zamir Recognition Systems Ltd. +OUI:70B3D5984* + ID_OUI_FROM_DATABASE=Sanmina Israel + OUI:70B3D5986* ID_OUI_FROM_DATABASE=Aplex Technology Inc. @@ -61406,6 +61769,9 @@ OUI:70B3D5A35* OUI:70B3D5A36* ID_OUI_FROM_DATABASE=Beijing DamingWuzhou Science&Technology Co., Ltd. +OUI:70B3D5A37* + ID_OUI_FROM_DATABASE=MITSUBISHI HEAVY INDUSTRIES THERMAL SYSTEMS, LTD. + OUI:70B3D5A3A* ID_OUI_FROM_DATABASE=EPSOFT Co., Ltd @@ -61508,6 +61874,9 @@ OUI:70B3D5A72* OUI:70B3D5A73* ID_OUI_FROM_DATABASE=MobiPromo +OUI:70B3D5A76* + ID_OUI_FROM_DATABASE=Pietro Fiorentini + OUI:70B3D5A78* ID_OUI_FROM_DATABASE=Bionics co.,ltd. @@ -61523,12 +61892,18 @@ OUI:70B3D5A7E* OUI:70B3D5A81* ID_OUI_FROM_DATABASE=Sienda New Media Technologies GmbH +OUI:70B3D5A82* + ID_OUI_FROM_DATABASE=Telefrank GmbH + OUI:70B3D5A85* ID_OUI_FROM_DATABASE=exceet electronics GesmbH OUI:70B3D5A86* ID_OUI_FROM_DATABASE=Divigraph (Pty) LTD +OUI:70B3D5A87* + ID_OUI_FROM_DATABASE=Tornado Modular Systems + OUI:70B3D5A88* ID_OUI_FROM_DATABASE=Shangdong Bosure Automation Technology Ltd @@ -61952,6 +62327,9 @@ OUI:70B3D5B7D* OUI:70B3D5B7E* ID_OUI_FROM_DATABASE=Elbit Systems of America - Fort Worth Operations +OUI:70B3D5B7F* + ID_OUI_FROM_DATABASE=JSK System + OUI:70B3D5B81* ID_OUI_FROM_DATABASE=Instro Precision Limited @@ -62036,6 +62414,9 @@ OUI:70B3D5BAD* OUI:70B3D5BAE* ID_OUI_FROM_DATABASE=WARECUBE,INC +OUI:70B3D5BAF* + ID_OUI_FROM_DATABASE=SYS TEC electronic GmbH + OUI:70B3D5BB2* ID_OUI_FROM_DATABASE=Mettler Toledo Hi Speed @@ -62075,6 +62456,9 @@ OUI:70B3D5BCA* OUI:70B3D5BCC* ID_OUI_FROM_DATABASE=MB connect line GmbH Fernwartungssysteme +OUI:70B3D5BCE* + ID_OUI_FROM_DATABASE=YAWATA ELECTRIC INDUSTRIAL CO.,LTD. + OUI:70B3D5BD1* ID_OUI_FROM_DATABASE=CableLabs @@ -62327,6 +62711,9 @@ OUI:70B3D5C62* OUI:70B3D5C63* ID_OUI_FROM_DATABASE=Xentech Solutions Limited +OUI:70B3D5C65* + ID_OUI_FROM_DATABASE=PEEK TRAFFIC + OUI:70B3D5C67* ID_OUI_FROM_DATABASE=Collini Dienstleistungs GmbH @@ -62426,6 +62813,9 @@ OUI:70B3D5C9F* OUI:70B3D5CA2* ID_OUI_FROM_DATABASE=De Haardt bv +OUI:70B3D5CA3* + ID_OUI_FROM_DATABASE=Saankhya Labs Private Limited + OUI:70B3D5CA4* ID_OUI_FROM_DATABASE=Netemera Sp. z o.o. @@ -62585,6 +62975,9 @@ OUI:70B3D5D07* OUI:70B3D5D08* ID_OUI_FROM_DATABASE=Veeco Instruments +OUI:70B3D5D09* + ID_OUI_FROM_DATABASE=Rishaad Brown + OUI:70B3D5D0A* ID_OUI_FROM_DATABASE=Private @@ -62738,6 +63131,9 @@ OUI:70B3D5D60* OUI:70B3D5D61* ID_OUI_FROM_DATABASE=VITEC +OUI:70B3D5D62* + ID_OUI_FROM_DATABASE=Andasis Elektronik San. ve Tic. A.Ş. + OUI:70B3D5D63* ID_OUI_FROM_DATABASE=CRDE @@ -62753,18 +63149,27 @@ OUI:70B3D5D67* OUI:70B3D5D69* ID_OUI_FROM_DATABASE=Thermo Fisher Scientific +OUI:70B3D5D6A* + ID_OUI_FROM_DATABASE=KnowRoaming + OUI:70B3D5D6B* ID_OUI_FROM_DATABASE=Uwinloc OUI:70B3D5D6C* ID_OUI_FROM_DATABASE=GP Systems GmbH +OUI:70B3D5D6E* + ID_OUI_FROM_DATABASE=ard sa + OUI:70B3D5D6F* ID_OUI_FROM_DATABASE=X-SPEX GmbH OUI:70B3D5D70* ID_OUI_FROM_DATABASE=Rational Production srl Unipersonale +OUI:70B3D5D72* + ID_OUI_FROM_DATABASE=OnYield Inc Ltd + OUI:70B3D5D73* ID_OUI_FROM_DATABASE=ERMINE Corporation @@ -62786,6 +63191,9 @@ OUI:70B3D5D7A* OUI:70B3D5D7B* ID_OUI_FROM_DATABASE=Peter Huber Kaeltemaschinenbau AG +OUI:70B3D5D7C* + ID_OUI_FROM_DATABASE=D.T.S Illuminazione Srl + OUI:70B3D5D7E* ID_OUI_FROM_DATABASE=Triax A/S @@ -62909,6 +63317,9 @@ OUI:70B3D5DC5* OUI:70B3D5DC6* ID_OUI_FROM_DATABASE=IDEM INC. +OUI:70B3D5DC8* + ID_OUI_FROM_DATABASE=Enertex Bayern GmbH + OUI:70B3D5DC9* ID_OUI_FROM_DATABASE=Sensoterra BV @@ -63248,6 +63659,9 @@ OUI:70B3D5E9B* OUI:70B3D5E9C* ID_OUI_FROM_DATABASE=ATG UV Technology +OUI:70B3D5E9E* + ID_OUI_FROM_DATABASE=MSB Elektronik und Gerätebau GmbH + OUI:70B3D5EA0* ID_OUI_FROM_DATABASE=PARK24 @@ -63299,6 +63713,9 @@ OUI:70B3D5EB9* OUI:70B3D5EBB* ID_OUI_FROM_DATABASE=Beijing Wing ICT Technology Co., Ltd. +OUI:70B3D5EBC* + ID_OUI_FROM_DATABASE=Refine Technology, LLC + OUI:70B3D5EBD* ID_OUI_FROM_DATABASE=midBit Technologies, LLC @@ -63377,6 +63794,9 @@ OUI:70B3D5EF2* OUI:70B3D5EF3* ID_OUI_FROM_DATABASE=octoScope +OUI:70B3D5EF4* + ID_OUI_FROM_DATABASE=Orange Tree Technologies Ltd + OUI:70B3D5EF5* ID_OUI_FROM_DATABASE=DEUTA-WERKE GmbH @@ -63548,6 +63968,9 @@ OUI:70B3D5F5C* OUI:70B3D5F5E* ID_OUI_FROM_DATABASE=Selex ES Inc. +OUI:70B3D5F5F* + ID_OUI_FROM_DATABASE=RFRain LLC + OUI:70B3D5F61* ID_OUI_FROM_DATABASE=Power Diagnostic Service @@ -64319,6 +64742,9 @@ OUI:746A8F* OUI:746B82* ID_OUI_FROM_DATABASE=MOVEK +OUI:746BAB* + ID_OUI_FROM_DATABASE=GUANGDONG ENOK COMMUNICATION CO., LTD + OUI:746EE4* ID_OUI_FROM_DATABASE=Asia Vital Components Co.,Ltd. @@ -64499,6 +64925,9 @@ OUI:74B472* OUI:74B57E* ID_OUI_FROM_DATABASE=zte corporation +OUI:74B91E* + ID_OUI_FROM_DATABASE=Nanjing Bestway Automation System Co., Ltd + OUI:74B9EB* ID_OUI_FROM_DATABASE=JinQianMao Technology Co.,Ltd. @@ -64517,6 +64946,9 @@ OUI:74BFA1* OUI:74BFB7* ID_OUI_FROM_DATABASE=Nusoft Corporation +OUI:74C14F* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:74C246* ID_OUI_FROM_DATABASE=Amazon Technologies Inc. @@ -64694,6 +65126,12 @@ OUI:74EACB* OUI:74EAE8* ID_OUI_FROM_DATABASE=ARRIS Group, Inc. +OUI:74EB80* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + +OUI:74EC42* + ID_OUI_FROM_DATABASE=Fiberhome Telecommunication Technologies Co.,LTD + OUI:74ECF1* ID_OUI_FROM_DATABASE=Acumen @@ -64755,7 +65193,7 @@ OUI:74F8DB9* ID_OUI_FROM_DATABASE=Avantree Corporation OUI:74F8DBA* - ID_OUI_FROM_DATABASE=Ballard Technology Inc. + ID_OUI_FROM_DATABASE=Ballard Technology, Inc, OUI:74F8DBB* ID_OUI_FROM_DATABASE=Capwave Technologies Inc @@ -64802,6 +65240,9 @@ OUI:7802B7* OUI:7802F8* ID_OUI_FROM_DATABASE=Xiaomi Communications Co Ltd +OUI:780473* + ID_OUI_FROM_DATABASE=Texas Instruments + OUI:780541* ID_OUI_FROM_DATABASE=Queclink Wireless Solutions Co., Ltd @@ -64874,6 +65315,9 @@ OUI:7825AD* OUI:7828CA* ID_OUI_FROM_DATABASE=Sonos, Inc. +OUI:7829ED* + ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP + OUI:782BCB* ID_OUI_FROM_DATABASE=Dell Inc. @@ -65045,6 +65489,9 @@ OUI:786D94* OUI:78719C* ID_OUI_FROM_DATABASE=ARRIS Group, Inc. +OUI:78725D* + ID_OUI_FROM_DATABASE=Cisco Systems, Inc + OUI:787B8A* ID_OUI_FROM_DATABASE=Apple, Inc. @@ -65204,6 +65651,9 @@ OUI:78AE0C* OUI:78AF58* ID_OUI_FROM_DATABASE=GIMASI SA +OUI:78AFE4* + ID_OUI_FROM_DATABASE=Comau S.p.A + OUI:78B28D* ID_OUI_FROM_DATABASE=Beijing Tengling Technology CO.Ltd @@ -65381,6 +65831,9 @@ OUI:78D004* OUI:78D129* ID_OUI_FROM_DATABASE=Vicos +OUI:78D294* + ID_OUI_FROM_DATABASE=NETGEAR + OUI:78D34F* ID_OUI_FROM_DATABASE=Pace-O-Matic, Inc. @@ -65675,6 +66128,9 @@ OUI:7C2CF3* OUI:7C2E0D* ID_OUI_FROM_DATABASE=Blackmagic Design +OUI:7C2EBD* + ID_OUI_FROM_DATABASE=Google, Inc. + OUI:7C2EDD* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd @@ -65708,6 +66164,9 @@ OUI:7C3CB6* OUI:7C3E9D* ID_OUI_FROM_DATABASE=PATECH +OUI:7C41A2* + ID_OUI_FROM_DATABASE=Nokia + OUI:7C438F* ID_OUI_FROM_DATABASE=E-Band Communications Corp. @@ -65990,6 +66449,9 @@ OUI:7C95B1* OUI:7C95F3* ID_OUI_FROM_DATABASE=Cisco Systems, Inc +OUI:7C96D2* + ID_OUI_FROM_DATABASE=Fihonest communication co.,Ltd + OUI:7C9763* ID_OUI_FROM_DATABASE=Openmatics s.r.o. @@ -66338,6 +66800,9 @@ OUI:80006E* OUI:800184* ID_OUI_FROM_DATABASE=HTC Corporation +OUI:80029C* + ID_OUI_FROM_DATABASE=Gemtek Technology Co., Ltd. + OUI:8002DF* ID_OUI_FROM_DATABASE=ORA Inc. @@ -66539,6 +67004,9 @@ OUI:80501B* OUI:805067* ID_OUI_FROM_DATABASE=W & D TECHNOLOGY CORPORATION +OUI:8050F6* + ID_OUI_FROM_DATABASE=ITEL MOBILE LIMITED + OUI:8056F2* ID_OUI_FROM_DATABASE=Hon Hai Precision Ind. Co.,Ltd. @@ -66771,7 +67239,10 @@ OUI:80B289* ID_OUI_FROM_DATABASE=Forworld Electronics Ltd. OUI:80B32A* - ID_OUI_FROM_DATABASE=Alstom Grid + ID_OUI_FROM_DATABASE=UK Grid Solutions Ltd + +OUI:80B575* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD OUI:80B686* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD @@ -66999,7 +67470,7 @@ OUI:841715* ID_OUI_FROM_DATABASE=GP Electronics (HK) Ltd. OUI:841766* - ID_OUI_FROM_DATABASE=Weifang GoerTek Technology Co.,Ltd. + ID_OUI_FROM_DATABASE=WEIFANG GOERTEK ELECTRONICS CO.,LTD OUI:841826* ID_OUI_FROM_DATABASE=Osram GmbH @@ -67682,6 +68153,9 @@ OUI:882950* OUI:882BD7* ID_OUI_FROM_DATABASE=ADDÉNERGIE TECHNOLOGIES +OUI:882D53* + ID_OUI_FROM_DATABASE=Baidu Online Network Technology (Beijing) Co., Ltd. + OUI:882E5A* ID_OUI_FROM_DATABASE=storONE @@ -68384,6 +68858,9 @@ OUI:8C147DD* OUI:8C147DE* ID_OUI_FROM_DATABASE=Electrical & Automation Larsen & Toubro Limited +OUI:8C15C7* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:8C1645* ID_OUI_FROM_DATABASE=LCFC(HeFei) Electronics Technology co., ltd @@ -68438,6 +68915,48 @@ OUI:8C192DE* OUI:8C1ABF* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd +OUI:8C1CDA0* + ID_OUI_FROM_DATABASE=CEOS Pty Ltd + +OUI:8C1CDA1* + ID_OUI_FROM_DATABASE=GESAS GmbH + +OUI:8C1CDA2* + ID_OUI_FROM_DATABASE=GEOMC + +OUI:8C1CDA3* + ID_OUI_FROM_DATABASE=Structura Technology & Innovation + +OUI:8C1CDA4* + ID_OUI_FROM_DATABASE=Anntec (Beijing) Technology Co.,Ltd. + +OUI:8C1CDA5* + ID_OUI_FROM_DATABASE=Septentrio NV + +OUI:8C1CDA6* + ID_OUI_FROM_DATABASE=LocoLabs LLC + +OUI:8C1CDA7* + ID_OUI_FROM_DATABASE=K Technology Corporation + +OUI:8C1CDA8* + ID_OUI_FROM_DATABASE=ATOL LLC + +OUI:8C1CDA9* + ID_OUI_FROM_DATABASE=Raychem RPG PVT. LTD. + +OUI:8C1CDAA* + ID_OUI_FROM_DATABASE=China Potevio Co., Ltd + +OUI:8C1CDAB* + ID_OUI_FROM_DATABASE=T+A elektroakustik GmbH & Co.KG + +OUI:8C1CDAC* + ID_OUI_FROM_DATABASE=Alcidae Inc + +OUI:8C1CDAE* + ID_OUI_FROM_DATABASE=Electronic Controlled Systems, Inc. + OUI:8C1F94* ID_OUI_FROM_DATABASE=RF Surgical System Inc. @@ -68886,7 +69405,7 @@ OUI:8CEEC6* ID_OUI_FROM_DATABASE=Precepscion Pty. Ltd. OUI:8CF228* - ID_OUI_FROM_DATABASE=SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. + ID_OUI_FROM_DATABASE=MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. OUI:8CF5A3* ID_OUI_FROM_DATABASE=SAMSUNG ELECTRO-MECHANICS(THAILAND) @@ -69353,6 +69872,9 @@ OUI:909F33* OUI:909F43* ID_OUI_FROM_DATABASE=Accutron Instruments Inc. +OUI:90A137* + ID_OUI_FROM_DATABASE=Beijing Splendidtel Communication Technology Co,. Ltd + OUI:90A210* ID_OUI_FROM_DATABASE=United Telecoms Ltd @@ -69647,6 +70169,9 @@ OUI:941673* OUI:941882* ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise +OUI:94193A* + ID_OUI_FROM_DATABASE=Elvaco AB + OUI:941D1C* ID_OUI_FROM_DATABASE=TLab West Systems AB @@ -69726,7 +70251,7 @@ OUI:944A09* ID_OUI_FROM_DATABASE=BitWise Controls OUI:944A0C* - ID_OUI_FROM_DATABASE=Sercomm Corporation + ID_OUI_FROM_DATABASE=Sercomm Corporation. OUI:945047* ID_OUI_FROM_DATABASE=Rechnerbetriebsgruppe @@ -70541,6 +71066,9 @@ OUI:989C57* OUI:989E63* ID_OUI_FROM_DATABASE=Apple, Inc. +OUI:98A404* + ID_OUI_FROM_DATABASE=Ericsson AB + OUI:98A40E* ID_OUI_FROM_DATABASE=Snap, Inc. @@ -71051,6 +71579,9 @@ OUI:9C6C15* OUI:9C6F52* ID_OUI_FROM_DATABASE=zte corporation +OUI:9C713A* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:9C741A* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD @@ -71444,6 +71975,15 @@ OUI:A01859* OUI:A01917* ID_OUI_FROM_DATABASE=Bertel S.p.a. +OUI:A019B21* + ID_OUI_FROM_DATABASE=El Sewedy Electrometer Egypt S.A.E. + +OUI:A019B22* + ID_OUI_FROM_DATABASE=Beijing Deephi Intelligent Technology Co., Ltd + +OUI:A019B28* + ID_OUI_FROM_DATABASE=MIS Industrie Systeme GmbH & Co. KG + OUI:A01B29* ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS @@ -72219,7 +72759,7 @@ OUI:A41437* ID_OUI_FROM_DATABASE=Hangzhou Hikvision Digital Technology Co.,Ltd. OUI:A41566* - ID_OUI_FROM_DATABASE=Weifang GoerTek Technology Co.,Ltd. + ID_OUI_FROM_DATABASE=WEIFANG GOERTEK ELECTRONICS CO.,LTD OUI:A41588* ID_OUI_FROM_DATABASE=ARRIS Group, Inc. @@ -72444,7 +72984,7 @@ OUI:A4526F* ID_OUI_FROM_DATABASE=ADB Broadband Italia OUI:A45385* - ID_OUI_FROM_DATABASE=Weifang GoerTek Technology Co.,Ltd. + ID_OUI_FROM_DATABASE=WEIFANG GOERTEK ELECTRONICS CO.,LTD OUI:A45602* ID_OUI_FROM_DATABASE=fenglian Technology Co.,Ltd. @@ -72620,6 +73160,9 @@ OUI:A49005* OUI:A491B1* ID_OUI_FROM_DATABASE=Technicolor +OUI:A492CB* + ID_OUI_FROM_DATABASE=Nokia + OUI:A4933F* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD @@ -72722,6 +73265,9 @@ OUI:A4BADB* OUI:A4BBAF* ID_OUI_FROM_DATABASE=Lime Instruments +OUI:A4BE2B* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:A4BE61* ID_OUI_FROM_DATABASE=EutroVision System, Inc. @@ -72836,6 +73382,9 @@ OUI:A4DA22D* OUI:A4DA22E* ID_OUI_FROM_DATABASE=Quuppa Oy +OUI:A4DA32* + ID_OUI_FROM_DATABASE=Texas Instruments + OUI:A4DA3F* ID_OUI_FROM_DATABASE=Bionics Corp. @@ -73001,11 +73550,14 @@ OUI:A8294C* OUI:A82BB5* ID_OUI_FROM_DATABASE=Edgecore Networks Corporation +OUI:A82BB9* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + OUI:A82BD6* ID_OUI_FROM_DATABASE=Shina System Co., Ltd OUI:A830AD* - ID_OUI_FROM_DATABASE=Weifang GoerTek Technology Co.,Ltd. + ID_OUI_FROM_DATABASE=WEIFANG GOERTEK ELECTRONICS CO.,LTD OUI:A8329A* ID_OUI_FROM_DATABASE=Digicom Futuristic Technologies Ltd. @@ -73016,6 +73568,9 @@ OUI:A8367A* OUI:A83944* ID_OUI_FROM_DATABASE=Actiontec Electronics, Inc +OUI:A83E0E* + ID_OUI_FROM_DATABASE=HMD Global Oy + OUI:A84041* ID_OUI_FROM_DATABASE=Dragino Technology Co., Limited @@ -73052,6 +73607,9 @@ OUI:A8574E* OUI:A85840* ID_OUI_FROM_DATABASE=Cambridge Industries(Group) Co.,Ltd. +OUI:A85B6C* + ID_OUI_FROM_DATABASE=Robert Bosch Gmbh, CM-CI2 + OUI:A85B78* ID_OUI_FROM_DATABASE=Apple, Inc. @@ -73130,6 +73688,9 @@ OUI:A87B39* OUI:A87C01* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd +OUI:A87D12* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:A87E33* ID_OUI_FROM_DATABASE=Nokia Danmark A/S @@ -73280,6 +73841,9 @@ OUI:A8C87F* OUI:A8CA7B* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD +OUI:A8CAB9* + ID_OUI_FROM_DATABASE=SAMSUNG ELECTRO MECHANICS CO., LTD. + OUI:A8CB95* ID_OUI_FROM_DATABASE=EAST BEST CO., LTD. @@ -73307,6 +73871,9 @@ OUI:A8D3F7* OUI:A8D409* ID_OUI_FROM_DATABASE=USA 111 Inc +OUI:A8D498* + ID_OUI_FROM_DATABASE=Avira Operations GmbH & Co. KG + OUI:A8D579* ID_OUI_FROM_DATABASE=Beijing Chushang Science and Technology Co.,Ltd @@ -73328,6 +73895,9 @@ OUI:A8E3EE* OUI:A8E539* ID_OUI_FROM_DATABASE=Moimstone Co.,Ltd +OUI:A8E552* + ID_OUI_FROM_DATABASE=JUWEL Aquarium AG & Co. KG + OUI:A8E705* ID_OUI_FROM_DATABASE=Fiberhome Telecommunication Technologies Co.,LTD @@ -73550,6 +74120,9 @@ OUI:AC3870* OUI:AC3A7A* ID_OUI_FROM_DATABASE=Roku, Inc. +OUI:AC3B77* + ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS + OUI:AC3C0B* ID_OUI_FROM_DATABASE=Apple, Inc. @@ -74040,7 +74613,7 @@ OUI:ACF97E* ID_OUI_FROM_DATABASE=ELESYS INC. OUI:ACFD93* - ID_OUI_FROM_DATABASE=Weifang GoerTek Technology Co.,Ltd. + ID_OUI_FROM_DATABASE=WEIFANG GOERTEK ELECTRONICS CO.,LTD OUI:ACFDCE* ID_OUI_FROM_DATABASE=Intel Corporate @@ -74234,6 +74807,9 @@ OUI:B0518E* OUI:B05216* ID_OUI_FROM_DATABASE=Hon Hai Precision Ind. Co.,Ltd. +OUI:B05365* + ID_OUI_FROM_DATABASE=China Mobile IOT Company Limited + OUI:B05508* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD @@ -74627,6 +75203,9 @@ OUI:B0E97E* OUI:B0EABC* ID_OUI_FROM_DATABASE=ASKEY COMPUTER CORP +OUI:B0EB57* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:B0EC71* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd @@ -74660,6 +75239,9 @@ OUI:B0F963* OUI:B0FAEB* ID_OUI_FROM_DATABASE=Cisco Systems, Inc +OUI:B0FC0D* + ID_OUI_FROM_DATABASE=Amazon Technologies Inc. + OUI:B0FC36* ID_OUI_FROM_DATABASE=CyberTAN Technology Inc. @@ -74855,6 +75437,9 @@ OUI:B4417A* OUI:B4430D* ID_OUI_FROM_DATABASE=Broadlink Pty Ltd +OUI:B44326* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:B4475E* ID_OUI_FROM_DATABASE=Avaya Inc @@ -74912,6 +75497,9 @@ OUI:B46698* OUI:B467E9* ID_OUI_FROM_DATABASE=Qingdao GoerTek Technology Co., Ltd. +OUI:B46BFC* + ID_OUI_FROM_DATABASE=Intel Corporate + OUI:B46D35* ID_OUI_FROM_DATABASE=Dalian Seasky Automation Co;Ltd @@ -74963,6 +75551,9 @@ OUI:B482FE* OUI:B48547* ID_OUI_FROM_DATABASE=Amptown System Company GmbH +OUI:B48655* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:B48910* ID_OUI_FROM_DATABASE=Coster T.E. S.P.A. @@ -75071,6 +75662,9 @@ OUI:B4B5AF* OUI:B4B676* ID_OUI_FROM_DATABASE=Intel Corporate +OUI:B4B686* + ID_OUI_FROM_DATABASE=Hewlett Packard + OUI:B4B859* ID_OUI_FROM_DATABASE=Texa Spa @@ -75170,6 +75764,9 @@ OUI:B4E9A3* OUI:B4E9B0* ID_OUI_FROM_DATABASE=Cisco Systems, Inc +OUI:B4EC02* + ID_OUI_FROM_DATABASE=ALPS ELECTRIC CO.,LTD. + OUI:B4ED19* ID_OUI_FROM_DATABASE=Pie Digital, Inc. @@ -75461,6 +76058,9 @@ OUI:B87CF2* OUI:B88198* ID_OUI_FROM_DATABASE=Intel Corporate +OUI:B88303* + ID_OUI_FROM_DATABASE=Hewlett Packard Enterprise + OUI:B88687* ID_OUI_FROM_DATABASE=Liteon Technology Corporation @@ -75482,6 +76082,9 @@ OUI:B889CA* OUI:B88A60* ID_OUI_FROM_DATABASE=Intel Corporate +OUI:B88AEC* + ID_OUI_FROM_DATABASE=Nintendo Co.,Ltd + OUI:B88D12* ID_OUI_FROM_DATABASE=Apple, Inc. @@ -75581,6 +76184,9 @@ OUI:B8B42E* OUI:B8B7D7* ID_OUI_FROM_DATABASE=2GIG Technologies +OUI:B8B7F1* + ID_OUI_FROM_DATABASE=Wistron Neweb Corporation + OUI:B8B81E* ID_OUI_FROM_DATABASE=Intel Corporate @@ -75875,6 +76481,9 @@ OUI:BC20A4* OUI:BC20BA* ID_OUI_FROM_DATABASE=Inspur (Shandong) Electronic Information Co., Ltd +OUI:BC22FB* + ID_OUI_FROM_DATABASE=RF Industries + OUI:BC25E0* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD @@ -76071,7 +76680,7 @@ OUI:BC5FF4* ID_OUI_FROM_DATABASE=ASRock Incorporation OUI:BC5FF6* - ID_OUI_FROM_DATABASE=SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. + ID_OUI_FROM_DATABASE=MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. OUI:BC6010* ID_OUI_FROM_DATABASE=Qingdao Hisense Communications Co.,Ltd. @@ -76262,6 +76871,9 @@ OUI:BC9680* OUI:BC9889* ID_OUI_FROM_DATABASE=Fiberhome Telecommunication Technologies Co.,LTD +OUI:BC9911* + ID_OUI_FROM_DATABASE=Zyxel Communications Corporation + OUI:BC99BC* ID_OUI_FROM_DATABASE=FonSee Technology Inc. @@ -76652,6 +77264,9 @@ OUI:C07CD1* OUI:C07E40* ID_OUI_FROM_DATABASE=SHENZHEN XDK COMMUNICATION EQUIPMENT CO.,LTD +OUI:C08135* + ID_OUI_FROM_DATABASE=Ningbo Forfan technology Co., LTD + OUI:C08170* ID_OUI_FROM_DATABASE=Effigis GeoSolutions @@ -76832,6 +77447,9 @@ OUI:C0D012* OUI:C0D044* ID_OUI_FROM_DATABASE=Sagemcom Broadband SAS +OUI:C0D2F3* + ID_OUI_FROM_DATABASE=Hui Zhou Gaoshengda Technology Co.,LTD + OUI:C0D3910* ID_OUI_FROM_DATABASE=Fuzhou Jinshi Technology Co.,Ltd. @@ -76922,6 +77540,9 @@ OUI:C0F1C4* OUI:C0F2FB* ID_OUI_FROM_DATABASE=Apple, Inc. +OUI:C0F4E6* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:C0F636* ID_OUI_FROM_DATABASE=Hangzhou Kuaiyue Technologies, Ltd. @@ -77036,6 +77657,9 @@ OUI:C4237A* OUI:C4242E* ID_OUI_FROM_DATABASE=Galvanic Applied Sciences Inc +OUI:C42456* + ID_OUI_FROM_DATABASE=Palo Alto Networks + OUI:C42628* ID_OUI_FROM_DATABASE=Airo Wireless @@ -77348,6 +77972,9 @@ OUI:C49313* OUI:C49380* ID_OUI_FROM_DATABASE=Speedytel technology +OUI:C493D9* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + OUI:C495A2* ID_OUI_FROM_DATABASE=SHENZHEN WEIJIU INDUSTRY AND TRADE DEVELOPMENT CO., LTD @@ -77805,7 +78432,7 @@ OUI:C87765* ID_OUI_FROM_DATABASE=Tiesse SpA OUI:C8778B* - ID_OUI_FROM_DATABASE=Themis Computer + ID_OUI_FROM_DATABASE=Mercury Systems – Trusted Mission Solutions, Inc. OUI:C87B5B* ID_OUI_FROM_DATABASE=zte corporation @@ -77975,6 +78602,9 @@ OUI:C8AF40* OUI:C8AFE3* ID_OUI_FROM_DATABASE=Hefei Radio Communication Technology Co., Ltd +OUI:C8B1EE* + ID_OUI_FROM_DATABASE=Qorvo + OUI:C8B21E* ID_OUI_FROM_DATABASE=CHIPSEA TECHNOLOGIES (SHENZHEN) CORP. @@ -78099,7 +78729,7 @@ OUI:C8E776* ID_OUI_FROM_DATABASE=PTCOM Technology OUI:C8E7D8* - ID_OUI_FROM_DATABASE=SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. + ID_OUI_FROM_DATABASE=MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. OUI:C8E7F0* ID_OUI_FROM_DATABASE=Juniper Networks @@ -78393,7 +79023,7 @@ OUI:CC3A61* ID_OUI_FROM_DATABASE=SAMSUNG ELECTRO MECHANICS CO., LTD. OUI:CC3ADF* - ID_OUI_FROM_DATABASE=Neptune Technology Group Inc. + ID_OUI_FROM_DATABASE=Private OUI:CC3B3E* ID_OUI_FROM_DATABASE=Lester Electrical @@ -78458,6 +79088,12 @@ OUI:CC501C* OUI:CC5076* ID_OUI_FROM_DATABASE=Ocom Communications, Inc. +OUI:CC50E3* + ID_OUI_FROM_DATABASE=Espressif Inc. + +OUI:CC51B4* + ID_OUI_FROM_DATABASE=Integrated Device Technology (Malaysia) Sdn. Bhd. + OUI:CC52AF* ID_OUI_FROM_DATABASE=Universal Global Scientific Industrial Co., Ltd. @@ -78548,6 +79184,9 @@ OUI:CC7A30* OUI:CC7B35* ID_OUI_FROM_DATABASE=zte corporation +OUI:CC7B61* + ID_OUI_FROM_DATABASE=NIKKISO CO., LTD. + OUI:CC7D37* ID_OUI_FROM_DATABASE=ARRIS Group, Inc. @@ -78713,6 +79352,9 @@ OUI:CCC760* OUI:CCC8D7* ID_OUI_FROM_DATABASE=CIAS Elettronica srl +OUI:CCC92C* + ID_OUI_FROM_DATABASE=Schindler - PORT Technology + OUI:CCCC4E* ID_OUI_FROM_DATABASE=Sun Fountainhead USA. Corp @@ -78969,7 +79611,7 @@ OUI:D023DB* ID_OUI_FROM_DATABASE=Apple, Inc. OUI:D02516* - ID_OUI_FROM_DATABASE=SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. + ID_OUI_FROM_DATABASE=MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. OUI:D02544* ID_OUI_FROM_DATABASE=SAMSUNG ELECTRO-MECHANICS(THAILAND) @@ -79073,6 +79715,9 @@ OUI:D05875* OUI:D058A8* ID_OUI_FROM_DATABASE=zte corporation +OUI:D058FC* + ID_OUI_FROM_DATABASE=BSkyB Ltd + OUI:D05995* ID_OUI_FROM_DATABASE=Fiberhome Telecommunication Technologies Co.,LTD @@ -79253,6 +79898,9 @@ OUI:D08999* OUI:D08A55* ID_OUI_FROM_DATABASE=Skullcandy +OUI:D08A91* + ID_OUI_FROM_DATABASE=Technicolor CH USA Inc. + OUI:D08B7E* ID_OUI_FROM_DATABASE=Passif Semiconductor @@ -79322,6 +79970,9 @@ OUI:D0B0CD* OUI:D0B128* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd +OUI:D0B214* + ID_OUI_FROM_DATABASE=PoeWit Inc + OUI:D0B2C4* ID_OUI_FROM_DATABASE=Technicolor CH USA Inc. @@ -79370,6 +80021,12 @@ OUI:D0C282* OUI:D0C42F* ID_OUI_FROM_DATABASE=Tamagawa Seiki Co.,Ltd. +OUI:D0C5D3* + ID_OUI_FROM_DATABASE=AzureWave Technology Inc. + +OUI:D0C5D8* + ID_OUI_FROM_DATABASE=LATECOERE + OUI:D0C5F3* ID_OUI_FROM_DATABASE=Apple, Inc. @@ -79412,6 +80069,9 @@ OUI:D0D471* OUI:D0D6CC* ID_OUI_FROM_DATABASE=Wintop +OUI:D0D783* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:D0D94F0* ID_OUI_FROM_DATABASE=Perfant Technology Co., Ltd @@ -79590,7 +80250,7 @@ OUI:D4206D* ID_OUI_FROM_DATABASE=HTC Corporation OUI:D42122* - ID_OUI_FROM_DATABASE=Sercomm Corporation + ID_OUI_FROM_DATABASE=Sercomm Corporation. OUI:D4223F* ID_OUI_FROM_DATABASE=Lenovo Mobile Communication Technology Ltd. @@ -79910,6 +80570,9 @@ OUI:D49C8E* OUI:D49CF4* ID_OUI_FROM_DATABASE=Palo Alto Networks +OUI:D49E05* + ID_OUI_FROM_DATABASE=zte corporation + OUI:D49E6D* ID_OUI_FROM_DATABASE=Wuhan Zhongyuan Huadian Science & Technology Co., @@ -80099,6 +80762,9 @@ OUI:D4F786* OUI:D4F9A1* ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD +OUI:D4FC13* + ID_OUI_FROM_DATABASE=Fiberhome Telecommunication Technologies Co.,LTD + OUI:D8004D* ID_OUI_FROM_DATABASE=Apple, Inc. @@ -80171,6 +80837,9 @@ OUI:D8209F* OUI:D822F4* ID_OUI_FROM_DATABASE=Avnet Silica +OUI:D82477* + ID_OUI_FROM_DATABASE=Universal Electric Corporation + OUI:D824BD* ID_OUI_FROM_DATABASE=Cisco Systems, Inc @@ -80342,6 +81011,9 @@ OUI:D866EE* OUI:D867D9* ID_OUI_FROM_DATABASE=Cisco Systems, Inc +OUI:D868C3* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + OUI:D86960* ID_OUI_FROM_DATABASE=Steinsvik @@ -80654,6 +81326,9 @@ OUI:D8F0F2* OUI:D8F1F0* ID_OUI_FROM_DATABASE=Pepxim International Limited +OUI:D8F3DB* + ID_OUI_FROM_DATABASE=Post CH AG + OUI:D8F710* ID_OUI_FROM_DATABASE=Libre Wireless Technologies Inc. @@ -81002,6 +81677,9 @@ OUI:DC85DE* OUI:DC86D8* ID_OUI_FROM_DATABASE=Apple, Inc. +OUI:DC9914* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:DC9A8E* ID_OUI_FROM_DATABASE=Nanjing Cocomm electronics co., LTD @@ -81062,12 +81740,18 @@ OUI:DCAD9E* OUI:DCAE04* ID_OUI_FROM_DATABASE=CELOXICA Ltd +OUI:DCAF68* + ID_OUI_FROM_DATABASE=WEIFANG GOERTEK ELECTRONICS CO.,LTD + OUI:DCB058* ID_OUI_FROM_DATABASE=Bürkert Werke GmbH OUI:DCB3B4* ID_OUI_FROM_DATABASE=Honeywell Environmental & Combustion Controls (Tianjin) Co., Ltd. +OUI:DCB4AC* + ID_OUI_FROM_DATABASE=FLEXTRONICS MANUFACTURING(ZHUHAI)CO.,LTD. + OUI:DCB4C4* ID_OUI_FROM_DATABASE=Microsoft XCG @@ -81170,12 +81854,18 @@ OUI:DCDECA* OUI:DCE026* ID_OUI_FROM_DATABASE=Patrol Tag, Inc +OUI:DCE0EB* + ID_OUI_FROM_DATABASE=Nanjing Aozheng Information Technology Co.Ltd + OUI:DCE1AD* ID_OUI_FROM_DATABASE=Shenzhen Wintop Photoelectric Technology Co., Ltd OUI:DCE2AC* ID_OUI_FROM_DATABASE=Lumens Digital Optics Inc. +OUI:DCE305* + ID_OUI_FROM_DATABASE=ZAO NPK Rotek + OUI:DCE5330* ID_OUI_FROM_DATABASE=FLYHT Aerospace @@ -81477,7 +82167,7 @@ OUI:E05FB9* ID_OUI_FROM_DATABASE=Cisco Systems, Inc OUI:E06066* - ID_OUI_FROM_DATABASE=Sercomm Corporation + ID_OUI_FROM_DATABASE=Sercomm Corporation. OUI:E06089* ID_OUI_FROM_DATABASE=Cloudleaf, Inc. @@ -81710,6 +82400,9 @@ OUI:E0B9BA* OUI:E0B9E5* ID_OUI_FROM_DATABASE=Technicolor +OUI:E0BAB4* + ID_OUI_FROM_DATABASE=Arrcus, Inc + OUI:E0BC43* ID_OUI_FROM_DATABASE=C2 Microsystems, Inc. @@ -82319,6 +83012,9 @@ OUI:E4C801* OUI:E4C806* ID_OUI_FROM_DATABASE=Ceiec Electric Technology Inc. +OUI:E4CA12* + ID_OUI_FROM_DATABASE=zte corporation + OUI:E4CB59* ID_OUI_FROM_DATABASE=Beijing Loveair Science and Technology Co. Ltd. @@ -82361,6 +83057,9 @@ OUI:E4E409* OUI:E4E4AB* ID_OUI_FROM_DATABASE=Apple, Inc. +OUI:E4EA83* + ID_OUI_FROM_DATABASE=SHENZHEN GONGJIN ELECTRONICS CO.,LT + OUI:E4EC10* ID_OUI_FROM_DATABASE=Nokia Corporation @@ -82874,6 +83573,9 @@ OUI:E8CD2D* OUI:E8CE06* ID_OUI_FROM_DATABASE=SkyHawke Technologies, LLC. +OUI:E8D099* + ID_OUI_FROM_DATABASE=Fiberhome Telecommunication Technologies Co.,LTD + OUI:E8D0FA* ID_OUI_FROM_DATABASE=MKS Instruments Deutschland GmbH @@ -83270,6 +83972,9 @@ OUI:EC8A4C* OUI:EC8AC7* ID_OUI_FROM_DATABASE=Fiberhome Telecommunication Technologies Co.,LTD +OUI:EC8C9A* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:EC8CA2* ID_OUI_FROM_DATABASE=Ruckus Wireless @@ -83792,6 +84497,9 @@ OUI:F045DA* OUI:F04A2B* ID_OUI_FROM_DATABASE=PYRAMID Computer GmbH +OUI:F04B3A* + ID_OUI_FROM_DATABASE=Juniper Networks + OUI:F04B6A* ID_OUI_FROM_DATABASE=Scientific Production Association Siberian Arsenal, Ltd. @@ -84686,6 +85394,9 @@ OUI:F4BC97* OUI:F4BD7C* ID_OUI_FROM_DATABASE=Chengdu jinshi communication Co., LTD +OUI:F4BF80* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:F4C248* ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd @@ -84801,7 +85512,7 @@ OUI:F4ED5F* ID_OUI_FROM_DATABASE=SHENZHEN KTC TECHNOLOGY GROUP OUI:F4EE14* - ID_OUI_FROM_DATABASE=SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. + ID_OUI_FROM_DATABASE=MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD. OUI:F4EF9E* ID_OUI_FROM_DATABASE=SGSG SCIENCE & TECHNOLOGY CO. LTD @@ -85037,6 +85748,9 @@ OUI:F82BC8* OUI:F82C18* ID_OUI_FROM_DATABASE=2Wire Inc +OUI:F82DC0* + ID_OUI_FROM_DATABASE=ARRIS Group, Inc. + OUI:F82EDB* ID_OUI_FROM_DATABASE=RTW GmbH & Co. KG @@ -85143,7 +85857,7 @@ OUI:F85C45* ID_OUI_FROM_DATABASE=IC Nexus Co. Ltd. OUI:F85C4D* - ID_OUI_FROM_DATABASE=NOKIA + ID_OUI_FROM_DATABASE=Nokia OUI:F85F2A* ID_OUI_FROM_DATABASE=Nokia Corporation @@ -85466,6 +86180,9 @@ OUI:F8C372* OUI:F8C397* ID_OUI_FROM_DATABASE=NZXT Corp. Ltd. +OUI:F8C39E* + ID_OUI_FROM_DATABASE=HUAWEI TECHNOLOGIES CO.,LTD + OUI:F8C678* ID_OUI_FROM_DATABASE=Carefusion @@ -85859,6 +86576,9 @@ OUI:FC683E* OUI:FC6947* ID_OUI_FROM_DATABASE=Texas Instruments +OUI:FC6BF0* + ID_OUI_FROM_DATABASE=TOPWELL INTERNATIONAL HOLDINDS LIMITED + OUI:FC6C31* ID_OUI_FROM_DATABASE=LXinstruments GmbH @@ -85952,6 +86672,9 @@ OUI:FCA22A* OUI:FCA386* ID_OUI_FROM_DATABASE=SHENZHEN CHUANGWEI-RGB ELECTRONICS CO.,LTD +OUI:FCA621* + ID_OUI_FROM_DATABASE=Samsung Electronics Co.,Ltd + OUI:FCA667* ID_OUI_FROM_DATABASE=Amazon Technologies Inc. diff --git a/hwdb/20-acpi-vendor.hwdb.patch b/hwdb/20-acpi-vendor.hwdb.patch index e91e9eca1b..f344b48246 100644 --- a/hwdb/20-acpi-vendor.hwdb.patch +++ b/hwdb/20-acpi-vendor.hwdb.patch @@ -1,5 +1,5 @@ ---- 20-acpi-vendor.hwdb.base 2018-01-25 13:07:40.178983802 +0100 -+++ 20-acpi-vendor.hwdb 2018-01-25 13:07:40.183983802 +0100 +--- 20-acpi-vendor.hwdb.base 2018-03-02 11:56:07.871144120 +0100 ++++ 20-acpi-vendor.hwdb 2018-03-02 11:56:07.886144208 +0100 @@ -3,6 +3,8 @@ # Data imported from: # http://www.uefi.org/uefi-pnp-export diff --git a/hwdb/20-pci-vendor-model.hwdb b/hwdb/20-pci-vendor-model.hwdb index 3d8ddf1f34..5b2a494e26 100644 --- a/hwdb/20-pci-vendor-model.hwdb +++ b/hwdb/20-pci-vendor-model.hwdb @@ -665,6 +665,9 @@ pci:v00001000d00000014sv00001D49sd00000602* pci:v00001000d00000014sv00001D49sd00000604* ID_MODEL_FROM_DATABASE=MegaRAID Tri-Mode SAS3516 (ThinkSystem RAID 930-8e 4GB Flash PCIe 12Gb Adapter) +pci:v00001000d00000014sv00001D49sd00000607* + ID_MODEL_FROM_DATABASE=MegaRAID Tri-Mode SAS3516 (ThinkSystem RAID 930-16i 8GB Flash PCIe 12Gb Adapter) + pci:v00001000d00000014sv00008086sd0000352D* ID_MODEL_FROM_DATABASE=MegaRAID Tri-Mode SAS3516 (Integrated RAID Module RMSP3AD160F) @@ -2163,7 +2166,13 @@ pci:v00001002d0000131D* ID_MODEL_FROM_DATABASE=Kaveri [Radeon R6 Graphics] pci:v00001002d000015DD* - ID_MODEL_FROM_DATABASE=Vega [Radeon Vega 8 Mobile] + ID_MODEL_FROM_DATABASE=Raven Bridge [Radeon Vega Series / Radeon Vega Mobile Series] + +pci:v00001002d000015DDsv0000103Csd000083C6* + ID_MODEL_FROM_DATABASE=Raven Bridge [Radeon Vega Series / Radeon Vega Mobile Series] (Radeon Vega 8 Mobile) + +pci:v00001002d000015DDsv00001458sd0000D000* + ID_MODEL_FROM_DATABASE=Raven Bridge [Radeon Vega Series / Radeon Vega Mobile Series] (Radeon RX Vega 11) pci:v00001002d000015FF* ID_MODEL_FROM_DATABASE=Vega [Radeon Vega 28 Mobile] @@ -2262,7 +2271,7 @@ pci:v00001002d00004151sv00001043sd0000C004* ID_MODEL_FROM_DATABASE=RV350 [Radeon 9600 Series] (A9600SE) pci:v00001002d00004151sv0000174Bsd00007C37* - ID_MODEL_FROM_DATABASE=RV350 [Radeon 9600 Series] (Radeon 9600 SE) + ID_MODEL_FROM_DATABASE=RV350 [Radeon 9600 Series] (Radeon 9600SE 128M DDR V/D/VO) pci:v00001002d00004152* ID_MODEL_FROM_DATABASE=RV360 [Radeon 9600/X1050 Series] @@ -2352,7 +2361,7 @@ pci:v00001002d00004171sv00001043sd0000C005* ID_MODEL_FROM_DATABASE=RV350 [Radeon 9600] (Secondary) (A9600SE (Secondary)) pci:v00001002d00004171sv0000174Bsd00007C36* - ID_MODEL_FROM_DATABASE=RV350 [Radeon 9600] (Secondary) (Radeon 9600 SE (secondary)) + ID_MODEL_FROM_DATABASE=RV350 [Radeon 9600] (Secondary) (Radeon 9600SE 128M DDR V/D/VO (secondary)) pci:v00001002d00004172* ID_MODEL_FROM_DATABASE=RV350 [Radeon 9600/X1050 Series] (Secondary) @@ -2672,6 +2681,9 @@ pci:v00001002d00004383sv00001043sd00008410* pci:v00001002d00004383sv00001043sd0000841B* ID_MODEL_FROM_DATABASE=SBx00 Azalia (Intel HDA) (M5A88-V EVO) +pci:v00001002d00004383sv00001043sd00008445* + ID_MODEL_FROM_DATABASE=SBx00 Azalia (Intel HDA) (M5A78L LE) + pci:v00001002d00004383sv0000105Bsd00000E13* ID_MODEL_FROM_DATABASE=SBx00 Azalia (Intel HDA) (N15235/A74MX mainboard / AMD SB700) @@ -4698,19 +4710,25 @@ pci:v00001002d00006603* ID_MODEL_FROM_DATABASE=Mars pci:v00001002d00006604* - ID_MODEL_FROM_DATABASE=Opal XT [Radeon R7 M265] + ID_MODEL_FROM_DATABASE=Opal XT [Radeon R7 M265/M365X/M465] pci:v00001002d00006604sv0000103Csd00008006* - ID_MODEL_FROM_DATABASE=Opal XT [Radeon R7 M265] (FirePro M4170) + ID_MODEL_FROM_DATABASE=Opal XT [Radeon R7 M265/M365X/M465] (FirePro M4170) + +pci:v00001002d00006604sv0000103Csd0000814F* + ID_MODEL_FROM_DATABASE=Opal XT [Radeon R7 M265/M365X/M465] (Litho XT [Radeon R7 M365X]) + +pci:v00001002d00006604sv0000103Csd000082AA* + ID_MODEL_FROM_DATABASE=Opal XT [Radeon R7 M265/M365X/M465] (Litho XT [Radeon R7 M465]) pci:v00001002d00006604sv000017AAsd00003643* - ID_MODEL_FROM_DATABASE=Opal XT [Radeon R7 M265] (Radeon R7 A360) + ID_MODEL_FROM_DATABASE=Opal XT [Radeon R7 M265/M365X/M465] (Radeon R7 A360) pci:v00001002d00006605* - ID_MODEL_FROM_DATABASE=Opal PRO [Radeon R7 M260] + ID_MODEL_FROM_DATABASE=Opal PRO [Radeon R7 M260X] pci:v00001002d00006605sv0000103Csd00002259* - ID_MODEL_FROM_DATABASE=Opal PRO [Radeon R7 M260] (FirePro M4150) + ID_MODEL_FROM_DATABASE=Opal PRO [Radeon R7 M260X] (FirePro M4150) pci:v00001002d00006606* ID_MODEL_FROM_DATABASE=Mars XTX [Radeon HD 8790M] @@ -4724,6 +4742,9 @@ pci:v00001002d00006607* pci:v00001002d00006608* ID_MODEL_FROM_DATABASE=Oland GL [FirePro W2100] +pci:v00001002d00006608sv000013CCsd00003D28* + ID_MODEL_FROM_DATABASE=Oland GL [FirePro W2100] (MXRT-2600) + pci:v00001002d00006610* ID_MODEL_FROM_DATABASE=Oland XT [Radeon HD 8670 / R7 250/350] @@ -4820,6 +4841,9 @@ pci:v00001002d00006649sv0000103Csd00000B0C* pci:v00001002d00006649sv0000103Csd0000230C* ID_MODEL_FROM_DATABASE=Bonaire [FirePro W5100] (FirePro W5100) +pci:v00001002d00006649sv000013CCsd00003D2A* + ID_MODEL_FROM_DATABASE=Bonaire [FirePro W5100] (MXRT-5600) + pci:v00001002d00006650* ID_MODEL_FROM_DATABASE=Bonaire @@ -4916,6 +4940,9 @@ pci:v00001002d00006660sv0000103Csd00008136* pci:v00001002d00006660sv0000103Csd00008329* ID_MODEL_FROM_DATABASE=Sun XT [Radeon HD 8670A/8670M/8690M / R5 M330 / M430 / R7 M520] (Radeon R7 M520) +pci:v00001002d00006660sv000017AAsd00003633* + ID_MODEL_FROM_DATABASE=Sun XT [Radeon HD 8670A/8670M/8690M / R5 M330 / M430 / R7 M520] (Radeon R5 A330) + pci:v00001002d00006660sv000017AAsd00003804* ID_MODEL_FROM_DATABASE=Sun XT [Radeon HD 8670A/8670M/8690M / R5 M330 / M430 / R7 M520] (Radeon R5 M330) @@ -5522,9 +5549,18 @@ pci:v00001002d00006743* pci:v00001002d00006749* ID_MODEL_FROM_DATABASE=Turks GL [FirePro V4900] +pci:v00001002d00006749sv000015C3sd00002B06* + ID_MODEL_FROM_DATABASE=Turks GL [FirePro V4900] (MED-X4900) + pci:v00001002d0000674A* ID_MODEL_FROM_DATABASE=Turks GL [FirePro V3900] +pci:v00001002d0000674Asv000013CCsd00003D22* + ID_MODEL_FROM_DATABASE=Turks GL [FirePro V3900] (MXRT-2500) + +pci:v00001002d0000674Asv000015C3sd00000106* + ID_MODEL_FROM_DATABASE=Turks GL [FirePro V3900] (MED-X3900) + pci:v00001002d00006750* ID_MODEL_FROM_DATABASE=Onega [Radeon HD 6650A/7650A] @@ -6461,6 +6497,12 @@ pci:v00001002d00006798sv00001043sd00003006* pci:v00001002d00006798sv00001043sd00009999* ID_MODEL_FROM_DATABASE=Tahiti XT [Radeon HD 7970/8970 OEM / R9 280X] (ARES II) +pci:v00001002d00006798sv0000106Bsd00000127* + ID_MODEL_FROM_DATABASE=Tahiti XT [Radeon HD 7970/8970 OEM / R9 280X] (FirePro D700) + +pci:v00001002d00006798sv0000106Bsd00000128* + ID_MODEL_FROM_DATABASE=Tahiti XT [Radeon HD 7970/8970 OEM / R9 280X] (FirePro D700) + pci:v00001002d00006798sv00001092sd00003000* ID_MODEL_FROM_DATABASE=Tahiti XT [Radeon HD 7970/8970 OEM / R9 280X] (Tahiti XT2 [Radeon HD 7970 GHz Edition]) @@ -6471,7 +6513,7 @@ pci:v00001002d00006798sv00001458sd00003001* ID_MODEL_FROM_DATABASE=Tahiti XT [Radeon HD 7970/8970 OEM / R9 280X] (Tahiti XTL [Radeon R9 280X OC]) pci:v00001002d00006798sv00001462sd00002774* - ID_MODEL_FROM_DATABASE=Tahiti XT [Radeon HD 7970/8970 OEM / R9 280X] (MSI R7970 TF 3GD5/OC BE) + ID_MODEL_FROM_DATABASE=Tahiti XT [Radeon HD 7970/8970 OEM / R9 280X] (HD 7970 TwinFrozr III Boost Edition OC) pci:v00001002d00006798sv00001682sd00003001* ID_MODEL_FROM_DATABASE=Tahiti XT [Radeon HD 7970/8970 OEM / R9 280X] (Tahiti XTL [Radeon R9 280X]) @@ -6527,6 +6569,12 @@ pci:v00001002d0000679Bsv0000148Csd00008990* pci:v00001002d0000679E* ID_MODEL_FROM_DATABASE=Tahiti LE [Radeon HD 7870 XT] +pci:v00001002d0000679Esv0000106Bsd00000125* + ID_MODEL_FROM_DATABASE=Tahiti LE [Radeon HD 7870 XT] (FirePro D500) + +pci:v00001002d0000679Esv0000106Bsd00000126* + ID_MODEL_FROM_DATABASE=Tahiti LE [Radeon HD 7870 XT] (FirePro D500) + pci:v00001002d0000679Esv00001787sd00002328* ID_MODEL_FROM_DATABASE=Tahiti LE [Radeon HD 7870 XT] (Radeon HD 7870 Black Edition 2 GB GDDR5 [2GBD5-2DHV3E]) @@ -6690,7 +6738,7 @@ pci:v00001002d000067BE* ID_MODEL_FROM_DATABASE=Hawaii LE pci:v00001002d000067C0* - ID_MODEL_FROM_DATABASE=Ellesmere [Radeon Pro WX 7100] + ID_MODEL_FROM_DATABASE=Ellesmere [Radeon Pro WX 7100 Mobile] pci:v00001002d000067C2* ID_MODEL_FROM_DATABASE=Ellesmere [Radeon Pro V7300X / V7350x2] @@ -6780,7 +6828,13 @@ pci:v00001002d000067DFsv00001DA2sd0000E366* ID_MODEL_FROM_DATABASE=Ellesmere [Radeon RX 470/480/570/580] (Nitro+ Radeon RX 580 4GB) pci:v00001002d000067E0* - ID_MODEL_FROM_DATABASE=Baffin [Polaris11] + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4170] + +pci:v00001002d000067E0sv0000103Csd00008270* + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4170] (Radeon Pro WX 4170) + +pci:v00001002d000067E0sv0000103Csd00008272* + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4170] (Radeon Pro WX 4170) pci:v00001002d000067E1* ID_MODEL_FROM_DATABASE=Baffin [Polaris11] @@ -6789,7 +6843,31 @@ pci:v00001002d000067E3* ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4100] pci:v00001002d000067E8* - ID_MODEL_FROM_DATABASE=Baffin [Polaris11] + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4130/4150] + +pci:v00001002d000067E8sv00001028sd0000075D* + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4130/4150] (Radeon Pro WX 4150) + +pci:v00001002d000067E8sv00001028sd000007B0* + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4130/4150] (Radeon Pro WX 4130/4150) + +pci:v00001002d000067E8sv00001028sd000007B1* + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4130/4150] (Radeon Pro WX 4130) + +pci:v00001002d000067E8sv00001028sd0000175D* + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4130/4150] (Radeon Pro WX 4150) + +pci:v00001002d000067E8sv00001028sd000017B0* + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4130/4150] (Radeon Pro WX 4130/4150) + +pci:v00001002d000067E8sv00001028sd000017B1* + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4130/4150] (Radeon Pro WX 4130) + +pci:v00001002d000067E8sv0000103Csd00008275* + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4130/4150] (Radeon Pro WX 4150) + +pci:v00001002d000067E8sv0000103Csd00008277* + ID_MODEL_FROM_DATABASE=Baffin [Radeon Pro WX 4130/4150] (Radeon Pro WX 4150) pci:v00001002d000067E9* ID_MODEL_FROM_DATABASE=Baffin [Polaris11] @@ -6819,7 +6897,28 @@ pci:v00001002d000067EFsv00001682sd0000956D* ID_MODEL_FROM_DATABASE=Baffin [Radeon RX 460/560D / Pro 450/455/460/560] (Polaris 21 XL [Radeon RX 560D]) pci:v00001002d000067FF* - ID_MODEL_FROM_DATABASE=Baffin [Radeon RX 560] + ID_MODEL_FROM_DATABASE=Baffin [Radeon RX 550 640SP / RX 560] + +pci:v00001002d000067FFsv00001002sd00000B04* + ID_MODEL_FROM_DATABASE=Baffin [Radeon RX 550 640SP / RX 560] (Radeon RX 560) + +pci:v00001002d000067FFsv00001043sd000004BC* + ID_MODEL_FROM_DATABASE=Baffin [Radeon RX 550 640SP / RX 560] (Radeon RX 560) + +pci:v00001002d000067FFsv00001458sd000022ED* + ID_MODEL_FROM_DATABASE=Baffin [Radeon RX 550 640SP / RX 560] (Radeon RX 560) + +pci:v00001002d000067FFsv0000148Csd00002381* + ID_MODEL_FROM_DATABASE=Baffin [Radeon RX 550 640SP / RX 560] (Radeon RX 560) + +pci:v00001002d000067FFsv00001682sd00009560* + ID_MODEL_FROM_DATABASE=Baffin [Radeon RX 550 640SP / RX 560] (Radeon RX 560) + +pci:v00001002d000067FFsv00001DA2sd0000E348* + ID_MODEL_FROM_DATABASE=Baffin [Radeon RX 550 640SP / RX 560] (Radeon RX 560) + +pci:v00001002d000067FFsv00001DA2sd0000E367* + ID_MODEL_FROM_DATABASE=Baffin [Radeon RX 550 640SP / RX 560] (Radeon RX 550 640SP) pci:v00001002d00006800* ID_MODEL_FROM_DATABASE=Wimbledon XT [Radeon HD 7970M] @@ -6863,12 +6962,36 @@ pci:v00001002d00006808sv00001002sd00000310* pci:v00001002d00006808sv00001002sd00000420* ID_MODEL_FROM_DATABASE=Pitcairn XT GL [FirePro W7000] (Radeon Sky 500) +pci:v00001002d00006808sv0000103Csd0000030C* + ID_MODEL_FROM_DATABASE=Pitcairn XT GL [FirePro W7000] (MED-X7000) + +pci:v00001002d00006808sv000013CCsd00003D25* + ID_MODEL_FROM_DATABASE=Pitcairn XT GL [FirePro W7000] (MXRT-7500) + +pci:v00001002d00006808sv000015C3sd0000030C* + ID_MODEL_FROM_DATABASE=Pitcairn XT GL [FirePro W7000] (MED-X7000) + pci:v00001002d00006809* ID_MODEL_FROM_DATABASE=Pitcairn LE GL [FirePro W5000] +pci:v00001002d00006809sv000013CCsd00003D23* + ID_MODEL_FROM_DATABASE=Pitcairn LE GL [FirePro W5000] (MXRT-5500) + +pci:v00001002d00006809sv000013CCsd00003D24* + ID_MODEL_FROM_DATABASE=Pitcairn LE GL [FirePro W5000] (MXRT-5550) + +pci:v00001002d00006809sv000015C3sd00000B06* + ID_MODEL_FROM_DATABASE=Pitcairn LE GL [FirePro W5000] (MED-X5000) + pci:v00001002d00006810* ID_MODEL_FROM_DATABASE=Curacao XT / Trinidad XT [Radeon R7 370 / R9 270X/370X] +pci:v00001002d00006810sv0000106Bsd0000012A* + ID_MODEL_FROM_DATABASE=Curacao XT / Trinidad XT [Radeon R7 370 / R9 270X/370X] (FirePro D300) + +pci:v00001002d00006810sv0000106Bsd0000012B* + ID_MODEL_FROM_DATABASE=Curacao XT / Trinidad XT [Radeon R7 370 / R9 270X/370X] (FirePro D300) + pci:v00001002d00006810sv0000148Csd00000908* ID_MODEL_FROM_DATABASE=Curacao XT / Trinidad XT [Radeon R7 370 / R9 270X/370X] (Radeon R9 370 OEM) @@ -7004,6 +7127,9 @@ pci:v00001002d00006827* pci:v00001002d00006828* ID_MODEL_FROM_DATABASE=Cape Verde PRO [FirePro W600] +pci:v00001002d00006828sv000015C3sd00002B1E* + ID_MODEL_FROM_DATABASE=Cape Verde PRO [FirePro W600] (MED-X6000) + pci:v00001002d00006829* ID_MODEL_FROM_DATABASE=Cape Verde @@ -7028,12 +7154,6 @@ pci:v00001002d0000682F* pci:v00001002d0000682Fsv0000103Csd00001851* ID_MODEL_FROM_DATABASE=Chelsea LP [Radeon HD 7730M] (Radeon HD 7750M) -pci:v00001002d00006830* - ID_MODEL_FROM_DATABASE=Cape Verde [Radeon HD 7800M Series] - -pci:v00001002d00006831* - ID_MODEL_FROM_DATABASE=Cape Verde [AMD Radeon HD 7700M Series] - pci:v00001002d00006835* ID_MODEL_FROM_DATABASE=Cape Verde PRX [Radeon R9 255 OEM] @@ -7418,6 +7538,9 @@ pci:v00001002d00006843* pci:v00001002d00006860* ID_MODEL_FROM_DATABASE=Vega 10 [Radeon Instinct MI25] +pci:v00001002d00006860sv0000106Bsd0000017C* + ID_MODEL_FROM_DATABASE=Vega 10 [Radeon Instinct MI25] (Radeon Pro Vega 64) + pci:v00001002d00006861* ID_MODEL_FROM_DATABASE=Vega 10 XT [Radeon PRO WX 9100] @@ -7431,7 +7554,7 @@ pci:v00001002d00006864* ID_MODEL_FROM_DATABASE=Vega pci:v00001002d00006867* - ID_MODEL_FROM_DATABASE=Vega + ID_MODEL_FROM_DATABASE=Vega 10 XL [Radeon Pro Vega 56] pci:v00001002d00006868* ID_MODEL_FROM_DATABASE=Vega @@ -7451,6 +7574,9 @@ pci:v00001002d00006889* pci:v00001002d00006889sv00001002sd00000301* ID_MODEL_FROM_DATABASE=Cypress PRO [FirePro V7800] (FirePro V7800P) +pci:v00001002d00006889sv000013CCsd00003D1F* + ID_MODEL_FROM_DATABASE=Cypress PRO [FirePro V7800] (MXRT-7400) + pci:v00001002d0000688A* ID_MODEL_FROM_DATABASE=Cypress XT [FirePro V9800] @@ -7586,6 +7712,12 @@ pci:v00001002d000068A8sv0000144Dsd0000C0AD* pci:v00001002d000068A9* ID_MODEL_FROM_DATABASE=Juniper XT [FirePro V5800] +pci:v00001002d000068A9sv000013CCsd00003D1E* + ID_MODEL_FROM_DATABASE=Juniper XT [FirePro V5800] (MXRT-5400) + +pci:v00001002d000068A9sv000013CCsd00003D20* + ID_MODEL_FROM_DATABASE=Juniper XT [FirePro V5800] (MXRT-5450) + pci:v00001002d000068B8* ID_MODEL_FROM_DATABASE=Juniper XT [Radeon HD 5770] @@ -8069,6 +8201,9 @@ pci:v00001002d000068C8* pci:v00001002d000068C9* ID_MODEL_FROM_DATABASE=Redwood PRO GL [FirePro V3800] +pci:v00001002d000068C9sv000013CCsd00003D1D* + ID_MODEL_FROM_DATABASE=Redwood PRO GL [FirePro V3800] (MXRT-2400) + pci:v00001002d000068D8* ID_MODEL_FROM_DATABASE=Redwood XT [Radeon HD 5670/5690/5730] @@ -8852,6 +8987,9 @@ pci:v00001002d00006900sv0000103Csd000022C6* pci:v00001002d00006900sv0000103Csd000022C8* ID_MODEL_FROM_DATABASE=Topaz XT [Radeon R7 M260/M265 / M340/M360 / M440/M445] (Radeon R7 M260) +pci:v00001002d00006900sv0000103Csd00002B45* + ID_MODEL_FROM_DATABASE=Topaz XT [Radeon R7 M260/M265 / M340/M360 / M440/M445] (Radeon R7 A360) + pci:v00001002d00006900sv0000103Csd0000808C* ID_MODEL_FROM_DATABASE=Topaz XT [Radeon R7 M260/M265 / M340/M360 / M440/M445] (Radeon R7 M260) @@ -8915,6 +9053,9 @@ pci:v00001002d00006929* pci:v00001002d0000692B* ID_MODEL_FROM_DATABASE=Tonga PRO GL [FirePro W7100] +pci:v00001002d0000692Bsv000013CCsd00003D2B* + ID_MODEL_FROM_DATABASE=Tonga PRO GL [FirePro W7100] (MXRT-7600) + pci:v00001002d0000692F* ID_MODEL_FROM_DATABASE=Tonga XTV GL [FirePro S7150V] @@ -8955,7 +9096,10 @@ pci:v00001002d00006939sv0000174Bsd0000E308* ID_MODEL_FROM_DATABASE=Tonga PRO [Radeon R9 285/380] (Radeon R9 380 Nitro 4G D5) pci:v00001002d0000694C* - ID_MODEL_FROM_DATABASE=Vega [Radeon RX Vega M] + ID_MODEL_FROM_DATABASE=Polaris 22 [Radeon RX Vega M GH] + +pci:v00001002d0000694E* + ID_MODEL_FROM_DATABASE=Polaris 22 [Radeon RX Vega M GL] pci:v00001002d00006980* ID_MODEL_FROM_DATABASE=Polaris12 @@ -9002,6 +9146,9 @@ pci:v00001002d00007102* pci:v00001002d00007104* ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7200] +pci:v00001002d00007104sv000013CCsd00003D0A* + ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7200] (MXRT-5100) + pci:v00001002d00007109* ID_MODEL_FROM_DATABASE=R520 [Radeon X1800 XL] @@ -9020,12 +9167,27 @@ pci:v00001002d0000710Asv00001002sd00000B12* pci:v00001002d0000710B* ID_MODEL_FROM_DATABASE=R520 [Radeon X1800 GTO] +pci:v00001002d0000710E* + ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7300] + +pci:v00001002d0000710Esv000013CCsd00003D0C* + ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7300] (MXRT-5150) + +pci:v00001002d0000710F* + ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7350] + +pci:v00001002d0000710Fsv000013CCsd00003D0E* + ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7350] (MXRT-7100) + pci:v00001002d00007120* ID_MODEL_FROM_DATABASE=R520 [Radeon X1800] (Secondary) pci:v00001002d00007124* ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7200] (Secondary) +pci:v00001002d00007124sv000013CCsd00003D0B* + ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7200] (Secondary) (MXRT-5100 (Secondary)) + pci:v00001002d00007129* ID_MODEL_FROM_DATABASE=R520 [Radeon X1800] (Secondary) @@ -9035,6 +9197,18 @@ pci:v00001002d00007129sv00001002sd00000323* pci:v00001002d00007129sv00001002sd00000D03* ID_MODEL_FROM_DATABASE=R520 [Radeon X1800] (Secondary) (Radeon X1800 CrossFire Edition (Secondary)) +pci:v00001002d0000712E* + ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7300] (Secondary) + +pci:v00001002d0000712Esv000013CCsd00003D0D* + ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7300] (Secondary) (MXRT-5150 (Secondary)) + +pci:v00001002d0000712F* + ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7350] (Secondary) + +pci:v00001002d0000712Fsv000013CCsd00003D0F* + ID_MODEL_FROM_DATABASE=R520 GL [FireGL V7350] (Secondary) (MXRT-7100 (Secondary)) + pci:v00001002d00007140* ID_MODEL_FROM_DATABASE=RV515 [Radeon X1300/X1550/X1600 Series] @@ -9152,6 +9326,12 @@ pci:v00001002d00007196* pci:v00001002d0000719B* ID_MODEL_FROM_DATABASE=RV516 GL [FireMV 2250] +pci:v00001002d0000719Bsv000013CCsd00003D12* + ID_MODEL_FROM_DATABASE=RV516 GL [FireMV 2250] (MXRT-1150) + +pci:v00001002d0000719Bsv000013CCsd00003D14* + ID_MODEL_FROM_DATABASE=RV516 GL [FireMV 2250] (MXRT-2150) + pci:v00001002d0000719F* ID_MODEL_FROM_DATABASE=RV516 [Radeon X1550 Series] @@ -9170,6 +9350,12 @@ pci:v00001002d000071A7* pci:v00001002d000071BB* ID_MODEL_FROM_DATABASE=RV516 GL [FireMV 2250] (Secondary) +pci:v00001002d000071BBsv000013CCsd00003D13* + ID_MODEL_FROM_DATABASE=RV516 GL [FireMV 2250] (Secondary) (MXRT-1150 (Secondary)) + +pci:v00001002d000071BBsv000013CCsd00003D15* + ID_MODEL_FROM_DATABASE=RV516 GL [FireMV 2250] (Secondary) (MXRT-2150 (Secondary)) + pci:v00001002d000071C0* ID_MODEL_FROM_DATABASE=RV530 [Radeon X1600 XT/X1650 GTO] @@ -9224,6 +9410,9 @@ pci:v00001002d000071CE* pci:v00001002d000071D2* ID_MODEL_FROM_DATABASE=RV530 GL [FireGL V3400] +pci:v00001002d000071D2sv000013CCsd00003D08* + ID_MODEL_FROM_DATABASE=RV530 GL [FireGL V3400] (MXRT-2100) + pci:v00001002d000071D4* ID_MODEL_FROM_DATABASE=RV530/M66 GL [Mobility FireGL V5250] @@ -9263,6 +9452,9 @@ pci:v00001002d000071E7sv00001787sd00003001* pci:v00001002d000071F2* ID_MODEL_FROM_DATABASE=RV530 GL [FireGL V3400] (Secondary) +pci:v00001002d000071F2sv000013CCsd00003D09* + ID_MODEL_FROM_DATABASE=RV530 GL [FireGL V3400] (Secondary) (MXRT-2100 (Secondary)) + pci:v00001002d00007210* ID_MODEL_FROM_DATABASE=RV550/M71 [Mobility Radeon HD 2300] @@ -9491,6 +9683,9 @@ pci:v00001002d00009405* pci:v00001002d0000940A* ID_MODEL_FROM_DATABASE=R600 GL [FireGL V8650] +pci:v00001002d0000940Asv000013CCsd00003D16* + ID_MODEL_FROM_DATABASE=R600 GL [FireGL V8650] (MXRT-7200) + pci:v00001002d0000940B* ID_MODEL_FROM_DATABASE=R600 GL [FireGL V8600] @@ -9602,6 +9797,9 @@ pci:v00001002d00009498* pci:v00001002d0000949C* ID_MODEL_FROM_DATABASE=RV730 GL [FirePro V7750] +pci:v00001002d0000949Csv000013CCsd00003D1B* + ID_MODEL_FROM_DATABASE=RV730 GL [FirePro V7750] (MXRT-7300) + pci:v00001002d0000949E* ID_MODEL_FROM_DATABASE=RV730 GL [FirePro V5700] @@ -9845,6 +10043,9 @@ pci:v00001002d0000958B* pci:v00001002d0000958C* ID_MODEL_FROM_DATABASE=RV630 GL [FireGL V5600] +pci:v00001002d0000958Csv000013CCsd00003D18* + ID_MODEL_FROM_DATABASE=RV630 GL [FireGL V5600] (MXRT-5200) + pci:v00001002d0000958D* ID_MODEL_FROM_DATABASE=RV630 GL [FireGL V3600] @@ -9887,6 +10088,9 @@ pci:v00001002d00009598sv0000174Bsd00003001* pci:v00001002d00009598sv0000174Bsd00004580* ID_MODEL_FROM_DATABASE=RV635 [Radeon HD 3650/3750/4570/4580] (RV635 PRO [Radeon HD 4580]) +pci:v00001002d00009598sv000017AFsd00003011* + ID_MODEL_FROM_DATABASE=RV635 [Radeon HD 3650/3750/4570/4580] (RV635 PRO [Radeon HD 4580]) + pci:v00001002d00009599* ID_MODEL_FROM_DATABASE=RV635 PRO [Radeon HD 3650 AGP] @@ -9921,7 +10125,7 @@ pci:v00001002d000095CC* ID_MODEL_FROM_DATABASE=RV620 GL [FirePro V3700] pci:v00001002d000095CD* - ID_MODEL_FROM_DATABASE=RV620 [FirePro 2450] + ID_MODEL_FROM_DATABASE=RV620 GL [FirePro 2450] pci:v00001002d000095CF* ID_MODEL_FROM_DATABASE=RV620 GL [FirePro 2260] @@ -10146,7 +10350,43 @@ pci:v00001002d0000985F* ID_MODEL_FROM_DATABASE=Mullins pci:v00001002d00009874* - ID_MODEL_FROM_DATABASE=Carrizo + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] + +pci:v00001002d00009874sv00001002sd00001871* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R5 Graphics) + +pci:v00001002d00009874sv00001002sd00001E20* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R7 Graphics) + +pci:v00001002d00009874sv00001028sd000006BD* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R6 Graphics) + +pci:v00001002d00009874sv0000103Csd00002B44* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R6 Graphics) + +pci:v00001002d00009874sv0000103Csd00008221* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R5 Graphics) + +pci:v00001002d00009874sv0000103Csd00008223* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R5 Graphics) + +pci:v00001002d00009874sv0000103Csd00008238* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R7 Graphics) + +pci:v00001002d00009874sv0000103Csd00008353* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R7 Graphics) + +pci:v00001002d00009874sv00001458sd0000D000* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R7 Graphics) + +pci:v00001002d00009874sv000017AAsd00005113* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R6 Graphics) + +pci:v00001002d00009874sv000017AAsd00005116* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R6 Graphics) + +pci:v00001002d00009874sv000017AAsd00005118* + ID_MODEL_FROM_DATABASE=Wani [Radeon R5/R6/R7 Graphics] (Radeon R5 Graphics) pci:v00001002d00009900* ID_MODEL_FROM_DATABASE=Trinity [Radeon HD 7660G] @@ -10179,10 +10419,10 @@ pci:v00001002d00009904* ID_MODEL_FROM_DATABASE=Trinity [Radeon HD 7560D] pci:v00001002d00009905* - ID_MODEL_FROM_DATABASE=Trinity [FirePro A300 Series Graphics] + ID_MODEL_FROM_DATABASE=Trinity GL [FirePro A300] pci:v00001002d00009906* - ID_MODEL_FROM_DATABASE=Trinity [FirePro A300 Series Graphics] + ID_MODEL_FROM_DATABASE=Trinity GL [FirePro A320] pci:v00001002d00009907* ID_MODEL_FROM_DATABASE=Trinity [Radeon HD 7620G] @@ -12072,7 +12312,7 @@ pci:v00001022d00001465* ID_MODEL_FROM_DATABASE=Family 17h (Models 00h-0fh) Data Fabric: Device 18h; Function 5 pci:v00001022d00001466* - ID_MODEL_FROM_DATABASE=Family 17h (Models 00h-0fh) Data Fabric Device 18h Function 6 + ID_MODEL_FROM_DATABASE=Family 17h (Models 00h-0fh) Data Fabric: Device 18h; Function 6 pci:v00001022d00001467* ID_MODEL_FROM_DATABASE=Family 17h (Models 00h-0fh) Data Fabric: Device 18h; Function 7 @@ -12122,6 +12362,39 @@ pci:v00001022d00001536* pci:v00001022d00001538* ID_MODEL_FROM_DATABASE=Family 16h Processor Function 0 +pci:v00001022d00001570* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) Processor Function 0 + +pci:v00001022d00001571* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) Processor Function 1 + +pci:v00001022d00001572* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) Processor Function 2 + +pci:v00001022d00001573* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) Processor Function 3 + +pci:v00001022d00001574* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) Processor Function 4 + +pci:v00001022d00001575* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) Processor Function 5 + +pci:v00001022d00001576* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) Processor Root Complex + +pci:v00001022d00001577* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) I/O Memory Management Unit + +pci:v00001022d0000157A* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) Audio Controller + +pci:v00001022d0000157B* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) Host Bridge + +pci:v00001022d0000157C* + ID_MODEL_FROM_DATABASE=Family 15h (Models 60h-6fh) Processor Root Port + pci:v00001022d00001600* ID_MODEL_FROM_DATABASE=Family 15h Processor Function 0 @@ -12329,12 +12602,21 @@ pci:v00001022d000043A2* pci:v00001022d000043A3* ID_MODEL_FROM_DATABASE=Hudson PCI to PCI bridge (PCIE port 3) +pci:v00001022d000043B1* + ID_MODEL_FROM_DATABASE=X399 Series Chipset PCIe Bridge + pci:v00001022d000043B4* ID_MODEL_FROM_DATABASE=300 Series Chipset PCIe Port +pci:v00001022d000043B6* + ID_MODEL_FROM_DATABASE=X399 Series Chipset SATA Controller + pci:v00001022d000043B7* ID_MODEL_FROM_DATABASE=300 Series Chipset SATA Controller +pci:v00001022d000043BA* + ID_MODEL_FROM_DATABASE=X399 Series Chipset USB 3.1 xHCI Controller + pci:v00001022d000043BB* ID_MODEL_FROM_DATABASE=300 Series Chipset USB 3.1 xHCI Controller @@ -13692,10 +13974,10 @@ pci:v0000102Bd00000536* ID_MODEL_FROM_DATABASE=Integrated Matrox G200eW3 Graphics Controller pci:v0000102Bd00000538* - ID_MODEL_FROM_DATABASE=G200eH + ID_MODEL_FROM_DATABASE=MGA G200eH3 pci:v0000102Bd00000538sv00001590sd000000E4* - ID_MODEL_FROM_DATABASE=G200eH (iLO5 VGA) + ID_MODEL_FROM_DATABASE=MGA G200eH3 (iLO5 VGA) pci:v0000102Bd00000540* ID_MODEL_FROM_DATABASE=M91XX @@ -15735,7 +16017,7 @@ pci:v00001045d0000C832* ID_MODEL_FROM_DATABASE=82C832 pci:v00001045d0000C861* - ID_MODEL_FROM_DATABASE=82C861 + ID_MODEL_FROM_DATABASE=82C861 OHCI USB Host pci:v00001045d0000C881* ID_MODEL_FROM_DATABASE=82C881 [FireLink] 1394 OHCI Link Controller @@ -27575,6 +27857,9 @@ pci:v000010DEd00000425* pci:v000010DEd00000425sv00001025sd00000121* ID_MODEL_FROM_DATABASE=G86M [GeForce 8600M GS] (Aspire 5920G) +pci:v000010DEd00000425sv00001043sd00001514* + ID_MODEL_FROM_DATABASE=G86M [GeForce 8600M GS] (F3SV) + pci:v000010DEd00000426* ID_MODEL_FROM_DATABASE=G86M [GeForce 8400M GT] @@ -28088,6 +28373,9 @@ pci:v000010DEd00000611* pci:v000010DEd00000611sv0000107Dsd00002AB0* ID_MODEL_FROM_DATABASE=G92 [GeForce 8800 GT] (Winfast PX8800 GT PCI-E) +pci:v000010DEd00000611sv00001462sd00001170* + ID_MODEL_FROM_DATABASE=G92 [GeForce 8800 GT] (NX8800GT series model V117 2xDVI+TV) + pci:v000010DEd00000611sv000019DAsd00001040* ID_MODEL_FROM_DATABASE=G92 [GeForce 8800 GT] (ZT-88TES2P-FSP) @@ -30404,12 +30692,18 @@ pci:v000010DEd0000102D* pci:v000010DEd0000102E* ID_MODEL_FROM_DATABASE=GK110BGL [Tesla K40d] +pci:v000010DEd0000102F* + ID_MODEL_FROM_DATABASE=GK110BGL [Tesla Stella Solo] + pci:v000010DEd0000103A* ID_MODEL_FROM_DATABASE=GK110GL [Quadro K6000] pci:v000010DEd0000103C* ID_MODEL_FROM_DATABASE=GK110GL [Quadro K5200] +pci:v000010DEd0000103F* + ID_MODEL_FROM_DATABASE=GK110BGL [Tesla Stella SXM] + pci:v000010DEd00001040* ID_MODEL_FROM_DATABASE=GF119 [GeForce GT 520] @@ -31763,6 +32057,9 @@ pci:v000010DEd000011A3sv0000106Bsd0000010D* pci:v000010DEd000011A7* ID_MODEL_FROM_DATABASE=GK104M [GeForce GTX 675MX] +pci:v000010DEd000011AF* + ID_MODEL_FROM_DATABASE=GK104GLM [GRID IceCube] + pci:v000010DEd000011B0* ID_MODEL_FROM_DATABASE=GK104GL [GRID K240Q\K260Q vGPU] @@ -32297,6 +32594,9 @@ pci:v000010DEd000013BDsv000010DEsd0000110A* pci:v000010DEd000013BDsv000010DEsd00001160* ID_MODEL_FROM_DATABASE=GM107GL [Tesla M10] (Tesla M10) +pci:v000010DEd000013BDsv000010DEsd000011D2* + ID_MODEL_FROM_DATABASE=GM107GL [Tesla M10] (GRID M10-8Q) + pci:v000010DEd000013C0* ID_MODEL_FROM_DATABASE=GM204 [GeForce GTX 980] @@ -32336,6 +32636,18 @@ pci:v000010DEd000013F1* pci:v000010DEd000013F2* ID_MODEL_FROM_DATABASE=GM204GL [Tesla M60] +pci:v000010DEd000013F2sv000010DEsd0000114D* + ID_MODEL_FROM_DATABASE=GM204GL [Tesla M60] (GRID M60-1Q) + +pci:v000010DEd000013F2sv000010DEsd0000114E* + ID_MODEL_FROM_DATABASE=GM204GL [Tesla M60] (GRID M60-2Q) + +pci:v000010DEd000013F2sv000010DEsd00001150* + ID_MODEL_FROM_DATABASE=GM204GL [Tesla M60] (GRID M60-8Q) + +pci:v000010DEd000013F2sv000010DEsd000011B0* + ID_MODEL_FROM_DATABASE=GM204GL [Tesla M60] (GRID M60-4A) + pci:v000010DEd000013F3* ID_MODEL_FROM_DATABASE=GM204GL [Tesla M6] @@ -32426,6 +32738,9 @@ pci:v000010DEd0000174D* pci:v000010DEd0000174E* ID_MODEL_FROM_DATABASE=GM108M [GeForce MX110] +pci:v000010DEd00001789* + ID_MODEL_FROM_DATABASE=GM107GL [GRID M3-3020] + pci:v000010DEd000017C2* ID_MODEL_FROM_DATABASE=GM200 [GeForce GTX TITAN X] @@ -32639,6 +32954,9 @@ pci:v000010DEd00001CB2* pci:v000010DEd00001CB3* ID_MODEL_FROM_DATABASE=GP107GL [Quadro P400] +pci:v000010DEd00001CB6* + ID_MODEL_FROM_DATABASE=GP107GL [Quadro P620] + pci:v000010DEd00001D01* ID_MODEL_FROM_DATABASE=GP108 [GeForce GT 1030] @@ -32652,10 +32970,10 @@ pci:v000010DEd00001D81* ID_MODEL_FROM_DATABASE=GV100 [TITAN V] pci:v000010DEd00001DB1* - ID_MODEL_FROM_DATABASE=GV100 [Tesla V100 SXM2] + ID_MODEL_FROM_DATABASE=GV100GL [Tesla V100 SXM2] pci:v000010DEd00001DB4* - ID_MODEL_FROM_DATABASE=GV100 [Tesla V100 PCIe] + ID_MODEL_FROM_DATABASE=GV100GL [Tesla V100 PCIe] pci:v000010DF* ID_VENDOR_FROM_DATABASE=Emulex Corporation @@ -33486,7 +33804,7 @@ pci:v000010ECd00008168sv00001043sd000082C6* ID_MODEL_FROM_DATABASE=RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (M3A78 Series Motherboard) pci:v000010ECd00008168sv00001043sd000083A3* - ID_MODEL_FROM_DATABASE=RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (M4A785TD Motherboard) + ID_MODEL_FROM_DATABASE=RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (M4A785/P7P55 Motherboard) pci:v000010ECd00008168sv00001043sd00008432* ID_MODEL_FROM_DATABASE=RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (P8P67 and other motherboards) @@ -33509,6 +33827,9 @@ pci:v000010ECd00008168sv00001458sd0000E000* pci:v000010ECd00008168sv00001462sd0000238C* ID_MODEL_FROM_DATABASE=RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (Onboard RTL8111b on MSI P965 Platinum Mainboard) +pci:v000010ECd00008168sv00001462sd0000345C* + ID_MODEL_FROM_DATABASE=RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (RTL8111B on MS-7345 Motherboard) + pci:v000010ECd00008168sv00001462sd0000368C* ID_MODEL_FROM_DATABASE=RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller (K9AG Neo2) @@ -33671,6 +33992,9 @@ pci:v000010ECd0000B723* pci:v000010ECd0000B723sv000010ECsd00008739* ID_MODEL_FROM_DATABASE=RTL8723BE PCIe Wireless Network Adapter (Dell Wireless 1801) +pci:v000010ECd0000B822* + ID_MODEL_FROM_DATABASE=RTL8822BE 802.11a/b/g/n/ac WiFi adapter + pci:v000010ECd0000C821* ID_MODEL_FROM_DATABASE=RTL8821CE 802.11ac PCIe Wireless Network Adapter @@ -39377,6 +39701,9 @@ pci:v00001179d00000103* pci:v00001179d0000010F* ID_MODEL_FROM_DATABASE=NVMe Controller +pci:v00001179d00000115* + ID_MODEL_FROM_DATABASE=XG4 NVMe SSD Controller + pci:v00001179d00000404* ID_MODEL_FROM_DATABASE=DVD Decoder card @@ -39473,6 +39800,96 @@ pci:v0000117Cd00000033* pci:v0000117Cd00000041* ID_MODEL_FROM_DATABASE=ExpressSAS R30F +pci:v0000117Cd00000042* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA + +pci:v0000117Cd00000042sv0000117Csd00000042* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS H680) + +pci:v0000117Cd00000042sv0000117Csd00000043* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS H608) + +pci:v0000117Cd00000042sv0000117Csd00000044* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS H60F) + +pci:v0000117Cd00000042sv0000117Csd00000045* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS H6F0) + +pci:v0000117Cd00000042sv0000117Csd00000046* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS H644) + +pci:v0000117Cd00000042sv0000117Csd0000004F* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS M608) + +pci:v0000117Cd00000042sv0000117Csd00000057* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS M680) + +pci:v0000117Cd00000042sv0000117Csd00000058* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS M644) + +pci:v0000117Cd00000042sv0000117Csd00000059* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS W608) + +pci:v0000117Cd00000042sv0000117Csd0000005A* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS W680) + +pci:v0000117Cd00000042sv0000117Csd0000005B* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb/s SAS/SATA HBA (ExpressSAS W644) + +pci:v0000117Cd00000049* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb SAS/SATA RAID Adapter + +pci:v0000117Cd00000049sv0000117Csd00000049* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb SAS/SATA RAID Adapter (ExpressSAS R680) + +pci:v0000117Cd00000049sv0000117Csd0000004A* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb SAS/SATA RAID Adapter (ExpressSAS R608) + +pci:v0000117Cd00000049sv0000117Csd0000004B* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb SAS/SATA RAID Adapter (ExpressSAS R60F) + +pci:v0000117Cd00000049sv0000117Csd0000004C* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb SAS/SATA RAID Adapter (ExpressSAS R6F0) + +pci:v0000117Cd00000049sv0000117Csd0000004D* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb SAS/SATA RAID Adapter (ExpressSAS R644) + +pci:v0000117Cd00000049sv0000117Csd0000004E* + ID_MODEL_FROM_DATABASE=ExpressSAS 6Gb SAS/SATA RAID Adapter (ExpressSAS R648) + +pci:v0000117Cd00000064* + ID_MODEL_FROM_DATABASE=Celerity FC 16Gb/s Gen 5 Fibre Channel HBA + +pci:v0000117Cd00000064sv0000117Csd00000063* + ID_MODEL_FROM_DATABASE=Celerity FC 16Gb/s Gen 5 Fibre Channel HBA (Celerity FC-161E) + +pci:v0000117Cd00000064sv0000117Csd00000064* + ID_MODEL_FROM_DATABASE=Celerity FC 16Gb/s Gen 5 Fibre Channel HBA (Celerity FC-162E) + +pci:v0000117Cd00000064sv0000117Csd00000065* + ID_MODEL_FROM_DATABASE=Celerity FC 16Gb/s Gen 5 Fibre Channel HBA (Celerity FC-164E) + +pci:v0000117Cd00000094* + ID_MODEL_FROM_DATABASE=Celerity FC 16/32Gb/s Gen 6 Fibre Channel HBA + +pci:v0000117Cd00000094sv0000117Csd00000094* + ID_MODEL_FROM_DATABASE=Celerity FC 16/32Gb/s Gen 6 Fibre Channel HBA (Celerity FC-162P) + +pci:v0000117Cd00000094sv0000117Csd000000A0* + ID_MODEL_FROM_DATABASE=Celerity FC 16/32Gb/s Gen 6 Fibre Channel HBA (Celerity FC-161P) + +pci:v0000117Cd00000094sv0000117Csd000000A1* + ID_MODEL_FROM_DATABASE=Celerity FC 16/32Gb/s Gen 6 Fibre Channel HBA (Celerity FC-164P) + +pci:v0000117Cd00000094sv0000117Csd000000A2* + ID_MODEL_FROM_DATABASE=Celerity FC 16/32Gb/s Gen 6 Fibre Channel HBA (Celerity FC-321E) + +pci:v0000117Cd00000094sv0000117Csd000000A3* + ID_MODEL_FROM_DATABASE=Celerity FC 16/32Gb/s Gen 6 Fibre Channel HBA (Celerity FC-322E) + +pci:v0000117Cd00000094sv0000117Csd000000AC* + ID_MODEL_FROM_DATABASE=Celerity FC 16/32Gb/s Gen 6 Fibre Channel HBA (Celerity FC-324E) + pci:v0000117Cd00008013* ID_MODEL_FROM_DATABASE=ExpressPCI UL4D @@ -39482,6 +39899,30 @@ pci:v0000117Cd00008014* pci:v0000117Cd00008027* ID_MODEL_FROM_DATABASE=ExpressPCI UL5D +pci:v0000117Cd00008070* + ID_MODEL_FROM_DATABASE=ExpressSAS 12Gb/s SAS/SATA HBA + +pci:v0000117Cd00008070sv0000117Csd00000070* + ID_MODEL_FROM_DATABASE=ExpressSAS 12Gb/s SAS/SATA HBA (ExpressSAS H1280) + +pci:v0000117Cd00008070sv0000117Csd00000071* + ID_MODEL_FROM_DATABASE=ExpressSAS 12Gb/s SAS/SATA HBA (ExpressSAS H1208) + +pci:v0000117Cd00008070sv0000117Csd00000080* + ID_MODEL_FROM_DATABASE=ExpressSAS 12Gb/s SAS/SATA HBA (ExpressSAS H1244) + +pci:v0000117Cd00008072* + ID_MODEL_FROM_DATABASE=ExpressSAS 12Gb/s SAS/SATA HBA + +pci:v0000117Cd00008072sv0000117Csd00000072* + ID_MODEL_FROM_DATABASE=ExpressSAS 12Gb/s SAS/SATA HBA (ExpressSAS H12F0) + +pci:v0000117Cd00008072sv0000117Csd00000073* + ID_MODEL_FROM_DATABASE=ExpressSAS 12Gb/s SAS/SATA HBA (ExpressSAS H120F) + +pci:v0000117Cd00008072sv0000117Csd00000082* + ID_MODEL_FROM_DATABASE=ExpressSAS 12Gb/s SAS/SATA HBA (ExpressSAS H1288) + pci:v0000117D* ID_VENDOR_FROM_DATABASE=Becton & Dickinson @@ -39644,6 +40085,9 @@ pci:v00001180d00000592sv00001028sd000001D7* pci:v00001180d00000592sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=R5C592 Memory Stick Bus Host Adapter (Inspiron 1420) +pci:v00001180d00000592sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=R5C592 Memory Stick Bus Host Adapter (Inspiron 1525) + pci:v00001180d00000592sv0000103Csd000030B5* ID_MODEL_FROM_DATABASE=R5C592 Memory Stick Bus Host Adapter (Presario V3242AU) @@ -39695,6 +40139,9 @@ pci:v00001180d00000822sv00001028sd000001D7* pci:v00001180d00000822sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=R5C822 SD/SDIO/MMC/MS/MSPro Host Adapter (Inspiron 1420) +pci:v00001180d00000822sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=R5C822 SD/SDIO/MMC/MS/MSPro Host Adapter (Inspiron 1525) + pci:v00001180d00000822sv0000103Csd000003B5* ID_MODEL_FROM_DATABASE=R5C822 SD/SDIO/MMC/MS/MSPro Host Adapter (Presario V3242AU) @@ -39743,6 +40190,9 @@ pci:v00001180d00000832sv00001028sd000001D7* pci:v00001180d00000832sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=R5C832 IEEE 1394 Controller (Inspiron 1420) +pci:v00001180d00000832sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=R5C832 IEEE 1394 Controller (Inspiron 1525) + pci:v00001180d00000832sv00001028sd0000024D* ID_MODEL_FROM_DATABASE=R5C832 IEEE 1394 Controller (Latitude E4300) @@ -39809,6 +40259,9 @@ pci:v00001180d00000852sv00001025sd00000121* pci:v00001180d00000852sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=xD-Picture Card Controller (Inspiron 1420) +pci:v00001180d00000852sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=xD-Picture Card Controller (Inspiron 1525) + pci:v00001180d00000852sv0000103Csd000030B5* ID_MODEL_FROM_DATABASE=xD-Picture Card Controller (Presario V3242AU) @@ -40556,6 +41009,9 @@ pci:v000011ABd00004353sv0000104Dsd0000902D* pci:v000011ABd00004354* ID_MODEL_FROM_DATABASE=88E8040 PCI-E Fast Ethernet Controller +pci:v000011ABd00004354sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=88E8040 PCI-E Fast Ethernet Controller (Inspiron 1525) + pci:v000011ABd00004354sv0000144Dsd0000C06A* ID_MODEL_FROM_DATABASE=88E8040 PCI-E Fast Ethernet Controller (R730 Laptop) @@ -40838,11 +41294,11 @@ pci:v000011ABd00006101* pci:v000011ABd00006101sv00001043sd000082E0* ID_MODEL_FROM_DATABASE=88SE6101/6102 single-port PATA133 interface (P5K PRO Motherboard) -pci:v000011ABd00006111* - ID_MODEL_FROM_DATABASE=88SE6111 1-port PATA133(IDE) and 1-port SATA II Controllers - pci:v000011ABd00006121* - ID_MODEL_FROM_DATABASE=88SE6121 SATA II / PATA Controller + ID_MODEL_FROM_DATABASE=88SE6111/6121 SATA II / PATA Controller + +pci:v000011ABd00006121sv000011ABsd00006121* + ID_MODEL_FROM_DATABASE=88SE6111/6121 SATA II / PATA Controller (88SE6111/6121 1/2 port SATA II + 1 port PATA Controller) pci:v000011ABd00006141* ID_MODEL_FROM_DATABASE=88SE614x SATA II PCI-E controller @@ -41807,6 +42263,9 @@ pci:v000011F8d00008009* pci:v000011F8d00008032* ID_MODEL_FROM_DATABASE=ATTO Celerity FC8xEN +pci:v000011F8d00008032sv0000117Csd0000003A* + ID_MODEL_FROM_DATABASE=ATTO Celerity FC8xEN (Celerity FC-81EN Fibre Channel Adapter) + pci:v000011F8d00008032sv0000117Csd0000003B* ID_MODEL_FROM_DATABASE=ATTO Celerity FC8xEN (Celerity FC-82EN Fibre Channel Adapter) @@ -41868,73 +42327,73 @@ pci:v000011FE* ID_VENDOR_FROM_DATABASE=Comtrol Corporation pci:v000011FEd00000001* - ID_MODEL_FROM_DATABASE=RocketPort 32 port w/external I/F + ID_MODEL_FROM_DATABASE=RocketPort PCI 32-port w/external I/F pci:v000011FEd00000002* - ID_MODEL_FROM_DATABASE=RocketPort 8 port w/external I/F + ID_MODEL_FROM_DATABASE=RocketPort PCI 8-port w/external I/F pci:v000011FEd00000003* - ID_MODEL_FROM_DATABASE=RocketPort 16 port w/external I/F + ID_MODEL_FROM_DATABASE=RocketPort PCI 16-port w/external I/F pci:v000011FEd00000004* - ID_MODEL_FROM_DATABASE=RocketPort 4 port w/quad cable + ID_MODEL_FROM_DATABASE=RocketPort PCI 4-port w/Quad Cable pci:v000011FEd00000005* - ID_MODEL_FROM_DATABASE=RocketPort 8 port w/octa cable + ID_MODEL_FROM_DATABASE=RocketPort PCI 8-port w/Octa Cable pci:v000011FEd00000006* - ID_MODEL_FROM_DATABASE=RocketPort 8 port w/RJ11 connectors + ID_MODEL_FROM_DATABASE=RocketPort PCI 8-port w/RJ11 connectors pci:v000011FEd00000007* - ID_MODEL_FROM_DATABASE=RocketPort 4 port w/RJ11 connectors + ID_MODEL_FROM_DATABASE=RocketPort PCI 4-port w/RJ45 connectors pci:v000011FEd00000008* - ID_MODEL_FROM_DATABASE=RocketPort 8 port w/ DB78 SNI (Siemens) connector + ID_MODEL_FROM_DATABASE=RocketPort PCI 8-port w/DB78 SNI connector (Siemens) pci:v000011FEd00000009* - ID_MODEL_FROM_DATABASE=RocketPort 16 port w/ DB78 SNI (Siemens) connector + ID_MODEL_FROM_DATABASE=RocketPort PCI 16-port w/DB78 SNI connector (Siemens) pci:v000011FEd0000000A* - ID_MODEL_FROM_DATABASE=RocketPort Plus 4 port + ID_MODEL_FROM_DATABASE=RocketPort PCI Plus 4-port w/Quad Cable pci:v000011FEd0000000B* - ID_MODEL_FROM_DATABASE=RocketPort Plus 8 port + ID_MODEL_FROM_DATABASE=RocketPort PCI Plus 8-port w/Octa Cable pci:v000011FEd0000000C* - ID_MODEL_FROM_DATABASE=RocketModem 6 port + ID_MODEL_FROM_DATABASE=RocketModem II 6-port pci:v000011FEd0000000D* ID_MODEL_FROM_DATABASE=RocketModem 4-port pci:v000011FEd0000000E* - ID_MODEL_FROM_DATABASE=RocketPort Plus 2 port RS232 + ID_MODEL_FROM_DATABASE=RocketPort PCI Plus 2-port RS-232 w/DB9 connectors pci:v000011FEd0000000F* - ID_MODEL_FROM_DATABASE=RocketPort Plus 2 port RS422 + ID_MODEL_FROM_DATABASE=RocketPort PCI Plus 2-port SMPTE w/DB9 connectors pci:v000011FEd00000040* - ID_MODEL_FROM_DATABASE=RocketPort Infinity Octa, 8port, RJ45 + ID_MODEL_FROM_DATABASE=RocketPort INFINITY 8-port w/Octa Cable RJ45 pci:v000011FEd00000041* - ID_MODEL_FROM_DATABASE=RocketPort Infinity 32port, External Interface + ID_MODEL_FROM_DATABASE=RocketPort INFINITY 32-port w/external I/F pci:v000011FEd00000042* - ID_MODEL_FROM_DATABASE=RocketPort Infinity 8port, External Interface + ID_MODEL_FROM_DATABASE=RocketPort INFINITY 8-port w/external I/F pci:v000011FEd00000043* - ID_MODEL_FROM_DATABASE=RocketPort Infinity 16port, External Interface + ID_MODEL_FROM_DATABASE=RocketPort INFINITY 16-port w/external I/F pci:v000011FEd00000044* - ID_MODEL_FROM_DATABASE=RocketPort Infinity Quad, 4port, DB + ID_MODEL_FROM_DATABASE=RocketPort INFINITY 4-port w/Quad Cable DB pci:v000011FEd00000045* - ID_MODEL_FROM_DATABASE=RocketPort Infinity Octa, 8port, DB + ID_MODEL_FROM_DATABASE=RocketPort INFINITY 8-port w/Octa Cable DB pci:v000011FEd00000046* ID_MODEL_FROM_DATABASE=RocketPort INFINITY 4-port w/external I/F pci:v000011FEd00000047* - ID_MODEL_FROM_DATABASE=RocketPort Infinity 4port, RJ45 + ID_MODEL_FROM_DATABASE=RocketPort INFINITY 4J (4-port) w/RJ45 connectors pci:v000011FEd00000048* ID_MODEL_FROM_DATABASE=RocketPort INFINITY 4J (4-port) w/RJ45 connectors @@ -41955,7 +42414,7 @@ pci:v000011FEd0000004E* ID_MODEL_FROM_DATABASE=RocketPort INFINITY Plus 2-port pci:v000011FEd0000004F* - ID_MODEL_FROM_DATABASE=RocketPort Infinity 2port, SMPTE + ID_MODEL_FROM_DATABASE=RocketPort INFINITY 2-port SMPTE w/DB9 connectors pci:v000011FEd00000050* ID_MODEL_FROM_DATABASE=RocketPort INFINITY Plus 4-port RJ45 @@ -41964,7 +42423,7 @@ pci:v000011FEd00000051* ID_MODEL_FROM_DATABASE=RocketPort INFINITY Plus 8-port RJ11 pci:v000011FEd00000052* - ID_MODEL_FROM_DATABASE=RocketPort Infinity Octa, 8port, SMPTE + ID_MODEL_FROM_DATABASE=RocketPort INFINITY 8-port SMPTE w/DB9 Connectors pci:v000011FEd00000060* ID_MODEL_FROM_DATABASE=RocketPort EXPRESS 8-port w/Octa Cable @@ -42018,7 +42477,7 @@ pci:v000011FEd0000080C* ID_MODEL_FROM_DATABASE=RocketModem III 8-port pci:v000011FEd0000080D* - ID_MODEL_FROM_DATABASE=RcoketModem III 4-port + ID_MODEL_FROM_DATABASE=RocketModem III 4-port pci:v000011FEd0000080E* ID_MODEL_FROM_DATABASE=RocketPort uPCI 2-port RS232 w/DB9 connectors @@ -48464,6 +48923,9 @@ pci:v00001425d00004888* pci:v00001425d00005001* ID_MODEL_FROM_DATABASE=T520-CR Unified Wire Ethernet Controller +pci:v00001425d00005001sv0000193Dsd00001001* + ID_MODEL_FROM_DATABASE=T520-CR Unified Wire Ethernet Controller (510F-B) + pci:v00001425d00005002* ID_MODEL_FROM_DATABASE=T522-CR Unified Wire Ethernet Controller @@ -50612,6 +51074,9 @@ pci:v000014BF* pci:v000014C0* ID_VENDOR_FROM_DATABASE=COMPAL Electronics Inc +pci:v000014C0d00001201* + ID_MODEL_FROM_DATABASE=X550 10Gb 2P RJ45 OCP Mezz + pci:v000014C1* ID_VENDOR_FROM_DATABASE=MYRICOM Inc. @@ -50924,9 +51389,24 @@ pci:v000014E4d00001600sv00001259sd00002705* pci:v000014E4d00001601* ID_MODEL_FROM_DATABASE=NetXtreme BCM5752M Gigabit Ethernet PCI Express +pci:v000014E4d00001604* + ID_MODEL_FROM_DATABASE=BCM5745X NetXtreme-E Ethernet Partition + +pci:v000014E4d00001605* + ID_MODEL_FROM_DATABASE=BCM5745X NetXtreme-E RDMA Partition + +pci:v000014E4d00001606* + ID_MODEL_FROM_DATABASE=BCM5745X NetXtreme-E RDMA Virtual Function + +pci:v000014E4d00001609* + ID_MODEL_FROM_DATABASE=BCM5745X NetXtreme-E Ethernet Virtual Function + pci:v000014E4d00001612* ID_MODEL_FROM_DATABASE=BCM70012 Video Decoder [Crystal HD] +pci:v000014E4d00001614* + ID_MODEL_FROM_DATABASE=BCM57454 NetXtreme-E 10Gb/25Gb/40Gb/50Gb/100Gb Ethernet + pci:v000014E4d00001615* ID_MODEL_FROM_DATABASE=BCM70015 Video Decoder [Crystal HD] @@ -51647,6 +52127,12 @@ pci:v000014E4d0000168Esv0000103Csd00003382* pci:v000014E4d0000168Esv0000103Csd0000339D* ID_MODEL_FROM_DATABASE=NetXtreme II BCM57810 10 Gigabit Ethernet (Ethernet 10Gb 2-port 530SFP+ Adapter) +pci:v000014E4d0000168Esv0000193Dsd00001003* + ID_MODEL_FROM_DATABASE=NetXtreme II BCM57810 10 Gigabit Ethernet (530F-B) + +pci:v000014E4d0000168Esv0000193Dsd00001006* + ID_MODEL_FROM_DATABASE=NetXtreme II BCM57810 10 Gigabit Ethernet (530F-L) + pci:v000014E4d00001690* ID_MODEL_FROM_DATABASE=NetXtreme BCM57760 Gigabit Ethernet PCIe @@ -52157,6 +52643,9 @@ pci:v000014E4d000016EE* pci:v000014E4d000016EF* ID_MODEL_FROM_DATABASE=BCM57416 NetXtreme-E RDMA Partition +pci:v000014E4d000016F1* + ID_MODEL_FROM_DATABASE=BCM57452 NetXtreme-E 10Gb/25Gb/40Gb/50Gb Ethernet + pci:v000014E4d000016F3* ID_MODEL_FROM_DATABASE=NetXtreme BCM5727 Gigabit Ethernet PCIe @@ -52985,6 +53474,27 @@ pci:v000014E4d0000B302* pci:v000014E4d0000B334* ID_MODEL_FROM_DATABASE=BCM56334 StrataXGS 24x1GE 4x10GE Switch Controller +pci:v000014E4d0000B370* + ID_MODEL_FROM_DATABASE=BCM56370 Switch ASIC + +pci:v000014E4d0000B371* + ID_MODEL_FROM_DATABASE=BCM56371 Switch ASIC + +pci:v000014E4d0000B372* + ID_MODEL_FROM_DATABASE=BCM56372 Switch ASIC + +pci:v000014E4d0000B375* + ID_MODEL_FROM_DATABASE=BCM56375 Switch ASIC + +pci:v000014E4d0000B376* + ID_MODEL_FROM_DATABASE=BCM56376 Switch ASIC + +pci:v000014E4d0000B377* + ID_MODEL_FROM_DATABASE=BCM56377 Switch ASIC + +pci:v000014E4d0000B379* + ID_MODEL_FROM_DATABASE=Broadcom BCM56379 Switch ASIC + pci:v000014E4d0000B800* ID_MODEL_FROM_DATABASE=BCM56800 StrataXGS 10GE Switch Controller @@ -55070,6 +55580,9 @@ pci:v000015B3d00001007sv000015B3sd00000079* pci:v000015B3d00001007sv000015B3sd00000080* ID_MODEL_FROM_DATABASE=MT27520 Family [ConnectX-3 Pro] (ConnectX-3 Pro 10 GbE Dual Port SFP+ Adapter) +pci:v000015B3d00001007sv0000193Dsd00001002* + ID_MODEL_FROM_DATABASE=MT27520 Family [ConnectX-3 Pro] (520F-B) + pci:v000015B3d00001009* ID_MODEL_FROM_DATABASE=MT27530 Family @@ -55133,6 +55646,12 @@ pci:v000015B3d00001014* pci:v000015B3d00001015* ID_MODEL_FROM_DATABASE=MT27710 Family [ConnectX-4 Lx] +pci:v000015B3d00001015sv000015B3sd00000001* + ID_MODEL_FROM_DATABASE=MT27710 Family [ConnectX-4 Lx] (ConnectX-4 Lx EN network interface card, 25GbE single-port SFP28, PCIe3.0 x8, tall bracket, ROHS R6) + +pci:v000015B3d00001015sv000015B3sd00000003* + ID_MODEL_FROM_DATABASE=MT27710 Family [ConnectX-4 Lx] (ConnectX-4 Lx EN network interface card, 25GbE dual-port SFP28, PCIe3.0 x8, tall bracket, ROHS R6) + pci:v000015B3d00001015sv000015B3sd00000004* ID_MODEL_FROM_DATABASE=MT27710 Family [ConnectX-4 Lx] (ConnectX-4 Lx Stand-up dual-port 10GbE MCX4121A-XCAT) @@ -55151,6 +55670,9 @@ pci:v000015B3d00001015sv000015B3sd00000021* pci:v000015B3d00001015sv000015B3sd00000025* ID_MODEL_FROM_DATABASE=MT27710 Family [ConnectX-4 Lx] (ConnectX-4 Lx 25 GbE Dual Port SFP28 rNDC) +pci:v000015B3d00001015sv0000193Dsd0000100A* + ID_MODEL_FROM_DATABASE=MT27710 Family [ConnectX-4 Lx] (620F-B) + pci:v000015B3d00001016* ID_MODEL_FROM_DATABASE=MT27710 Family [ConnectX-4 Lx Virtual Function] @@ -55344,7 +55866,7 @@ pci:v000015B3d0000CF08* ID_MODEL_FROM_DATABASE=MT53236 pci:v000015B3d0000CF6C* - ID_MODEL_FROM_DATABASE=MT53100 [Spectrum-2, 64 x 100GbE switch] + ID_MODEL_FROM_DATABASE=MT53100 [Spectrum-2] pci:v000015B3d0000D2F0* ID_MODEL_FROM_DATABASE=Switch-IB 3 HDR (200Gbps) switch @@ -55838,6 +56360,30 @@ pci:v00001619d00006620* pci:v0000161F* ID_VENDOR_FROM_DATABASE=Rioworks +pci:v00001621* + ID_VENDOR_FROM_DATABASE=Lynx Studio Technology, Inc. + +pci:v00001621d00000020* + ID_MODEL_FROM_DATABASE=LynxTWO-A + +pci:v00001621d00000021* + ID_MODEL_FROM_DATABASE=LynxTWO-B + +pci:v00001621d00000022* + ID_MODEL_FROM_DATABASE=LynxTWO-C + +pci:v00001621d00000023* + ID_MODEL_FROM_DATABASE=Lynx L22 + +pci:v00001621d00000024* + ID_MODEL_FROM_DATABASE=Lynx AES16 + +pci:v00001621d00000025* + ID_MODEL_FROM_DATABASE=Lynx AES16-SRC + +pci:v00001621d00000028* + ID_MODEL_FROM_DATABASE=Lynx AES16e + pci:v00001626* ID_VENDOR_FROM_DATABASE=TDK Semiconductor Corp. @@ -57359,6 +57905,15 @@ pci:v000016D5d0000702A* pci:v000016D5d0000702B* ID_MODEL_FROM_DATABASE=AP236 16-Bit, 8-Channel Isolated Analog Output Module +pci:v000016D5d00007031* + ID_MODEL_FROM_DATABASE=AP441-1: 32-Channel Isolated Digital Input Module + +pci:v000016D5d00007032* + ID_MODEL_FROM_DATABASE=AP441-2: 32-Channel Isolated Digital Input Module + +pci:v000016D5d00007033* + ID_MODEL_FROM_DATABASE=AP441-3: 32-Channel Isolated Digital Input Module + pci:v000016D5d00007042* ID_MODEL_FROM_DATABASE=AP482 Counter Timer Module with TTL Level Input/Output @@ -57569,6 +58124,9 @@ pci:v00001760d00000102* pci:v00001760d00000303* ID_MODEL_FROM_DATABASE=PCD-7006C Digital Input & Output PCI Card +pci:v00001761* + ID_VENDOR_FROM_DATABASE=Pickering Interfaces Ltd + pci:v00001771* ID_VENDOR_FROM_DATABASE=InnoVISION Multimedia Ltd. @@ -60887,6 +61445,9 @@ pci:v00001A4Ad00002001* pci:v00001A4Ad00002010* ID_MODEL_FROM_DATABASE=PCI-Express EVR +pci:v00001A4Ad00002020* + ID_MODEL_FROM_DATABASE=PGP-GEN3 PCIe + pci:v00001A51* ID_VENDOR_FROM_DATABASE=Hectronic AB @@ -61046,6 +61607,9 @@ pci:v00001AA8d0000000A* pci:v00001AAE* ID_VENDOR_FROM_DATABASE=Global Velocity, Inc. +pci:v00001AB4* + ID_VENDOR_FROM_DATABASE=FFEI Ltd + pci:v00001AB6* ID_VENDOR_FROM_DATABASE=CalDigit, Inc. @@ -61526,6 +62090,15 @@ pci:v00001B4Bd00009220* pci:v00001B4Bd00009230* ID_MODEL_FROM_DATABASE=88SE9230 PCIe SATA 6Gb/s Controller +pci:v00001B4Bd00009230sv00001028sd00001FD6* + ID_MODEL_FROM_DATABASE=88SE9230 PCIe SATA 6Gb/s Controller (BOSS-S1 Adapter) + +pci:v00001B4Bd00009230sv00001028sd00001FDF* + ID_MODEL_FROM_DATABASE=88SE9230 PCIe SATA 6Gb/s Controller (BOSS-S1 Modular) + +pci:v00001B4Bd00009230sv00001028sd00001FE2* + ID_MODEL_FROM_DATABASE=88SE9230 PCIe SATA 6Gb/s Controller (BOSS-S1 Adapter) + pci:v00001B4Bd00009230sv00001D49sd00000300* ID_MODEL_FROM_DATABASE=88SE9230 PCIe SATA 6Gb/s Controller (ThinkSystem M.2 with Mirroring Enablement Kit) @@ -61919,6 +62492,12 @@ pci:v00001C58d00000003sv00001014sd000004F6* pci:v00001C58d00000023* ID_MODEL_FROM_DATABASE=Ultrastar SN200 Series NVMe SSD +pci:v00001C5C* + ID_VENDOR_FROM_DATABASE=SK hynix + +pci:v00001C5Cd00001283* + ID_MODEL_FROM_DATABASE=PC300 NVMe Solid State Drive + pci:v00001C5F* ID_VENDOR_FROM_DATABASE=Beijing Memblaze Technology Co. Ltd. @@ -62519,6 +63098,15 @@ pci:v00001DEFd0000E00C* pci:v00001DF7* ID_VENDOR_FROM_DATABASE=opencpi.org +pci:v00001DF7d00000001* + ID_MODEL_FROM_DATABASE=ml605 + +pci:v00001DF7d00000002* + ID_MODEL_FROM_DATABASE=alst4 + +pci:v00001DF7d00000003* + ID_MODEL_FROM_DATABASE=alst4x + pci:v00001FC0* ID_VENDOR_FROM_DATABASE=Ascom (Finland) Oy @@ -62663,6 +63251,9 @@ pci:v00001FC9d00004027sv00001154sd00000368* pci:v00001FC9d00004027sv00001432sd00008104* ID_MODEL_FROM_DATABASE=TN9710P 10GBase-T/NBASE-T Ethernet Adapter (10 Gigabit Ethernet PCI Express Adapter) +pci:v00001FC9d00004027sv00001546sd00004027* + ID_MODEL_FROM_DATABASE=TN9710P 10GBase-T/NBASE-T Ethernet Adapter (IOI9710P 10Gbase-T/NBASE-T Ethernet Adapter) + pci:v00001FC9d00004027sv00001FC9sd00003015* ID_MODEL_FROM_DATABASE=TN9710P 10GBase-T/NBASE-T Ethernet Adapter (Ethernet Adapter) @@ -68414,6 +69005,9 @@ pci:v00008086d000010FBsv000017AAsd0000402F* pci:v00008086d000010FBsv000018D4sd00000C09* ID_MODEL_FROM_DATABASE=82599ES 10-Gigabit SFI/SFP+ Network Connection (82599ES 10Gb 2-port SFP+ OCP Mezz Card MOP81-I-10GS2) +pci:v00008086d000010FBsv0000193Dsd00001004* + ID_MODEL_FROM_DATABASE=82599ES 10-Gigabit SFI/SFP+ Network Connection (560F-B) + pci:v00008086d000010FBsv00001BD4sd0000001B* ID_MODEL_FROM_DATABASE=82599ES 10-Gigabit SFI/SFP+ Network Connection (10G SFP+ DP ER102Fi4 Rack Adapter) @@ -69368,6 +69962,12 @@ pci:v00008086d00001521sv000017AAsd00004005* pci:v00008086d00001521sv000018D4sd00000C07* ID_MODEL_FROM_DATABASE=I350 Gigabit Network Connection (I350 1Gb 2-port RJ45 OCP Mezz Card MOP41-I-1GT2) +pci:v00008086d00001521sv0000193Dsd00001005* + ID_MODEL_FROM_DATABASE=I350 Gigabit Network Connection (360T-B) + +pci:v00008086d00001521sv0000193Dsd00001007* + ID_MODEL_FROM_DATABASE=I350 Gigabit Network Connection (360T-L) + pci:v00008086d00001521sv00001BD4sd0000001D* ID_MODEL_FROM_DATABASE=I350 Gigabit Network Connection (1G base-T QP EP014Ti1 Adapter) @@ -69707,6 +70307,9 @@ pci:v00008086d00001563sv00001028sd00001FA8* pci:v00008086d00001563sv00001028sd00001FA9* ID_MODEL_FROM_DATABASE=Ethernet Controller 10G X550T (Ethernet 10G 4P X550 rNDC) +pci:v00008086d00001563sv000014C0sd00001201* + ID_MODEL_FROM_DATABASE=Ethernet Controller 10G X550T (X550 10Gb 2P RJ45 OCP Mezz) + pci:v00008086d00001563sv00001590sd000000D1* ID_MODEL_FROM_DATABASE=Ethernet Controller 10G X550T (Ethernet 10Gb 2-port 562T Adapter) @@ -69716,6 +70319,12 @@ pci:v00008086d00001563sv00001590sd000000D2* pci:v00008086d00001563sv000018D4sd00000C08* ID_MODEL_FROM_DATABASE=Ethernet Controller 10G X550T (X550 10Gb 2-port RJ45 OCP Mezz Card MOP81-I-10GT2) +pci:v00008086d00001563sv0000193Dsd00001008* + ID_MODEL_FROM_DATABASE=Ethernet Controller 10G X550T (560T-B) + +pci:v00008086d00001563sv0000193Dsd00001009* + ID_MODEL_FROM_DATABASE=Ethernet Controller 10G X550T (560T-L) + pci:v00008086d00001563sv00008086sd00000001* ID_MODEL_FROM_DATABASE=Ethernet Controller 10G X550T (Ethernet Converged Network Adapter X550-T2) @@ -72740,6 +73349,9 @@ pci:v00008086d0000244Esv00001043sd0000844D* pci:v00008086d0000244Esv00001458sd00005000* ID_MODEL_FROM_DATABASE=82801 PCI Bridge (Motherboard) +pci:v00008086d0000244Esv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801 PCI Bridge (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d0000244Esv00001462sd00007418* ID_MODEL_FROM_DATABASE=82801 PCI Bridge (Wind PC MS-7418) @@ -74195,6 +74807,9 @@ pci:v00008086d000024F4* pci:v00008086d000024F4sv00008086sd00000030* ID_MODEL_FROM_DATABASE=Wireless 8260 (Dual Band Wireless-AC 8260) +pci:v00008086d000024FB* + ID_MODEL_FROM_DATABASE=Dual Band Wireless-AC 3168NGW [Stone Peak] + pci:v00008086d000024FD* ID_MODEL_FROM_DATABASE=Wireless 8265 / 8275 @@ -74231,6 +74846,9 @@ pci:v00008086d00002520* pci:v00008086d00002521* ID_MODEL_FROM_DATABASE=82804AA MRH-S Memory Repeater Hub for SDRAM +pci:v00008086d00002526* + ID_MODEL_FROM_DATABASE=Wireless-AC 9260 + pci:v00008086d00002530* ID_MODEL_FROM_DATABASE=82850 850 (Tehama) Chipset Host Bridge (MCH) @@ -76847,6 +77465,9 @@ pci:v00008086d00002815sv00001025sd00000121* pci:v00008086d00002815sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=82801HM (ICH8M) LPC Interface Controller (Inspiron 1420) +pci:v00008086d00002815sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801HM (ICH8M) LPC Interface Controller (Inspiron 1525) + pci:v00008086d00002815sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=82801HM (ICH8M) LPC Interface Controller (Compaq 6710b) @@ -76892,6 +77513,9 @@ pci:v00008086d00002822sv0000103Csd00002A6F* pci:v00008086d00002822sv00001043sd00008277* ID_MODEL_FROM_DATABASE=SATA Controller [RAID mode] (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002822sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=SATA Controller [RAID mode] (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d00002823* ID_MODEL_FROM_DATABASE=C610/X99 series chipset sSATA Controller [RAID mode] @@ -76955,6 +77579,9 @@ pci:v00008086d00002829* pci:v00008086d00002829sv00001025sd00000121* ID_MODEL_FROM_DATABASE=82801HM/HEM (ICH8M/ICH8M-E) SATA Controller [AHCI mode] (Aspire 5920G) +pci:v00008086d00002829sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801HM/HEM (ICH8M/ICH8M-E) SATA Controller [AHCI mode] (Inspiron 1525) + pci:v00008086d00002829sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=82801HM/HEM (ICH8M/ICH8M-E) SATA Controller [AHCI mode] (Compaq 6710b) @@ -77003,6 +77630,9 @@ pci:v00008086d00002830sv00001028sd000001DA* pci:v00008086d00002830sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #1 (Inspiron 1420) +pci:v00008086d00002830sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #1 (Inspiron 1525) + pci:v00008086d00002830sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #1 (Compaq 6710b) @@ -77048,6 +77678,9 @@ pci:v00008086d00002831sv00001028sd000001DA* pci:v00008086d00002831sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #2 (Inspiron 1420) +pci:v00008086d00002831sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #2 (Inspiron 1525) + pci:v00008086d00002831sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #2 (Compaq 6710b) @@ -77093,6 +77726,9 @@ pci:v00008086d00002832sv00001028sd000001DA* pci:v00008086d00002832sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #3 (Inspiron 1420) +pci:v00008086d00002832sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #3 (Inspiron 1525) + pci:v00008086d00002832sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #3 (Compaq 6710b) @@ -77141,6 +77777,9 @@ pci:v00008086d00002834sv00001028sd000001DA* pci:v00008086d00002834sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #4 (Inspiron 1420) +pci:v00008086d00002834sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #4 (Inspiron 1525) + pci:v00008086d00002834sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #4 (Compaq 6710b) @@ -77183,6 +77822,9 @@ pci:v00008086d00002835sv00001028sd000001DA* pci:v00008086d00002835sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #5 (Inspiron 1420) +pci:v00008086d00002835sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #5 (Inspiron 1525) + pci:v00008086d00002835sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB UHCI Controller #5 (Compaq 6710b) @@ -77222,6 +77864,9 @@ pci:v00008086d00002836sv00001028sd000001DA* pci:v00008086d00002836sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB2 EHCI Controller #1 (Inspiron 1420) +pci:v00008086d00002836sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB2 EHCI Controller #1 (Inspiron 1525) + pci:v00008086d00002836sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB2 EHCI Controller #1 (Compaq 6710b) @@ -77267,6 +77912,9 @@ pci:v00008086d0000283Asv00001028sd000001DA* pci:v00008086d0000283Asv00001028sd000001F3* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB2 EHCI Controller #2 (Inspiron 1420) +pci:v00008086d0000283Asv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB2 EHCI Controller #2 (Inspiron 1525) + pci:v00008086d0000283Asv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) USB2 EHCI Controller #2 (Compaq 6710b) @@ -77306,6 +77954,9 @@ pci:v00008086d0000283Esv00001028sd000001DA* pci:v00008086d0000283Esv00001028sd000001F3* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) SMBus Controller (Inspiron 1420) +pci:v00008086d0000283Esv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) SMBus Controller (Inspiron 1525) + pci:v00008086d0000283Esv0000103Csd000030D9* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) SMBus Controller (Presario C700) @@ -77429,6 +78080,9 @@ pci:v00008086d0000284Bsv00001028sd000001F9* pci:v00008086d0000284Bsv00001028sd000001FF* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) HD Audio Controller (Precision M4300) +pci:v00008086d0000284Bsv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) HD Audio Controller (Inspiron 1525) + pci:v00008086d0000284Bsv00001028sd00000256* ID_MODEL_FROM_DATABASE=82801H (ICH8 Family) HD Audio Controller (Studio 1735) @@ -77489,6 +78143,9 @@ pci:v00008086d00002850sv00001025sd00000121* pci:v00008086d00002850sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=82801HM/HEM (ICH8M/ICH8M-E) IDE Controller (Inspiron 1420) +pci:v00008086d00002850sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=82801HM/HEM (ICH8M/ICH8M-E) IDE Controller (Inspiron 1525) + pci:v00008086d00002850sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=82801HM/HEM (ICH8M/ICH8M-E) IDE Controller (Compaq 6710b) @@ -77537,6 +78194,9 @@ pci:v00008086d00002916sv0000103Csd00002A6F* pci:v00008086d00002916sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801IR (ICH9R) LPC Interface Controller (P5K PRO Motherboard) +pci:v00008086d00002916sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801IR (ICH9R) LPC Interface Controller (MS-7345 Motherboard) + pci:v00008086d00002916sv00008086sd00005044* ID_MODEL_FROM_DATABASE=82801IR (ICH9R) LPC Interface Controller (Desktop Board DP35DP) @@ -77582,6 +78242,9 @@ pci:v00008086d00002920sv00001028sd0000023C* pci:v00008086d00002920sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801IR/IO/IH (ICH9R/DO/DH) 4 port SATA Controller [IDE mode] (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002920sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801IR/IO/IH (ICH9R/DO/DH) 4 port SATA Controller [IDE mode] (MS-7345 Motherboard: Intel 82801IR [ICH9R]) + pci:v00008086d00002921* ID_MODEL_FROM_DATABASE=82801IB (ICH9) 2 port SATA Controller [IDE mode] @@ -77603,6 +78266,9 @@ pci:v00008086d00002922* pci:v00008086d00002922sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801IR/IO/IH (ICH9R/DO/DH) 6 port SATA Controller [AHCI mode] (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002922sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801IR/IO/IH (ICH9R/DO/DH) 6 port SATA Controller [AHCI mode] (MS-7345 Motherboard: Intel 82801IR [ICH9R]) + pci:v00008086d00002922sv00001AF4sd00001100* ID_MODEL_FROM_DATABASE=82801IR/IO/IH (ICH9R/DO/DH) 6 port SATA Controller [AHCI mode] (QEMU Virtual Machine) @@ -77639,6 +78305,9 @@ pci:v00008086d00002926sv00001028sd00000211* pci:v00008086d00002926sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) 2 port SATA Controller [IDE mode] (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002926sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) 2 port SATA Controller [IDE mode] (MS-7345 Motherboard: Intel 82801IR [ICH9R]) + pci:v00008086d00002926sv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) 2 port SATA Controller [IDE mode] (G33/P35 Neo) @@ -77681,6 +78350,9 @@ pci:v00008086d00002930sv0000103Csd00003628* pci:v00008086d00002930sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) SMBus Controller (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002930sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) SMBus Controller (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d00002930sv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) SMBus Controller (G33/P35 Neo) @@ -77741,6 +78413,9 @@ pci:v00008086d00002934sv0000103Csd00002A6F* pci:v00008086d00002934sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #1 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002934sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #1 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d00002934sv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #1 (G33/P35 Neo) @@ -77792,6 +78467,9 @@ pci:v00008086d00002935sv0000103Csd00002A6F* pci:v00008086d00002935sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #2 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002935sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #2 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d00002935sv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #2 (G33/P35 Neo) @@ -77837,6 +78515,9 @@ pci:v00008086d00002936sv0000103Csd00002A6F* pci:v00008086d00002936sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #3 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002936sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #3 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d00002936sv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #3 (G33/P35 Neo) @@ -77882,6 +78563,9 @@ pci:v00008086d00002937sv0000103Csd00002A6F* pci:v00008086d00002937sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #4 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002937sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #4 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d00002937sv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #4 (G33/P35 Neo) @@ -77930,6 +78614,9 @@ pci:v00008086d00002938sv0000103Csd00002A6F* pci:v00008086d00002938sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #5 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002938sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #5 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d00002938sv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #5 (G33/P35 Neo) @@ -77963,6 +78650,9 @@ pci:v00008086d00002939sv0000103Csd00002A6F* pci:v00008086d00002939sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #6 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002939sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #6 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d00002939sv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB UHCI Controller #6 (G33/P35 Neo) @@ -78014,6 +78704,9 @@ pci:v00008086d0000293Asv0000103Csd00002A6F* pci:v00008086d0000293Asv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB2 EHCI Controller #1 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d0000293Asv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB2 EHCI Controller #1 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d0000293Asv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB2 EHCI Controller #1 (G33/P35 Neo) @@ -78056,6 +78749,9 @@ pci:v00008086d0000293Csv0000103Csd00002A6F* pci:v00008086d0000293Csv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB2 EHCI Controller #2 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d0000293Csv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB2 EHCI Controller #2 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d0000293Csv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) USB2 EHCI Controller #2 (G33/P35 Neo) @@ -78089,6 +78785,9 @@ pci:v00008086d0000293Esv0000103Csd00003628* pci:v00008086d0000293Esv00001043sd0000829F* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) HD Audio Controller (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d0000293Esv00001462sd0000735A* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) HD Audio Controller (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d0000293Esv00001462sd00007360* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) HD Audio Controller (G33/P35 Neo) @@ -78119,6 +78818,9 @@ pci:v00008086d00002940sv0000103Csd00002A6F* pci:v00008086d00002940sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) PCI Express Port 1 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002940sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) PCI Express Port 1 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d00002940sv00008086sd00002940* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) PCI Express Port 1 (Optiplex 755) @@ -78152,6 +78854,9 @@ pci:v00008086d00002948sv00001028sd0000020D* pci:v00008086d00002948sv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) PCI Express Port 5 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d00002948sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) PCI Express Port 5 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d0000294A* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) PCI Express Port 6 @@ -78161,6 +78866,9 @@ pci:v00008086d0000294Asv00001028sd0000020D* pci:v00008086d0000294Asv00001043sd00008277* ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) PCI Express Port 6 (P5K PRO Motherboard: 82801IR [ICH9R]) +pci:v00008086d0000294Asv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82801I (ICH9 Family) PCI Express Port 6 (MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R]) + pci:v00008086d0000294C* ID_MODEL_FROM_DATABASE=82566DC-2 Gigabit Network Connection @@ -78326,6 +79034,9 @@ pci:v00008086d000029C0sv00001043sd00008276* pci:v00008086d000029C0sv00001043sd000082B0* ID_MODEL_FROM_DATABASE=82G33/G31/P35/P31 Express DRAM Controller (P5KPL-VM Motherboard) +pci:v00008086d000029C0sv00001462sd00007345* + ID_MODEL_FROM_DATABASE=82G33/G31/P35/P31 Express DRAM Controller (MS-7345 Motherboard: Intel 82G33/P35 Northbridge) + pci:v00008086d000029C0sv00001462sd00007360* ID_MODEL_FROM_DATABASE=82G33/G31/P35/P31 Express DRAM Controller (G33/P35 Neo) @@ -78455,6 +79166,9 @@ pci:v00008086d00002A00sv00001025sd00000121* pci:v00008086d00002A00sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=Mobile PM965/GM965/GL960 Memory Controller Hub (Inspiron 1420) +pci:v00008086d00002A00sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=Mobile PM965/GM965/GL960 Memory Controller Hub (Inspiron 1525) + pci:v00008086d00002A00sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=Mobile PM965/GM965/GL960 Memory Controller Hub (Compaq 6710b) @@ -78497,6 +79211,9 @@ pci:v00008086d00002A02sv00001028sd000001F3* pci:v00008086d00002A02sv00001028sd000001F9* ID_MODEL_FROM_DATABASE=Mobile GM965/GL960 Integrated Graphics Controller (primary) (Latitude D630) +pci:v00008086d00002A02sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=Mobile GM965/GL960 Integrated Graphics Controller (primary) (Inspiron 1525) + pci:v00008086d00002A02sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=Mobile GM965/GL960 Integrated Graphics Controller (primary) (Compaq 6710b) @@ -78521,6 +79238,9 @@ pci:v00008086d00002A03* pci:v00008086d00002A03sv00001028sd000001F3* ID_MODEL_FROM_DATABASE=Mobile GM965/GL960 Integrated Graphics Controller (secondary) (Inspiron 1420) +pci:v00008086d00002A03sv00001028sd0000022F* + ID_MODEL_FROM_DATABASE=Mobile GM965/GL960 Integrated Graphics Controller (secondary) (Inspiron 1525) + pci:v00008086d00002A03sv0000103Csd000030C0* ID_MODEL_FROM_DATABASE=Mobile GM965/GL960 Integrated Graphics Controller (secondary) (Compaq 6710b) @@ -80660,6 +81380,18 @@ pci:v00008086d000037D0sv000017AAsd00004021* pci:v00008086d000037D0sv000017AAsd00004022* ID_MODEL_FROM_DATABASE=Ethernet Connection X722 for 10GbE SFP+ +pci:v00008086d000037D0sv00008086sd00000001* + ID_MODEL_FROM_DATABASE=Ethernet Connection X722 for 10GbE SFP+ (Ethernet Network Adapter X722-2) + +pci:v00008086d000037D0sv00008086sd00000002* + ID_MODEL_FROM_DATABASE=Ethernet Connection X722 for 10GbE SFP+ (Ethernet Network Adapter X722-2) + +pci:v00008086d000037D0sv00008086sd00000003* + ID_MODEL_FROM_DATABASE=Ethernet Connection X722 for 10GbE SFP+ (Ethernet Network Adapter X722-4) + +pci:v00008086d000037D0sv00008086sd00000004* + ID_MODEL_FROM_DATABASE=Ethernet Connection X722 for 10GbE SFP+ (Ethernet Network Adapter X722-4) + pci:v00008086d000037D1* ID_MODEL_FROM_DATABASE=Ethernet Connection X722 for 1GbE @@ -81314,6 +82046,12 @@ pci:v00008086d00003B30sv00001028sd0000040A* pci:v00008086d00003B30sv00001028sd0000040B* ID_MODEL_FROM_DATABASE=5 Series/3400 Series Chipset SMBus Controller (Latitude E6510) +pci:v00008086d00003B30sv00001043sd00003838* + ID_MODEL_FROM_DATABASE=5 Series/3400 Series Chipset SMBus Controller (P7P55-M Motherboard) + +pci:v00008086d00003B30sv00001043sd00008383* + ID_MODEL_FROM_DATABASE=5 Series/3400 Series Chipset SMBus Controller (P7P55-M Motherboard) + pci:v00008086d00003B30sv0000144Dsd0000C06A* ID_MODEL_FROM_DATABASE=5 Series/3400 Series Chipset SMBus Controller (R730 Laptop) @@ -87300,10 +88038,10 @@ pci:v0000DEDA* ID_VENDOR_FROM_DATABASE=XIMEA pci:v0000DEDAd00004001* - ID_MODEL_FROM_DATABASE=Camera CB + ID_MODEL_FROM_DATABASE=CB or MX camera pci:v0000DEDAd00004021* - ID_MODEL_FROM_DATABASE=Camera MT + ID_MODEL_FROM_DATABASE=MT camera pci:v0000E000* ID_VENDOR_FROM_DATABASE=Winbond @@ -87572,6 +88310,12 @@ pci:v0000EACEd00009200* pci:v0000EACEd0000920E* ID_MODEL_FROM_DATABASE=DAG 9.2X2 10G Ethernet +pci:v0000EACEd00009540* + ID_MODEL_FROM_DATABASE=DAG 9.5G4 Gig Ethernet + +pci:v0000EACEd0000954F* + ID_MODEL_FROM_DATABASE=DAG 9.5G4F Gig Ethernet + pci:v0000EACEd0000A120* ID_MODEL_FROM_DATABASE=DAG 10X2-P 10G Ethernet @@ -87579,7 +88323,13 @@ pci:v0000EACEd0000A12E* ID_MODEL_FROM_DATABASE=DAG 10X2-S 10G Ethernet pci:v0000EACEd0000A140* - ID_MODEL_FROM_DATABASE=DAG 10X4-P 10G Ethernet + ID_MODEL_FROM_DATABASE=DAG 10X4-P 10/40G Ethernet + +pci:v0000EACEd0000A14E* + ID_MODEL_FROM_DATABASE=DAG 10X4-S 10/40G Ethernet + +pci:v0000EACEd0000EACE* + ID_MODEL_FROM_DATABASE=vDAG virtual device pci:v0000EC80* ID_VENDOR_FROM_DATABASE=Belkin Corporation diff --git a/hwdb/60-evdev.hwdb b/hwdb/60-evdev.hwdb index ff28b7e039..2c6fdb1b69 100644 --- a/hwdb/60-evdev.hwdb +++ b/hwdb/60-evdev.hwdb @@ -151,6 +151,11 @@ evdev:name:AlpsPS/2 ALPS DualPoint TouchPad:dmi:bvn*:bvr*:bd*:svnDellInc.:pnInsp EVDEV_ABS_35=25:2000:22 EVDEV_ABS_36=0:1351:28 +# Dell Inspiron MM061 +evdev:name:SynPS/2 Synaptics TouchPad:dmi:*bvn*:bvr*:bd*:svnDellInc.:pnMM061:* + EVDEV_ABS_00=1008:5793:66 + EVDEV_ABS_01=687:5176:107 + # Dell Latitude E6220 evdev:name:AlpsPS/2 ALPS DualPoint TouchPad:dmi:bvn*:bvr*:bd*:svnDellInc.:pnLatitudeE6220* EVDEV_ABS_00=76:1815:22 @@ -377,6 +382,13 @@ evdev:name:AlpsPS/2 ALPS GlidePoint*:dmi:bvn*:bvr*:bd*:svnLENOVO*:pvrFlex3-15* EVDEV_ABS_35=::38 EVDEV_ABS_36=::28 +# Lenovo ThinkPad Edge 13 (02173BG) +evdev:name:SynPS/2 Synaptics TouchPad:dmi:*svnLENOVO*:pn*02173BG*:*pvrThinkPadEdge* + EVDEV_ABS_00=916:6077:55 + EVDEV_ABS_01=653:5395:116 + EVDEV_ABS_35=916:6077:55 + EVDEV_ABS_36=653:5395:116 + ######################################### # Samsung ######################################### diff --git a/hwdb/60-keyboard.hwdb b/hwdb/60-keyboard.hwdb index a265f1223f..6406a7dbf9 100644 --- a/hwdb/60-keyboard.hwdb +++ b/hwdb/60-keyboard.hwdb @@ -162,8 +162,9 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnAcer*:pnTravelMate*C3[01]0*:pvr* KEYBOARD_KEY_6b=fn KEYBOARD_KEY_6c=screenlock # FIXME: lock tablet device/buttons -# Travelmate P648-G2-MG +# Travelmate P648-G2-MG and P645-S evdev:atkbd:dmi:bvn*:bvr*:bd*:svnAcer*:pnTravelMate*P648-G2-MG*:pvr* +evdev:atkbd:dmi:bvn*:bvr*:bd*:svnAcer*:pnTravelMate*P645-S*:pvr* KEYBOARD_KEY_8a=f20 # Microphone mute button; should be micmute # on some models this isn't brightnessup @@ -807,7 +808,7 @@ evdev:input:b0003v046DpC517* KEYBOARD_KEY_c104c=ejectclosecd # Cordless Wave Pro -evdev:input:b0003v046DpC52[9B]* +evdev:input:b0003v046DpC529* KEYBOARD_KEY_0c01b6=camera KEYBOARD_KEY_0c0183=media KEYBOARD_KEY_0c0184=wordprocessor @@ -1203,6 +1204,13 @@ evdev:name:Sony Vaio Keys:dmi:bvn*:bvr*:bd*:svnSony*:pnVPC*:pvr* KEYBOARD_KEY_0e=up # Fn+F10 zoomin ########################################################### +# T-bao +########################################################### + +evdev:atkbd:dmi:bvn*:bvr*:bd*:svnT-bao:pnTbookair:pvr* + KEYBOARD_KEY_76=f21 # Touchpad toggle + +########################################################### # Toshiba ########################################################### @@ -1263,6 +1271,13 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnVIA:pnK8N800:pvr* KEYBOARD_KEY_81=prog1 ########################################################### +# VIOS +########################################################### + +evdev:name:SIPODEV USB Composite Device:dmi:bvn*:bvr*:bd*:svnVIOS:pnLTH17:pvr* + KEYBOARD_KEY_70073=f21 # Touchpad toggle + +########################################################### # Zepto ########################################################### diff --git a/hwdb/60-sensor.hwdb b/hwdb/60-sensor.hwdb index 2e67741c36..77de5d21ba 100644 --- a/hwdb/60-sensor.hwdb +++ b/hwdb/60-sensor.hwdb @@ -81,6 +81,9 @@ sensor:modalias:acpi:SMO8500*:dmi:*svn*ASUSTeK*:*pn*TP300LJ* sensor:modalias:acpi:SMO8500*:dmi:*svn*ASUSTeK*:*pn*TP500LB* ACCEL_MOUNT_MATRIX=0, 1, 0; 1, 0, 0; 0, 0, 1 +sensor:modalias:acpi:SMO8500*:dmi:*svn*ASUSTeK*:*pn*TP300LD* + ACCEL_MOUNT_MATRIX=0, 1, 0; 1, 0, 0; 0, 0, 1 + ######################################### # Axxo ######################################### @@ -107,6 +110,10 @@ sensor:modalias:acpi:BOSC0200*:dmi:*:svnHampoo:pnX1D3_C806N:* sensor:modalias:acpi:BOSC0200*:dmi:*:svn*CHUWIINNOVATIONANDTECHNOLOGY*:pnHi10protablet:* ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1 +# Chuwi Hi12 +sensor:modalias:acpi:BOSC0200*:dmi:*:svnHampoo:pnP02BD6_HI-122LP:* + ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1 + # Chuwi Hi13 sensor:modalias:acpi:KIOX000A*:dmi:svnChuwi*:pnHi13 ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1 @@ -130,6 +137,10 @@ sensor:modalias:acpi:KIOX000A*:dmi:*:svncube:pni1-TF:* sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni7Stylus:* ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1 +# Cube i7 Book (i16) +sensor:modalias:acpi:KIOX000A*:dmi:*:svnCube:pni16:* + ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1 + ######################################### # Endless ######################################### @@ -250,3 +261,10 @@ sensor:modalias:acpi:BMA250*:dmi:*:bvrTREK.G.WI71C.JGBMRBA*:*:svnTrekStor:pnSurf ######################################### sensor:modalias:acpi:*KIOX000A*:dmi:*svn*CytrixTechnology:*pn*Complex11t* ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1 + +######################################### +# iOTA 360 +######################################### +sensor:modalias:acpi:KIOX000A*:dmi:*svn*iOTA*:*pn*IOTA2210* + ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1 + diff --git a/hwdb/70-mouse.hwdb b/hwdb/70-mouse.hwdb index 48fb1eb4d7..33d01f158a 100644 --- a/hwdb/70-mouse.hwdb +++ b/hwdb/70-mouse.hwdb @@ -438,6 +438,10 @@ mouse:usb:v046dp402d:name:Logitech M560: mouse:usb:v046dpc52b:name:Logitech Unifying Device. Wireless PID:402d: MOUSE_DPI=1000@125 +# Logitech M305 Wireless Optical Mouse +mouse:usb:v046dpc52f:name:Logitech USB Receiver: + MOUSE_DPI=1000@170 + # Logitech Performance MX mouse:usb:v046dp101a:name:Logitech Performance MX: MOUSE_DPI=1000@166 diff --git a/hwdb/ma-large.txt b/hwdb/ma-large.txt index 04dc45a4a2..7d22e6f60d 100644 --- a/hwdb/ma-large.txt +++ b/hwdb/ma-large.txt @@ -1274,12 +1274,6 @@ C4ADF1 (base 16) GOPEACE Inc. San Jose California 95110
US
-1C-60-DE (hex) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
-1C60DE (base 16) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
- Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
- Shenzhen Guangdong 518057
- CN
-
74-18-65 (hex) Shanghai DareGlobal Technologies Co.,Ltd
741865 (base 16) Shanghai DareGlobal Technologies Co.,Ltd
22F NO.1555 Kongjiang RD
@@ -1706,12 +1700,6 @@ B0495F (base 16) OMRON HEALTHCARE Co., Ltd. Muko Kyoto 6170002
JP
-BC-6E-64 (hex) Sony Mobile Communications AB
-BC6E64 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
F4-47-13 (hex) Leading Public Performance Co., Ltd.
F44713 (base 16) Leading Public Performance Co., Ltd.
137/77-78 Moo 1 Nanthanagarden Soi 12 Pathum-Rangsit Road Banklang Muang Pathumthani 12000 Thailand
@@ -1739,12 +1727,6 @@ BC5C4C (base 16) ELECOM CO.,LTD. Chiyoda-ku Tokyo 102-0081
JP
-6C-59-40 (hex) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
-6C5940 (base 16) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
- Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
- Shenzhen Guangdong 518057
- CN
-
6C-A7-5F (hex) zte corporation
6CA75F (base 16) zte corporation
12/F.,zte R&D building ,kejinan Road,Shenzhen,P.R.China
@@ -1985,12 +1967,6 @@ A8D0E3 (base 16) Systech Electronics Ltd. shanghai shanghai 201203
CN
-F4-EE-14 (hex) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
-F4EE14 (base 16) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
- Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
- Shenzhen Guangdong 518057
- CN
-
18-65-71 (hex) Top Victory Electronics (Taiwan) Co., Ltd.
186571 (base 16) Top Victory Electronics (Taiwan) Co., Ltd.
14F,No.166,Jian 1st Rd
@@ -2507,12 +2483,6 @@ A481EE (base 16) Nokia Corporation Shenzhen Guangdong 518057
CN
-D4-21-22 (hex) Sercomm Corporation
-D42122 (base 16) Sercomm Corporation
- 8F, 3-1, YuanQu St., NanKang,
- Taipei Taiwan 115
- TW
-
EC-17-66 (hex) Research Centre Module
EC1766 (base 16) Research Centre Module
3 Eight March 4Th Street
@@ -2762,12 +2732,6 @@ B4827B (base 16) AKG Acoustics GmbH Hsin-chu Taiwan 300
TW
-4C-5E-0C (hex) Routerboard.com
-4C5E0C (base 16) Routerboard.com
- Mikrotikls SIA
- Riga LV1009
- LV
-
9C-F8-DB (hex) shenzhen eyunmei technology co,.ltd
9CF8DB (base 16) shenzhen eyunmei technology co,.ltd
8/F Yiben Building,No.1063 ChaGuang Road,XiLi Town,
@@ -2984,12 +2948,6 @@ F0321A (base 16) Mita-Teknik A/S New Taipei City 231
TW
-A0-E4-53 (hex) Sony Mobile Communications AB
-A0E453 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
40-4A-18 (hex) Addrek Smart Solutions
404A18 (base 16) Addrek Smart Solutions
Al Gharrafa Thani Bin Jassim St
@@ -3161,12 +3119,6 @@ F42896 (base 16) SPECTO PAINEIS ELETRONICOS LTDA SAO JOSE SANTA CATARINA 88122-035
BR
-1C-7B-21 (hex) Sony Mobile Communications AB
-1C7B21 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
9C-28-40 (hex) Discovery Technology,LTD..
9C2840 (base 16) Discovery Technology,LTD..
5th floor Building 2,Block A,Internet industrial park,
@@ -4424,12 +4376,6 @@ DCB058 (base 16) Bürkert Werke GmbH Ingelfingen Baden-Württemberg 74653
DE
-64-1C-67 (hex) DIGIBRAS INDUSTRIA DO BRASILS/A
-641C67 (base 16) DIGIBRAS INDUSTRIA DO BRASILS/A
- Rua Tambaqui, 180-B - MANAUS - AM ¨C BRAZIL
- MANAUS 69075-210
- BR
-
C8-E1-A7 (hex) Vertu Corporation Limited
C8E1A7 (base 16) Vertu Corporation Limited
Beacon Hill Road
@@ -7946,12 +7892,6 @@ A8CE90 (base 16) CVC Boylston MA 01505
US
-00-26-BD (hex) JTEC Card & Communication Co., Ltd.
-0026BD (base 16) JTEC Card & Communication Co., Ltd.
- Dabo Bldg, 4F, 61-1, Gyesu-dong, Sosa-gu
- Bucheon Gyunggi-do 422-070
- KR
-
00-26-B3 (hex) Thales Communications Inc
0026B3 (base 16) Thales Communications Inc
22605 Gateway Center Drive
@@ -11690,12 +11630,6 @@ A8CE90 (base 16) CVC Adelaide South Australia 5000
AU
-00-15-1E (hex) Ethernet Powerlink Standardization Group (EPSG)
-00151E (base 16) Ethernet Powerlink Standardization Group (EPSG)
- c/o Zurich University of Applied Sciences
- CH-8401 Winterthur
- CH
-
00-15-25 (hex) Chamberlain Access Solutions
001525 (base 16) Chamberlain Access Solutions
8271 E. Gelding Drive
@@ -12476,12 +12410,6 @@ A8CE90 (base 16) CVC Tamsui Taipei 251
TW
-00-13-8A (hex) QINGDAO GOERTEK ELECTRONICS CO.,LTD.
-00138A (base 16) QINGDAO GOERTEK ELECTRONICS CO.,LTD.
- Room 605,Innovation Building,Hi-tech Industrial Park,
- QINGDAO SHANDONG 266061
- CN
-
00-13-89 (hex) Redes de Telefonía Móvil S.A.
001389 (base 16) Redes de Telefonía Móvil S.A.
C/Puerto de la Morcuera 14 B4
@@ -16529,12 +16457,6 @@ A8CE90 (base 16) CVC San Jose CA 95113
US
-00-04-13 (hex) SNOM Technology AG
-000413 (base 16) SNOM Technology AG
- Helmholtzstraße 2-9
-
- DE
-
00-04-18 (hex) Teltronic S.A.U.
000418 (base 16) Teltronic S.A.U.
Poligono de Malpica
@@ -17237,12 +17159,6 @@ A8CE90 (base 16) CVC FR
-00-02-84 (hex) AREVA T&D
-000284 (base 16) AREVA T&D
- Avenue de Figuieres BP 75
-
- FR
-
00-02-7D (hex) Cisco Systems, Inc
00027D (base 16) Cisco Systems, Inc
80 West Tasman Drive
@@ -22088,48 +22004,6 @@ EC086B (base 16) TP-LINK TECHNOLOGIES CO.,LTD. Shenzhen Guangdong 518057
CN
-24-21-AB (hex) Sony Mobile Communications AB
-2421AB (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
-6C-23-B9 (hex) Sony Mobile Communications AB
-6C23B9 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 221 88
- SE
-
-58-17-0C (hex) Sony Mobile Communications AB
-58170C (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 221 88
- SE
-
-B8-F9-34 (hex) Sony Mobile Communications AB
-B8F934 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 221 88
- SE
-
-20-54-76 (hex) Sony Mobile Communications AB
-205476 (base 16) Sony Mobile Communications AB
- Mobilvägen 10
- Lund 22188
- SE
-
-30-39-26 (hex) Sony Mobile Communications AB
-303926 (base 16) Sony Mobile Communications AB
- Mobilvägen 10
- Lund 22181
- SE
-
-00-EB-2D (hex) Sony Mobile Communications AB
-00EB2D (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22188
- SE
-
B0-05-94 (hex) Liteon Technology Corporation
B00594 (base 16) Liteon Technology Corporation
4F,90,Chien 1 Road,ChungHo
@@ -22172,24 +22046,6 @@ D0DF9A (base 16) Liteon Technology Corporation Tokyo 141-0001
JP
-00-21-9E (hex) Sony Mobile Communications AB
-00219E (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
-00-1E-45 (hex) Sony Mobile Communications AB
-001E45 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE-221 88
- SE
-
-00-18-13 (hex) Sony Mobile Communications AB
-001813 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
00-21-63 (hex) ASKEY COMPUTER CORP
002163 (base 16) ASKEY COMPUTER CORP
10F,NO.119.CHIENKANG RD,CHUNG-HO,
@@ -25652,12 +25508,6 @@ D4CF37 (base 16) Symbolic IO Holmdel NJ 07733
US
-28-3F-69 (hex) Sony Mobile Communications AB
-283F69 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
F0-D2-F1 (hex) Amazon Technologies Inc.
F0D2F1 (base 16) Amazon Technologies Inc.
P.O Box 8102
@@ -26729,30 +26579,6 @@ A00460 (base 16) NETGEAR San Jose CA 95134
US
-AC-FD-93 (hex) Weifang GoerTek Technology Co.,Ltd.
-ACFD93 (base 16) Weifang GoerTek Technology Co.,Ltd.
- Gaoxin 2 Road,Free Trade Zone,Weifang,Shandong,261205,P.R.China
- Weifang Shandong 261205
- CN
-
-A4-53-85 (hex) Weifang GoerTek Technology Co.,Ltd.
-A45385 (base 16) Weifang GoerTek Technology Co.,Ltd.
- Gaoxin 2 Road,Free Trade Zone,Weifang,Shandong,261205,P.R.China
- Weifang Shandong 261205
- CN
-
-2C-4D-79 (hex) Weifang GoerTek Technology Co.,Ltd.
-2C4D79 (base 16) Weifang GoerTek Technology Co.,Ltd.
- No.268 Dongfang Road
- Weifang Shandong 261000
- CN
-
-84-17-66 (hex) Weifang GoerTek Technology Co.,Ltd.
-841766 (base 16) Weifang GoerTek Technology Co.,Ltd.
- Gaoxin 2 Road,Free Trade Zone,Weifang,Shandong,261205,P.R.China
- Wei Fang Shan Dong
- CN
-
74-1C-27 (hex) ITEL MOBILE LIMITED
741C27 (base 16) ITEL MOBILE LIMITED
RM B3 & B4 BLOCK B, KO FAI INDUSTRIAL BUILDING NO.7 KO FAI ROAD, YAU TONG, KLN, H.K
@@ -27029,9 +26855,6 @@ E4A7C5 (base 16) HUAWEI TECHNOLOGIES CO.,LTD GUMI KYUNGBUK 730-030
KR
-8C-E7-48 (hex) Private
-8CE748 (base 16) Private
-
48-D3-5D (hex) Private
48D35D (base 16) Private
@@ -29069,6 +28892,24 @@ E48F65 (base 16) Yelatma Instrument Making Enterprise, JSC Beijing Beijing 100029
CN
+54-B2-03 (hex) PEGATRON CORPORATION
+54B203 (base 16) PEGATRON CORPORATION
+ 5F No. 76, Ligong St., Beitou District
+ Taipei City Taiwan 112
+ TW
+
+E4-EA-83 (hex) SHENZHEN GONGJIN ELECTRONICS CO.,LT
+E4EA83 (base 16) SHENZHEN GONGJIN ELECTRONICS CO.,LT
+ SONGGANG
+ SHENZHEN GUANGDONG 518105
+ CN
+
+D0-8A-91 (hex) Technicolor CH USA Inc.
+D08A91 (base 16) Technicolor CH USA Inc.
+ 101 West 103rd St.
+ Indianapolis IN 46290
+ US
+
00-15-D0 (hex) ARRIS Group, Inc.
0015D0 (base 16) ARRIS Group, Inc.
6450 Sequence Drive
@@ -29369,6 +29210,357 @@ CCA462 (base 16) ARRIS Group, Inc. CAMBRIDGE MA 02142
US
+54-48-10 (hex) Dell Inc.
+544810 (base 16) Dell Inc.
+ One Dell Way
+ Round Rock TX 78682
+ US
+
+00-04-13 (hex) snom technology GmbH
+000413 (base 16) snom technology GmbH
+ Wittestr 30 G
+ Berlin 13509
+ DE
+
+8C-E7-48 (hex) Private
+8CE748 (base 16) Private
+
+C0-D2-F3 (hex) Hui Zhou Gaoshengda Technology Co.,LTD
+C0D2F3 (base 16) Hui Zhou Gaoshengda Technology Co.,LTD
+ No.75,Zhongkai High-Tech Development District,Huizhou
+ Hui Zhou Guangdong 516006
+ CN
+
+C4-24-56 (hex) Palo Alto Networks
+C42456 (base 16) Palo Alto Networks
+ 3000 Tannery Way
+ Santa Clara CA 95054
+ US
+
+B8-83-03 (hex) Hewlett Packard Enterprise
+B88303 (base 16) Hewlett Packard Enterprise
+ 8000 Foothills Blvd.
+ Roseville CA 95747
+ US
+
+E4-CA-12 (hex) zte corporation
+E4CA12 (base 16) zte corporation
+ 12/F.,zte R&D building ,kejinan Road,Shenzhen,P.R.China
+ shenzhen guangdong 518057
+ CN
+
+B4-B6-86 (hex) Hewlett Packard
+B4B686 (base 16) Hewlett Packard
+ 11445 Compaq Center Drive
+ Houston TX 77070
+ US
+
+C8-B1-EE (hex) Qorvo
+C8B1EE (base 16) Qorvo
+ 1 Changi Business Park Crescent, Avenue 1, #04-01
+ NA 486058
+ SG
+
+48-2A-E3 (hex) Wistron InfoComm(Kunshan)Co.,Ltd.
+482AE3 (base 16) Wistron InfoComm(Kunshan)Co.,Ltd.
+ 168# First Avenue,Kunshan Integrated Free Trade Zone,Kunshan,Jiangsu,China
+ Kunshan Jiangsu 215300
+ CN
+
+B0-EB-57 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+B0EB57 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+60-FA-9D (hex) HUAWEI TECHNOLOGIES CO.,LTD
+60FA9D (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+DC-99-14 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+DC9914 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+2C-97-B1 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+2C97B1 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+70-89-CC (hex) China Mobile Group Device Co.,Ltd.
+7089CC (base 16) China Mobile Group Device Co.,Ltd.
+ 32 Xuanwumen West Street,Xicheng District
+ Beijing 100053
+ CN
+
+8C-15-C7 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+8C15C7 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+A4-BE-2B (hex) HUAWEI TECHNOLOGIES CO.,LTD
+A4BE2B (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+7C-96-D2 (hex) Fihonest communication co.,Ltd
+7C96D2 (base 16) Fihonest communication co.,Ltd
+ The Frist Building ,ShangKeng Industrial Zone, Changping Town
+ Dongguan Guangdong 523560
+ CN
+
+B8-F9-34 (hex) Sony Mobile Communications AB
+B8F934 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+58-17-0C (hex) Sony Mobile Communications AB
+58170C (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+6C-23-B9 (hex) Sony Mobile Communications AB
+6C23B9 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+24-21-AB (hex) Sony Mobile Communications AB
+2421AB (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-18-13 (hex) Sony Mobile Communications AB
+001813 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-1E-45 (hex) Sony Mobile Communications AB
+001E45 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+BC-6E-64 (hex) Sony Mobile Communications AB
+BC6E64 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-EB-2D (hex) Sony Mobile Communications AB
+00EB2D (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+30-39-26 (hex) Sony Mobile Communications AB
+303926 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+20-54-76 (hex) Sony Mobile Communications AB
+205476 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+1C-7B-21 (hex) Sony Mobile Communications AB
+1C7B21 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+A0-E4-53 (hex) Sony Mobile Communications AB
+A0E453 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-21-9E (hex) Sony Mobile Communications AB
+00219E (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+28-3F-69 (hex) Sony Mobile Communications AB
+283F69 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+0C-B6-D2 (hex) D-Link International
+0CB6D2 (base 16) D-Link International
+ 1 Internal Business Park, #03-12,The Synergy, Singapore
+ Singapore Singapore 609917
+ SG
+
+B8-B7-F1 (hex) Wistron Neweb Corporation
+B8B7F1 (base 16) Wistron Neweb Corporation
+ No.20,Park Avenue II,Hsinchu Science Park
+ Hsin-Chu R.O.C. 308
+ TW
+
+44-EF-CF (hex) UGENE SOLUTION inc.
+44EFCF (base 16) UGENE SOLUTION inc.
+ A-1508, 1509, 583, Yangcheon-ro, Gangseo-gu
+ Seoul KS013
+ KR
+
+00-13-8A (hex) Qingdao GoerTek Technology Co., Ltd.
+00138A (base 16) Qingdao GoerTek Technology Co., Ltd.
+ Room 605,Innovation Building,Hi-tech Industrial Park,
+ QINGDAO SHANDONG 266061
+ CN
+
+84-17-66 (hex) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+841766 (base 16) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+ Gaoxin 2 Road,Free Trade Zone,Weifang,Shandong,261205,P.R.China
+ Wei Fang Shan Dong
+ CN
+
+2C-4D-79 (hex) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+2C4D79 (base 16) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+ No.268 Dongfang Road
+ Weifang Shandong 261000
+ CN
+
+A4-53-85 (hex) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+A45385 (base 16) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+ Gaoxin 2 Road,Free Trade Zone,Weifang,Shandong,261205,P.R.China
+ Weifang Shandong 261205
+ CN
+
+AC-FD-93 (hex) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+ACFD93 (base 16) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+ Gaoxin 2 Road,Free Trade Zone,Weifang,Shandong,261205,P.R.China
+ Weifang Shandong 261205
+ CN
+
+0C-E0-DC (hex) Samsung Electronics Co.,Ltd
+0CE0DC (base 16) Samsung Electronics Co.,Ltd
+ #94-1, Imsoo-Dong
+ Gumi Gyeongbuk 730-350
+ KR
+
+10-8E-E0 (hex) Samsung Electronics Co.,Ltd
+108EE0 (base 16) Samsung Electronics Co.,Ltd
+ #94-1, Imsoo-Dong
+ Gumi Gyeongbuk 730-350
+ KR
+
+68-E7-C2 (hex) Samsung Electronics Co.,Ltd
+68E7C2 (base 16) Samsung Electronics Co.,Ltd
+ #94-1, Imsoo-Dong
+ Gumi Gyeongbuk 730-350
+ KR
+
+3C-57-6C (hex) Samsung Electronics Co.,Ltd
+3C576C (base 16) Samsung Electronics Co.,Ltd
+ #94-1, Imsoo-Dong
+ Gumi Gyeongbuk 730-350
+ KR
+
+D4-21-22 (hex) Sercomm Corporation.
+D42122 (base 16) Sercomm Corporation.
+ 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
+ Miao-Lih Hsuan 115
+ TW
+
+F4-EE-14 (hex) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+F4EE14 (base 16) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+ Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
+ Shenzhen Guangdong 518057
+ CN
+
+6C-59-40 (hex) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+6C5940 (base 16) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+ Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
+ Shenzhen Guangdong 518057
+ CN
+
+1C-60-DE (hex) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+1C60DE (base 16) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+ Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
+ Shenzhen Guangdong 518057
+ CN
+
+A8-D4-98 (hex) Avira Operations GmbH & Co. KG
+A8D498 (base 16) Avira Operations GmbH & Co. KG
+ Kaplaneiweg 1
+ Tettnang Baden-Wuerttermberg 88069
+ DE
+
+98-A4-04 (hex) Ericsson AB
+98A404 (base 16) Ericsson AB
+ Torshamnsgatan 36
+ Stockholm SE-164 80
+ SE
+
+00-CC-3F (hex) Universal Electronics, Inc.
+00CC3F (base 16) Universal Electronics, Inc.
+ 201 E. Sandpointe Ave
+ Santa Ana CA 92707
+ US
+
+50-61-BF (hex) Cisco Systems, Inc
+5061BF (base 16) Cisco Systems, Inc
+ 80 West Tasman Drive
+ San Jose CA 94568
+ US
+
+20-A6-0C (hex) Xiaomi Communications Co Ltd
+20A60C (base 16) Xiaomi Communications Co Ltd
+ The Rainbow City of China Resources
+ NO.68, Qinghe Middle Street Haidian District, Beijing 100085
+ CN
+
+04-AB-18 (hex) ELECOM CO.,LTD.
+04AB18 (base 16) ELECOM CO.,LTD.
+ 11F Tokyubancho Bldg. 6-2,
+ Chiyoda-ku Tokyo 102-0081
+ JP
+
+00-26-BD (hex) JTEC Card & Communication Co., Ltd
+0026BD (base 16) JTEC Card & Communication Co., Ltd
+ Dabo Bldg, 4F, 61-1, Gyesu-dong, Sosa-gu
+ Bucheon Gyunggi-do 422-070
+ KR
+
+00-15-1E (hex) ETHERNET Powerlink Standarization Group (EPSG)
+00151E (base 16) ETHERNET Powerlink Standarization Group (EPSG)
+ c/o Zurich University of Applied Sciences
+ CH-8401 Winterthur
+ CH
+
+4C-5E-0C (hex) Routerboard.com
+4C5E0C (base 16) Routerboard.com
+ Mikrotikls SIA
+ Riga LV1009
+ LV
+
+64-1C-67 (hex) DIGIBRAS INDUSTRIA DO BRASILS/A
+641C67 (base 16) DIGIBRAS INDUSTRIA DO BRASILS/A
+ Rua Tambaqui, 180-B - MANAUS - AM ¨C BRAZIL
+ MANAUS 69075-210
+ BR
+
+00-02-84 (hex) UK Grid Solutions Limited
+000284 (base 16) UK Grid Solutions Limited
+ St Leonards Building Redhill Business Park
+ Stafford ST16 1TW
+ GB
+
0C-6F-9C (hex) Shaw Communications Inc.
0C6F9C (base 16) Shaw Communications Inc.
Suite 900, 630 3rd Avenue S.W.
@@ -30581,12 +30773,6 @@ ECB870 (base 16) Beijing Heweinet Technology Co.,Ltd. Shanghai / 200355
CN
-40-40-A7 (hex) Sony Mobile Communications AB
-4040A7 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
54-BE-53 (hex) zte corporation
54BE53 (base 16) zte corporation
12/F.,zte R&D building ,kejinan Road,Shenzhen,P.R.China
@@ -30881,12 +31067,6 @@ A4A1E4 (base 16) Innotube, Inc. Taipei Taiwan 112
TW
-40-B8-37 (hex) Sony Mobile Communications AB
-40B837 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
28-76-10 (hex) IgniteNet
287610 (base 16) IgniteNet
1, Creation 3rd Rd.
@@ -31019,12 +31199,6 @@ F87AEF (base 16) Rosonix Technology, Inc. Taipei Taiwan 11167
TW
-C4-3A-BE (hex) Sony Mobile Communications AB
-C43ABE (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
18-B1-69 (hex) Sonicwall
18B169 (base 16) Sonicwall
2001 Logic Drive
@@ -31271,12 +31445,6 @@ B04515 (base 16) mira fitness,LLC. Lake Forest IL 60045
US
-30-75-12 (hex) Sony Mobile Communications AB
-307512 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
A4-9D-49 (hex) Ketra, Inc.
A49D49 (base 16) Ketra, Inc.
3815 S. Capital of Texas Hwy
@@ -32681,12 +32849,6 @@ F42012 (base 16) Cuciniale GmbH Lindau 88131
DE
-4C-21-D0 (hex) Sony Mobile Communications AB
-4C21D0 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
18-10-4E (hex) CEDINT-UPM
18104E (base 16) CEDINT-UPM
Campus de Montegancedo
@@ -38378,12 +38540,6 @@ D0D286 (base 16) Beckman Coulter K.K. Macquarie Park NSW 2113
AU
-00-21-06 (hex) RIM Testing Services
-002106 (base 16) RIM Testing Services
- 440 Phillip Street
- Waterloo ON N2L 5R9
- CA
-
00-1F-FF (hex) Respironics, Inc.
001FFF (base 16) Respironics, Inc.
1740 Golden Mile Highway
@@ -44411,12 +44567,6 @@ D0D286 (base 16) Beckman Coulter K.K. Sanchong City Taipei 241
TW
-00-0A-DB (hex) SkyPilot Network, Inc
-000ADB (base 16) SkyPilot Network, Inc
- 1301 Shoreway Road
- Belmont CA 94002
- US
-
00-0A-DD (hex) Allworx Corp.
000ADD (base 16) Allworx Corp.
245 East Main Street
@@ -47609,12 +47759,6 @@ D0D286 (base 16) Beckman Coulter K.K. RENO NV 89511
US
-00-90-7F (hex) WatchGuard Technologies, Inc.
-00907F (base 16) WatchGuard Technologies, Inc.
- 505 Fifth Ave South
- Seattle WA 98104
- US
-
00-90-7E (hex) VETRONIX CORP.
00907E (base 16) VETRONIX CORP.
2030 ALAMEDE PADRE SERRA
@@ -48155,12 +48299,6 @@ D0D286 (base 16) Beckman Coulter K.K. TU-CHENG TAIPEI
TW
-00-10-17 (hex) Bosch Access Systems GmbH
-001017 (base 16) Bosch Access Systems GmbH
- Charlottenburger Allee 50
- AACHEN D-52068
- DE
-
00-10-24 (hex) NAGOYA ELECTRIC WORKS CO., LTD
001024 (base 16) NAGOYA ELECTRIC WORKS CO., LTD
29-1 SHINODA, MIWA-CHO
@@ -51386,30 +51524,6 @@ ECCD6D (base 16) Allied Telesis, Inc. Hsinchu 30352
TW
-40-2B-A1 (hex) Sony Mobile Communications AB
-402BA1 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 221 88
- SE
-
-00-25-E7 (hex) Sony Mobile Communications AB
-0025E7 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
-D0-51-62 (hex) Sony Mobile Communications AB
-D05162 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22188
- SE
-
-94-CE-2C (hex) Sony Mobile Communications AB
-94CE2C (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22188
- SE
-
00-1A-80 (hex) Sony Corporation
001A80 (base 16) Sony Corporation
Gotenyama Tec, 5-1-2 Kitashinagawa
@@ -51422,18 +51536,6 @@ D05162 (base 16) Sony Mobile Communications AB Shinagawa-ku Tokyo 141-0001
JP
-00-16-20 (hex) Sony Mobile Communications AB
-001620 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE-221 88
- SE
-
-00-12-EE (hex) Sony Mobile Communications AB
-0012EE (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE-221 88
- SE
-
20-68-9D (hex) Liteon Technology Corporation
20689D (base 16) Liteon Technology Corporation
4F,90,Chien 1 Road,ChungHo
@@ -53219,12 +53321,6 @@ C411E0 (base 16) Bull Group Co., Ltd Billund DK-7190
DK
-84-C7-EA (hex) Sony Mobile Communications AB
-84C7EA (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
8C-61-02 (hex) Beijing Baofengmojing Technologies Co., Ltd
8C6102 (base 16) Beijing Baofengmojing Technologies Co., Ltd
7/F, Tower C, Zhizhen Plaza, No.7 Zhichun Rd, Haidian District
@@ -54329,9 +54425,6 @@ C0143D (base 16) Hon Hai Precision Ind. Co.,Ltd. Rowley MA 01969
US
-60-4B-AA (hex) Private
-604BAA (base 16) Private
-
CC-73-14 (hex) HONG KONG WHEATEK TECHNOLOGY LIMITED
CC7314 (base 16) HONG KONG WHEATEK TECHNOLOGY LIMITED
Building 20,No.2277, ZuChongZhi Road, PuDong District, Shanghai
@@ -55517,12 +55610,6 @@ A013CB (base 16) Fiberhome Telecommunication Technologies Co.,LTD Wuhan Hubei 430074
CN
-CC-3A-DF (hex) Neptune Technology Group Inc.
-CC3ADF (base 16) Neptune Technology Group Inc.
- 1600 AL Highway 229 S
- Tallassee AL 36078
- US
-
28-ED-E0 (hex) AMPAK Technology, Inc.
28EDE0 (base 16) AMPAK Technology, Inc.
No.1,Jen Ai Road Hsinchu Industrial Park, Hukou
@@ -57137,12 +57224,6 @@ F87394 (base 16) NETGEAR San Jose CA 95134
US
-40-1B-5F (hex) Weifang GoerTek Technology Co.,Ltd.
-401B5F (base 16) Weifang GoerTek Technology Co.,Ltd.
- Gaoxin 2 Road,Free Trade Zone,Weifang,Shandong,261205,P.R.China
- Weifang Shandong 261205
- CN
-
AC-51-2C (hex) Infinix mobility limited
AC512C (base 16) Infinix mobility limited
RMS 05-15, 13A/F SOUTH TOWER WORLD FINANCE CTR HARBOUR CITY 17 CANTON RD TST KLN HONG KONG
@@ -58691,12 +58772,6 @@ A4ED4E (base 16) ARRIS Group, Inc. Round Rock TX 78682
US
-9C-7F-57 (hex) DERA Co. Ltd
-9C7F57 (base 16) DERA Co. Ltd
- Huilongguan Dongdajie No.338, Building A Room 506, Changping District
- Beijing 102208
- CN
-
B4-E0-1D (hex) CONCEPTION ELECTRONIQUE
B4E01D (base 16) CONCEPTION ELECTRONIQUE
3 boulevard de l'europe
@@ -58715,6 +58790,12 @@ B4E01D (base 16) CONCEPTION ELECTRONIQUE Shenzhen Guangdong 518000
CN
+9C-7F-57 (hex) DERA Co. Ltd
+9C7F57 (base 16) DERA Co. Ltd
+ Huilongguan Dongdajie No.338, Building A Room 506, Changping District
+ Beijing 102208
+ CN
+
00-E0-09 (hex) Stratus Technologies
00E009 (base 16) Stratus Technologies
5 Mill and Main Place, Suite 500
@@ -58745,12 +58826,6 @@ A0E617 (base 16) MATIS Shintomi,Chuo-Ku, Tokyo 104-0041
JP
-84-0D-8E (hex) Espressif Inc.
-840D8E (base 16) Espressif Inc.
- Room 204, Building 2, 690 Bibo Road, Pudong New Area
- Shanghai Shanghai 201203
- CN
-
50-5B-C2 (hex) Liteon Technology Corporation
505BC2 (base 16) Liteon Technology Corporation
4F, 90, Chien 1 Road
@@ -58763,12 +58838,312 @@ D832E3 (base 16) Xiaomi Communications Co Ltd NO.68, Qinghe Middle Street Haidian District, Beijing 100085
CN
+84-0D-8E (hex) Espressif Inc.
+840D8E (base 16) Espressif Inc.
+ Room 204, Building 2, 690 Bibo Road, Pudong New Area
+ Shanghai Shanghai 201203
+ CN
+
FC-90-FA (hex) Independent Technologies
FC90FA (base 16) Independent Technologies
1960 Ridgeview Rd
Blair NE 68008
US
+CC-C9-2C (hex) Schindler - PORT Technology
+CCC92C (base 16) Schindler - PORT Technology
+ via della Pace 22
+ Locarno Ticino 6600
+ CH
+
+7C-2E-BD (hex) Google, Inc.
+7C2EBD (base 16) Google, Inc.
+ 1600 Amphitheatre Parkway
+ Mountain View CA 94043
+ US
+
+E0-BA-B4 (hex) Arrcus, Inc
+E0BAB4 (base 16) Arrcus, Inc
+ 2077 Gateway Pl, Suite 250,
+ San Jose CA 95110
+ US
+
+00-0A-DB (hex) Trilliant
+000ADB (base 16) Trilliant
+ 401 Harrison Oaks Blvd. Suite 300
+ Cary NC 27513
+ US
+
+3C-F5-CC (hex) New H3C Technologies Co., Ltd
+3CF5CC (base 16) New H3C Technologies Co., Ltd
+ 466 Changhe Road, Binjiang District
+ Hangzhou Zhejiang 310052
+ CN
+
+74-EC-42 (hex) Fiberhome Telecommunication Technologies Co.,LTD
+74EC42 (base 16) Fiberhome Telecommunication Technologies Co.,LTD
+ No.5 DongXin Road
+ Wuhan Hubei 430074
+ CN
+
+CC-3A-DF (hex) Private
+CC3ADF (base 16) Private
+
+60-4B-AA (hex) Private
+604BAA (base 16) Private
+
+2C-58-4F (hex) ARRIS Group, Inc.
+2C584F (base 16) ARRIS Group, Inc.
+ 6450 Sequence Drive
+ San Diego CA 92121
+ US
+
+90-A1-37 (hex) Beijing Splendidtel Communication Technology Co,. Ltd
+90A137 (base 16) Beijing Splendidtel Communication Technology Co,. Ltd
+ 4 Floor,Taixing Tower,No.11 Huayuan East Road. Haidian District
+ Beijing Beijing 100191
+ CN
+
+78-AF-E4 (hex) Comau S.p.A
+78AFE4 (base 16) Comau S.p.A
+ via Rivalta 30
+ Grugliasco (TO) 10095
+ IT
+
+AC-3B-77 (hex) Sagemcom Broadband SAS
+AC3B77 (base 16) Sagemcom Broadband SAS
+ 250, route de l'Empereur
+ Rueil Malmaison Cedex hauts de seine 92848
+ FR
+
+00-C3-F4 (hex) Samsung Electronics Co.,Ltd
+00C3F4 (base 16) Samsung Electronics Co.,Ltd
+ 129, Samsung-ro, Youngtongl-Gu
+ Suwon Gyeonggi-Do 16677
+ KR
+
+B8-8A-EC (hex) Nintendo Co.,Ltd
+B88AEC (base 16) Nintendo Co.,Ltd
+ 11-1 HOKOTATE-CHO KAMITOBA,MINAMI-KU
+ KYOTO KYOTO 601-8501
+ JP
+
+F4-BF-80 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+F4BF80 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+30-45-96 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+304596 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+F8-C3-9E (hex) HUAWEI TECHNOLOGIES CO.,LTD
+F8C39E (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+D0-D7-83 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+D0D783 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+D8-F3-DB (hex) Post CH AG
+D8F3DB (base 16) Post CH AG
+ Wankdorfallee 4
+ Bern 3030
+ CH
+
+28-11-A5 (hex) Bose Corporation
+2811A5 (base 16) Bose Corporation
+ The Mountain
+ Framingham MA 01701-9168
+ US
+
+3C-F4-F9 (hex) Moda-InnoChips
+3CF4F9 (base 16) Moda-InnoChips
+ 42-7(Wonsi-Dong),Dongsan-ro 27beon-gil,Danwon-gu
+ Ansan-si Gyeonggi-Do 15433
+ KR
+
+30-88-41 (hex) Sichuan AI-Link Technology Co., Ltd.
+308841 (base 16) Sichuan AI-Link Technology Co., Ltd.
+ Anzhou,Industrial Park
+ Anzhou,Industrial Park Sichuan 621000
+ CN
+
+0C-01-DB (hex) Infinix mobility limited
+0C01DB (base 16) Infinix mobility limited
+ RMS 05-15, 13A/F SOUTH TOWER WORLD FINANCE CTR HARBOUR CITY 17 CANTON RD TST KLN HONG KONG
+ HongKong HongKong 999077
+ HK
+
+80-50-F6 (hex) ITEL MOBILE LIMITED
+8050F6 (base 16) ITEL MOBILE LIMITED
+ RM B3 & B4 BLOCK B, KO FAI INDUSTRIAL BUILDING NO.7 KO FAI ROAD, YAU TONG, KLN, H.K
+ Hong Kong KOWLOON 999077
+ HK
+
+40-1B-5F (hex) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+401B5F (base 16) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+ Gaoxin 2 Road,Free Trade Zone,Weifang,Shandong,261205,P.R.China
+ Weifang Shandong 261205
+ CN
+
+F0-4B-3A (hex) Juniper Networks
+F04B3A (base 16) Juniper Networks
+ 1133 Innovation Way
+ Sunnyvale CA 94089
+ US
+
+D0-58-FC (hex) BSkyB Ltd
+D058FC (base 16) BSkyB Ltd
+ 130 Kings Road
+ Brentwood Essex 08854
+ GB
+
+74-EB-80 (hex) Samsung Electronics Co.,Ltd
+74EB80 (base 16) Samsung Electronics Co.,Ltd
+ #94-1, Imsoo-Dong
+ Gumi Gyeongbuk 730-350
+ KR
+
+A8-2B-B9 (hex) Samsung Electronics Co.,Ltd
+A82BB9 (base 16) Samsung Electronics Co.,Ltd
+ #94-1, Imsoo-Dong
+ Gumi Gyeongbuk 730-350
+ KR
+
+00-10-17 (hex) Bosch Access Systems GmbH
+001017 (base 16) Bosch Access Systems GmbH
+ Charlottenburger Allee 50
+ AACHEN D-52068
+ DE
+
+74-B9-1E (hex) Nanjing Bestway Automation System Co., Ltd
+74B91E (base 16) Nanjing Bestway Automation System Co., Ltd
+ #50 Baoxiang Road, Jiangning Bin Jiang Economic Development Zone
+ nanjing jiangsu 211161
+ CN
+
+60-05-8A (hex) Hitachi Metals, Ltd.
+60058A (base 16) Hitachi Metals, Ltd.
+ Shinagawa Season Terrace, 2-70, Konan 1-chome
+ Minato-ku Tokyo 108-8224
+ JP
+
+00-21-06 (hex) RIM Testing Services
+002106 (base 16) RIM Testing Services
+ 440 Phillip Street
+ Waterloo ON N2L 5R9
+ CA
+
+00-90-7F (hex) Watchguard Technologies, Inc.
+00907F (base 16) Watchguard Technologies, Inc.
+ 505 Fifth Ave South
+ Seattle WA 98104
+ US
+
+14-57-9F (hex) HUAWEI TECHNOLOGIES CO.,LTD
+14579F (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+14-4F-8A (hex) Intel Corporate
+144F8A (base 16) Intel Corporate
+ Lot 8, Jalan Hi-Tech 2/3
+ Kulim Kedah 09000
+ MY
+
+88-2D-53 (hex) Baidu Online Network Technology (Beijing) Co., Ltd.
+882D53 (base 16) Baidu Online Network Technology (Beijing) Co., Ltd.
+ Baidu Campus, No.10 Shangdi 10th Street, Haidian District Beijing 100085 CN
+ Beijing 100085
+ CN
+
+A4-DA-32 (hex) Texas Instruments
+A4DA32 (base 16) Texas Instruments
+ 12500 TI Blvd
+ Dallas TX 75243
+ US
+
+4C-21-D0 (hex) Sony Mobile Communications AB
+4C21D0 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+30-75-12 (hex) Sony Mobile Communications AB
+307512 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+C4-3A-BE (hex) Sony Mobile Communications AB
+C43ABE (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+40-B8-37 (hex) Sony Mobile Communications AB
+40B837 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+40-40-A7 (hex) Sony Mobile Communications AB
+4040A7 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+94-CE-2C (hex) Sony Mobile Communications AB
+94CE2C (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+D0-51-62 (hex) Sony Mobile Communications AB
+D05162 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-25-E7 (hex) Sony Mobile Communications AB
+0025E7 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+40-2B-A1 (hex) Sony Mobile Communications AB
+402BA1 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-12-EE (hex) Sony Mobile Communications AB
+0012EE (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-16-20 (hex) Sony Mobile Communications AB
+001620 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+84-C7-EA (hex) Sony Mobile Communications AB
+84C7EA (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
58-46-E1 (hex) Baxter International Inc
5846E1 (base 16) Baxter International Inc
One Baxter Parkway
@@ -59033,12 +59408,6 @@ E899C4 (base 16) HTC Corporation Logan UT 84321
US
-8C-F2-28 (hex) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
-8CF228 (base 16) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
- Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
- Shenzhen Guangdong 518057
- CN
-
88-51-FB (hex) Hewlett Packard
8851FB (base 16) Hewlett Packard
11445 Compaq Center Drive
@@ -59255,12 +59624,6 @@ A01D48 (base 16) Hewlett Packard Beijing Beijing 100102
CN
-E0-60-66 (hex) Sercomm Corporation
-E06066 (base 16) Sercomm Corporation
- 8F, 3-1, YuanQu St., NanKang,
- Taipei Taiwan 115
- TW
-
00-19-E0 (hex) TP-LINK TECHNOLOGIES CO.,LTD.
0019E0 (base 16) TP-LINK TECHNOLOGIES CO.,LTD.
South Building, No.5 Keyuan Road
@@ -60077,12 +60440,6 @@ E8DED6 (base 16) Intrising Networks, Inc. Chapel Hill NC 27514
US
-BC-5F-F6 (hex) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
-BC5FF6 (base 16) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
- Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
- Shenzhen Guangdong 518057
- CN
-
C8-F9-C8 (hex) NewSharp Technology(SuZhou)Co,Ltd
C8F9C8 (base 16) NewSharp Technology(SuZhou)Co,Ltd
1st/f.building 7th No.328 XingHu street SuZhou City
@@ -61166,12 +61523,6 @@ C80210 (base 16) LG Innotek Shanghai Shanghai 200000
CN
-44-74-6C (hex) Sony Mobile Communications AB
-44746C (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
F4-F6-46 (hex) Dediprog Technology Co. Ltd.
F4F646 (base 16) Dediprog Technology Co. Ltd.
4F,No.7,Lane 143, Xinming Rd.,
@@ -61430,12 +61781,6 @@ B48547 (base 16) Amptown System Company GmbH Osaka Osaka 532-0003
JP
-30-A8-DB (hex) Sony Mobile Communications AB
-30A8DB (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
CC-9F-35 (hex) Transbit Sp. z o.o.
CC9F35 (base 16) Transbit Sp. z o.o.
Przyczolkowa 109A
@@ -64757,12 +65102,6 @@ BC99BC (base 16) FonSee Technology Inc. Incheon 405-819
KR
-80-B3-2A (hex) Alstom Grid
-80B32A (base 16) Alstom Grid
- St Leonard's Ave
- Stafford Staffordshire ST17 4LX
- GB
-
80-34-57 (hex) OT Systems Limited
803457 (base 16) OT Systems Limited
Unit 1023, 10/F., Landmark North,
@@ -70463,18 +70802,6 @@ A893E6 (base 16) JIANGXI JINGGANGSHAN CKING COMMUNICATION TECHNOLOGY CO.,LT Richardson TX 75081
US
-00-14-77 (hex) Nertec Inc.
-001477 (base 16) Nertec Inc.
- 950 Cowie st.
- Granby Quebec J2J 1P2
- CA
-
-00-14-72 (hex) China Broadband Wireless IP Standard Group
-001472 (base 16) China Broadband Wireless IP Standard Group
- P.O.BOX 88,West High-tech
- Xi'an Shaan Xi 710075
- CN
-
00-14-66 (hex) Kleinhenz Elektronik GmbH
001466 (base 16) Kleinhenz Elektronik GmbH
Greinerberg 14
@@ -71525,12 +71852,6 @@ A893E6 (base 16) JIANGXI JINGGANGSHAN CKING COMMUNICATION TECHNOLOGY CO.,LT HK
-00-11-1E (hex) EPSG (Ethernet Powerlink Standardization Group)
-00111E (base 16) EPSG (Ethernet Powerlink Standardization Group)
- c/o University of Applied Sciences
- Winterthur ZH CH-8401
- CH
-
00-11-1F (hex) Doremi Labs, Inc.
00111F (base 16) Doremi Labs, Inc.
306 E. Alameda Ave.
@@ -73148,12 +73469,6 @@ A893E6 (base 16) JIANGXI JINGGANGSHAN CKING COMMUNICATION TECHNOLOGY CO.,LT Enfield CT 06082
US
-00-09-DF (hex) Vestel Komunikasyon Sanayi ve Ticaret A.S.
-0009DF (base 16) Vestel Komunikasyon Sanayi ve Ticaret A.S.
- Ege Serbest Bolgesi No:144/1
- Izmir 35410
- TR
-
00-09-CD (hex) HUDSON SOFT CO.,LTD.
0009CD (base 16) HUDSON SOFT CO.,LTD.
C62,Geijutsu-no-mori
@@ -77990,12 +78305,6 @@ A06A00 (base 16) Verilink Corporation MADISON HEIGHTS MI 48071
US
-00-C0-02 (hex) SERCOMM CORPORATION
-00C002 (base 16) SERCOMM CORPORATION
- 3F,NO.81,YU-YIH ROAD,CHU-NAN CHEN
- TAIPEI
- TW
-
00-C0-F5 (hex) METACOMP, INC.
00C0F5 (base 16) METACOMP, INC.
10989 VIA FRONTERA
@@ -78578,12 +78887,6 @@ A06A00 (base 16) Verilink Corporation HONG KONG
HK
-00-80-B6 (hex) THEMIS COMPUTER
-0080B6 (base 16) THEMIS COMPUTER
- 6681 OWENS DRIVE
- PLEASONTON CA 94588
- US
-
00-80-C0 (hex) PENRIL DATACOMM
0080C0 (base 16) PENRIL DATACOMM
1300 QUINCE ORCHARD BLVD.
@@ -78908,12 +79211,6 @@ A06A00 (base 16) Verilink Corporation MILPITAS CA 95035
US
-00-40-9D (hex) DIGIBOARD, INC.
-00409D (base 16) DIGIBOARD, INC.
- 6400 FLYING CLOUD DRIVE
- EDEN PRAIRIE MN 55344
- US
-
00-40-1A (hex) FUJI ELECTRIC CO., LTD.
00401A (base 16) FUJI ELECTRIC CO., LTD.
NEW YURAKUCHO BLDG
@@ -80144,60 +80441,12 @@ B8EE65 (base 16) Liteon Technology Corporation Shinagawa-ku Tokyo 141-0001
JP
-00-0A-D9 (hex) Sony Mobile Communications AB
-000AD9 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE-221 88
- SE
-
-00-0F-DE (hex) Sony Mobile Communications AB
-000FDE (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE-221 88
- SE
-
-00-1E-DC (hex) Sony Mobile Communications AB
-001EDC (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 221 88
- SE
-
-00-19-63 (hex) Sony Mobile Communications AB
-001963 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE-221 88
- SE
-
-00-1B-59 (hex) Sony Mobile Communications AB
-001B59 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 221 88
- SE
-
78-84-3C (hex) Sony Corporation
78843C (base 16) Sony Corporation
Gotenyama Tec,5-1-12,
Shinagawa-ku Tokyo 141-0001
JP
-00-23-F1 (hex) Sony Mobile Communications AB
-0023F1 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
-30-17-C8 (hex) Sony Mobile Communications AB
-3017C8 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 221 88
- SE
-
-18-00-2D (hex) Sony Mobile Communications AB
-18002D (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22188
- SE
-
04-E6-76 (hex) AMPAK Technology, Inc.
04E676 (base 16) AMPAK Technology, Inc.
No.1,Jen Ai Road
@@ -81866,12 +82115,6 @@ D8D43C (base 16) Sony Corporation Dongguan 523808
CN
-C8-77-8B (hex) Themis Computer
-C8778B (base 16) Themis Computer
- 47200 Bayside Pkwy
- Fremont CA 94538
- US
-
00-0A-68 (hex) Solarflare Communications Inc
000A68 (base 16) Solarflare Communications Inc
9501 Jeronimo
@@ -82556,12 +82799,6 @@ BC282C (base 16) e-Smart Systems Pvt. Ltd Dallas TX 75243
US
-F8-5C-4D (hex) NOKIA
-F85C4D (base 16) NOKIA
- 1 Robbins Road
- Westford 01886-4113
- US
-
D8-E7-2B (hex) NetScout Systems, Inc.
D8E72B (base 16) NetScout Systems, Inc.
310 Littleton Road
@@ -85073,12 +85310,6 @@ A021B7 (base 16) NETGEAR San Jose CA 95134
US
-A4-15-66 (hex) Weifang GoerTek Technology Co.,Ltd.
-A41566 (base 16) Weifang GoerTek Technology Co.,Ltd.
- Wei fang Export processing Zone
- Wei Fang Shan Dong 261205
- CN
-
74-E6-0F (hex) TECNO MOBILE LIMITED
74E60F (base 16) TECNO MOBILE LIMITED
ROOMS 05-15, 13A/F., SOUTH TOWER, WORLD FINANCE CENTRE, HARBOUR CITY, 17 CANTON ROAD, TSIM SHA TSUI, KOWLOON, HONG KONG
@@ -85097,9 +85328,6 @@ D8C497 (base 16) Quanta Computer Inc. Berlin Berlin 10559
DE
-00-50-C7 (hex) Private
-0050C7 (base 16) Private
-
40-99-22 (hex) AzureWave Technology Inc.
409922 (base 16) AzureWave Technology Inc.
8F., No. 94, Baozhong Rd.
@@ -85220,9 +85448,6 @@ CC5A53 (base 16) Cisco Systems, Inc Obersulm BW 74182
DE
-28-EF-01 (hex) Private
-28EF01 (base 16) Private
-
A8-75-E2 (hex) Aventura Technologies, Inc.
A875E2 (base 16) Aventura Technologies, Inc.
48 Mall Drive
@@ -86318,15 +86543,189 @@ F04CD5 (base 16) Maxlinear, Inc Carlsbad CA 92008
US
-AC-F8-5C (hex) Private
-ACF85C (base 16) Private
+BC-99-11 (hex) Zyxel Communications Corporation
+BC9911 (base 16) Zyxel Communications Corporation
+ No. 6 Innovation Road II, Science Park
+ Hsichu Taiwan 300
+ TW
+
+28-02-45 (hex) Konze System Technology Co.,Ltd.
+280245 (base 16) Konze System Technology Co.,Ltd.
+ 4F., No.134, Ln. 235, Baoqiao Rd., Xindian Dist.
+ New Taipei City --- 231
+ TW
+
+8C-1C-DA (hex) IEEE Registration Authority
+8C1CDA (base 16) IEEE Registration Authority
+ 445 Hoes Lane
+ Piscataway NJ 08554
+ US
+
+E8-D0-99 (hex) Fiberhome Telecommunication Technologies Co.,LTD
+E8D099 (base 16) Fiberhome Telecommunication Technologies Co.,LTD
+ No.5 DongXin Road
+ Wuhan Hubei 430074
+ CN
+
+D0-B2-14 (hex) PoeWit Inc
+D0B214 (base 16) PoeWit Inc
+ 2307 Sea Island Dr
+ Fort Lauderdale FL 33301
+ US
+
+08-47-D0 (hex) Nokia Shanghai Bell Co. Ltd.)
+0847D0 (base 16) Nokia Shanghai Bell Co. Ltd.)
+ No.388 Ning Qiao Road,Jin Qiao Pudong Shanghai 201206,P.R.China
+ Shanghai Pudong 201206
+ CN
+
+18-69-DA (hex) China Mobile Group Device Co.,Ltd.
+1869DA (base 16) China Mobile Group Device Co.,Ltd.
+ 32 Xuanwumen West Street,Xicheng District
+ Beijing 100053
+ CN
+
+60-D2-1C (hex) Sunnovo International Limited
+60D21C (base 16) Sunnovo International Limited
+ 1717 Haitai Building
+ Beijing Beijing 100083
+ CN
+
+A4-92-CB (hex) Nokia
+A492CB (base 16) Nokia
+ 600 March Road
+ Kanata Ontario K2K 2E6
+ CA
+
+DC-B4-AC (hex) FLEXTRONICS MANUFACTURING(ZHUHAI)CO.,LTD.
+DCB4AC (base 16) FLEXTRONICS MANUFACTURING(ZHUHAI)CO.,LTD.
+ Xin Qing Science & Technology Industrial Park,Jin An Town,Doumen ,Zhuhai,Guangdong,PRC
+ Zhuhai Guangdong 519180
+ CN
+
+5C-CD-7C (hex) MEIZU Technology Co.,Ltd.
+5CCD7C (base 16) MEIZU Technology Co.,Ltd.
+ MEIZU Tech Bldg., Technology& Innovation Coast
+ Zhuhai Guangdong 519085
+ CN
+
+A8-7D-12 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+A87D12 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+C0-F4-E6 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+C0F4E6 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+2C-48-35 (hex) IEEE Registration Authority
+2C4835 (base 16) IEEE Registration Authority
+ 445 Hoes Lane
+ Piscataway NJ 08554
+ US
D4-60-E3 (hex) Sercomm Corporation.
D460E3 (base 16) Sercomm Corporation.
- violet_liu@sercomm.com
+ 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
Miao-Lih Hsuan 115
TW
+00-C0-02 (hex) Sercomm Corporation.
+00C002 (base 16) Sercomm Corporation.
+ 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
+ Miao-Lih Hsuan 115
+ TW
+
+E0-60-66 (hex) Sercomm Corporation.
+E06066 (base 16) Sercomm Corporation.
+ 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
+ Miao-Lih Hsuan 115
+ TW
+
+A4-15-66 (hex) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+A41566 (base 16) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+ Wei fang Export processing Zone
+ Wei Fang Shan Dong 261205
+ CN
+
+FC-A6-21 (hex) Samsung Electronics Co.,Ltd
+FCA621 (base 16) Samsung Electronics Co.,Ltd
+ #94-1, Imsoo-Dong
+ Gumi Gyeongbuk 730-350
+ KR
+
+60-D0-2C (hex) Ruckus Wireless
+60D02C (base 16) Ruckus Wireless
+ 350 West Java Drive
+ Sunnyvale CA 94089
+ US
+
+8C-F2-28 (hex) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+8CF228 (base 16) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+ Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
+ Shenzhen Guangdong 518057
+ CN
+
+00-80-B6 (hex) Mercury Systems – Trusted Mission Solutions, Inc.
+0080B6 (base 16) Mercury Systems – Trusted Mission Solutions, Inc.
+ 6681 OWENS DRIVE
+ PLEASONTON CA 94588
+ US
+
+C8-77-8B (hex) Mercury Systems – Trusted Mission Solutions, Inc.
+C8778B (base 16) Mercury Systems – Trusted Mission Solutions, Inc.
+ 47200 Bayside Pkwy
+ Fremont CA 94538
+ US
+
+80-B3-2A (hex) UK Grid Solutions Ltd
+80B32A (base 16) UK Grid Solutions Ltd
+ Harry Kerr Drive
+ Stafford Staffordshire ST17 4LX
+ GB
+
+00-09-DF (hex) Vestel Elektronik San ve Tic. A.Ş.
+0009DF (base 16) Vestel Elektronik San ve Tic. A.Ş.
+ Organize san
+ Manisa Turket 45030
+ TR
+
+BC-5F-F6 (hex) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+BC5FF6 (base 16) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+ Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
+ Shenzhen Guangdong 518057
+ CN
+
+9C-71-3A (hex) HUAWEI TECHNOLOGIES CO.,LTD
+9C713A (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+B4-43-26 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+B44326 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+24-EC-51 (hex) ADF Technologies Sdn Bhd
+24EC51 (base 16) ADF Technologies Sdn Bhd
+ Plot 88F, Lintang Bayan Lepas 10, Bayan Lepas Industrial Park Phase IV
+ Bayan Lepas Pulau Pinang 11900
+ MY
+
+38-56-B5 (hex) Peerbridge Health Inc
+3856B5 (base 16) Peerbridge Health Inc
+ 3 Columbus Circle 15th Fl
+ New York NY 10019
+ US
+
+AC-F8-5C (hex) Private
+ACF85C (base 16) Private
+
A0-39-EE (hex) Sagemcom Broadband SAS
A039EE (base 16) Sagemcom Broadband SAS
250, route de l'Empereur
@@ -87641,6 +88040,180 @@ E8FAF7 (base 16) Guangdong Uniteddata Holding Group Co., Ltd. NO.68, Qinghe Middle Street Haidian District, Beijing 100085
CN
+C0-81-35 (hex) Ningbo Forfan technology Co., LTD
+C08135 (base 16) Ningbo Forfan technology Co., LTD
+ Room B308,Tianjing Building,Tianan Cyber Park,Futian
+ Shenzhen Guangdong 518040
+ CN
+
+B4-6B-FC (hex) Intel Corporate
+B46BFC (base 16) Intel Corporate
+ Lot 8, Jalan Hi-Tech 2/3
+ Kulim Kedah 09000
+ MY
+
+00-50-C7 (hex) Private
+0050C7 (base 16) Private
+
+00-14-77 (hex) Trilliant
+001477 (base 16) Trilliant
+ 950 Cowie st.
+ Granby Quebec J2J 1P2
+ CA
+
+28-EF-01 (hex) Private
+28EF01 (base 16) Private
+
+F8-5C-4D (hex) Nokia
+F85C4D (base 16) Nokia
+ 1 Robbins Road
+ Westford MA 01886-4113
+ US
+
+F8-2D-C0 (hex) ARRIS Group, Inc.
+F82DC0 (base 16) ARRIS Group, Inc.
+ 6450 Sequence Drive
+ San Diego CA 92121
+ US
+
+A8-5B-6C (hex) Robert Bosch Gmbh, CM-CI2
+A85B6C (base 16) Robert Bosch Gmbh, CM-CI2
+ Renningen
+ Stuttgart D-70465
+ DE
+
+4C-ED-FB (hex) ASUSTek COMPUTER INC.
+4CEDFB (base 16) ASUSTek COMPUTER INC.
+ 15,Li-Te Rd., Peitou, Taipei 112, Taiwan
+ Taipei Taiwan 112
+ TW
+
+58-5F-F6 (hex) zte corporation
+585FF6 (base 16) zte corporation
+ 12/F.,zte R&D building ,kejinan Road,Shenzhen,P.R.China
+ shenzhen guangdong 518057
+ CN
+
+A8-E5-52 (hex) JUWEL Aquarium AG & Co. KG
+A8E552 (base 16) JUWEL Aquarium AG & Co. KG
+ Karl-Göx-Straße 1
+ Rotenburg / Wümme 27356
+ DE
+
+74-6B-AB (hex) GUANGDONG ENOK COMMUNICATION CO., LTD
+746BAB (base 16) GUANGDONG ENOK COMMUNICATION CO., LTD
+ NO.139 Lixiang road, Songmushan Dalang Town
+ Dongguan, Guangdong 523770
+ CN
+
+08-C5-E1 (hex) SAMSUNG ELECTRO-MECHANICS(THAILAND)
+08C5E1 (base 16) SAMSUNG ELECTRO-MECHANICS(THAILAND)
+ 93Moo5T. Bangsamak SEMTHAI, WELLGROW INDUSTRIAL ESTATE
+ Bangpakong Chachoengsao 24180
+ TH
+
+20-3D-BD (hex) LG Innotek
+203DBD (base 16) LG Innotek
+ 26, Hanamsandan 5beon-ro
+ Gwangju Gwangsan-gu 506-731
+ KR
+
+00-11-1E (hex) ETHERNET Powerlink Standarization Group (EPSG)
+00111E (base 16) ETHERNET Powerlink Standarization Group (EPSG)
+ c/o University of Applied Sciences
+ Winterthur ZH CH-8401
+ CH
+
+00-40-9D (hex) DigiBoard
+00409D (base 16) DigiBoard
+ 6400 FLYING CLOUD DRIVE
+ EDEN PRAIRIE MN 55344
+ US
+
+00-14-72 (hex) China Broadband Wireless IP Standard group(ChinaBWIPS)
+001472 (base 16) China Broadband Wireless IP Standard group(ChinaBWIPS)
+ P.O.BOX 88,West High-tech
+ Xi'an Shaan Xi 710075
+ CN
+
+D8-24-77 (hex) Universal Electric Corporation
+D82477 (base 16) Universal Electric Corporation
+ 168 Georgetown Road
+ Canonsburg PA 15317
+ US
+
+40-06-A0 (hex) Texas Instruments
+4006A0 (base 16) Texas Instruments
+ 12500 TI Blvd
+ Dallas TX 75243
+ US
+
+30-A8-DB (hex) Sony Mobile Communications AB
+30A8DB (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+44-74-6C (hex) Sony Mobile Communications AB
+44746C (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+18-00-2D (hex) Sony Mobile Communications AB
+18002D (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+30-17-C8 (hex) Sony Mobile Communications AB
+3017C8 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-23-F1 (hex) Sony Mobile Communications AB
+0023F1 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-1B-59 (hex) Sony Mobile Communications AB
+001B59 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-19-63 (hex) Sony Mobile Communications AB
+001963 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-1E-DC (hex) Sony Mobile Communications AB
+001EDC (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-0F-DE (hex) Sony Mobile Communications AB
+000FDE (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-0A-D9 (hex) Sony Mobile Communications AB
+000AD9 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+64-4F-42 (hex) JETTER CO., Ltd.
+644F42 (base 16) JETTER CO., Ltd.
+ 265-40 Emukaecho Tanomoto
+ Sasebo-shi Nagasaki 859-6134
+ JP
+
D8-6C-E9 (hex) Sagemcom Broadband SAS
D86CE9 (base 16) Sagemcom Broadband SAS
250 route de l'Empereur
@@ -87797,12 +88370,6 @@ C056E3 (base 16) Hangzhou Hikvision Digital Technology Co.,Ltd. Hangzhou Zhejiang 310052
CN
-C8-E7-D8 (hex) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
-C8E7D8 (base 16) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
- Mid-Fourth Flr., Building 28, Cui Xi Fourth Road,Ke Yuan West,Nanshan
- Shenzhen Guangdong 518057
- CN
-
9C-EF-D5 (hex) Panda Wireless, Inc.
9CEFD5 (base 16) Panda Wireless, Inc.
15559 Union Ave, Suite 300
@@ -89069,12 +89636,6 @@ EC21E5 (base 16) Toshiba Shenzhen Guangdong 518057
CN
-58-48-22 (hex) Sony Mobile Communications AB
-584822 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
F8-BF-09 (hex) HUAWEI TECHNOLOGIES CO.,LTD
F8BF09 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
@@ -89171,18 +89732,6 @@ C09A71 (base 16) XIAMEN MEITU MOBILE TECHNOLOGY CO.LTD SAN MARTINO B.A. (VR) VERONA 37036
IT
-94-4A-0C (hex) Sercomm Corporation
-944A0C (base 16) Sercomm Corporation
- 8F, 3-1, YuanQu St., NanKang,
- Taipei Taiwan 115
- TW
-
-D0-25-16 (hex) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
-D02516 (base 16) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
- Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
- Shenzhen Guangdong 518057
- CN
-
D0-5C-7A (hex) Sartura d.o.o.
D05C7A (base 16) Sartura d.o.o.
Kuniscak 28
@@ -90647,12 +91196,6 @@ FC19D0 (base 16) Cloud Vision Networks Technology Co.,Ltd. Norwood MA 02062
US
-68-76-4F (hex) Sony Mobile Communications AB
-68764F (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
D4-D9-19 (hex) GoPro
D4D919 (base 16) GoPro
3000 Clearview Way
@@ -93029,12 +93572,6 @@ F8313E (base 16) endeavour GmbH Taipei 114
TW
-D4-CA-6D (hex) Routerboard.com
-D4CA6D (base 16) Routerboard.com
- Mikrotikls SIA
- Riga LV-1009
- LV
-
D8-E7-43 (hex) Wush, Inc
D8E743 (base 16) Wush, Inc
17F.No 268, Liancheng Rd., Zhonghe District
@@ -101234,12 +101771,6 @@ EC3091 (base 16) Cisco Systems, Inc Gurogu Seoul 152-766
KR
-00-0E-8F (hex) Sercomm Corp.
-000E8F (base 16) Sercomm Corp.
- 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
- Miao-Lih Hsuan 350
- TW
-
00-0E-96 (hex) Cubic Defense Applications, Inc.
000E96 (base 16) Cubic Defense Applications, Inc.
P.O. Box 85587
@@ -101606,12 +102137,6 @@ EC3091 (base 16) Cisco Systems, Inc Santa Barbara CA 93117
US
-00-0D-82 (hex) PHS srl
-000D82 (base 16) PHS srl
- Via Palù, 17
- Arcugnano Vicenza 36057
- IT
-
00-0D-81 (hex) Pepperl+Fuchs GmbH
000D81 (base 16) Pepperl+Fuchs GmbH
Lilienthalstraße 200
@@ -102068,12 +102593,6 @@ EC3091 (base 16) Cisco Systems, Inc TAMPERE FIN 33950
FI
-00-0C-42 (hex) Routerboard.com
-000C42 (base 16) Routerboard.com
- Pernavas 46
- Riga LV-1009
- LV
-
00-0C-44 (hex) Automated Interfaces, Inc.
000C44 (base 16) Automated Interfaces, Inc.
120 Confederate Lane
@@ -109664,66 +110183,6 @@ D0D412 (base 16) ADB Broadband Italia Hsinchu 30352
TW
-00-24-EF (hex) Sony Mobile Communications AB
-0024EF (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
-6C-0E-0D (hex) Sony Mobile Communications AB
-6C0E0D (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 221 88
- SE
-
-B4-52-7D (hex) Sony Mobile Communications AB
-B4527D (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22188
- SE
-
-E0-63-E5 (hex) Sony Mobile Communications AB
-E063E5 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22188
- SE
-
-00-0E-07 (hex) Sony Mobile Communications AB
-000E07 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE-221 88
- SE
-
-00-1A-75 (hex) Sony Mobile Communications AB
-001A75 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
-00-16-B8 (hex) Sony Mobile Communications AB
-0016B8 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
-00-1D-28 (hex) Sony Mobile Communications AB
-001D28 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 221 88
- SE
-
-00-1F-E4 (hex) Sony Mobile Communications AB
-001FE4 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
-00-22-98 (hex) Sony Mobile Communications AB
-002298 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
24-FD-52 (hex) Liteon Technology Corporation
24FD52 (base 16) Liteon Technology Corporation
4F,90,Chien 1 Road,ChungHo
@@ -114371,15 +114830,6 @@ B0B98A (base 16) NETGEAR San Jose CA 95134
US
-11-00-AA (hex) Private
-1100AA (base 16) Private
-
-1C-96-5A (hex) Weifang GoerTek Technology Co.,Ltd.
-1C965A (base 16) Weifang GoerTek Technology Co.,Ltd.
- Gaoxin 2 Road,Free Trade Zone,Weifang,Shandong,261205,P.R.China
- Wei Fang Shan Dong 261205
- CN
-
10-4E-89 (hex) Garmin International
104E89 (base 16) Garmin International
1200 E. 151st St
@@ -114638,9 +115088,6 @@ B8D94D (base 16) Sagemcom Broadband SAS Hong Kong Hong Kong
HK
-A4-68-BC (hex) Private
-A468BC (base 16) Private
-
80-C7-55 (hex) Panasonic Appliances Company
80C755 (base 16) Panasonic Appliances Company
2-3-1-2 Noji-higashi
@@ -115004,12 +115451,6 @@ B0B3AD (base 16) HUMAX Co., Ltd. Seongnam-si Gyeonggi-do 463-875
KR
-38-78-62 (hex) Sony Mobile Communications AB
-387862 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
18-31-BF (hex) ASUSTek COMPUTER INC.
1831BF (base 16) ASUSTek COMPUTER INC.
15,Li-Te Rd., Peitou, Taipei 112, Taiwan
@@ -115544,6 +115985,171 @@ D818D3 (base 16) Juniper Networks Stockdorf Bayern 82131
DE
+94-19-3A (hex) Elvaco AB
+94193A (base 16) Elvaco AB
+ Kabelgatan 2T
+ Kungsbacka 43437
+ SE
+
+38-68-DD (hex) INVENTEC CORPORATION
+3868DD (base 16) INVENTEC CORPORATION
+ NO.88, DAZHI RD.
+ TAOYUAN 33068
+ TW
+
+3C-6A-A7 (hex) Intel Corporate
+3C6AA7 (base 16) Intel Corporate
+ Lot 8, Jalan Hi-Tech 2/3
+ Kulim Kedah 09000
+ MY
+
+FC-6B-F0 (hex) TOPWELL INTERNATIONAL HOLDINDS LIMITED
+FC6BF0 (base 16) TOPWELL INTERNATIONAL HOLDINDS LIMITED
+ Room 1301-5,Buliding China Youshe,NO.6013,ShenNan Road,CheGong Temple,FuTian District,ShenZhen,GuangDong province,China
+ SHENZHEN GUANGDONG 518000
+ CN
+
+11-00-AA (hex) Private
+1100AA (base 16) Private
+
+80-02-9C (hex) Gemtek Technology Co., Ltd.
+80029C (base 16) Gemtek Technology Co., Ltd.
+ No.15-1 Zhonghua Road
+ Hukou Hsinchu 30352
+ TW
+
+D4-FC-13 (hex) Fiberhome Telecommunication Technologies Co.,LTD
+D4FC13 (base 16) Fiberhome Telecommunication Technologies Co.,LTD
+ No.5 DongXin Road
+ Wuhan Hubei 430074
+ CN
+
+B0-53-65 (hex) China Mobile IOT Company Limited
+B05365 (base 16) China Mobile IOT Company Limited
+ NO.8 Yu Ma Road, NanAn Area Chongqing,China
+ Chongqing Chongqing 401336
+ CN
+
+1C-96-5A (hex) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+1C965A (base 16) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+ Gaoxin 2 Road,Free Trade Zone,Weifang,Shandong,261205,P.R.China
+ Wei Fang Shan Dong 261205
+ CN
+
+00-0E-8F (hex) Sercomm Corporation.
+000E8F (base 16) Sercomm Corporation.
+ 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
+ Miao-Lih Hsuan 115
+ TW
+
+94-4A-0C (hex) Sercomm Corporation.
+944A0C (base 16) Sercomm Corporation.
+ 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
+ Miao-Lih Hsuan 115
+ TW
+
+D0-C5-D8 (hex) LATECOERE
+D0C5D8 (base 16) LATECOERE
+ 135 Rue de Périole, BP25211
+ Toulouse Cedex 5 31 Haute-Garonne 31079
+ FR
+
+DC-E0-EB (hex) Nanjing Aozheng Information Technology Co.Ltd
+DCE0EB (base 16) Nanjing Aozheng Information Technology Co.Ltd
+ #E1-453, Zidong Road #1,Qixia District
+ Nanjing jiangsu 210000
+ CN
+
+C8-E7-D8 (hex) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+C8E7D8 (base 16) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+ Mid-Fourth Flr., Building 28, Cui Xi Fourth Road,Ke Yuan West,Nanshan
+ Shenzhen Guangdong 518057
+ CN
+
+50-59-67 (hex) Intent Solutions Inc
+505967 (base 16) Intent Solutions Inc
+ 730 Peachtree St NE, Suite 550
+ ATLANTA GA 30308
+ US
+
+68-3A-1E (hex) Cisco Meraki
+683A1E (base 16) Cisco Meraki
+ 500 Terry A. Francois Blvd
+ San Francisco 94158
+ US
+
+A8-3E-0E (hex) HMD Global Oy
+A83E0E (base 16) HMD Global Oy
+ Karaportti 2
+ Espoo 02610
+ FI
+
+10-C1-72 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+10C172 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+80-B5-75 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+80B575 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+00-0D-82 (hex) PHSNET SRLS
+000D82 (base 16) PHSNET SRLS
+ Piazza Mariano Rumor, 18
+ Arcugnano Vicenza 36057
+ IT
+
+E0-63-E5 (hex) Sony Mobile Communications AB
+E063E5 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+B4-52-7D (hex) Sony Mobile Communications AB
+B4527D (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+08-D4-6A (hex) LG Electronics (Mobile Communications)
+08D46A (base 16) LG Electronics (Mobile Communications)
+ 60-39, Gasan-dong, Geumcheon-gu
+ Seoul 153-801
+ KR
+
+68-76-4F (hex) Sony Mobile Communications AB
+68764F (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+58-48-22 (hex) Sony Mobile Communications AB
+584822 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+6C-0E-0D (hex) Sony Mobile Communications AB
+6C0E0D (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-24-EF (hex) Sony Mobile Communications AB
+0024EF (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+B4-EC-02 (hex) ALPS ELECTRIC CO.,LTD.
+B4EC02 (base 16) ALPS ELECTRIC CO.,LTD.
+ 6-1
+ Kakuda Miyagi-Pref 981-1595
+ JP
+
54-C5-7A (hex) Sunnovo International Limited
54C57A (base 16) Sunnovo International Limited
1717 Haitai Building
@@ -116933,6 +117539,177 @@ ECAF97 (base 16) GIT Hsinchu Taiwan ROC. 30352
TW
+20-39-56 (hex) HMD Global Oy
+203956 (base 16) HMD Global Oy
+ Karaportti 2
+ Espoo 02610
+ FI
+
+78-72-5D (hex) Cisco Systems, Inc
+78725D (base 16) Cisco Systems, Inc
+ 80 West Tasman Drive
+ San Jose CA 94568
+ US
+
+00-FC-BA (hex) Cisco Systems, Inc
+00FCBA (base 16) Cisco Systems, Inc
+ 80 West Tasman Drive
+ San Jose CA 94568
+ US
+
+18-9C-27 (hex) ARRIS Group, Inc.
+189C27 (base 16) ARRIS Group, Inc.
+ 6450 Sequence Drive
+ San Diego CA 92121
+ US
+
+A4-68-BC (hex) Private
+A468BC (base 16) Private
+
+CC-51-B4 (hex) Integrated Device Technology (Malaysia) Sdn. Bhd.
+CC51B4 (base 16) Integrated Device Technology (Malaysia) Sdn. Bhd.
+ Phase 3, Bayan Lepas FIZ
+ Bayan Lepas Penang 11900
+ MY
+
+7C-41-A2 (hex) Nokia
+7C41A2 (base 16) Nokia
+ 600 March Road
+ Kanata Ontario K2K 2E6
+ CA
+
+64-A2-F9 (hex) OnePlus Technology (Shenzhen) Co., Ltd
+64A2F9 (base 16) OnePlus Technology (Shenzhen) Co., Ltd
+ 18C02, 18C03, 18C04 ,18C05,TAIRAN BUILDING,
+ Shenzhen Guangdong 518000
+ CN
+
+EC-8C-9A (hex) HUAWEI TECHNOLOGIES CO.,LTD
+EC8C9A (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+B4-86-55 (hex) HUAWEI TECHNOLOGIES CO.,LTD
+B48655 (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+18-66-C7 (hex) Shenzhen Libre Technology Co., Ltd
+1866C7 (base 16) Shenzhen Libre Technology Co., Ltd
+ 634, Tian Hui Building #B, You Song Lu, Long Hua District
+ Shenzhen 511700
+ CN
+
+5C-B3-F6 (hex) Human, Incorporated
+5CB3F6 (base 16) Human, Incorporated
+ 3100 Airport Way S, 25-512
+ Seattle WA 98134
+ US
+
+70-9F-A9 (hex) TECNO MOBILE LIMITED
+709FA9 (base 16) TECNO MOBILE LIMITED
+ ROOMS 05-15, 13A/F., SOUTH TOWER, WORLD FINANCE CENTRE, HARBOUR CITY, 17 CANTON ROAD, TSIM SHA TSUI, KOWLOON, HONG KONG
+ Hong Kong Hong Kong 999077
+ HK
+
+78-D2-94 (hex) NETGEAR
+78D294 (base 16) NETGEAR
+ 350 East Plumeria Drive
+ San Jose CA 95134
+ US
+
+D0-25-16 (hex) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+D02516 (base 16) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+ Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
+ Shenzhen Guangdong 518057
+ CN
+
+58-B1-0F (hex) Samsung Electronics Co.,Ltd
+58B10F (base 16) Samsung Electronics Co.,Ltd
+ #94-1, Imsoo-Dong
+ Gumi Gyeongbuk 730-350
+ KR
+
+BC-22-FB (hex) RF Industries
+BC22FB (base 16) RF Industries
+ PO Box 5
+ Welland SA 5007
+ AU
+
+70-0F-6A (hex) Cisco Systems, Inc
+700F6A (base 16) Cisco Systems, Inc
+ 80 West Tasman Drive
+ San Jose CA 94568
+ US
+
+2C-47-59 (hex) Beijing MEGA preponderance Science & Technology Co. Ltd
+2C4759 (base 16) Beijing MEGA preponderance Science & Technology Co. Ltd
+ Room 2201,No.8,Ruichuang International B Block,Wangjing East Road
+ Beijing 100102
+ CN
+
+D4-CA-6D (hex) Routerboard.com
+D4CA6D (base 16) Routerboard.com
+ Mikrotikls SIA
+ Riga LV-1009
+ LV
+
+00-0C-42 (hex) Routerboard.com
+000C42 (base 16) Routerboard.com
+ Pernavas 46
+ Riga LV-1009
+ LV
+
+DC-E3-05 (hex) ZAO NPK Rotek
+DCE305 (base 16) ZAO NPK Rotek
+ Prospekt Mira
+ Moscow 129223
+ RU
+
+00-22-98 (hex) Sony Mobile Communications AB
+002298 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-1F-E4 (hex) Sony Mobile Communications AB
+001FE4 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-1D-28 (hex) Sony Mobile Communications AB
+001D28 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-16-B8 (hex) Sony Mobile Communications AB
+0016B8 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-1A-75 (hex) Sony Mobile Communications AB
+001A75 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-0E-07 (hex) Sony Mobile Communications AB
+000E07 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+38-78-62 (hex) Sony Mobile Communications AB
+387862 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
2C-39-96 (hex) Sagemcom Broadband SAS
2C3996 (base 16) Sagemcom Broadband SAS
250 route de l'Empereur
@@ -118091,12 +118868,6 @@ E8EDF3 (base 16) Cisco Systems, Inc San Jose CA 95134
US
-48-8A-D2 (hex) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
-488AD2 (base 16) SHENZHEN MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
- Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
- Shenzhen Guangdong 518057
- CN
-
14-02-EC (hex) Hewlett Packard Enterprise
1402EC (base 16) Hewlett Packard Enterprise
8000 Foothills Blvd.
@@ -119204,12 +119975,6 @@ F0FE6B (base 16) Shanghai High-Flying Electronics Technology Co., Ltd Beijing Beijing 100083
CN
-84-8E-DF (hex) Sony Mobile Communications AB
-848EDF (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
CC-BD-D3 (hex) Ultimaker B.V.
CCBDD3 (base 16) Ultimaker B.V.
Burgemeester Rozeveld van de Venlaan 11
@@ -119480,12 +120245,6 @@ A0FC6E (base 16) Telegrafia a.s. Kosice Slovakia 040 01
-44-D4-E0 (hex) Sony Mobile Communications AB
-44D4E0 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
D0-FA-1D (hex) Qihoo 360 Technology Co.,Ltd
D0FA1D (base 16) Qihoo 360 Technology Co.,Ltd
Building 2,6 Haoyuan
@@ -120080,12 +120839,6 @@ DC0575 (base 16) SIEMENS ENERGY AUTOMATION Frankfurt am Main Hessen 60311
DE
-B4-52-7E (hex) Sony Mobile Communications AB
-B4527E (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
50-E1-4A (hex) Private
50E14A (base 16) Private
@@ -121502,12 +122255,6 @@ ACC698 (base 16) Kohzu Precision Co., Ltd. Sunnyvale California 94086
US
-4C-0F-C7 (hex) Earda Electronics Co.,Ltd
-4C0FC7 (base 16) Earda Electronics Co.,Ltd
- 5/F,Block 2 East area,Haosheng Industrial Park,
- Guangzhou Guangdong 511400
- CN
-
64-C9-44 (hex) LARK Technologies, Inc
64C944 (base 16) LARK Technologies, Inc
2570 W El Camino Real
@@ -129551,12 +130298,6 @@ DC3350 (base 16) TechSAT GmbH Chiyoda-ku Tokyo 101-0051
JP
-00-13-4F (hex) Tranzeo Wireless Technologies Inc.
-00134F (base 16) Tranzeo Wireless Technologies Inc.
- 20155 Stewart Cres.
- Maple Ridge British Columbia V2X 0T6
- CA
-
00-13-48 (hex) Artila Electronics Co., Ltd.
001348 (base 16) Artila Electronics Co., Ltd.
2F., No.1, Alley 8, Siwei Lane, Zhongzheng Rd.,
@@ -139241,42 +139982,6 @@ D05349 (base 16) Liteon Technology Corporation Tokyo 141-0001
JP
-00-1C-A4 (hex) Sony Mobile Communications AB
-001CA4 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
-00-23-45 (hex) Sony Mobile Communications AB
-002345 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund Skåne 22188
- SE
-
-8C-64-22 (hex) Sony Mobile Communications AB
-8C6422 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 221 88
- SE
-
-90-C1-15 (hex) Sony Mobile Communications AB
-90C115 (base 16) Sony Mobile Communications AB
- Mobilvägen 10
- Lund 22181
- SE
-
-84-00-D2 (hex) Sony Mobile Communications AB
-8400D2 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22188
- SE
-
-5C-B5-24 (hex) Sony Mobile Communications AB
-5CB524 (base 16) Sony Mobile Communications AB
- Mobilvägen 10
- Lund 22181
- SE
-
94-A1-A2 (hex) AMPAK Technology, Inc.
94A1A2 (base 16) AMPAK Technology, Inc.
No.1,Jen Ai Road
@@ -139925,12 +140630,6 @@ C4E510 (base 16) Mechatro, Inc. Sunnyvale CA 94085
US
-9C-5C-F9 (hex) Sony Mobile Communications AB
-9C5CF9 (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
88-A0-84 (hex) Formation Data Systems
88A084 (base 16) Formation Data Systems
39141 Civic Center Drive, Suite 410
@@ -141077,12 +141776,6 @@ BC8AA3 (base 16) NHN Entertainment Jincheon-Gun Chungbuk 27850
KR
-48-6D-BB (hex) Vestel Elektronik San ve Tic. A.Ş.
-486DBB (base 16) Vestel Elektronik San ve Tic. A.Ş.
- Organize san
- Manisa Turket 45030
- TR
-
E0-9D-FA (hex) Wanan Hongsheng Electronic Co.Ltd
E09DFA (base 16) Wanan Hongsheng Electronic Co.Ltd
1st section of industrial pack,Wan'An County,Ji'An City,jiangxi province
@@ -141923,12 +142616,6 @@ A091C8 (base 16) zte corporation Shawinigan Quebec G9N 0A3
CA
-B4-A5-EF (hex) Sercomm Corporation.
-B4A5EF (base 16) Sercomm Corporation.
- violet_liu@sercomm.com
- Miao-Lih Hsuan 115
- TW
-
30-44-A1 (hex) Shanghai Nanchao Information Technology
3044A1 (base 16) Shanghai Nanchao Information Technology
Floor 1th, building 13, No.368 Zhangjiang Road, Pudong New District, Shanghai
@@ -144869,12 +145556,6 @@ AC6B0F (base 16) CADENCE DESIGN SYSTEMS INC Piscataway NJ 08554
US
-00-BB-3A (hex) Private
-00BB3A (base 16) Private
-
-E0-CB-1D (hex) Private
-E0CB1D (base 16) Private
-
84-D6-D0 (hex) Amazon Technologies Inc.
84D6D0 (base 16) Amazon Technologies Inc.
P.O Box 8102
@@ -144893,12 +145574,6 @@ CC82EB (base 16) KYOCERA CORPORATION Yokohama-shi Kanagawa 224-8502
JP
-78-94-B4 (hex) Sercomm Corporation.
-7894B4 (base 16) Sercomm Corporation.
- violet_liu@sercomm.com
- Miao-Lih Hsuan 115
- TW
-
00-0F-17 (hex) Insta Elektro GmbH
000F17 (base 16) Insta Elektro GmbH
Hohe Steinert 10
@@ -145739,9 +146414,6 @@ F4B520 (base 16) Biostar Microtech international corp. New Taipei City Taiwan 231
TW
-9C-93-E4 (hex) Private
-9C93E4 (base 16) Private
-
F0-F8-F2 (hex) Texas Instruments
F0F8F2 (base 16) Texas Instruments
12500 TI Blvd
@@ -145796,12 +146468,6 @@ F0F8F2 (base 16) Texas Instruments Dongguan Guangdong 518057
CN
-78-81-02 (hex) Sercomm Corporation.
-788102 (base 16) Sercomm Corporation.
- violet_liu@sercomm.com
- Miao-Lih Hsuan 115
- TW
-
58-A0-CB (hex) TrackNet, Inc
58A0CB (base 16) TrackNet, Inc
900 Lafayette Street #329
@@ -145934,12 +146600,6 @@ F86465 (base 16) Anova Applied Electronics, Inc. san francisco CA 94105
US
-A8-30-AD (hex) Weifang GoerTek Technology Co.,Ltd.
-A830AD (base 16) Weifang GoerTek Technology Co.,Ltd.
- Wei fang Export processing Zone
- Wei Fang Shan Dong 261205
- CN
-
70-E1-FD (hex) FLEXTRONICS
70E1FD (base 16) FLEXTRONICS
Carretera Base Aerea 5850 int 4
@@ -146102,12 +146762,6 @@ F89DBB (base 16) Tintri Mountain View CA 94070
US
-D4-38-9C (hex) Sony Mobile Communications AB
-D4389C (base 16) Sony Mobile Communications AB
- Nya Vattentornet
- Lund SE 22128
- SE
-
10-49-63 (hex) HARTING K.K.
104963 (base 16) HARTING K.K.
1-7-9, Shin-Yokohama, Kohoku-ku
@@ -146425,3 +147079,243 @@ E4E130 (base 16) TCT mobile ltd 2315 Briargate Pkwy, Suite 100
Colorado Springs CO 80920
US
+
+B0-FC-0D (hex) Amazon Technologies Inc.
+B0FC0D (base 16) Amazon Technologies Inc.
+ P.O Box 8102
+ Reno NV 89507
+ US
+
+00-BB-3A (hex) Amazon Technologies Inc.
+00BB3A (base 16) Amazon Technologies Inc.
+ PO BOX 8102
+ Reno NV 89507
+ US
+
+E0-CB-1D (hex) Private
+E0CB1D (base 16) Private
+
+10-7B-A4 (hex) Olive & Dove Co.,Ltd.
+107BA4 (base 16) Olive & Dove Co.,Ltd.
+ 803 Polaris bldg., 381, Seongnam-daero, Bundang-gu
+ Gyeonggi-do Seongnam-si 13555
+ KR
+
+D0-C5-D3 (hex) AzureWave Technology Inc.
+D0C5D3 (base 16) AzureWave Technology Inc.
+ 8F., No. 94, Baozhong Rd.
+ New Taipei City Taiwan 231
+ TW
+
+14-16-9E (hex) Wingtech Group (HongKong)Limited
+14169E (base 16) Wingtech Group (HongKong)Limited
+ FLAT/RM 1903 19/F PODIUM PLAZA 5HANOI ROAD TSIM SHA TSUI
+ Hong Kong Hong Kong 999077
+ HK
+
+D4-9E-05 (hex) zte corporation
+D49E05 (base 16) zte corporation
+ 12/F.,zte R&D building ,kejinan Road,Shenzhen,P.R.China
+ shenzhen guangdong 518057
+ CN
+
+00-B8-C2 (hex) Heights Telecom T ltd
+00B8C2 (base 16) Heights Telecom T ltd
+ Moshe Lerer 15
+ Nes Ziona 7404996
+ IL
+
+9C-93-E4 (hex) Private
+9C93E4 (base 16) Private
+
+74-C1-4F (hex) HUAWEI TECHNOLOGIES CO.,LTD
+74C14F (base 16) HUAWEI TECHNOLOGIES CO.,LTD
+ No.2 Xin Cheng Road, Room R6,Songshan Lake Technology Park
+ Dongguan 523808
+ CN
+
+A8-CA-B9 (hex) SAMSUNG ELECTRO MECHANICS CO., LTD.
+A8CAB9 (base 16) SAMSUNG ELECTRO MECHANICS CO., LTD.
+ 314, Maetan3-Dong, Yeongtong-Gu
+ SUWON KYUNGGI-DO 443-743
+ KR
+
+54-BF-64 (hex) Dell Inc.
+54BF64 (base 16) Dell Inc.
+ One Dell Way
+ Round Rock TX 78682
+ US
+
+00-13-4F (hex) Rapidus Wireless Networks Inc.
+00134F (base 16) Rapidus Wireless Networks Inc.
+ 47 - 14550 Morris Valley Road
+ Agassiz British Columbia V0M 1A1
+ CA
+
+78-29-ED (hex) ASKEY COMPUTER CORP
+7829ED (base 16) ASKEY COMPUTER CORP
+ 10F,No.119,JIANKANG RD,ZHONGHE DIST
+ NEW TAIPEI TAIWAN 23585
+ TW
+
+78-81-02 (hex) Sercomm Corporation.
+788102 (base 16) Sercomm Corporation.
+ 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
+ Miao-Lih Hsuan 115
+ TW
+
+78-94-B4 (hex) Sercomm Corporation.
+7894B4 (base 16) Sercomm Corporation.
+ 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
+ Miao-Lih Hsuan 115
+ TW
+
+B4-A5-EF (hex) Sercomm Corporation.
+B4A5EF (base 16) Sercomm Corporation.
+ 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
+ Miao-Lih Hsuan 115
+ TW
+
+A8-30-AD (hex) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+A830AD (base 16) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+ Wei fang Export processing Zone
+ Wei Fang Shan Dong 261205
+ CN
+
+D8-68-C3 (hex) Samsung Electronics Co.,Ltd
+D868C3 (base 16) Samsung Electronics Co.,Ltd
+ #94-1, Imsoo-Dong
+ Gumi Gyeongbuk 730-350
+ KR
+
+C4-93-D9 (hex) Samsung Electronics Co.,Ltd
+C493D9 (base 16) Samsung Electronics Co.,Ltd
+ #94-1, Imsoo-Dong
+ Gumi Gyeongbuk 730-350
+ KR
+
+48-8A-D2 (hex) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+488AD2 (base 16) MERCURY COMMUNICATION TECHNOLOGIES CO.,LTD.
+ Mid-Fourth Flr.,Building 28,Cui Xi Fourth Road,Ke Yuan West,Nanshan
+ Shenzhen Guangdong 518057
+ CN
+
+48-6D-BB (hex) Vestel Elektronik San ve Tic. A.Ş.
+486DBB (base 16) Vestel Elektronik San ve Tic. A.Ş.
+ Organize san
+ Manisa Turket 45030
+ TR
+
+70-54-B4 (hex) Vestel Elektronik San ve Tic. A.Ş.
+7054B4 (base 16) Vestel Elektronik San ve Tic. A.Ş.
+ Organize san
+ Manisa Turket 45030
+ TR
+
+4C-0F-C7 (hex) Earda Technologies co Ltd
+4C0FC7 (base 16) Earda Technologies co Ltd
+ 5/F,Block 2 East area,Haosheng Industrial Park,
+ Guangzhou Guangdong 511400
+ CN
+
+CC-7B-61 (hex) NIKKISO CO., LTD.
+CC7B61 (base 16) NIKKISO CO., LTD.
+ Yebisu Garden Place Tower 22nd Floor, 20-3, Ebisu 4-Chome
+ Shibuya-ku Tokyo 150-6022
+ JP
+
+78-04-73 (hex) Texas Instruments
+780473 (base 16) Texas Instruments
+ 12500 TI Blvd
+ Dallas TX 75243
+ US
+
+4C-3F-D3 (hex) Texas Instruments
+4C3FD3 (base 16) Texas Instruments
+ 12500 TI Blvd
+ Dallas TX 75243
+ US
+
+CC-50-E3 (hex) Espressif Inc.
+CC50E3 (base 16) Espressif Inc.
+ Room 204, Building 2, 690 Bibo Road, Pudong New Area
+ Shanghai Shanghai 201203
+ CN
+
+5C-B5-24 (hex) Sony Mobile Communications AB
+5CB524 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+84-00-D2 (hex) Sony Mobile Communications AB
+8400D2 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+90-C1-15 (hex) Sony Mobile Communications AB
+90C115 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+8C-64-22 (hex) Sony Mobile Communications AB
+8C6422 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+B4-52-7E (hex) Sony Mobile Communications AB
+B4527E (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+44-D4-E0 (hex) Sony Mobile Communications AB
+44D4E0 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+84-8E-DF (hex) Sony Mobile Communications AB
+848EDF (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+DC-AF-68 (hex) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+DCAF68 (base 16) WEIFANG GOERTEK ELECTRONICS CO.,LTD
+ Gaoxin 2 Road, Free Trade Zone,Weifang,Shandong,261205,P.R.China
+ Weifang Shandong 261205
+ CN
+
+00-23-45 (hex) Sony Mobile Communications AB
+002345 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+00-1C-A4 (hex) Sony Mobile Communications AB
+001CA4 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+9C-5C-F9 (hex) Sony Mobile Communications AB
+9C5CF9 (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+D4-38-9C (hex) Sony Mobile Communications AB
+D4389C (base 16) Sony Mobile Communications AB
+ 4-12-3 Higashi – Shinagaw
+ Shinagawa-ku Tokyo 140-0002
+ JP
+
+A0-19-B2 (hex) IEEE Registration Authority
+A019B2 (base 16) IEEE Registration Authority
+ 445 Hoes Lane
+ Piscataway NJ 08554
+ US
diff --git a/hwdb/ma-medium.txt b/hwdb/ma-medium.txt index 9c97afffdc..12165cb146 100644 --- a/hwdb/ma-medium.txt +++ b/hwdb/ma-medium.txt @@ -1511,12 +1511,6 @@ D00000-DFFFFF (base 16) Shanghai B&A Technology Co., Ltd San Anselmo CA 94960
US
-98-AA-FC (hex) Comarch S.A.
-E00000-EFFFFF (base 16) Comarch S.A.
- Al. Jana Pawla II 39a
- Krakow 31-864
- PL
-
98-AA-FC (hex) Beijing Tiandi-Marco Electro-Hydraulic Control System Company Ltd.
800000-8FFFFF (base 16) Beijing Tiandi-Marco Electro-Hydraulic Control System Company Ltd.
No.5 Qing Nian Gou Road, Hepingli
@@ -1706,15 +1700,6 @@ E00000-EFFFFF (base 16) CL International Issaquah 98027
US
-1C-CA-E3 (hex) Private
-F00000-FFFFFF (base 16) Private
-
-90-C6-82 (hex) Private
-F00000-FFFFFF (base 16) Private
-
-D0-76-50 (hex) Private
-F00000-FFFFFF (base 16) Private
-
28-F5-37 (hex) LogiM GmbH Software und Entwicklung
B00000-BFFFFF (base 16) LogiM GmbH Software und Entwicklung
Mahonienweg 22b
@@ -1841,9 +1826,6 @@ C00000-CFFFFF (base 16) WAYCOM Technology Co.,Ltd Littleton MA 01460
US
-D0-D9-4F (hex) Private
-700000-7FFFFF (base 16) Private
-
CC-22-37 (hex) Hebei ZHSF Technology Co.,Ltd.
C00000-CFFFFF (base 16) Hebei ZHSF Technology Co.,Ltd.
88 Xinshi South Road
@@ -2183,12 +2165,90 @@ C00000-CFFFFF (base 16) Authentico Technologies Mesa AZ 85215
US
+8C-1C-DA (hex) GEOMC
+200000-2FFFFF (base 16) GEOMC
+ Suite514, 130, Digital-ro
+ Seoul 08589
+ KP
+
+8C-1C-DA (hex) CEOS Pty Ltd
+000000-0FFFFF (base 16) CEOS Pty Ltd
+ 3/17 Burgundy Street,
+ Heidelberg VIC 3084
+ AU
+
0C-73-EB (hex) Shenzhen Samchung Video Technology Co., Ltd.
C00000-CFFFFF (base 16) Shenzhen Samchung Video Technology Co., Ltd.
Xixiang Street 4016 Bao'an Avenue
Yong Kai Business Building A, Bao'an District of Shenzhen City Guangdong 528470
CN
+8C-1C-DA (hex) K Technology Corporation
+700000-7FFFFF (base 16) K Technology Corporation
+ LIVMO Rising Bldg. 5F, 3-19-1
+ Shin-Yokohama, Kohoku-ku, Yokohama, Kanagawa 222-0033
+ JP
+
+90-C6-82 (hex) Private
+F00000-FFFFFF (base 16) Private
+
+D0-76-50 (hex) Private
+F00000-FFFFFF (base 16) Private
+
+1C-CA-E3 (hex) Private
+F00000-FFFFFF (base 16) Private
+
+D0-D9-4F (hex) Private
+700000-7FFFFF (base 16) Private
+
+8C-1C-DA (hex) Anntec (Beijing) Technology Co.,Ltd.
+400000-4FFFFF (base 16) Anntec (Beijing) Technology Co.,Ltd.
+ F803, Shangdi Third Street, No.9,HaiDian District
+ Beijing 100080
+ CN
+
+2C-48-35 (hex) FAST
+700000-7FFFFF (base 16) FAST
+ 4740 44th Ave SW Suite #201
+ Seattle WA 98116
+ US
+
+A0-19-B2 (hex) El Sewedy Electrometer Egypt S.A.E.
+100000-1FFFFF (base 16) El Sewedy Electrometer Egypt S.A.E.
+ Plot No. 154/173 Industrial Zone 2
+ ET-6th October City
+ EG
+
+A0-19-B2 (hex) Beijing Deephi Intelligent Technology Co., Ltd
+200000-2FFFFF (base 16) Beijing Deephi Intelligent Technology Co., Ltd
+ 7F Building D, Tsinghua Tongfang High-Tech PlazaRoom 1706, Building D-East, Tsinghua Tongfang High-Tech Plaza Haidian District, Beijing, 100083, China
+ BEIJING HAIDIAN 100083
+ CN
+
+2C-48-35 (hex) Advanced Electronics Company Ltd
+100000-1FFFFF (base 16) Advanced Electronics Company Ltd
+ POBOX 90916, KKIA INDUSTRIAL ESTATE
+ RIYADH CENTRAL 11623
+ SA
+
+2C-48-35 (hex) Phasor Solutions Ltd
+D00000-DFFFFF (base 16) Phasor Solutions Ltd
+ The Record Hall, 16 Baldwin Gardens
+ London EC1N 7RJ
+ GB
+
+98-AA-FC (hex) Comarch S.A.
+E00000-EFFFFF (base 16) Comarch S.A.
+ Al. Jana Pawla II 39A
+ Krakow Poland 31-864
+ PL
+
+2C-48-35 (hex) SureFlap Ltd
+900000-9FFFFF (base 16) SureFlap Ltd
+ 7 The Irwin Centre, Scotland Road, Dry Drayton
+ Cambridge Cambridgeshire CB23 8AR
+ GB
+
1C-87-76 (hex) Strone Technology
C00000-CFFFFF (base 16) Strone Technology
13 Ellis Street
@@ -4127,9 +4187,6 @@ A0-C5-F2 (hex) Shenzhen Feima Robotics Technology Co.,Ltd Shenzhen Guangdong 518000
CN
-7C-70-BC (hex) Private
-F00000-FFFFFF (base 16) Private
-
B0-1F-81 (hex) Private
F00000-FFFFFF (base 16) Private
@@ -4157,9 +4214,6 @@ C00000-CFFFFF (base 16) Shenzhen Chenzhuo Technology Co., Ltd. Torrance CA 90501
US
-A4-3B-FA (hex) Private
-F00000-FFFFFF (base 16) Private
-
28-F5-37 (hex) MyOmega Systems GmbH
600000-6FFFFF (base 16) MyOmega Systems GmbH
Neumeyerstr. 28-34
@@ -4334,6 +4388,60 @@ A00000-AFFFFF (base 16) Pi Innovo LLC Romano D'Ezzelino Vicenza 36060
IT
+3C-24-F0 (hex) GETMOBIT LLC
+E00000-EFFFFF (base 16) GETMOBIT LLC
+ d. 4 str. 2 pom. 137, ul. Programmistov
+ Dubna Moscow 141983
+ RU
+
+3C-24-F0 (hex) Sivat Technology Co.,Ltd.
+800000-8FFFFF (base 16) Sivat Technology Co.,Ltd.
+ Room 1602, Starbuilding 2, west Complex of ChangYing TianJie ChaoYang District
+ BeiJing Beijing 100024
+ CN
+
+A4-3B-FA (hex) Private
+F00000-FFFFFF (base 16) Private
+
+8C-1C-DA (hex) Structura Technology & Innovation
+300000-3FFFFF (base 16) Structura Technology & Innovation
+ via Roveredo 20/B
+ Pordenone PN 33170
+ IT
+
+2C-48-35 (hex) Exertus Oy
+600000-6FFFFF (base 16) Exertus Oy
+ Kampusranta 9 C
+ Seinäjoki 60320
+ FI
+
+2C-48-35 (hex) Collatz+Trojan GmbH
+A00000-AFFFFF (base 16) Collatz+Trojan GmbH
+ Borsteler Chaussee85-99a
+ Hamburg Hamburg 22453
+ DE
+
+2C-48-35 (hex) GEARTECH LTD
+400000-4FFFFF (base 16) GEARTECH LTD
+ R310/312,3/F,Beike Venture Building,No.1077,Nanhai Avenue,Nanshan District
+ Shenzhen Guangdong 518067
+ CN
+
+2C-48-35 (hex) Progress Rail Services, Inspection and Information Systems
+000000-0FFFFF (base 16) Progress Rail Services, Inspection and Information Systems
+ 3801-1 South Selsa Road
+ Independence 64057
+ US
+
+2C-48-35 (hex) Rheonik Messtechnik GmbH
+200000-2FFFFF (base 16) Rheonik Messtechnik GmbH
+ Rudolf-Diesel-Str., 5
+ Odelzhausen Deutschland 85235
+ DE
+
+7C-70-BC (hex) Private
+F00000-FFFFFF (base 16) Private
+
1C-87-76 (hex) Zhuhai MYZR Technology Co.,Ltd
500000-5FFFFF (base 16) Zhuhai MYZR Technology Co.,Ltd
Room 302,Area D2,National Hi-tech Zone,NO.1,Software Park Road
@@ -4580,12 +4688,6 @@ CC-1B-E0 (hex) MobiStor Technology Inc. New Taipei City Taiwn 23154
TW
-74-F8-DB (hex) Ballard Technology Inc.
-A00000-AFFFFF (base 16) Ballard Technology Inc.
- 11400 Airport Rd
- Everett Wa 98204
- US
-
74-F8-DB (hex) WiFi Hotspots, SL
400000-4FFFFF (base 16) WiFi Hotspots, SL
C/ Montaña Clara, No.18
@@ -6122,21 +6224,12 @@ A00000-AFFFFF (base 16) annapurnalabs 88-5D-90 (hex) Private
F00000-FFFFFF (base 16) Private
-BC-34-00 (hex) Private
-F00000-FFFFFF (base 16) Private
-
28-F5-37 (hex) Skyrockettoys LLC
D00000-DFFFFF (base 16) Skyrockettoys LLC
12910 culver blvd Ste F
los angeles CA 90066
US
-74-19-F8 (hex) Private
-F00000-FFFFFF (base 16) Private
-
-80-E4-DA (hex) Private
-F00000-FFFFFF (base 16) Private
-
28-F5-37 (hex) PRIMETECH ENGINEERING CORP.
300000-3FFFFF (base 16) PRIMETECH ENGINEERING CORP.
Koishikawadaikoku Bldg. 3F, 1-3-25
@@ -6449,6 +6542,30 @@ D00000-DFFFFF (base 16) Travis Holding B.V. Rotterdam 3013AK
NL
+3C-24-F0 (hex) CASKY eTech Co., Ltd.
+500000-5FFFFF (base 16) CASKY eTech Co., Ltd.
+ 10th Floor, Viva Plaza, Yard 29 Suzhou Street, Haidian District,
+ Beijing Beijing 100080
+ CN
+
+8C-1C-DA (hex) Raychem RPG PVT. LTD.
+900000-9FFFFF (base 16) Raychem RPG PVT. LTD.
+ Safari Crossing, Near Halol GIDC, Village - Kanjari, Taluka - Halol
+ Halol Gujarat 389350
+ IN
+
+8C-1C-DA (hex) Alcidae Inc
+C00000-CFFFFF (base 16) Alcidae Inc
+ 535 Mission St, 14th Fl,
+ San Francisco CA 94105
+ US
+
+2C-48-35 (hex) Santec Corporation
+C00000-CFFFFF (base 16) Santec Corporation
+ 5823 Ohkusa-Nenjozaka
+ Komaki Aichi 485-0802
+ JP
+
28-2C-02 (hex) SHENZHEN DOMENOR TECHNOLOGY LLC
D00000-DFFFFF (base 16) SHENZHEN DOMENOR TECHNOLOGY LLC
F4, BUILDING A3, SILICON VALLEY POWER TECHNOLOGY PARK, SILI ROAD, KUKENG COMMUNITY, GUANLAN TOWN,LONGHUA DISTRICT
@@ -6647,6 +6764,45 @@ B00000-BFFFFF (base 16) COMATIS SAINT-CYR-L'ECOLE 78210
FR
+8C-1C-DA (hex) Septentrio NV
+500000-5FFFFF (base 16) Septentrio NV
+ Interleuvenlaan 15i
+ Leuven 3001
+ BE
+
+80-E4-DA (hex) Private
+F00000-FFFFFF (base 16) Private
+
+74-19-F8 (hex) Private
+F00000-FFFFFF (base 16) Private
+
+2C-48-35 (hex) Newtrax Technologies Inc
+300000-3FFFFF (base 16) Newtrax Technologies Inc
+ 360 St-Jacques, Floor 8
+ Montreal Quebec H2Y 1P5
+ CA
+
+BC-34-00 (hex) Private
+F00000-FFFFFF (base 16) Private
+
+74-F8-DB (hex) Ballard Technology, Inc,
+A00000-AFFFFF (base 16) Ballard Technology, Inc,
+ 11400 Airport Rd
+ Everett Wa 98204
+ US
+
+2C-48-35 (hex) IROOTECH TECHNOLOGY CO.,LTD
+E00000-EFFFFF (base 16) IROOTECH TECHNOLOGY CO.,LTD
+ Room 606, Floor 6, Building 5, Eastern Yard 10, Xibeiwang East Road
+ Beijing 100092
+ CN
+
+A0-19-B2 (hex) MIS Industrie Systeme GmbH & Co. KG
+800000-8FFFFF (base 16) MIS Industrie Systeme GmbH & Co. KG
+ Lohwiese 7
+ Scheuring Bavaria 86937
+ DE
+
1C-87-76 (hex) Hekatron Vertriebs GmbH
B00000-BFFFFF (base 16) Hekatron Vertriebs GmbH
Brühlmatten 9
@@ -7985,9 +8141,6 @@ C00000-CFFFFF (base 16) mirakonta s.l. Johannesburg Gauteng 2060
ZA
-24-4E-7B (hex) Private
-D00000-DFFFFF (base 16) Private
-
50-0B-91 (hex) Shenzhen Lucky Sonics Co .,Ltd
D00000-DFFFFF (base 16) Shenzhen Lucky Sonics Co .,Ltd
201A, BLOCK 10 ROW 1, SHANGTUN VILLAGE HESHUIKOU COMMUNITY,GO NGMING STREET, GUANGMING DISTRICT
@@ -8186,9 +8339,6 @@ B00000-BFFFFF (base 16) Eginity, Inc. hangzhou 311121
CN
-34-04-9E (hex) Private
-C00000-CFFFFF (base 16) Private
-
50-A4-D0 (hex) OEM PRODUCTION INC.
900000-9FFFFF (base 16) OEM PRODUCTION INC.
1461-3 San Mateo Ave.
@@ -8384,9 +8534,6 @@ A00000-AFFFFF (base 16) Bluemega Document & Print Services Villejust Essonne 91140
FR
-8C-14-7D (hex) Private
-100000-1FFFFF (base 16) Private
-
8C-14-7D (hex) Bausch Datacom NV/SA
B00000-BFFFFF (base 16) Bausch Datacom NV/SA
Tiensesteenweg 54-56
@@ -8525,18 +8672,9 @@ E00000-EFFFFF (base 16) ALPHA TECHNOLOGIES, LLC Chicago IL 60611
US
-64-FB-81 (hex) Private
-F00000-FFFFFF (base 16) Private
-
58-FC-DB (hex) Private
F00000-FFFFFF (base 16) Private
-2C-D1-41 (hex) Private
-F00000-FFFFFF (base 16) Private
-
-2C-6A-6F (hex) Private
-F00000-FFFFFF (base 16) Private
-
BC-66-41 (hex) Private
F00000-FFFFFF (base 16) Private
@@ -8564,9 +8702,6 @@ D00000-DFFFFF (base 16) Keystone Electronic Solutions Dongguan Guangdong China 523929
CN
-58-E8-76 (hex) Private
-000000-0FFFFF (base 16) Private
-
34-29-8F (hex) ARC Technology Co., Ltd
E00000-EFFFFF (base 16) ARC Technology Co., Ltd
4F.-2, No.26, Wuquan 2nd Road,
@@ -8612,9 +8747,6 @@ E00000-EFFFFF (base 16) Taiwan Name Plate Co.,LTD Lystrup 8520
DK
-38-B8-EB (hex) Private
-700000-7FFFFF (base 16) Private
-
CC-22-37 (hex) Shanghai Doit IOT Technology Co.,Ltd.
700000-7FFFFF (base 16) Shanghai Doit IOT Technology Co.,Ltd.
410-412 rooms of 1B business building in NO.1588 ,lianhang road, minhang district
@@ -8795,6 +8927,45 @@ D00000-DFFFFF (base 16) D-Link (Shanghai)Limited Corp. GYEONGGI-DO GOYANG-SI,ILSANDONG-GU 410315
KR
+24-4E-7B (hex) Private
+D00000-DFFFFF (base 16) Private
+
+2C-6A-6F (hex) Private
+F00000-FFFFFF (base 16) Private
+
+2C-D1-41 (hex) Private
+F00000-FFFFFF (base 16) Private
+
+8C-1C-DA (hex) T+A elektroakustik GmbH & Co.KG
+B00000-BFFFFF (base 16) T+A elektroakustik GmbH & Co.KG
+ Planckstr. 9-11
+ Herford 32052
+ DE
+
+8C-1C-DA (hex) GESAS GmbH
+100000-1FFFFF (base 16) GESAS GmbH
+ Pfaelzer Ring 18
+ Hockenheim Baden-Wuerttemberg 68766
+ DE
+
+8C-1C-DA (hex) LocoLabs LLC
+600000-6FFFFF (base 16) LocoLabs LLC
+ 3350 Scott Blvd, Bldg 56
+ Santa Clara CA 95054
+ US
+
+2C-48-35 (hex) Shanghai Visteon Automotive Electronics System CO. Ltd.
+B00000-BFFFFF (base 16) Shanghai Visteon Automotive Electronics System CO. Ltd.
+ No.1268, East Kangqiao Road, Pudong District,
+ ShangHai 201315
+ CN
+
+2C-48-35 (hex) Scout Security, Inc.
+500000-5FFFFF (base 16) Scout Security, Inc.
+ 210 N Racine Ave, STE 2M
+ Chicago IL 60607
+ US
+
34-D0-B8 (hex) Kongqiguanjia (Beijing)Technology co.,ltd
E00000-EFFFFF (base 16) Kongqiguanjia (Beijing)Technology co.,ltd
Room 1201,Block A,Building of Fesco,Xidawang Road,Chaoyang district
@@ -8963,6 +9134,21 @@ B00000-BFFFFF (base 16) Popit Oy Shenzhen Guangdong 518000
CN
+58-E8-76 (hex) Private
+000000-0FFFFF (base 16) Private
+
+38-B8-EB (hex) Private
+700000-7FFFFF (base 16) Private
+
+8C-14-7D (hex) Private
+100000-1FFFFF (base 16) Private
+
+64-FB-81 (hex) Private
+F00000-FFFFFF (base 16) Private
+
+34-04-9E (hex) Private
+C00000-CFFFFF (base 16) Private
+
1C-87-74 (hex) Philips Personal Health Solutions
000000-0FFFFF (base 16) Philips Personal Health Solutions
High Tech Campus, HTC37 floor 0
@@ -9935,12 +10121,6 @@ A00000-AFFFFF (base 16) Groupeer Technologies Paris Ile-de-France 75008
FR
-F0-AC-D7 (hex) Sercomm Corporation.
-400000-4FFFFF (base 16) Sercomm Corporation.
- violet_liu@sercomm.com
- Miao-Lih Hsuan 115
- TW
-
58-E8-76 (hex) annapurnalabs
B00000-BFFFFF (base 16) annapurnalabs
HACRMEL 2 st Brosh BLDG FLOOR3
@@ -10919,18 +11099,12 @@ D00000-DFFFFF (base 16) THK Co.,LTD. Changsha Hunan 410000
CN
-80-7B-85 (hex) Private
-F00000-FFFFFF (base 16) Private
-
14-1F-BA (hex) Private
F00000-FFFFFF (base 16) Private
B4-37-D1 (hex) Private
F00000-FFFFFF (base 16) Private
-54-9A-11 (hex) Private
-F00000-FFFFFF (base 16) Private
-
7C-BA-CC (hex) Fossil Power Systems Inc
600000-6FFFFF (base 16) Fossil Power Systems Inc
10 Mosher Drive
@@ -11158,3 +11332,45 @@ A00000-AFFFFF (base 16) Shenzhen Bestway Technology Co., Ltd 2nd Floor, Building 9, Jingxuan Industrial Park, East Ring Road, Longhua District,
Shenzhen GuangDong 518109
CN
+
+3C-24-F0 (hex) Laipac Technology Inc.
+200000-2FFFFF (base 16) Laipac Technology Inc.
+ 20 Mural St. Unit 5
+ Richmond Hill ON - Ontario L4B 1K3
+ CA
+
+8C-1C-DA (hex) China Potevio Co., Ltd
+A00000-AFFFFF (base 16) China Potevio Co., Ltd
+ No.6, haidian north second street, haidian district, Beijing
+ Beijing Beijing 100080
+ CN
+
+8C-1C-DA (hex) ATOL LLC
+800000-8FFFFF (base 16) ATOL LLC
+ Bolshaya Novodmitrovskaya str., 14, build 4
+ Moscow 127015
+ RU
+
+8C-1C-DA (hex) Electronic Controlled Systems, Inc.
+E00000-EFFFFF (base 16) Electronic Controlled Systems, Inc.
+ 11200 Hampshire Ave South
+ Bloomington MN 55438
+ US
+
+80-7B-85 (hex) Private
+F00000-FFFFFF (base 16) Private
+
+F0-AC-D7 (hex) Sercomm Corporation.
+400000-4FFFFF (base 16) Sercomm Corporation.
+ 3F,No.81,Yu-Yih Rd.,Chu-Nan Chen
+ Miao-Lih Hsuan 115
+ TW
+
+2C-48-35 (hex) DPS Electronics
+800000-8FFFFF (base 16) DPS Electronics
+ 317 Gallatin Park Dr #2
+ Bozeman MT 59715
+ US
+
+54-9A-11 (hex) Private
+F00000-FFFFFF (base 16) Private
diff --git a/hwdb/ma-small.txt b/hwdb/ma-small.txt index 93d659d0bf..7d784ccf01 100644 --- a/hwdb/ma-small.txt +++ b/hwdb/ma-small.txt @@ -2522,9 +2522,6 @@ A7E000-A7EFFF (base 16) QUICCO SOUND Corporation Odense SV Region Syd 5230
DK
-70-B3-D5 (hex) Private
-FFE000-FFEFFF (base 16) Private
-
70-B3-D5 (hex) Mentor Graphics
3FE000-3FEFFF (base 16) Mentor Graphics
46871 Bayside Parkway
@@ -2582,9 +2579,6 @@ BEA000-BEAFFF (base 16) Virtuosys Ltd Sauerlach Bavaria 82054
DE
-70-B3-D5 (hex) Private
-720000-720FFF (base 16) Private
-
70-B3-D5 (hex) Sanmina Israel
1E6000-1E6FFF (base 16) Sanmina Israel
Koren Industrial Zone , POBox 102
@@ -2948,6 +2942,87 @@ DF1000-DF1FFF (base 16) CoXlab Inc. Berlin 12247
DE
+70-B3-D5 (hex) AVI Pty Ltd
+790000-790FFF (base 16) AVI Pty Ltd
+ 9 Pitt Way
+ Booragoon Western Australia 6154
+ AU
+
+70-B3-D5 (hex) Private
+FFE000-FFEFFF (base 16) Private
+
+70-B3-D5 (hex) Vocality international T/A Cubic
+75F000-75FFFF (base 16) Vocality international T/A Cubic
+ Lydling Barn,Lydling Farm,, Puttenham Lane
+ Godalming Surrey gu8 6ap
+ GB
+
+70-B3-D5 (hex) DEA SYSTEM SPA
+8FA000-8FAFFF (base 16) DEA SYSTEM SPA
+ VIA DELLA TECNICA 6
+ PIOVENE ROCCHETTE VICENZA 36013
+ IT
+
+70-B3-D5 (hex) Kalfire
+64B000-64BFFF (base 16) Kalfire
+ Geloërveldweg 21
+ Belfeld Limburg 5951 DH
+ NL
+
+70-B3-D5 (hex) Contec DTx
+363000-363FFF (base 16) Contec DTx
+ 1800 Penn St Suite 1
+ Melbourne FL 32901
+ US
+
+70-B3-D5 (hex) Private
+720000-720FFF (base 16) Private
+
+70-B3-D5 (hex) Private
+292000-292FFF (base 16) Private
+
+70-B3-D5 (hex) RoboCore Tecnologia
+0AC000-0ACFFF (base 16) RoboCore Tecnologia
+ Estrada das Lagrimas 1986 sala 22
+ Sao Caetano do Sul SP 09580500
+ BR
+
+70-B3-D5 (hex) Enyx SA
+21C000-21CFFF (base 16) Enyx SA
+ 8 rue greneta
+ Paris 75003
+ FR
+
+70-B3-D5 (hex) Tornado Modular Systems
+A87000-A87FFF (base 16) Tornado Modular Systems
+ Inzhenernaya st. 4a
+ Novosibirsk Novosibirsk 630128
+ RU
+
+70-B3-D5 (hex) FUJICOM Co.,Ltd.
+00A000-00AFFF (base 16) FUJICOM Co.,Ltd.
+ 8-10-17-403, HON-chou
+ KOUNOSU-shi SAITAMA-ken 3650038
+ JP
+
+70-B3-D5 (hex) Vistec Electron Beam GmbH
+17B000-17BFFF (base 16) Vistec Electron Beam GmbH
+ Ilmstraße 4
+ Jena 07743
+ DE
+
+70-B3-D5 (hex) JSK System
+B7F000-B7FFFF (base 16) JSK System
+ Wiośniana, 30/32
+ Łódź 93-228
+ PL
+
+70-B3-D5 (hex) Fink Telecom Services
+23B000-23BFFF (base 16) Fink Telecom Services
+ Paradieshofstrasse 101
+ Basel 4054
+ CH
+
70-B3-D5 (hex) Flintab AB
D60000-D60FFF (base 16) Flintab AB
Kabelvägen 4
@@ -2990,9 +3065,6 @@ AE2000-AE2FFF (base 16) Transas Marine Limited Askim Västra Götaland 43632
SE
-00-1B-C5 (hex) Private
-015000-015FFF (base 16) Private
-
70-B3-D5 (hex) FR-Team International SA
476000-476FFF (base 16) FR-Team International SA
Zone industrielle lotissement Vulcalux 10
@@ -3860,12 +3932,6 @@ B8C000-B8CFFF (base 16) ePOINT Embedded Computing Limited Lyndonville NY 14098
US
-70-B3-D5 (hex) DITEST FAHRZEUGDIAGNOSE GMBH
-109000-109FFF (base 16) DITEST FAHRZEUGDIAGNOSE GMBH
- ALTE POSTSTRASSE 152
- A-8020 GRAZ STEIERMARK
- AT
-
70-B3-D5 (hex) Ars Products
F63000-F63FFF (base 16) Ars Products
30 Crabtree Lane
@@ -6020,6 +6086,69 @@ F06000-F06FFF (base 16) WARECUBE,INC Dinkelsbuehl Bavaria 91550
DE
+70-B3-D5 (hex) Eurotek Srl
+1D1000-1D1FFF (base 16) Eurotek Srl
+ Strada Comunale Savonesa, 9
+ Rivalta Scrivia AL 15050
+ IT
+
+00-1B-C5 (hex) Private
+015000-015FFF (base 16) Private
+
+70-B3-D5 (hex) Redcap Solutions s.r.o.
+027000-027FFF (base 16) Redcap Solutions s.r.o.
+ Na Viničních Horách 16
+ Praha 6 16000
+ CZ
+
+70-B3-D5 (hex) SiFive
+92F000-92FFFF (base 16) SiFive
+ 1875 S Grant St
+ San Mateo CA 94403
+ US
+
+70-B3-D5 (hex) Telefrank GmbH
+A82000-A82FFF (base 16) Telefrank GmbH
+ Am Wildengrund 1
+ Altenambach TH 98553
+ DE
+
+70-B3-D5 (hex) EIFFAGE ENERGIE ELECTRONIQUE
+037000-037FFF (base 16) EIFFAGE ENERGIE ELECTRONIQUE
+ D937
+ VERQUIN 62131
+ FR
+
+70-B3-D5 (hex) Blue Marble Communications, Inc.
+77E000-77EFFF (base 16) Blue Marble Communications, Inc.
+ 9520 Padgett St, Suite 101
+ San Diego CA 92126
+ US
+
+70-B3-D5 (hex) D.T.S Illuminazione Srl
+D7C000-D7CFFF (base 16) D.T.S Illuminazione Srl
+ Via Fagnano Selve, 12 / 14
+ Misano Adriatico Rimini 47843
+ IT
+
+70-B3-D5 (hex) Duerkopp-Adler
+3C9000-3C9FFF (base 16) Duerkopp-Adler
+ Potsdamerstr. 190
+ Bielefeld 33719
+ DE
+
+70-B3-D5 (hex) DiTEST Fahrzeugdiagnose GmbH
+109000-109FFF (base 16) DiTEST Fahrzeugdiagnose GmbH
+ ALTE POSTSTRASSE 152
+ A-8020 GRAZ STEIERMARK
+ AT
+
+70-B3-D5 (hex) MSB Elektronik und Gerätebau GmbH
+E9E000-E9EFFF (base 16) MSB Elektronik und Gerätebau GmbH
+ Hofwiesenstr. 23
+ Crailsheim 74564
+ DE
+
70-B3-D5 (hex) Schildknecht AG
494000-494FFF (base 16) Schildknecht AG
Haugweg 26
@@ -7343,9 +7472,6 @@ F56000-F56FFF (base 16) VirtualHere Pty. Ltd. Sereing Liège 4102
BE
-70-B3-D5 (hex) Private
-A9F000-A9FFFF (base 16) Private
-
70-B3-D5 (hex) Alligator Communications
9CB000-9CBFFF (base 16) Alligator Communications
317 Brokaw Road
@@ -7979,9 +8105,6 @@ F03000-F03FFF (base 16) GMI Ltd Inazawa city Aichi pref. 495-0001
JP
-70-B3-D5 (hex) Private
-6CF000-6CFFFF (base 16) Private
-
70-B3-D5 (hex) NuRi&G Engineering co,.Ltd.
72C000-72CFFF (base 16) NuRi&G Engineering co,.Ltd.
#66-33, Elevator road, Geochang Industrial Complex
@@ -8210,12 +8333,6 @@ FFC000-FFCFFF (base 16) Symetrics Industries d.b.a. Extant Aerospace Seoul 135-860
KR
-70-B3-D5 (hex) ard sa
-489000-489FFF (base 16) ard sa
- Micropolis Bat Clematis
- Gap France 05000
- FR
-
70-B3-D5 (hex) WIXCON Co., Ltd
2B1000-2B1FFF (base 16) WIXCON Co., Ltd
Room 803, 77, Seongsuil-ro, Seongdong-gu
@@ -8372,9 +8489,6 @@ DDB000-DDBFFF (base 16) Intra Corporation Orlando FL 32801
US
-70-B3-D5 (hex) Private
-FFF000-FFFFFF (base 16) Private
-
70-B3-D5 (hex) SISTEM SA
DB8000-DB8FFF (base 16) SISTEM SA
Avda.Rita Levi Montalcini, nº2 Parcela 5
@@ -8762,16 +8876,52 @@ E0B000-E0BFFF (base 16) ENTEC Electric & Electronic Co., LTD. Rome Italy 00155
IT
+70-B3-D5 (hex) Biovigil Hygiene Technologies
+DB1000-DB1FFF (base 16) Biovigil Hygiene Technologies
+ 924 N. Main st., Suite 2
+ Ann Arbor MI 48104
+ US
+
70-B3-D5 (hex) Nautel Limited
87C000-87CFFF (base 16) Nautel Limited
10089 Peggy's Cove Road
Hackett's Cove Nova Scotia B3Z3J4
CA
-70-B3-D5 (hex) Biovigil Hygiene Technologies
-DB1000-DB1FFF (base 16) Biovigil Hygiene Technologies
- 924 N. Main st., Suite 2
- Ann Arbor MI 48104
+70-B3-D5 (hex) Andasis Elektronik San. ve Tic. A.Ş.
+D62000-D62FFF (base 16) Andasis Elektronik San. ve Tic. A.Ş.
+ Teknopark İstanbul, Sanayi Mah, Teknopark Bulvarı, No:1/1C 1206 Pendik/İstanbul
+ İstanbul 34906
+ TR
+
+70-B3-D5 (hex) samwooeleco
+676000-676FFF (base 16) samwooeleco
+ A-1001,#119,GASAN-DIGITAL 1RO, GEUMCHEON-GU
+ SEOUL 153-773
+ KR
+
+70-B3-D5 (hex) Grossenbacher Systeme AG
+6B7000-6B7FFF (base 16) Grossenbacher Systeme AG
+ Spinnereistrasse 10
+ St. Gallen 9008
+ CH
+
+70-B3-D5 (hex) ard sa
+489000-489FFF (base 16) ard sa
+ Micropolis Bat Clematis
+ Gap France 05000
+ FR
+
+70-B3-D5 (hex) Touchnet/OneCard
+478000-478FFF (base 16) Touchnet/OneCard
+ 2115 Chapman Rd. Suite 159
+ Chattanooga TN 37421
+ US
+
+70-B3-D5 (hex) Human Systems Integration
+085000-085FFF (base 16) Human Systems Integration
+ 153 Washington St, 4th Floor
+ Walpole MA 02170
US
70-B3-D5 (hex) Shenzhen INVT Electric Co.,Ltd
@@ -8984,6 +9134,39 @@ B43000-B43FFF (base 16) ZAO ZEO Seoul 07796
KR
+70-B3-D5 (hex) SLAT
+920000-920FFF (base 16) SLAT
+ 11 Rue Jean-Elysée DUPUY
+ Champagne au Mont d'Or Rhône 69543
+ FR
+
+70-B3-D5 (hex) Private
+A9F000-A9FFFF (base 16) Private
+
+70-B3-D5 (hex) Private
+FFF000-FFFFFF (base 16) Private
+
+70-B3-D5 (hex) Technica Engineering GmbH
+4C0000-4C0FFF (base 16) Technica Engineering GmbH
+ Leopoldstraße 236
+ Munich 80807
+ DE
+
+70-B3-D5 (hex) AIROBOT OÜ
+1D3000-1D3FFF (base 16) AIROBOT OÜ
+ Pardi 32-1
+ Pärnu 80016
+ EE
+
+70-B3-D5 (hex) Private
+6CF000-6CFFFF (base 16) Private
+
+70-B3-D5 (hex) SHANGHAI IRISIAN OPTRONICS TECHNOLOGY CO.,LTD.
+2D2000-2D2FFF (base 16) SHANGHAI IRISIAN OPTRONICS TECHNOLOGY CO.,LTD.
+ 8F, NO.800, Huanhu NO.2 Road (W), Pudong New District, Shanghai 201306, China
+ Shanghai Shanghai 201306
+ CN
+
70-B3-D5 (hex) Innitive B.V.
66B000-66BFFF (base 16) Innitive B.V.
Brouwerijstraat 20
@@ -10640,9 +10823,6 @@ CD9000-CD9FFF (base 16) Peter Huber Kaeltemaschinenbau GmbH Offenburg Ba-Wue 77656
DE
-70-B3-D5 (hex) Private
-1D7000-1D7FFF (base 16) Private
-
70-B3-D5 (hex) Atonarp Micro-Systems India Pvt. Ltd.
976000-976FFF (base 16) Atonarp Micro-Systems India Pvt. Ltd.
The Millenia, Tower A, 3rd Floor, No. 1&2 Murphy Road – Ulsoor,
@@ -11729,12 +11909,6 @@ B74000-B74FFF (base 16) OnYield Inc Ltd Kowloon TST East
HK
-70-B3-D5 (hex) SonoSound ApS
-656000-656FFF (base 16) SonoSound ApS
- Malov Byvej 229
- Malov Hovedstaden 2760
- DK
-
70-B3-D5 (hex) Granite River Labs Inc
749000-749FFF (base 16) Granite River Labs Inc
3500 Thomas Rd # A,
@@ -11747,6 +11921,57 @@ B74000-B74FFF (base 16) OnYield Inc Ltd Moscow RUSSIA 129085
RU
+70-B3-D5 (hex) SonoSound ApS
+656000-656FFF (base 16) SonoSound ApS
+ Malov Byvej 229
+ Malov Hovedstaden 2760
+ DK
+
+70-B3-D5 (hex) Rishaad Brown
+D09000-D09FFF (base 16) Rishaad Brown
+ 224 Thoreau dr. Apt.D
+ Yorktown VA 23693
+ US
+
+70-B3-D5 (hex) Power Electronics Espana, S.L.
+2A9000-2A9FFF (base 16) Power Electronics Espana, S.L.
+ C/ Leonardo Da Vinci, 24-26
+ Paterna Valencia 46980
+ ES
+
+70-B3-D5 (hex) Private
+1D7000-1D7FFF (base 16) Private
+
+70-B3-D5 (hex) Suprock Technologies
+613000-613FFF (base 16) Suprock Technologies
+ 45 Scott Hill Rd
+ Warren NH 03279
+ US
+
+70-B3-D5 (hex) Yukilab
+7D6000-7D6FFF (base 16) Yukilab
+ 1-7-3 Sekiya-Matsunami, Chuo
+ Niigata Niigata 951-8161
+ JP
+
+70-B3-D5 (hex) SYS TEC electronic GmbH
+BAF000-BAFFFF (base 16) SYS TEC electronic GmbH
+ Am Windrad 2
+ Heinsdorfergrund D-08468
+ DE
+
+70-B3-D5 (hex) MITSUBISHI HEAVY INDUSTRIES THERMAL SYSTEMS, LTD.
+A37000-A37FFF (base 16) MITSUBISHI HEAVY INDUSTRIES THERMAL SYSTEMS, LTD.
+ 3-1, Asahi, Nishibiwajima-Cho
+ Kiyosu Aichi 452-8561
+ JP
+
+70-B3-D5 (hex) Hangzhou Youshi Industry Co., Ltd.
+4EC000-4ECFFF (base 16) Hangzhou Youshi Industry Co., Ltd.
+ Unit 501-38, Blue Sky Business Centre,GongShu District,
+ Hangzhou Zhejiang 310000
+ CN
+
70-B3-D5 (hex) Saline Lectronics, Inc.
246000-246FFF (base 16) Saline Lectronics, Inc.
710 N Maple Rd
@@ -11939,6 +12164,54 @@ CA2000-CA2FFF (base 16) De Haardt bv Santa Clarita CA 91350
US
+70-B3-D5 (hex) Orange Tree Technologies Ltd
+EF4000-EF4FFF (base 16) Orange Tree Technologies Ltd
+ 173 Curie Avenue, Harwell Oxford
+ Didcot Oxfordshire OX11 0QG
+ GB
+
+70-B3-D5 (hex) Adel System srl
+375000-375FFF (base 16) Adel System srl
+ VIA LUIGI BARCHI, 9/B
+ Reggio Emilia 42124
+ IT
+
+70-B3-D5 (hex) Pietro Fiorentini
+A76000-A76FFF (base 16) Pietro Fiorentini
+ Via Enrico Fermi
+ Arcugnano 36057
+ IT
+
+70-B3-D5 (hex) UMAN
+722000-722FFF (base 16) UMAN
+ Unit 12, Oxbow Crescent, Esturies, Century City
+ Cape Town Western Cape 7441
+ ZA
+
+70-B3-D5 (hex) YAWATA ELECTRIC INDUSTRIAL CO.,LTD.
+BCE000-BCEFFF (base 16) YAWATA ELECTRIC INDUSTRIAL CO.,LTD.
+ 1-17-1 Ohmorihigashi
+ Ohta-ku Tokyo 143-0012
+ JP
+
+70-B3-D5 (hex) PEEK TRAFFIC
+C65000-C65FFF (base 16) PEEK TRAFFIC
+ 5401 N SAM HOUSTON PKWY W
+ HOUSTON 77086
+ US
+
+70-B3-D5 (hex) Enertex Bayern GmbH
+DC8000-DC8FFF (base 16) Enertex Bayern GmbH
+ Ebermannstädter Str. 8
+ Forchheim Bayern 91301
+ DE
+
+70-B3-D5 (hex) Potter Electric Signal Co. LLC
+1BE000-1BEFFF (base 16) Potter Electric Signal Co. LLC
+ 1609 Park 370 Place
+ Hazelwood MO 63042
+ US
+
70-B3-D5 (hex) EMAC, Inc.
8AB000-8ABFFF (base 16) EMAC, Inc.
2390 EMAC Way
@@ -13295,9 +13568,6 @@ EE1000-EE1FFF (base 16) allora Factory BVBA Bornem 2880
BE
-70-B3-D5 (hex) Private
-389000-389FFF (base 16) Private
-
70-B3-D5 (hex) Electronic Equipment Company Pvt. Ltd.
640000-640FFF (base 16) Electronic Equipment Company Pvt. Ltd.
146/2, Old China Bazar Street,
@@ -14833,3 +15103,84 @@ C11000-C11FFF (base 16) Ariston Thermo s.p.a. Rm121 B1 Shouxindasha Building, 5 Jiangtailu Rd., Chaoyang District
Beijing 100015
CN
+
+70-B3-D5 (hex) OnYield Inc Ltd
+D72000-D72FFF (base 16) OnYield Inc Ltd
+ 814 Houston Centre, 63 Mody Road
+ Kowloon TST East
+ HK
+
+70-B3-D5 (hex) KnowRoaming
+D6A000-D6AFFF (base 16) KnowRoaming
+ 90 Eglinton Ave. E
+ Toronto Ontario - ON M4P2Y3
+ CA
+
+70-B3-D5 (hex) RFRain LLC
+F5F000-F5FFFF (base 16) RFRain LLC
+ 8 THE GREEN SUITE 4510
+ Dover DE 19901
+ US
+
+70-B3-D5 (hex) Refine Technology, LLC
+EBC000-EBCFFF (base 16) Refine Technology, LLC
+ 26 Chapin Road, Unit 1107, PO Box 691
+ Pine Brook NJ 07058
+ US
+
+70-B3-D5 (hex) Private
+389000-389FFF (base 16) Private
+
+70-B3-D5 (hex) Sanmina Israel
+984000-984FFF (base 16) Sanmina Israel
+ Koren Industrial Zone , POBox 102
+ Maalot Israel 2101002
+ IL
+
+70-B3-D5 (hex) Common Sense Monitoring Solutions Ltd.
+0D1000-0D1FFF (base 16) Common Sense Monitoring Solutions Ltd.
+ Unit 1, Holts Court
+ Threshers Bush Essex CM17 0NS
+ GB
+
+70-B3-D5 (hex) Naval Group
+382000-382FFF (base 16) Naval Group
+ 40-42 Rue Du Docteur Finlay
+ PARIS CEDEX 15 75732
+ FR
+
+70-B3-D5 (hex) Koizumi Lighting Technology Corp.
+19F000-19FFFF (base 16) Koizumi Lighting Technology Corp.
+ 3-5-2-Chome
+ Higashinakamoto,Higashinari-ku,Osaka 537-0021
+ JP
+
+70-B3-D5 (hex) LGM Ingénierie
+968000-968FFF (base 16) LGM Ingénierie
+ 13 avenue Morane Saulnier
+ Vélizy-Villacoublay 78140
+ FR
+
+70-B3-D5 (hex) EN ElectronicNetwork Hamburg GmbH
+015000-015FFF (base 16) EN ElectronicNetwork Hamburg GmbH
+ Meiendorfer Strasse 205
+ Hamburg 22145
+ DE
+
+70-B3-D5 (hex) VITEC
+05E000-05EFFF (base 16) VITEC
+ 99 rue pierre sémard
+ Chatillon France 92320
+ FR
+
+70-B3-D5 (hex) Saankhya Labs Private Limited
+CA3000-CA3FFF (base 16) Saankhya Labs Private Limited
+ Embassy Icon, 3rd Floor, No. 3, Infantry Road,
+ Bangalore Karnataka 560001
+ IN
+
+70-B3-D5 (hex) ard sa
+D6E000-D6EFFF (base 16) ard sa
+ Micropolis Bat Clematis
+ Gap France 05000
+ FR
diff --git a/hwdb/pci.ids b/hwdb/pci.ids index d6f8b1cf2f..27cca09d2b 100644 --- a/hwdb/pci.ids +++ b/hwdb/pci.ids @@ -1,8 +1,8 @@ # # List of PCI ID's # -# Version: 2018.01.14 -# Date: 2018-01-14 03:15:02 +# Version: 2018.02.19 +# Date: 2018-02-19 03:15:01 # # Maintained by Albert Pool, Martin Mares, and other volunteers from # the PCI ID Project at http://pci-ids.ucw.cz/. @@ -250,6 +250,7 @@ 1028 1fd4 PERC H745P MX 1d49 0602 ThinkSystem RAID 930-16i 4GB Flash PCIe 12Gb Adapter 1d49 0604 ThinkSystem RAID 930-8e 4GB Flash PCIe 12Gb Adapter + 1d49 0607 ThinkSystem RAID 930-16i 8GB Flash PCIe 12Gb Adapter 8086 352d Integrated RAID Module RMSP3AD160F 8086 9460 RAID Controller RSP3TD160F 8086 9480 RAID Controller RSP3MD088F @@ -751,7 +752,9 @@ 131b Kaveri [Radeon R4 Graphics] 131c Kaveri [Radeon R7 Graphics] 131d Kaveri [Radeon R6 Graphics] - 15dd Vega [Radeon Vega 8 Mobile] + 15dd Raven Bridge [Radeon Vega Series / Radeon Vega Mobile Series] + 103c 83c6 Radeon Vega 8 Mobile + 1458 d000 Radeon RX Vega 11 15ff Vega [Radeon Vega 28 Mobile] 1714 BeaverCreek HDMI Audio [Radeon HD 6500D and 6400G-6600G series] 103c 168b ProBook 4535s @@ -784,7 +787,7 @@ 18bc 0101 GC-R9600PRO (Primary) 4151 RV350 [Radeon 9600 Series] 1043 c004 A9600SE - 174b 7c37 Radeon 9600 SE + 174b 7c37 Radeon 9600SE 128M DDR V/D/VO 4152 RV360 [Radeon 9600/X1050 Series] 1002 0002 Radeon 9600XT 1002 4772 All-in-Wonder 9600 XT @@ -814,7 +817,7 @@ 18bc 0100 GC-R9600PRO (Secondary) 4171 RV350 [Radeon 9600] (Secondary) 1043 c005 A9600SE (Secondary) - 174b 7c36 Radeon 9600 SE (secondary) + 174b 7c36 Radeon 9600SE 128M DDR V/D/VO (secondary) 4172 RV350 [Radeon 9600/X1050 Series] (Secondary) 1002 0003 Radeon 9600XT (Secondary) 1002 4773 All-in-Wonder 9600 XT (Secondary) @@ -921,6 +924,7 @@ 1043 836c M4A785TD Motherboard 1043 8410 M4A89GTD PRO/USB3 Motherboard 1043 841b M5A88-V EVO + 1043 8445 M5A78L LE 105b 0e13 N15235/A74MX mainboard / AMD SB700 1179 ff50 Satellite P305D-S8995E 1458 a022 GA-MA770-DS3rev2.0 Motherboard @@ -1598,15 +1602,18 @@ 103c 2100 FirePro M4100 6602 Mars 6603 Mars - 6604 Opal XT [Radeon R7 M265] + 6604 Opal XT [Radeon R7 M265/M365X/M465] 103c 8006 FirePro M4170 + 103c 814f Litho XT [Radeon R7 M365X] + 103c 82aa Litho XT [Radeon R7 M465] 17aa 3643 Radeon R7 A360 - 6605 Opal PRO [Radeon R7 M260] + 6605 Opal PRO [Radeon R7 M260X] 103c 2259 FirePro M4150 6606 Mars XTX [Radeon HD 8790M] 1028 0684 FirePro W4170M 6607 Mars LE [Radeon HD 8530M / R5 M240] 6608 Oland GL [FirePro W2100] + 13cc 3d28 MXRT-2600 6610 Oland XT [Radeon HD 8670 / R7 250/350] 1019 0030 Radeon HD 8670 1028 2120 Radeon R7 250 @@ -1639,6 +1646,7 @@ 1002 0b0c FirePro W4300 103c 0b0c Bonaire [FirePro W4300] 103c 230c FirePro W5100 + 13cc 3d2a MXRT-5600 6650 Bonaire 6651 Bonaire 6658 Bonaire XTX [Radeon R7 260X/360] @@ -1674,6 +1682,7 @@ 103c 80be Radeon R5 M330 103c 8136 Radeon R5 M330 103c 8329 Radeon R7 M520 + 17aa 3633 Radeon R5 A330 17aa 3804 Radeon R5 M330 17aa 3809 Radeon R5 M330 17aa 381a Radeon R5 M430 @@ -1877,7 +1886,10 @@ 8086 2111 Radeon HD 6625M 6743 Whistler [Radeon E6760] 6749 Turks GL [FirePro V4900] + 15c3 2b06 MED-X4900 674a Turks GL [FirePro V3900] + 13cc 3d22 MXRT-2500 + 15c3 0106 MED-X3900 6750 Onega [Radeon HD 6650A/7650A] 1462 2670 Radeon HD 6670A 17aa 3079 Radeon HD 7650A @@ -2190,11 +2202,13 @@ 1043 3001 Tahiti XTL [ROG Matrix R9 280X] 1043 3006 Tahiti XTL [Radeon R9 280X DirectCU II TOP] 1043 9999 ARES II + 106b 0127 FirePro D700 + 106b 0128 FirePro D700 1092 3000 Tahiti XT2 [Radeon HD 7970 GHz Edition] 1458 2261 Tahiti XT2 [Radeon HD 7970 GHz Edition OC] # GV-R928XOC-3GD 1458 3001 Tahiti XTL [Radeon R9 280X OC] - 1462 2774 MSI R7970 TF 3GD5/OC BE + 1462 2774 HD 7970 TwinFrozr III Boost Edition OC 1682 3001 Tahiti XTL [Radeon R9 280X] 1682 3211 Double D HD 7970 Black Edition # FX-797A-TNBC @@ -2215,6 +2229,8 @@ 1462 8036 Radeon HD 8990 OEM 148c 8990 Radeon HD 8990 OEM 679e Tahiti LE [Radeon HD 7870 XT] + 106b 0125 FirePro D500 + 106b 0126 FirePro D500 1787 2328 Radeon HD 7870 Black Edition 2 GB GDDR5 [2GBD5-2DHV3E] 679f Tahiti 67a0 Hawaii XT GL [FirePro W9100] @@ -2269,7 +2285,7 @@ 174b e324 Sapphire Nitro R9 390 67b9 Vesuvius [Radeon R9 295X2] 67be Hawaii LE - 67c0 Ellesmere [Radeon Pro WX 7100] + 67c0 Ellesmere [Radeon Pro WX 7100 Mobile] 67c2 Ellesmere [Radeon Pro V7300X / V7350x2] 67c4 Ellesmere [Radeon Pro WX 7100] 1002 0336 Radeon Pro Duo @@ -2299,10 +2315,20 @@ 1787 a480 Radeon RX 480 1da2 e353 Sapphire Radeon RX 580 Pulse 8GB 1da2 e366 Nitro+ Radeon RX 580 4GB - 67e0 Baffin [Polaris11] + 67e0 Baffin [Radeon Pro WX 4170] + 103c 8270 Radeon Pro WX 4170 + 103c 8272 Radeon Pro WX 4170 67e1 Baffin [Polaris11] 67e3 Baffin [Radeon Pro WX 4100] - 67e8 Baffin [Polaris11] + 67e8 Baffin [Radeon Pro WX 4130/4150] + 1028 075d Radeon Pro WX 4150 + 1028 07b0 Radeon Pro WX 4130/4150 + 1028 07b1 Radeon Pro WX 4130 + 1028 175d Radeon Pro WX 4150 + 1028 17b0 Radeon Pro WX 4130/4150 + 1028 17b1 Radeon Pro WX 4130 + 103c 8275 Radeon Pro WX 4150 + 103c 8277 Radeon Pro WX 4150 67e9 Baffin [Polaris11] 67eb Baffin [Radeon Pro V5300X] 67ef Baffin [Radeon RX 460/560D / Pro 450/455/460/560] @@ -2312,7 +2338,14 @@ 106b 0179 Radeon Pro 560 1642 1727 Polaris 21 XL [Radeon RX 560D] 1682 956d Polaris 21 XL [Radeon RX 560D] - 67ff Baffin [Radeon RX 560] + 67ff Baffin [Radeon RX 550 640SP / RX 560] + 1002 0b04 Radeon RX 560 + 1043 04bc Radeon RX 560 + 1458 22ed Radeon RX 560 + 148c 2381 Radeon RX 560 + 1682 9560 Radeon RX 560 + 1da2 e348 Radeon RX 560 + 1da2 e367 Radeon RX 550 640SP 6800 Wimbledon XT [Radeon HD 7970M] 1002 0124 Radeon HD 7970M 8086 2110 Radeon HD 7970M @@ -2327,8 +2360,16 @@ 6808 Pitcairn XT GL [FirePro W7000] 1002 0310 FirePro S7000 1002 0420 Radeon Sky 500 + 103c 030c MED-X7000 + 13cc 3d25 MXRT-7500 + 15c3 030c MED-X7000 6809 Pitcairn LE GL [FirePro W5000] + 13cc 3d23 MXRT-5500 + 13cc 3d24 MXRT-5550 + 15c3 0b06 MED-X5000 6810 Curacao XT / Trinidad XT [Radeon R7 370 / R9 270X/370X] + 106b 012a FirePro D300 + 106b 012b FirePro D300 148c 0908 Radeon R9 370 OEM 1682 7370 Radeon R7 370 6811 Curacao PRO [Radeon R7 370 / R9 270/370 OEM] @@ -2374,6 +2415,7 @@ 6826 Chelsea LP [Radeon HD 7700M Series] 6827 Heathrow PRO [Radeon HD 7850M/8850M] 6828 Cape Verde PRO [FirePro W600] + 15c3 2b1e MED-X6000 6829 Cape Verde 682a Venus PRO 682b Venus LE / Tropo PRO-L [Radeon HD 8830M / R7 M465X] @@ -2382,8 +2424,6 @@ 682d Chelsea XT GL [FirePro M4000] 682f Chelsea LP [Radeon HD 7730M] 103c 1851 Radeon HD 7750M - 6830 Cape Verde [Radeon HD 7800M Series] - 6831 Cape Verde [AMD Radeon HD 7700M Series] 6835 Cape Verde PRX [Radeon R9 255 OEM] 6837 Cape Verde LE [Radeon HD 7730/8730] 1462 2796 Radeon HD 8730 @@ -2512,17 +2552,19 @@ 6842 Thames LE [Radeon HD 7000M Series] 6843 Thames [Radeon HD 7670M] 6860 Vega 10 [Radeon Instinct MI25] + 106b 017c Radeon Pro Vega 64 6861 Vega 10 XT [Radeon PRO WX 9100] 6862 Vega 10 XT [Radeon PRO SSG] 6863 Vega 10 XTX [Radeon Vega Frontier Edition] 6864 Vega - 6867 Vega + 6867 Vega 10 XL [Radeon Pro Vega 56] 6868 Vega 686c Vega 10 [Radeon Instinct MI25 MxGPU] 687f Vega 10 XT [Radeon RX Vega 64] 6888 Cypress XT [FirePro V8800] 6889 Cypress PRO [FirePro V7800] 1002 0301 FirePro V7800P + 13cc 3d1f MXRT-7400 688a Cypress XT [FirePro V9800] 1002 030c FirePro V9800P 688c Cypress XT GL [FireStream 9370] @@ -2570,6 +2612,8 @@ 103c 159b Radeon HD 6850M 144d c0ad Radeon HD 6850M 68a9 Juniper XT [FirePro V5800] + 13cc 3d1e MXRT-5400 + 13cc 3d20 MXRT-5450 68b8 Juniper XT [Radeon HD 5770] 106b 00cf MacPro5,1 [Mac Pro 2.8GHz DDR3] 68b9 Juniper LE [Radeon HD 5670 640SP Edition] @@ -2731,6 +2775,7 @@ 1462 2246 Radeon HD 6550A 68c8 Redwood XT GL [FirePro V4800] 68c9 Redwood PRO GL [FirePro V3800] + 13cc 3d1d MXRT-2400 68d8 Redwood XT [Radeon HD 5670/5690/5730] 1028 68e0 Radeon HD 5670 174b 5690 Radeon HD 5690 @@ -2992,6 +3037,7 @@ 103c 2269 Radeon R7 M260 103c 22c6 Radeon R7 M260 103c 22c8 Radeon R7 M260 + 103c 2b45 Radeon R7 A360 103c 808c Radeon R7 M260 103c 8099 Radeon R7 M360 103c 80b5 Radeon R7 M360 @@ -3013,6 +3059,7 @@ 6921 Amethyst XT [Radeon R9 M295X] 6929 Tonga XT GL [FirePro S7150] 692b Tonga PRO GL [FirePro W7100] + 13cc 3d2b MXRT-7600 692f Tonga XTV GL [FirePro S7150V] 6938 Tonga XT / Amethyst XT [Radeon R9 380X / R9 M295X] 1043 04f5 Radeon R9 380X @@ -3027,7 +3074,8 @@ 148c 9380 Radeon R9 380 # Make naming scheme consistent 174b e308 Radeon R9 380 Nitro 4G D5 - 694c Vega [Radeon RX Vega M] + 694c Polaris 22 [Radeon RX Vega M GH] + 694e Polaris 22 [Radeon RX Vega M GL] 6980 Polaris12 6981 Polaris12 6985 Lexa XT [Radeon PRO WX 3100] @@ -3043,17 +3091,27 @@ 7101 R520/M58 [Mobility Radeon X1800 XT] 7102 R520/M58 [Mobility Radeon X1800] 7104 R520 GL [FireGL V7200] + 13cc 3d0a MXRT-5100 7109 R520 [Radeon X1800 XL] 1002 0322 All-in-Wonder X1800XL 1002 0d02 Radeon X1800 CrossFire Edition 710a R520 [Radeon X1800 GTO] 1002 0b12 Radeon X1800 GTO² 710b R520 [Radeon X1800 GTO] + 710e R520 GL [FireGL V7300] + 13cc 3d0c MXRT-5150 + 710f R520 GL [FireGL V7350] + 13cc 3d0e MXRT-7100 7120 R520 [Radeon X1800] (Secondary) 7124 R520 GL [FireGL V7200] (Secondary) + 13cc 3d0b MXRT-5100 (Secondary) 7129 R520 [Radeon X1800] (Secondary) 1002 0323 All-In-Wonder X1800 XL (Secondary) 1002 0d03 Radeon X1800 CrossFire Edition (Secondary) + 712e R520 GL [FireGL V7300] (Secondary) + 13cc 3d0d MXRT-5150 (Secondary) + 712f R520 GL [FireGL V7350] (Secondary) + 13cc 3d0f MXRT-7100 (Secondary) 7140 RV515 [Radeon X1300/X1550/X1600 Series] 7142 RV515 PRO [Radeon X1300/X1550 Series] 1002 0322 All-in-Wonder 2006 PCI-E Edition @@ -3093,12 +3151,16 @@ 7193 RV516 [Radeon X1550 Series] 7196 RV516/M62-S [Mobility Radeon X1350] 719b RV516 GL [FireMV 2250] + 13cc 3d12 MXRT-1150 + 13cc 3d14 MXRT-2150 719f RV516 [Radeon X1550 Series] 71a0 RV516 [Radeon X1300/X1550 Series] (Secondary) 71a1 RV516 [Radeon X1600/X1650 Series] (Secondary) 71a3 RV516 [Radeon X1300/X1550 Series] (Secondary) 71a7 RV516 [Radeon X1300/X1550 Series] (Secondary) 71bb RV516 GL [FireMV 2250] (Secondary) + 13cc 3d13 MXRT-1150 (Secondary) + 13cc 3d15 MXRT-2150 (Secondary) 71c0 RV530 [Radeon X1600 XT/X1650 GTO] 1002 e160 Radeon X1650 GTO 174b e160 Radeon X1650 GTO @@ -3117,6 +3179,7 @@ 1787 3000 PowerColor X1650 PRO AGP 71ce RV530 [Radeon X1300 XT/X1600 PRO] 71d2 RV530 GL [FireGL V3400] + 13cc 3d08 MXRT-2100 71d4 RV530/M66 GL [Mobility FireGL V5250] 71d5 RV530/M66-P [Mobility Radeon X1700] 71d6 RV530/M66-XT [Mobility Radeon X1700] @@ -3130,6 +3193,7 @@ 71e7 RV535 [Radeon X1650 PRO] (Secondary) 1787 3001 Radeon X1650 PRO AGP 71f2 RV530 GL [FireGL V3400] (Secondary) + 13cc 3d09 MXRT-2100 (Secondary) 7210 RV550/M71 [Mobility Radeon HD 2300] 7211 RV550/M71 [Mobility Radeon X2300 HD] 7240 R580+ [Radeon X1950 XTX] @@ -3206,6 +3270,7 @@ 9403 R600 [Radeon HD 2900 PRO] 9405 R600 [Radeon HD 2900 GT] 940a R600 GL [FireGL V8650] + 13cc 3d16 MXRT-7200 940b R600 GL [FireGL V8600] 940f R600 GL [FireGL V7600] 9440 RV770 [Radeon HD 4870] @@ -3243,6 +3308,7 @@ 174b 0028 Radeon HD 4650 AGP DDR2 9498 RV730 PRO [Radeon HD 4650] 949c RV730 GL [FirePro V7750] + 13cc 3d1b MXRT-7300 949e RV730 GL [FirePro V5700] 949f RV730 GL [FirePro V3750] 94a0 RV740/M97 [Mobility Radeon HD 4830] @@ -3329,6 +3395,7 @@ 958a RV630 [Radeon HD 2600 X2] 958b RV630/M76 [Mobility Radeon HD 2600 XT] 958c RV630 GL [FireGL V5600] + 13cc 3d18 MXRT-5200 958d RV630 GL [FireGL V3600] 9591 RV635/M86 [Mobility Radeon HD 3650] 1002 9591 Mobility Radeon HD 3650 @@ -3343,6 +3410,7 @@ 1043 3001 Radeon HD 4570 174b 3001 Radeon HD 3750 174b 4580 RV635 PRO [Radeon HD 4580] + 17af 3011 RV635 PRO [Radeon HD 4580] 9599 RV635 PRO [Radeon HD 3650 AGP] 95c0 RV620 PRO [Radeon HD 3470] 1002 95c0 Mobility Radeon HD 3470 @@ -3354,7 +3422,7 @@ 95c6 RV620 LE [Radeon HD 3450 AGP] 95c9 RV620 LE [Radeon HD 3450 PCI] 95cc RV620 GL [FirePro V3700] - 95cd RV620 [FirePro 2450] + 95cd RV620 GL [FirePro 2450] 95cf RV620 GL [FirePro 2260] 960f RS780 HDMI Audio [Radeon 3000/3100 / HD 3200/3300] 9610 RS780 [Radeon HD 3200] @@ -3430,7 +3498,19 @@ 985d Mullins 985e Mullins 985f Mullins - 9874 Carrizo + 9874 Wani [Radeon R5/R6/R7 Graphics] + 1002 1871 Radeon R5 Graphics + 1002 1e20 Radeon R7 Graphics + 1028 06bd Radeon R6 Graphics + 103c 2b44 Radeon R6 Graphics + 103c 8221 Radeon R5 Graphics + 103c 8223 Radeon R5 Graphics + 103c 8238 Radeon R7 Graphics + 103c 8353 Radeon R7 Graphics + 1458 d000 Radeon R7 Graphics + 17aa 5113 Radeon R6 Graphics + 17aa 5116 Radeon R6 Graphics + 17aa 5118 Radeon R5 Graphics 9900 Trinity [Radeon HD 7660G] 103c 1985 Pavilion 17-e163sg Notebook PC # AMD A10-5800K CPU @@ -3442,8 +3522,8 @@ 103c 194e ProBook 455 G1 Notebook 103c 1952 ProBook 455 G1 Notebook 9904 Trinity [Radeon HD 7560D] - 9905 Trinity [FirePro A300 Series Graphics] - 9906 Trinity [FirePro A300 Series Graphics] + 9905 Trinity GL [FirePro A300] + 9906 Trinity GL [FirePro A320] 9907 Trinity [Radeon HD 7620G] 9908 Trinity [Radeon HD 7600G] 9909 Trinity [Radeon HD 7500G] @@ -4079,7 +4159,7 @@ 1463 Family 17h (Models 00h-0fh) Data Fabric: Device 18h; Function 3 1464 Family 17h (Models 00h-0fh) Data Fabric: Device 18h; Function 4 1465 Family 17h (Models 00h-0fh) Data Fabric: Device 18h; Function 5 - 1466 Family 17h (Models 00h-0fh) Data Fabric Device 18h Function 6 + 1466 Family 17h (Models 00h-0fh) Data Fabric: Device 18h; Function 6 1467 Family 17h (Models 00h-0fh) Data Fabric: Device 18h; Function 7 1510 Family 14h Processor Root Complex 174b 1001 PURE Fusion Mini @@ -4096,6 +4176,17 @@ 1535 Family 16h Processor Function 5 1536 Family 16h Processor Root Complex 1538 Family 16h Processor Function 0 + 1570 Family 15h (Models 60h-6fh) Processor Function 0 + 1571 Family 15h (Models 60h-6fh) Processor Function 1 + 1572 Family 15h (Models 60h-6fh) Processor Function 2 + 1573 Family 15h (Models 60h-6fh) Processor Function 3 + 1574 Family 15h (Models 60h-6fh) Processor Function 4 + 1575 Family 15h (Models 60h-6fh) Processor Function 5 + 1576 Family 15h (Models 60h-6fh) Processor Root Complex + 1577 Family 15h (Models 60h-6fh) I/O Memory Management Unit + 157a Family 15h (Models 60h-6fh) Audio Controller + 157b Family 15h (Models 60h-6fh) Host Bridge + 157c Family 15h (Models 60h-6fh) Processor Root Port 1600 Family 15h Processor Function 0 1601 Family 15h Processor Function 1 1602 Family 15h Processor Function 2 @@ -4165,8 +4256,11 @@ 43a1 Hudson PCI to PCI bridge (PCIE port 1) 43a2 Hudson PCI to PCI bridge (PCIE port 2) 43a3 Hudson PCI to PCI bridge (PCIE port 3) + 43b1 X399 Series Chipset PCIe Bridge 43b4 300 Series Chipset PCIe Port + 43b6 X399 Series Chipset SATA Controller 43b7 300 Series Chipset SATA Controller + 43ba X399 Series Chipset USB 3.1 xHCI Controller 43bb 300 Series Chipset USB 3.1 xHCI Controller 7006 AMD-751 [Irongate] System Controller 7007 AMD-751 [Irongate] AGP Bridge @@ -4623,7 +4717,7 @@ 103c 3381 iLO4 0534 G200eR2 0536 Integrated Matrox G200eW3 Graphics Controller - 0538 G200eH + 0538 MGA G200eH3 1590 00e4 iLO5 VGA 0540 M91XX 102b 2080 M9140 LP PCIe x16 @@ -5309,7 +5403,7 @@ c824 82C824 c825 82C825 [Firebridge 2] c832 82C832 - c861 82C861 + c861 82C861 OHCI USB Host c881 82C881 [FireLink] 1394 OHCI Link Controller c895 82C895 c935 EV1935 ECTIVA MachOne PCIAudio @@ -9293,6 +9387,7 @@ 0424 G86 [GeForce 8400 GS] 0425 G86M [GeForce 8600M GS] 1025 0121 Aspire 5920G + 1043 1514 F3SV 0426 G86M [GeForce 8400M GT] 0427 G86M [GeForce 8400M GS] 103c 30cc Pavilion dv6700 @@ -9464,6 +9559,7 @@ 1682 2385 GeForce 9600 GSO 768mb 0611 G92 [GeForce 8800 GT] 107d 2ab0 Winfast PX8800 GT PCI-E + 1462 1170 NX8800GT series model V117 2xDVI+TV 19da 1040 ZT-88TES2P-FSP 0612 G92 [GeForce 9800 GTX / 9800 GTX+] 0613 G92 [GeForce 9800 GTX+] @@ -10248,8 +10344,10 @@ 102a GK110BGL [Tesla K40t] 102d GK210GL [Tesla K80] 102e GK110BGL [Tesla K40d] + 102f GK110BGL [Tesla Stella Solo] 103a GK110GL [Quadro K6000] 103c GK110GL [Quadro K5200] + 103f GK110BGL [Tesla Stella SXM] 1040 GF119 [GeForce GT 520] 1043 83a0 ENGT520 SILENT 1042 GF119 [GeForce 510] @@ -10703,6 +10801,7 @@ 11a3 GK104M [GeForce GTX 680MX] 106b 010d iMac 13,2 11a7 GK104M [GeForce GTX 675MX] + 11af GK104GLM [GRID IceCube] # GRID K2 Quadro USM 11b0 GK104GL [GRID K240Q\K260Q vGPU] 10de 101a GRID K240Q @@ -10882,6 +10981,7 @@ 13bd GM107GL [Tesla M10] 10de 110a GRID M40 10de 1160 Tesla M10 + 10de 11d2 GRID M10-8Q 13c0 GM204 [GeForce GTX 980] 1043 8504 GTX980-4GD5 13c1 GM204 @@ -10895,6 +10995,10 @@ 13f0 GM204GL [Quadro M5000] 13f1 GM204GL [Quadro M4000] 13f2 GM204GL [Tesla M60] + 10de 114d GRID M60-1Q + 10de 114e GRID M60-2Q + 10de 1150 GRID M60-8Q + 10de 11b0 GRID M60-4A 13f3 GM204GL [Tesla M6] 10de 1184 GRID M6-8Q 13f8 GM204GLM [Quadro M5000M / M5000 SE] @@ -10925,6 +11029,7 @@ 172f GP100 174d GM108M [GeForce MX130] 174e GM108M [GeForce MX110] + 1789 GM107GL [GRID M3-3020] 17c2 GM200 [GeForce GTX TITAN X] 17c8 GM200 [GeForce GTX 980 Ti] 17f0 GM200GL [Quadro M6000] @@ -10996,12 +11101,13 @@ 1cb1 GP107GL [Quadro P1000] 1cb2 GP107GL [Quadro P600] 1cb3 GP107GL [Quadro P400] + 1cb6 GP107GL [Quadro P620] 1d01 GP108 [GeForce GT 1030] 1d10 GP108M [GeForce MX150] 1d33 GP108GL [Quadro P500] 1d81 GV100 [TITAN V] - 1db1 GV100 [Tesla V100 SXM2] - 1db4 GV100 [Tesla V100 PCIe] + 1db1 GV100GL [Tesla V100 SXM2] + 1db4 GV100GL [Tesla V100 PCIe] 10df Emulex Corporation 0720 OneConnect NIC (Skyhawk) 103c 1934 FlexFabric 20Gb 2-port 650M Adapter @@ -11280,7 +11386,7 @@ 1043 16d5 U6V/U31J laptop 1043 81aa P5B 1043 82c6 M3A78 Series Motherboard - 1043 83a3 M4A785TD Motherboard + 1043 83a3 M4A785/P7P55 Motherboard 1043 8432 P8P67 and other motherboards 1043 8505 P8 series motherboard 105b 0d7c D270S/D250S Motherboard @@ -11288,6 +11394,7 @@ 144d c652 RTL8168 on a NP300E5C series laptop 1458 e000 Onboard Ethernet 1462 238c Onboard RTL8111b on MSI P965 Platinum Mainboard + 1462 345c RTL8111B on MS-7345 Motherboard 1462 368c K9AG Neo2 1462 4180 Wind PC MS-7418 1462 7522 X58 Pro-E @@ -11342,6 +11449,7 @@ 8821 RTL8821AE 802.11ac PCIe Wireless Network Adapter b723 RTL8723BE PCIe Wireless Network Adapter 10ec 8739 Dell Wireless 1801 + b822 RTL8822BE 802.11a/b/g/n/ac WiFi adapter c821 RTL8821CE 802.11ac PCIe Wireless Network Adapter 10ed Ascii Corporation 7310 V7310 @@ -13272,6 +13380,7 @@ 0102 Extended IDE Controller 0103 EX-IDE Type-B 010f NVMe Controller + 0115 XG4 NVMe SSD Controller 0404 DVD Decoder card 0406 Tecra Video Capture device 0407 DVD Decoder card (Version 2) @@ -13304,9 +13413,47 @@ 117c 802f ExpressPCI UL5D Low Profile 0033 SAS Adapter 0041 ExpressSAS R30F + 0042 ExpressSAS 6Gb/s SAS/SATA HBA + 117c 0042 ExpressSAS H680 + 117c 0043 ExpressSAS H608 + 117c 0044 ExpressSAS H60F + 117c 0045 ExpressSAS H6F0 + 117c 0046 ExpressSAS H644 + 117c 004f ExpressSAS M608 + 117c 0057 ExpressSAS M680 + 117c 0058 ExpressSAS M644 + 117c 0059 ExpressSAS W608 + 117c 005a ExpressSAS W680 + 117c 005b ExpressSAS W644 + 0049 ExpressSAS 6Gb SAS/SATA RAID Adapter + 117c 0049 ExpressSAS R680 + 117c 004a ExpressSAS R608 + 117c 004b ExpressSAS R60F + 117c 004c ExpressSAS R6F0 + 117c 004d ExpressSAS R644 + 117c 004e ExpressSAS R648 + 0064 Celerity FC 16Gb/s Gen 5 Fibre Channel HBA + 117c 0063 Celerity FC-161E + 117c 0064 Celerity FC-162E + 117c 0065 Celerity FC-164E + 0094 Celerity FC 16/32Gb/s Gen 6 Fibre Channel HBA + 117c 0094 Celerity FC-162P + 117c 00a0 Celerity FC-161P + 117c 00a1 Celerity FC-164P + 117c 00a2 Celerity FC-321E + 117c 00a3 Celerity FC-322E + 117c 00ac Celerity FC-324E 8013 ExpressPCI UL4D 8014 ExpressPCI UL4S 8027 ExpressPCI UL5D + 8070 ExpressSAS 12Gb/s SAS/SATA HBA + 117c 0070 ExpressSAS H1280 + 117c 0071 ExpressSAS H1208 + 117c 0080 ExpressSAS H1244 + 8072 ExpressSAS 12Gb/s SAS/SATA HBA + 117c 0072 ExpressSAS H12F0 + 117c 0073 ExpressSAS H120F + 117c 0082 ExpressSAS H1288 117d Becton & Dickinson 117e T/R Systems 117f Integrated Circuit Systems @@ -13361,6 +13508,7 @@ 1025 0121 Aspire 5920G 1028 01d7 XPS M1210 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30b5 Presario V3242AU 103c 30b7 Presario V6133CL 103c 30cc Pavilion dv6700 @@ -13378,6 +13526,7 @@ 1028 01a2 Inspiron 9200 1028 01d7 XPS M1210 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 03b5 Presario V3242AU 103c 30b7 Presario V6133CL 103c 30c1 Compaq 6910p @@ -13394,6 +13543,7 @@ 1025 0121 Aspire 5920G 1028 01d7 XPS M1210 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 1028 024d Latitude E4300 103c 30b5 Presario V3242AU 103c 30b7 Presario V6133CL @@ -13416,6 +13566,7 @@ 0852 xD-Picture Card Controller 1025 0121 Aspire 5920G 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30b5 Presario V3242AU 103c 30b7 Presario V6133CL 103c 30cc Pavilion dv6700 @@ -13667,6 +13818,7 @@ 4353 88E8039 PCI-E Fast Ethernet Controller 104d 902d VAIO VGN-NR120E 4354 88E8040 PCI-E Fast Ethernet Controller + 1028 022f Inspiron 1525 144d c06a R730 Laptop 144d c072 Notebook N150P 4355 88E8040T PCI-E Fast Ethernet Controller @@ -13762,8 +13914,9 @@ 6081 MV88SX6081 8-port SATA II PCI-X Controller 6101 88SE6101/6102 single-port PATA133 interface 1043 82e0 P5K PRO Motherboard - 6111 88SE6111 1-port PATA133(IDE) and 1-port SATA II Controllers - 6121 88SE6121 SATA II / PATA Controller + 6121 88SE6111/6121 SATA II / PATA Controller +# 6111: 1 SATA port; 6121: 2 SATA ports + 11ab 6121 88SE6111/6121 1/2 port SATA II + 1 port PATA Controller 6141 88SE614x SATA II PCI-E controller 6145 88SE6145 SATA II PCI-E controller 6180 88F6180 [Kirkwood] ARM SoC @@ -14089,6 +14242,7 @@ 8000 PM8000 [SPC - SAS Protocol Controller] 8009 PM8009 SPCve 8x6G 8032 ATTO Celerity FC8xEN + 117c 003a Celerity FC-81EN Fibre Channel Adapter 117c 003b Celerity FC-82EN Fibre Channel Adapter 117c 003c Celerity FC-84EN Fibre Channel Adapter 8053 PM8053 SXP 12G 24-port SAS/SATA expander @@ -14109,39 +14263,39 @@ 11fc Silicon Magic 11fd High Street Consultants 11fe Comtrol Corporation - 0001 RocketPort 32 port w/external I/F - 0002 RocketPort 8 port w/external I/F - 0003 RocketPort 16 port w/external I/F - 0004 RocketPort 4 port w/quad cable - 0005 RocketPort 8 port w/octa cable - 0006 RocketPort 8 port w/RJ11 connectors - 0007 RocketPort 4 port w/RJ11 connectors - 0008 RocketPort 8 port w/ DB78 SNI (Siemens) connector - 0009 RocketPort 16 port w/ DB78 SNI (Siemens) connector - 000a RocketPort Plus 4 port - 000b RocketPort Plus 8 port - 000c RocketModem 6 port + 0001 RocketPort PCI 32-port w/external I/F + 0002 RocketPort PCI 8-port w/external I/F + 0003 RocketPort PCI 16-port w/external I/F + 0004 RocketPort PCI 4-port w/Quad Cable + 0005 RocketPort PCI 8-port w/Octa Cable + 0006 RocketPort PCI 8-port w/RJ11 connectors + 0007 RocketPort PCI 4-port w/RJ45 connectors + 0008 RocketPort PCI 8-port w/DB78 SNI connector (Siemens) + 0009 RocketPort PCI 16-port w/DB78 SNI connector (Siemens) + 000a RocketPort PCI Plus 4-port w/Quad Cable + 000b RocketPort PCI Plus 8-port w/Octa Cable + 000c RocketModem II 6-port 000d RocketModem 4-port - 000e RocketPort Plus 2 port RS232 - 000f RocketPort Plus 2 port RS422 - 0040 RocketPort Infinity Octa, 8port, RJ45 - 0041 RocketPort Infinity 32port, External Interface - 0042 RocketPort Infinity 8port, External Interface - 0043 RocketPort Infinity 16port, External Interface - 0044 RocketPort Infinity Quad, 4port, DB - 0045 RocketPort Infinity Octa, 8port, DB + 000e RocketPort PCI Plus 2-port RS-232 w/DB9 connectors + 000f RocketPort PCI Plus 2-port SMPTE w/DB9 connectors + 0040 RocketPort INFINITY 8-port w/Octa Cable RJ45 + 0041 RocketPort INFINITY 32-port w/external I/F + 0042 RocketPort INFINITY 8-port w/external I/F + 0043 RocketPort INFINITY 16-port w/external I/F + 0044 RocketPort INFINITY 4-port w/Quad Cable DB + 0045 RocketPort INFINITY 8-port w/Octa Cable DB 0046 RocketPort INFINITY 4-port w/external I/F - 0047 RocketPort Infinity 4port, RJ45 + 0047 RocketPort INFINITY 4J (4-port) w/RJ45 connectors 0048 RocketPort INFINITY 4J (4-port) w/RJ45 connectors 004a RocketPort INFINITY Plus 4-port 004b RocketPort INFINITY Plus 8-port 004c RocketModem INFINITY III 8-port 004d RocketModem INFINITY III 4-port 004e RocketPort INFINITY Plus 2-port - 004f RocketPort Infinity 2port, SMPTE + 004f RocketPort INFINITY 2-port SMPTE w/DB9 connectors 0050 RocketPort INFINITY Plus 4-port RJ45 0051 RocketPort INFINITY Plus 8-port RJ11 - 0052 RocketPort Infinity Octa, 8port, SMPTE + 0052 RocketPort INFINITY 8-port SMPTE w/DB9 Connectors 0060 RocketPort EXPRESS 8-port w/Octa Cable 0061 RocketPort EXPRESS 32-port w/external I/F 0062 RocketPort EXPRESS 8-Port w/external I/F @@ -14159,7 +14313,7 @@ 0805 RocketPort uPCI 8-port w/Octa Cable 080b RocketPort Plus uPCI 8-port w/Octa Cable 080c RocketModem III 8-port - 080d RcoketModem III 4-port + 080d RocketModem III 4-port 080e RocketPort uPCI 2-port RS232 w/DB9 connectors 080f RocketPort uPCI SMPTE 2-port 0810 RocketPort Plus uPCI 4J (4-port) w/RJ45 connectors @@ -16335,6 +16489,7 @@ 4887 T440T-4087 Unified Wire Ethernet Controller [VF] 4888 T440-4088 Unified Wire Ethernet Controller [VF] 5001 T520-CR Unified Wire Ethernet Controller + 193d 1001 510F-B 5002 T522-CR Unified Wire Ethernet Controller 5003 T540-CR Unified Wire Ethernet Controller 5004 T520-BCH Unified Wire Ethernet Controller @@ -17058,6 +17213,7 @@ 14be L3 Communications 14bf SPIDER Communications Inc. 14c0 COMPAL Electronics Inc + 1201 X550 10Gb 2P RJ45 OCP Mezz # now owned by CSP, Inc. 14c1 MYRICOM Inc. 0008 Myri-10G Dual-Protocol NIC @@ -17166,7 +17322,12 @@ 107b 5048 E4500 Onboard 1259 2705 AT-2711FX 1601 NetXtreme BCM5752M Gigabit Ethernet PCI Express + 1604 BCM5745X NetXtreme-E Ethernet Partition + 1605 BCM5745X NetXtreme-E RDMA Partition + 1606 BCM5745X NetXtreme-E RDMA Virtual Function + 1609 BCM5745X NetXtreme-E Ethernet Virtual Function 1612 BCM70012 Video Decoder [Crystal HD] + 1614 BCM57454 NetXtreme-E 10Gb/25Gb/40Gb/50Gb/100Gb Ethernet 1615 BCM70015 Video Decoder [Crystal HD] 1639 NetXtreme II BCM5709 Gigabit Ethernet 1028 0235 PowerEdge R710 BCM5709 Gigabit Ethernet @@ -17409,6 +17570,8 @@ 103c 193a FlexFabric 10Gb 2-port 533FLR-T Adapter 103c 3382 Ethernet 10Gb 2-port 530FLR-SFP+ Adapter 103c 339d Ethernet 10Gb 2-port 530SFP+ Adapter + 193d 1003 530F-B + 193d 1006 530F-L 1690 NetXtreme BCM57760 Gigabit Ethernet PCIe 1691 NetLink BCM57788 Gigabit Ethernet PCIe 1028 04aa XPS 8300 @@ -17581,6 +17744,7 @@ 16ed BCM57414 NetXtreme-E RDMA Partition 16ee BCM57416 NetXtreme-E Ethernet Partition 16ef BCM57416 NetXtreme-E RDMA Partition + 16f1 BCM57452 NetXtreme-E 10Gb/25Gb/40Gb/50Gb Ethernet 16f3 NetXtreme BCM5727 Gigabit Ethernet PCIe 16f7 NetXtreme BCM5753 Gigabit Ethernet PCI Express 16fd NetXtreme BCM5753M Gigabit Ethernet PCI Express @@ -17857,6 +18021,13 @@ aa52 BCM43602 802.11ac Wireless LAN SoC b302 BCM56302 StrataXGS 24x1GE 2x10GE Switch Controller b334 BCM56334 StrataXGS 24x1GE 4x10GE Switch Controller + b370 BCM56370 Switch ASIC + b371 BCM56371 Switch ASIC + b372 BCM56372 Switch ASIC + b375 BCM56375 Switch ASIC + b376 BCM56376 Switch ASIC + b377 BCM56377 Switch ASIC + b379 Broadcom BCM56379 Switch ASIC b800 BCM56800 StrataXGS 10GE Switch Controller b842 BCM56842 Trident 10GE Switch Controller # Trident2 @@ -18565,6 +18736,7 @@ 15b3 0078 ConnectX-3 Pro 10 GbE Dual Port KR Mezzanine Card 15b3 0079 ConnectX-3 Pro 40 GbE Dual Port QSFP+ Adapter 15b3 0080 ConnectX-3 Pro 10 GbE Dual Port SFP+ Adapter + 193d 1002 520F-B 1009 MT27530 Family 100a MT27531 Family 100b MT27540 Family @@ -18586,12 +18758,15 @@ 15b3 0050 ConnectX-4 100 GbE Dual Port QSFP28 Adapter 1014 MT27700 Family [ConnectX-4 Virtual Function] 1015 MT27710 Family [ConnectX-4 Lx] + 15b3 0001 ConnectX-4 Lx EN network interface card, 25GbE single-port SFP28, PCIe3.0 x8, tall bracket, ROHS R6 + 15b3 0003 ConnectX-4 Lx EN network interface card, 25GbE dual-port SFP28, PCIe3.0 x8, tall bracket, ROHS R6 15b3 0004 ConnectX-4 Lx Stand-up dual-port 10GbE MCX4121A-XCAT 15b3 0005 Mellanox Technologies ConnectX-4 Lx Stand-up single-port 40GbE MCX4131A-BCAT 15b3 0016 ConnectX-4 Lx 25 GbE Dual Port SFP28 Adapter 15b3 0020 MCX4411A-ACQN, ConnectX-4 Lx EN OCP, 1x25Gb 15b3 0021 MCX4421A-ACQN ConnectX-4 Lx EN OCP,2x25G 15b3 0025 ConnectX-4 Lx 25 GbE Dual Port SFP28 rNDC + 193d 100a 620F-B 1016 MT27710 Family [ConnectX-4 Lx Virtual Function] 1017 MT27800 Family [ConnectX-5] 1018 MT27800 Family [ConnectX-5 Virtual Function] @@ -18659,7 +18834,7 @@ # Spectrum, 100GbE Switch cb84 MT52100 cf08 MT53236 - cf6c MT53100 [Spectrum-2, 64 x 100GbE switch] + cf6c MT53100 [Spectrum-2] d2f0 Switch-IB 3 HDR (200Gbps) switch 15b4 CCI/TRIAD 15b5 Cimetrics Inc @@ -18824,6 +18999,14 @@ 5641 FarSync T4Ee PCI Express (4 port X.21/V.35/V.24) 6620 FarSync T2U-PMC PCI Express (2 port X.21/V.35/V.24) 161f Rioworks +1621 Lynx Studio Technology, Inc. + 0020 LynxTWO-A + 0021 LynxTWO-B + 0022 LynxTWO-C + 0023 Lynx L22 + 0024 Lynx AES16 + 0025 Lynx AES16-SRC + 0028 Lynx AES16e 1626 TDK Semiconductor Corp. 8410 RTL81xx Fast Ethernet 1629 Kongsberg Spacetec AS @@ -19344,6 +19527,9 @@ 7029 AP342 14-bit, 12-Channel Isolated Simultaneous Conversion Analog Input Module 702a AP226 12-Bit, 8-Channel Isolated Analog Output Module 702b AP236 16-Bit, 8-Channel Isolated Analog Output Module + 7031 AP441-1: 32-Channel Isolated Digital Input Module + 7032 AP441-2: 32-Channel Isolated Digital Input Module + 7033 AP441-3: 32-Channel Isolated Digital Input Module 7042 AP482 Counter Timer Module with TTL Level Input/Output 7043 AP483 Counter Timer Module with TTL Level and RS422 Input/Output 7044 AP484 Counter Timer Module with RS422 Input/Output @@ -19416,6 +19602,7 @@ 0101 PCD-7004 Digital Bi-Directional Ports PCI Card 0102 PCD-7104 Digital Input & Output PCI Card 0303 PCD-7006C Digital Input & Output PCI Card +1761 Pickering Interfaces Ltd 1771 InnoVISION Multimedia Ltd. # nee SBS Technologies 1775 GE Intelligent Platforms @@ -20565,6 +20752,8 @@ 2000 PGPCard - 4 Lane 2001 PGPCard - 8 Lane Plus EVR 2010 PCI-Express EVR +# PC-260-101-03 + 2020 PGP-GEN3 PCIe 1a51 Hectronic AB 1a55 Rohde & Schwarz DVS GmbH 0010 SDStationOEM @@ -20618,6 +20807,7 @@ 0009 RAIDCore Controller 000a RAIDCore Controller 1aae Global Velocity, Inc. +1ab4 FFEI Ltd 1ab6 CalDigit, Inc. 6201 RAID Card # Parallels VM virtual devices @@ -20792,6 +20982,9 @@ 91a4 88SE912x IDE Controller 9220 88SE9220 PCIe 2.0 x2 2-port SATA 6 Gb/s RAID Controller 9230 88SE9230 PCIe SATA 6Gb/s Controller + 1028 1fd6 BOSS-S1 Adapter + 1028 1fdf BOSS-S1 Modular + 1028 1fe2 BOSS-S1 Adapter 1d49 0300 ThinkSystem M.2 with Mirroring Enablement Kit 9235 88SE9235 PCIe 2.0 x2 4-port SATA 6 Gb/s Controller 9445 88SE9445 PCIe 2.0 x4 4-Port SAS/SATA 6 Gbps RAID Controller @@ -20934,6 +21127,8 @@ 1014 04f5 PCIe3 1.6TB NVMe Flash Adapter 1014 04f6 PCIe3 3.2TB NVMe Flash Adapter 0023 Ultrastar SN200 Series NVMe SSD +1c5c SK hynix + 1283 PC300 NVMe Solid State Drive 1c5f Beijing Memblaze Technology Co. Ltd. 0540 PBlaze4 NVMe SSD # http://www.nicevt.ru/ (in Russian) @@ -21137,6 +21332,9 @@ e00b Skylark PCI Express Root Port 6 [X-Gene 3] e00c Skylark PCI Express Root Port 7 [X-Gene 3] 1df7 opencpi.org + 0001 ml605 + 0002 alst4 + 0003 alst4x # nee Tumsan Oy 1fc0 Ascom (Finland) Oy 0300 E2200 Dual E1/Rawpipe Card @@ -21187,6 +21385,7 @@ 4027 TN9710P 10GBase-T/NBASE-T Ethernet Adapter 1154 0368 LGY-PCIE-MG 1432 8104 10 Gigabit Ethernet PCI Express Adapter + 1546 4027 IOI9710P 10Gbase-T/NBASE-T Ethernet Adapter 1fc9 3015 Ethernet Adapter 4527 TN9710Q 5GBase-T/NBASE-T Ethernet Adapter 1fcc StreamLabs @@ -23252,6 +23451,7 @@ 17aa 402b 82599ES 10Gb 2-port Server Adapter X520-DA2 17aa 402f FPGA Card XC7VX690T-3FFG1157E 18d4 0c09 82599ES 10Gb 2-port SFP+ OCP Mezz Card MOP81-I-10GS2 + 193d 1004 560F-B 1bd4 001b 10G SFP+ DP ER102Fi4 Rack Adapter 1bd4 002f 10G SFP+ DP EP102Fi4A Adapter 1bd4 0032 10G SFP+ DP EP102Fi4 Adapter @@ -23570,6 +23770,8 @@ 17aa 1074 ThinkServer I350-T4 AnyFabric 17aa 4005 I350 Gigabit Network Connection 18d4 0c07 I350 1Gb 2-port RJ45 OCP Mezz Card MOP41-I-1GT2 + 193d 1005 360T-B + 193d 1007 360T-L 1bd4 001d 1G base-T QP EP014Ti1 Adapter 1bd4 0035 1G base-T QP EP014Ti1 Adapter 8086 0001 Ethernet Server Adapter I350-T4 @@ -23683,9 +23885,12 @@ 1563 Ethernet Controller 10G X550T 1028 1fa8 Ethernet 10G 4P X550/I350 rNDC 1028 1fa9 Ethernet 10G 4P X550 rNDC + 14c0 1201 X550 10Gb 2P RJ45 OCP Mezz 1590 00d1 Ethernet 10Gb 2-port 562T Adapter 1590 00d2 Ethernet 10Gb 2-port 562FLR-T Adapter 18d4 0c08 X550 10Gb 2-port RJ45 OCP Mezz Card MOP81-I-10GT2 + 193d 1008 560T-B + 193d 1009 560T-L 8086 0001 Ethernet Converged Network Adapter X550-T2 8086 001a Ethernet Converged Network Adapter X550-T2 8086 001b Ethernet Server Adapter X550-T2 for OCP @@ -24696,6 +24901,7 @@ 1043 8277 P5K PRO Motherboard 1043 844d P8 series motherboard 1458 5000 Motherboard + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7418 Wind PC MS-7418 15d9 060d C7SIM-Q Motherboard 15d9 9680 X7DBN Motherboard @@ -25184,6 +25390,7 @@ 24f4 Wireless 8260 # Snow Field Peak AC 8086 0030 Dual Band Wireless-AC 8260 + 24fb Dual Band Wireless-AC 3168NGW [Stone Peak] 24fd Wireless 8265 / 8275 # Windstorm Peak 8086 0010 Dual Band Wireless-AC 8265 @@ -25197,6 +25404,7 @@ 250f 82820 820 (Camino) Chipset AGP Bridge 2520 82805AA MTH Memory Translator Hub 2521 82804AA MRH-S Memory Repeater Hub for SDRAM + 2526 Wireless-AC 9260 2530 82850 850 (Tehama) Chipset Host Bridge (MCH) 1028 00c7 Dimension 8100 147b 0507 TH7II-RAID @@ -26070,6 +26278,7 @@ 2815 82801HM (ICH8M) LPC Interface Controller 1025 0121 Aspire 5920G 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30cc Pavilion dv6700 103c 30d9 Presario C700 @@ -26085,6 +26294,7 @@ 1028 020d Inspiron 530 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 2823 C610/X99 series chipset sSATA Controller [RAID mode] 2824 82801HB (ICH8) 4 port SATA Controller [AHCI mode] 1043 81ec P5B @@ -26106,6 +26316,7 @@ e4bf cc47 CCG-RUMBA 2829 82801HM/HEM (ICH8M/ICH8M-E) SATA Controller [AHCI mode] 1025 0121 Aspire 5920G + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30c1 Compaq 6910p 103c 30cc Pavilion dv6700 @@ -26122,6 +26333,7 @@ 1025 0121 Aspire 5920G 1028 01da OptiPlex 745 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30c1 Compaq 6910p 103c 30cc Pavilion dv6700 @@ -26137,6 +26349,7 @@ 1025 0121 Aspire 5920G 1028 01da OptiPlex 745 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30c1 Compaq 6910p 103c 30cc Pavilion dv6700 @@ -26152,6 +26365,7 @@ 1025 0121 Aspire 5920G 1028 01da OptiPlex 745 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30c1 Compaq 6910p 103c 30cc Pavilion dv6700 @@ -26168,6 +26382,7 @@ 1025 0121 Aspire 5920G 1028 01da OptiPlex 745 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30c1 Compaq 6910p 103c 30cc Pavilion dv6700 @@ -26182,6 +26397,7 @@ 1025 0121 Aspire 5920G 1028 01da OptiPlex 745 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30c1 Compaq 6910p 103c 30cc Pavilion dv6700 @@ -26195,6 +26411,7 @@ 1025 0121 Aspire 5920G 1028 01da OptiPlex 745 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30c1 Compaq 6910p 103c 30cc Pavilion dv6700 @@ -26210,6 +26427,7 @@ 1025 0121 Aspire 5920G 1028 01da OptiPlex 745 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30c1 Compaq 6910p 103c 30cc Pavilion dv6700 @@ -26223,6 +26441,7 @@ 1025 0121 Aspire 5920G 1028 01da OptiPlex 745 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30d9 Presario C700 1043 81ec P5B 104d 9005 Vaio VGN-FZ260E @@ -26264,6 +26483,7 @@ 1028 01f3 Inspiron 1420 1028 01f9 Latitude D630 1028 01ff Precision M4300 + 1028 022f Inspiron 1525 1028 0256 Studio 1735 103c 2802 Compaq dc7700p 103c 30c0 Compaq 6710b @@ -26284,6 +26504,7 @@ 2850 82801HM/HEM (ICH8M/ICH8M-E) IDE Controller 1025 0121 Aspire 5920G 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30c1 Compaq 6910p 103c 30cc Pavilion dv6700 @@ -26300,6 +26521,7 @@ 1028 020d Inspiron 530 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard + 1462 7345 MS-7345 Motherboard 8086 5044 Desktop Board DP35DP 2917 ICH9M-E LPC Interface Controller e4bf cc4d CCM-BOOGIE @@ -26315,6 +26537,7 @@ 1028 0211 Optiplex 755 1028 023c PowerEdge R200 onboard SATA Controller 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801IR [ICH9R] 2921 82801IB (ICH9) 2 port SATA Controller [IDE mode] 1028 0235 PowerEdge R710 SATA IDE Controller 1028 0236 PowerEdge R610 SATA IDE Controller @@ -26322,6 +26545,7 @@ 1462 7360 G33/P35 Neo 2922 82801IR/IO/IH (ICH9R/DO/DH) 6 port SATA Controller [AHCI mode] 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801IR [ICH9R] 1af4 1100 QEMU Virtual Machine 8086 5044 Desktop Board DP35DP 2923 82801IB (ICH9) 4 port SATA Controller [AHCI mode] @@ -26334,6 +26558,7 @@ 1028 0210 PowerEdge T300 onboard SATA Controller 1028 0211 Optiplex 755 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801IR [ICH9R] 1462 7360 G33/P35 Neo 2928 82801IBM/IEM (ICH9M/ICH9M-E) 2 port SATA Controller [IDE mode] 2929 82801IBM/IEM (ICH9M/ICH9M-E) 4 port SATA Controller [AHCI mode] @@ -26348,6 +26573,7 @@ 103c 2a6f Asus IPIBL-LB Motherboard 103c 3628 dv6-1190en 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 5044 Desktop Board DP35DP @@ -26368,6 +26594,7 @@ 1028 2011 Optiplex 755 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 5044 Desktop Board DP35DP @@ -26385,6 +26612,7 @@ 1028 029c PowerEdge M710 USB UHCI Controller 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 5044 Desktop Board DP35DP @@ -26400,6 +26628,7 @@ 1028 029c PowerEdge M710 USB UHCI Controller 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 5044 Desktop Board DP35DP @@ -26415,6 +26644,7 @@ 1028 2011 Optiplex 755 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 2937 Optiplex 755 @@ -26431,6 +26661,7 @@ 1028 029c PowerEdge M710 USB UHCI Controller 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 2938 Optiplex 755 @@ -26442,6 +26673,7 @@ 1028 0237 PowerEdge T610 USB UHCI Controller 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 5044 Desktop Board DP35DP @@ -26459,6 +26691,7 @@ 1028 029c PowerEdge M710 USB EHCI Controller 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 5044 Desktop Board DP35DP @@ -26473,6 +26706,7 @@ 1028 029c PowerEdge M710 USB EHCI Controller 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 293c Optiplex 755 @@ -26484,6 +26718,7 @@ 103c 2a6f Asus IPIBL-LB Motherboard 103c 3628 dv6-1190en 1043 829f P5K PRO Motherboard: 82801IR [ICH9R] + 1462 735a MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 293e Optiplex 755 @@ -26494,6 +26729,7 @@ 1028 0211 Optiplex 755 103c 2a6f Asus IPIBL-LB Motherboard 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 8086 2940 Optiplex 755 2942 82801I (ICH9 Family) PCI Express Port 2 1028 020d Inspiron 530 @@ -26505,9 +26741,11 @@ 2948 82801I (ICH9 Family) PCI Express Port 5 1028 020d Inspiron 530 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 294a 82801I (ICH9 Family) PCI Express Port 6 1028 020d Inspiron 530 1043 8277 P5K PRO Motherboard: 82801IR [ICH9R] + 1462 7345 MS-7345 Motherboard: Intel 82801I/IR [ICH9/ICH9R] 294c 82566DC-2 Gigabit Network Connection 17aa 302e 82566DM-2 Gigabit Network Connection 2970 82946GZ/PL/GL Memory Controller Hub @@ -26563,6 +26801,7 @@ 103c 2a6f Asus IPIBL-LB Motherboard 1043 8276 P5K PRO Motherboard: Intel 82P35 Northbridge 1043 82b0 P5KPL-VM Motherboard + 1462 7345 MS-7345 Motherboard: Intel 82G33/P35 Northbridge 1462 7360 G33/P35 Neo 1af4 1100 QEMU Virtual Machine 8086 5044 Desktop Board DP35DP @@ -26606,6 +26845,7 @@ 2a00 Mobile PM965/GM965/GL960 Memory Controller Hub 1025 0121 Aspire 5920G 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30c1 Compaq 6910p 103c 30cc Pavilion dv6700 @@ -26620,6 +26860,7 @@ 2a02 Mobile GM965/GL960 Integrated Graphics Controller (primary) 1028 01f3 Inspiron 1420 1028 01f9 Latitude D630 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30d9 Presario C700 104d 902d VAIO VGN-NR120E @@ -26628,6 +26869,7 @@ e4bf cc47 CCG-RUMBA 2a03 Mobile GM965/GL960 Integrated Graphics Controller (secondary) 1028 01f3 Inspiron 1420 + 1028 022f Inspiron 1525 103c 30c0 Compaq 6710b 103c 30d9 Presario C700 104d 902d VAIO VGN-NR120E @@ -27343,6 +27585,10 @@ 17aa 4020 Intel Ethernet Connection X722 for 10G SFP+ 17aa 4021 Intel Ethernet Connection X722 for 10G SFP+ 17aa 4022 Ethernet Connection X722 for 10GbE SFP+ + 8086 0001 Ethernet Network Adapter X722-2 + 8086 0002 Ethernet Network Adapter X722-2 + 8086 0003 Ethernet Network Adapter X722-4 + 8086 0004 Ethernet Network Adapter X722-4 37d1 Ethernet Connection X722 for 1GbE 14cd 0010 88E1514 Ethernet OCP 2x1G RJ45 Phy Card [USI-1514-1GbaseT] 1590 0216 Ethernet 1Gb 2-port 368i Adapter @@ -27561,6 +27807,8 @@ 1028 02da OptiPlex 980 1028 040a Latitude E6410 1028 040b Latitude E6510 + 1043 3838 P7P55-M Motherboard + 1043 8383 P7P55-M Motherboard 144d c06a R730 Laptop 15d9 060d C7SIM-Q Motherboard 17c0 10d2 Medion Akoya E7214 Notebook PC [MD98410] @@ -29573,9 +29821,8 @@ deaf Middle Digital Inc. 9052 PC Weasel Watchdog Timer # formerly SoftHard Technology Ltd. deda XIMEA - 4001 Camera CB -# Thunderbolt based camera MT family - 4021 Camera MT + 4001 CB or MX camera + 4021 MT camera e000 Winbond e000 W89C940 e159 Tiger Jet Network Inc. @@ -29666,9 +29913,13 @@ eace Endace Measurement Systems, Ltd 8500 DAG 8.5I Infiniband x4 DDR 9200 DAG 9.2SX2 10G Ethernet 920e DAG 9.2X2 10G Ethernet + 9540 DAG 9.5G4 Gig Ethernet + 954f DAG 9.5G4F Gig Ethernet a120 DAG 10X2-P 10G Ethernet a12e DAG 10X2-S 10G Ethernet - a140 DAG 10X4-P 10G Ethernet + a140 DAG 10X4-P 10/40G Ethernet + a14e DAG 10X4-S 10/40G Ethernet + eace vDAG virtual device ec80 Belkin Corporation ec00 F5D6000 ecc0 Echo Digital Audio Corporation diff --git a/man/custom-entities.ent.in b/man/custom-entities.ent.in index 9ea92384aa..a1dbf7133f 100644 --- a/man/custom-entities.ent.in +++ b/man/custom-entities.ent.in @@ -6,3 +6,4 @@ <!ENTITY systemenvgeneratordir @SYSTEM_ENV_GENERATOR_PATH@> <!ENTITY userenvgeneratordir @USER_ENV_GENERATOR_PATH@> <!ENTITY CERTIFICATE_ROOT @CERTIFICATE_ROOT@> +<!ENTITY MEMORY_ACCOUNTING_DEFAULT @MEMORY_ACCOUNTING_DEFAULT_ON_OFF@> diff --git a/man/file-hierarchy.xml b/man/file-hierarchy.xml index 4220520a1f..3e28fc6bee 100644 --- a/man/file-hierarchy.xml +++ b/man/file-hierarchy.xml @@ -57,7 +57,7 @@ system and service manager are organized based on a file system hierarchy inspired by UNIX, more specifically the hierarchy described in the <ulink - url="http://refspecs.linuxfoundation.org/FHS_2.3/fhs-2.3.html">File + url="http://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html">File System Hierarchy</ulink> specification and <citerefentry project='man-pages'><refentrytitle>hier</refentrytitle><manvolnum>7</manvolnum></citerefentry>. This manual page describes a more minimal, modernized subset of diff --git a/man/logind.conf.xml b/man/logind.conf.xml index 8d2bfc5d5b..e9b7118af6 100644 --- a/man/logind.conf.xml +++ b/man/logind.conf.xml @@ -211,6 +211,7 @@ <term><varname>HandleSuspendKey=</varname></term> <term><varname>HandleHibernateKey=</varname></term> <term><varname>HandleLidSwitch=</varname></term> + <term><varname>HandleLidSwitchExternalPower=</varname></term> <term><varname>HandleLidSwitchDocked=</varname></term> <listitem><para>Controls how logind shall handle the @@ -235,12 +236,17 @@ <varname>HandleSuspendKey=</varname> and <varname>HandleLidSwitch=</varname> default to <literal>suspend</literal>. - <varname>HandleLidSwitchDocked=</varname> defaults to - <literal>ignore</literal>. + <varname>HandleLidSwitchExternalPower=</varname> is completely + ignored by default (for backwards compatibility) — an explicit + value must be set before it will be used to determine + behaviour. <varname>HandleLidSwitchDocked=</varname> defaults + to <literal>ignore</literal>. <varname>HandleHibernateKey=</varname> defaults to <literal>hibernate</literal>. If the system is inserted in a docking station, or if more than one display is connected, the action specified by <varname>HandleLidSwitchDocked=</varname> + occurs; if the system is on external power the action (if any) + specified by <varname>HandleLidSwitchExternalPower=</varname> occurs; otherwise the <varname>HandleLidSwitch=</varname> action occurs.</para> diff --git a/man/rules/meson.build b/man/rules/meson.build index bfc267b544..84b911b365 100644 --- a/man/rules/meson.build +++ b/man/rules/meson.build @@ -186,6 +186,7 @@ manpages = [ ['SD_BUS_ERROR_END', 'SD_BUS_ERROR_MAP', 'sd_bus_error_map'], ''], ['sd_bus_get_fd', '3', [], ''], + ['sd_bus_get_n_queued_read', '3', ['sd_bus_get_n_queued_write'], ''], ['sd_bus_is_open', '3', ['sd_bus_is_ready'], ''], ['sd_bus_message_append', '3', ['sd_bus_message_appendv'], ''], ['sd_bus_message_append_array', diff --git a/man/sd_bus_get_n_queued_read.xml b/man/sd_bus_get_n_queued_read.xml new file mode 100644 index 0000000000..32be403fc5 --- /dev/null +++ b/man/sd_bus_get_n_queued_read.xml @@ -0,0 +1,129 @@ +<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*--> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" +"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> + +<!-- + SPDX-License-Identifier: LGPL-2.1+ + + This file is part of systemd. + + Copyright 2018 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see <http://www.gnu.org/licenses/>. +--> + +<refentry id="sd_bus_get_n_queued_read"> + + <refentryinfo> + <title>sd_bus_get_fd</title> + <productname>systemd</productname> + + <authorgroup> + <author> + <contrib>Developer</contrib> + <firstname>Lennart</firstname> + <surname>Poettering</surname> + <email>lennart@poettering.net</email> + </author> + </authorgroup> + </refentryinfo> + + <refmeta> + <refentrytitle>sd_bus_get_n_queued_read</refentrytitle> + <manvolnum>3</manvolnum> + </refmeta> + + <refnamediv> + <refname>sd_bus_get_n_queued_read</refname> + <refname>sd_bus_get_n_queued_write</refname> + + <refpurpose>Get the number of pending bus messages in the read and write queues of a bus connection object</refpurpose> + </refnamediv> + + <refsynopsisdiv> + <funcsynopsis> + <funcsynopsisinfo>#include <systemd/sd-bus.h></funcsynopsisinfo> + + <funcprototype> + <funcdef>int <function>sd_bus_get_n_queued_read</function></funcdef> + <paramdef>sd_bus *<parameter>bus</parameter></paramdef> + <paramdef>uint64_t *<parameter>ret</parameter></paramdef> + </funcprototype> + + <funcprototype> + <funcdef>int <function>sd_bus_get_n_queued_write</function></funcdef> + <paramdef>sd_bus *<parameter>bus</parameter></paramdef> + <paramdef>uint64_t *<parameter>ret</parameter></paramdef> + </funcprototype> + </funcsynopsis> + </refsynopsisdiv> + + <refsect1> + <title>Description</title> + + <para> + <function>sd_bus_get_n_queued_read()</function> may be used to query the number of bus messages in the read queue + of a bus connection object. The read queue contains all messages read from the transport medium (e.g. network + socket) but not yet processed locally. The function expects two arguments: the bus object to query, and a pointer + to a 64bit counter variable to write the current queue size to. Use <function>sd_bus_process()</function> in + order to process queued messages, i.e. to reduce the size of the read queue (as well as, in fact, the write + queue, see below). + </para> + + <para> + Similarly, <function>sd_bus_get_n_queued_write()</function> may be used to query the number of currently pending + bus messages in the write queue of a bus connection object. The write queue contains all messages enqueued into + the connection with a call such as <function>sd_bus_send()</function> but not yet written to the transport + medium. The expected arguments are similar to <function>sd_bus_get_n_queued_read()</function>. Here too, use + <function>sd_bus_process()</function> to reduce the size of the write queue. Alternatively, use + <function>sd_bus_flush()</function> to synchronously write out any pending bus messages until the write queue is + empty. + </para> + </refsect1> + + <refsect1> + <title>Return Value</title> + + <para>On success, these functions return 0 or a positive integer. On failure, they return a negative errno-style + error code.</para> + </refsect1> + + <refsect1> + <title>Errors</title> + + <para>Returned errors may indicate the following problems:</para> + + <variablelist> + <varlistentry> + <term><constant>-ECHILD</constant></term> + + <listitem><para>The bus connection was created in a different process.</para></listitem> + </varlistentry> + + </variablelist> + </refsect1> + + <refsect1> + <title>See Also</title> + + <para> + <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>, + <citerefentry><refentrytitle>sd_bus_process</refentrytitle><manvolnum>3</manvolnum></citerefentry>, + <citerefentry><refentrytitle>sd_bus_send</refentrytitle><manvolnum>3</manvolnum></citerefentry>, + <citerefentry><refentrytitle>sd_bus_flush</refentrytitle><manvolnum>3</manvolnum></citerefentry> + </para> + </refsect1> + +</refentry> diff --git a/man/systemctl.xml b/man/systemctl.xml index 60882e5aa3..1588ca719d 100644 --- a/man/systemctl.xml +++ b/man/systemctl.xml @@ -58,7 +58,7 @@ <command>systemctl</command> <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="plain">COMMAND</arg> - <arg choice="opt" rep="repeat">NAME</arg> + <arg choice="opt" rep="repeat">UNIT</arg> </cmdsynopsis> </refsynopsisdiv> @@ -835,7 +835,7 @@ Sun 2017-02-26 20:57:49 EST 2h 3min left Sun 2017-02-26 11:56:36 EST 6h ago </listitem> </varlistentry> <varlistentry> - <term><command>isolate <replaceable>NAME</replaceable></command></term> + <term><command>isolate <replaceable>UNIT</replaceable></command></term> <listitem> <para>Start the unit specified on the command line and its dependencies @@ -1004,7 +1004,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err </listitem> </varlistentry> <varlistentry> - <term><command>set-property <replaceable>NAME</replaceable> <replaceable>ASSIGNMENT</replaceable>…</command></term> + <term><command>set-property <replaceable>UNIT</replaceable> <replaceable>PROPERTY</replaceable>=<replaceable>VALUE</replaceable>…</command></term> <listitem> <para>Set the specified unit properties at runtime where @@ -1013,7 +1013,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err runtime. Not all properties may be changed at runtime, but many resource control settings (primarily those in <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>) - may. The changes are applied instantly, and stored on disk + may. The changes are applied immediately, and stored on disk for future boots, unless <option>--runtime</option> is passed, in which case the settings only apply until the next reboot. The syntax of the property assignment follows @@ -1028,9 +1028,9 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err <para>Note that this command allows changing multiple properties at the same time, which is preferable over - setting them individually. Like unit file configuration - settings, assigning the empty list to list parameters will - reset the list.</para> + setting them individually. Like with unit file configuration + settings, assigning an empty list will reset the property. + </para> </listitem> </varlistentry> @@ -1059,7 +1059,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err <varlistentry> <term> <command>list-dependencies</command> - <optional><replaceable>NAME</replaceable></optional> + <optional><replaceable>UNIT</replaceable></optional> </term> <listitem> @@ -1101,7 +1101,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err </varlistentry> <varlistentry> - <term><command>enable <replaceable>NAME</replaceable>…</command></term> + <term><command>enable <replaceable>UNIT</replaceable>…</command></term> <term><command>enable <replaceable>PATH</replaceable>…</command></term> <listitem> @@ -1120,7 +1120,10 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err automatically searched for unit files with appropriate names), or absolute paths to unit files (in which case these files are read directly). If a specified unit file is located outside of the usual unit file directories, an additional symlink is created, linking it into the unit configuration path, thus ensuring - it is found when requested by commands such as <command>start</command>.</para> + it is found when requested by commands such as <command>start</command>. The file system where the linked + unit files are located must be accessible when systemd is started (e.g. anything underneath + <filename>/home</filename> or <filename>/var</filename> is not allowed, unless those directories are + located on the root file system).</para> <para>This command will print the file system operations executed. This output may be suppressed by passing <option>--quiet</option>. @@ -1152,7 +1155,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err </varlistentry> <varlistentry> - <term><command>disable <replaceable>NAME</replaceable>…</command></term> + <term><command>disable <replaceable>UNIT</replaceable>…</command></term> <listitem> <para>Disables one or more units. This removes all symlinks to the unit files backing the specified units @@ -1184,7 +1187,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err </varlistentry> <varlistentry> - <term><command>reenable <replaceable>NAME</replaceable>…</command></term> + <term><command>reenable <replaceable>UNIT</replaceable>…</command></term> <listitem> <para>Reenable one or more units, as specified on the command line. This is a combination of @@ -1195,7 +1198,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err </varlistentry> <varlistentry> - <term><command>preset <replaceable>NAME</replaceable>…</command></term> + <term><command>preset <replaceable>UNIT</replaceable>…</command></term> <listitem> <para>Reset the enable/disable status one or more unit files, as specified on @@ -1208,7 +1211,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err enabled and disabled, or only enabled, or only disabled.</para> <para>If the unit carries no install information, it will be silently ignored - by this command. <replaceable>NAME</replaceable> must be the real unit name, + by this command. <replaceable>UNIT</replaceable> must be the real unit name, any alias names are ignored silently.</para> <para>For more information on the preset policy format, see @@ -1233,7 +1236,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err </varlistentry> <varlistentry> - <term><command>is-enabled <replaceable>NAME</replaceable>…</command></term> + <term><command>is-enabled <replaceable>UNIT</replaceable>…</command></term> <listitem> <para>Checks whether any of the specified unit files are @@ -1320,7 +1323,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err </varlistentry> <varlistentry> - <term><command>mask <replaceable>NAME</replaceable>…</command></term> + <term><command>mask <replaceable>UNIT</replaceable>…</command></term> <listitem> <para>Mask one or more units, as specified on the command line. This will link these unit files to @@ -1334,7 +1337,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err </varlistentry> <varlistentry> - <term><command>unmask <replaceable>NAME</replaceable>…</command></term> + <term><command>unmask <replaceable>UNIT</replaceable>…</command></term> <listitem> <para>Unmask one or more unit files, as specified on the command line. This will undo the effect of @@ -1350,12 +1353,15 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err <para>Link a unit file that is not in the unit file search paths into the unit file search path. This command expects an absolute path to a unit file. The effect of this may be undone with <command>disable</command>. The effect of this command is that a unit file is made available for commands - such as <command>start</command>, even though it is not installed directly in the unit search path.</para> + such as <command>start</command>, even though it is not installed directly in the unit search path. The + file system where the linked unit files are located must be accessible when systemd is started + (e.g. anything underneath <filename>/home</filename> or <filename>/var</filename> is not allowed, unless + those directories are located on the root file system).</para> </listitem> </varlistentry> <varlistentry> - <term><command>revert <replaceable>NAME</replaceable>…</command></term> + <term><command>revert <replaceable>UNIT</replaceable>…</command></term> <listitem> <para>Revert one or more unit files to their vendor versions. This command removes drop-in configuration @@ -1378,9 +1384,9 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err <varlistentry> <term><command>add-wants <replaceable>TARGET</replaceable> - <replaceable>NAME</replaceable>…</command></term> + <replaceable>UNIT</replaceable>…</command></term> <term><command>add-requires <replaceable>TARGET</replaceable> - <replaceable>NAME</replaceable>…</command></term> + <replaceable>UNIT</replaceable>…</command></term> <listitem> <para>Adds <literal>Wants=</literal> or <literal>Requires=</literal> @@ -1396,7 +1402,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err </varlistentry> <varlistentry> - <term><command>edit <replaceable>NAME</replaceable>…</command></term> + <term><command>edit <replaceable>UNIT</replaceable>…</command></term> <listitem> <para>Edit a drop-in snippet or a whole replacement file if @@ -1446,7 +1452,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err </varlistentry> <varlistentry> - <term><command>set-default <replaceable>NAME</replaceable></command></term> + <term><command>set-default <replaceable>TARGET</replaceable></command></term> <listitem> <para>Set the default target to boot into. This sets @@ -1869,7 +1875,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err <refsect2> <title>Parameter Syntax</title> - <para>Unit commands listed above take either a single unit name (designated as <replaceable>NAME</replaceable>), + <para>Unit commands listed above take either a single unit name (designated as <replaceable>UNIT</replaceable>), or multiple unit specifications (designated as <replaceable>PATTERN</replaceable>…). In the first case, the unit name with or without a suffix must be given. If the suffix is not specified (unit name is "abbreviated"), systemctl will append a suitable suffix, <literal>.service</literal> by default, and a type-specific suffix in @@ -1906,7 +1912,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err in memory are not considered for glob expansion. </para> - <para>For unit file commands, the specified <replaceable>NAME</replaceable> should be the name of the unit file + <para>For unit file commands, the specified <replaceable>UNIT</replaceable> should be the name of the unit file (possibly abbreviated, see above), or the absolute path to the unit file: <programlisting># systemctl enable foo.service</programlisting> or diff --git a/man/systemd-analyze.xml b/man/systemd-analyze.xml index 4f7248cd0c..97a9b2cca7 100644 --- a/man/systemd-analyze.xml +++ b/man/systemd-analyze.xml @@ -94,6 +94,11 @@ <cmdsynopsis> <command>systemd-analyze</command> <arg choice="opt" rep="repeat">OPTIONS</arg> + <arg choice="plain">unit-paths</arg> + </cmdsynopsis> + <cmdsynopsis> + <command>systemd-analyze</command> + <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="plain">log-level</arg> <arg choice="opt"><replaceable>LEVEL</replaceable></arg> </cmdsynopsis> @@ -188,6 +193,18 @@ state. Its format is subject to change without notice and should not be parsed by applications.</para> + <para><command>systemd-analyze unit-paths</command> outputs a list of all + directories from which unit files, <filename>.d</filename> overrides, and + <filename>.wants</filename>, <filename>.requires</filename> symlinks may be + loaded. Combine with <option>--user</option> to retrieve the list for the user + manager instance, and <option>--global</option> for the global configuration of + user manager instances. Note that this verb prints the list that is compiled into + <command>systemd-analyze</command> itself, and does not comunicate with the + running manager. Use + <programlisting>systemctl [--user] [--global] show -p UnitPath --value</programlisting> + to retrieve the actual list that the manager uses, with any empty directories + omitted.</para> + <para><command>systemd-analyze log-level</command> prints the current log level of the <command>systemd</command> daemon. If an optional argument <replaceable>LEVEL</replaceable> is provided, then the command changes the current log @@ -243,6 +260,13 @@ <variablelist> <varlistentry> + <term><option>--system</option></term> + + <listitem><para>Operates on the system systemd instance. This + is the implied default.</para></listitem> + </varlistentry> + + <varlistentry> <term><option>--user</option></term> <listitem><para>Operates on the user systemd @@ -250,10 +274,10 @@ </varlistentry> <varlistentry> - <term><option>--system</option></term> + <term><option>--global</option></term> - <listitem><para>Operates on the system systemd instance. This - is the implied default.</para></listitem> + <listitem><para>Operates on the system-wide configuration for + user systemd instance.</para></listitem> </varlistentry> <varlistentry> @@ -322,9 +346,8 @@ <listitem><para>Invoke unit generators, see <citerefentry><refentrytitle>systemd.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>. - Some generators require root privileges. When run under a - normal users, enabling generators will generally result in - some warnings.</para></listitem> + Some generators require root privileges. Under a normal user, running with + generators enabled will generally result in some warnings.</para></listitem> </varlistentry> <xi:include href="user-system-options.xml" xpointer="host" /> diff --git a/man/systemd-cgtop.xml b/man/systemd-cgtop.xml index d7ad08ec37..295f235196 100644 --- a/man/systemd-cgtop.xml +++ b/man/systemd-cgtop.xml @@ -229,6 +229,12 @@ </varlistentry> <varlistentry> + <term><option>-1</option></term> + + <listitem><para>A shortcut for <option>--iterations=1</option>.</para></listitem> + </varlistentry> + + <varlistentry> <term><option>-d</option></term> <term><option>--delay=</option></term> diff --git a/man/systemd-detect-virt.xml b/man/systemd-detect-virt.xml index b59570ad2c..68ebf02f2e 100644 --- a/man/systemd-detect-virt.xml +++ b/man/systemd-detect-virt.xml @@ -91,7 +91,7 @@ </thead> <tbody> <row> - <entry valign="top" morerows="10">VM</entry> + <entry valign="top" morerows="11">VM</entry> <entry><varname>qemu</varname></entry> <entry>QEMU software virtualization, without KVM</entry> </row> @@ -143,12 +143,17 @@ <entry>Parallels Desktop, Parallels Server</entry> </row> - <row> + <row> <entry><varname>bhyve</varname></entry> <entry>bhyve, FreeBSD hypervisor</entry> </row> <row> + <entry><varname>qnx</varname></entry> + <entry>QNX hypervisor</entry> + </row> + + <row> <entry valign="top" morerows="5">Container</entry> <entry><varname>openvz</varname></entry> <entry>OpenVZ/Virtuozzo</entry> diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml index fd9db974dd..e51da96474 100644 --- a/man/systemd-nspawn.xml +++ b/man/systemd-nspawn.xml @@ -1083,7 +1083,7 @@ <title>Download a <ulink url="https://getfedora.org">Fedora</ulink> image and start a shell in it</title> - <programlisting># machinectl pull-raw -&2Dverify=no \ + <programlisting># machinectl pull-raw -&2D;verify=no \ https://download.fedoraproject.org/pub/fedora/linux/releases/25/CloudImages/x86_64/images/Fedora-Cloud-Base-25-1.3.x86_64.raw.xz # systemd-nspawn -M Fedora-Cloud-Base-25-1.3.x86_64.raw</programlisting> diff --git a/man/systemd-resolve.xml b/man/systemd-resolve.xml index f924090553..fd5e35954a 100644 --- a/man/systemd-resolve.xml +++ b/man/systemd-resolve.xml @@ -104,6 +104,36 @@ <command> --reset-statistics</command> </cmdsynopsis> + <cmdsynopsis> + <command>systemd-resolve</command> + <arg choice="opt" rep="repeat">OPTIONS</arg> + <command> --flush-caches</command> + </cmdsynopsis> + + <cmdsynopsis> + <command>systemd-resolve</command> + <arg choice="opt" rep="repeat">OPTIONS</arg> + <command> --reset-server-features</command> + </cmdsynopsis> + + <cmdsynopsis> + <command>systemd-resolve</command> + <arg choice="opt" rep="repeat">OPTIONS</arg> + <command> --status</command> + </cmdsynopsis> + + <cmdsynopsis> + <command>systemd-resolve</command> + <arg choice="opt" rep="repeat">OPTIONS</arg> + <command> --set-dns=<replaceable>SERVER</replaceable></command> <command> --set-domain=<replaceable>DOMAIN</replaceable> --set-llmnr=<replaceable>MODE</replaceable> --set-mdns=<replaceable>MODE</replaceable> --set-dnssec=<replaceable>MODE</replaceable> --set-nta=<replaceable>DOMAIN</replaceable></command> + </cmdsynopsis> + + <cmdsynopsis> + <command>systemd-resolve</command> + <arg choice="opt" rep="repeat">OPTIONS</arg> + <command> --revert</command> + </cmdsynopsis> + </refsynopsisdiv> <refsect1> diff --git a/man/systemd-socket-activate.xml b/man/systemd-socket-activate.xml index ff9e7758b3..7cdd9d4c34 100644 --- a/man/systemd-socket-activate.xml +++ b/man/systemd-socket-activate.xml @@ -201,6 +201,7 @@ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry><refentrytitle>sd_listen_fds_with_names</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>cat</refentrytitle><manvolnum>1</manvolnum></citerefentry> diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml index 08f6c91901..fca9690092 100644 --- a/man/systemd-system.conf.xml +++ b/man/systemd-system.conf.xml @@ -1,6 +1,9 @@ <?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*--> <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" - "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ +<!ENTITY % entities SYSTEM "custom-entities.ent" > +%entities; +]> <!-- SPDX-License-Identifier: LGPL-2.1+ @@ -338,8 +341,9 @@ <varname>CPUAccounting=</varname>, <varname>BlockIOAccounting=</varname>, <varname>MemoryAccounting=</varname>, <varname>TasksAccounting=</varname> and <varname>IPAccounting=</varname>. See <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry> - for details on the per-unit settings. <varname>DefaultTasksAccounting=</varname> defaults to on, the other - four settings to off.</para></listitem> + for details on the per-unit settings. <varname>DefaultTasksAccounting=</varname> defaults to on, + <varname>DefaultMemoryAccounting=</varname> to &MEMORY_ACCOUNTING_DEFAULT;, + the other three settings to off.</para></listitem> </varlistentry> <varlistentry> diff --git a/man/systemd-sysusers.xml b/man/systemd-sysusers.xml index 73ba4e4a84..a55d9f6a75 100644 --- a/man/systemd-sysusers.xml +++ b/man/systemd-sysusers.xml @@ -69,15 +69,18 @@ <citerefentry><refentrytitle>sysusers.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>. </para> - <para>If invoked with no arguments, it applies all directives from - all files found. If one or more filenames are passed on the - command line, only the directives in these files are applied. If - only the basename of a file is specified, all directories as - specified in - <citerefentry><refentrytitle>sysusers.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> - are searched for a matching file. If the string - <literal>-</literal> is specified instead of a filename, entries from the - standard input of the process are read.</para> + <para>If invoked with no arguments, it applies all directives from all files + found in the directories specified by + <citerefentry><refentrytitle>sysusers.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + When invoked with positional arguments, if option + <option>--replace=<replaceable>PATH</replaceable></option> is specified, arguments + specified on the command line are used instead of the configuration file + <replaceable>PATH</replaceable>. Otherwise, just the configuration specified by + the command line arguments is executed. The string <literal>-</literal> may be + specified instead of a filename to instruct <command>systemd-sysusers</command> + to read the configuration from standard input. If only the basename of a file is + specified, all configuration directories are searched for a matching file and + the file found that has the highest priority is executed.</para> </refsect1> <refsect1> @@ -94,6 +97,46 @@ paths. </para></listitem> </varlistentry> + <varlistentry> + <term><option>--replace=<replaceable>PATH</replaceable></option></term> + <listitem><para>When this option is given, one ore more positional arguments + must be specified. All configuration files found in the directories listed in + <citerefentry><refentrytitle>sysusers.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> + will be read, and the configuration given on the command line will be + handled instead of and with the same priority as the configuration file + <replaceable>PATH</replaceable>.</para> + + <para>This option is intended to be used when package installation scripts + are running and files belonging to that package are not yet available on + disk, so their contents must be given on the command line, but the admin + configuration might already exist and should be given higher priority. + </para> + + <example> + <title>RPM installation script for radvd</title> + + <programlisting>echo 'u radvd - "radvd daemon"' | \ + systemd-sysusers --replace=/usr/lib/sysusers.d/radvd.conf -</programlisting> + + <para>This will create the radvd user as if + <filename>/usr/lib/sysusers.d/radvd.conf</filename> was already on disk. + An admin might override the configuration specified on the command line by + placing <filename>/etc/sysusers.d/radvd.conf</filename> or even + <filename>/etc/sysusers.d/00-overrides.conf</filename>.</para> + + <para>Note that this is the expanded from, and when used in a package, this + would be written using a macro with "radvd" and a file containing the + configuration line as arguments.</para> + </example> + </listitem> + </varlistentry> + + <varlistentry> + <term><option>--inline</option></term> + <listitem><para>Treat each positional argument as a separate configuration + line instead of a file name.</para></listitem> + </varlistentry> + <xi:include href="standard-options.xml" xpointer="help" /> <xi:include href="standard-options.xml" xpointer="version" /> </variablelist> diff --git a/man/systemd-tmpfiles.xml b/man/systemd-tmpfiles.xml index 24a08b0354..a6ae5e4f97 100644 --- a/man/systemd-tmpfiles.xml +++ b/man/systemd-tmpfiles.xml @@ -84,12 +84,16 @@ </para> <para>If invoked with no arguments, it applies all directives from all configuration - files. If one or more absolute filenames are passed on the command line, only the - directives in these files are applied. If <literal>-</literal> is specified instead - of a filename, directives are read from standard input. If only the basename of a - configuration file is specified, all configuration directories as specified in + files. When invoked with <option>--replace=<replaceable>PATH</replaceable></option>, + arguments specified on the command line are used instead of the configuration file + <replaceable>PATH</replaceable>. Otherwise, if one or more absolute filenames are + passed on the command line, only the directives in these files are applied. If + <literal>-</literal> is specified instead of a filename, directives are read from + standard input. If only the basename of a configuration file is specified, all + configuration directories as specified in <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> - are searched for a matching file.</para> + are searched for a matching file and the file found that has the highest priority is + executed.</para> </refsect1> <refsect1> @@ -176,6 +180,22 @@ consulted.</para></listitem> </varlistentry> + <varlistentry> + <term><option>--replace=<replaceable>PATH</replaceable></option></term> + <listitem><para>When this option is given, one ore more positional arguments + must be specified. All configuration files found in the directories listed in + <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> + will be read, and the configuration given on the command line will be + handled instead of and with the same priority as the configuration file + <replaceable>PATH</replaceable>.</para> + + <para>This option is intended to be used when package installation scripts + are running and files belonging to that package are not yet available on + disk, so their contents must be given on the command line, but the admin + configuration might already exist and should be given higher priority. + </para></listitem> + </varlistentry> + <xi:include href="standard-options.xml" xpointer="help" /> <xi:include href="standard-options.xml" xpointer="version" /> </variablelist> @@ -195,7 +215,7 @@ <para><command>systemd-tmpfiles</command> tries to avoid changing the access and modification times on the directories it accesses, - which requires <constant>CAP_ADMIN</constant> privileges. When + which requires <constant>CAP_FOWNER</constant> privileges. When running as non-root, directories which are checked for files to clean up will have their access time bumped, which might prevent their cleanup. diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index ec702d515d..c1867b4ed2 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -175,7 +175,9 @@ source path, destination path and option string, where the latter two are optional. If only a source path is specified the source and destination is taken to be the same. The option string may be either <literal>rbind</literal> or <literal>norbind</literal> for configuring a recursive or non-recursive bind - mount. If the destination path is omitted, the option string must be omitted too.</para> + mount. If the destination path is omitted, the option string must be omitted too. + Each bind mount definition may be prefixed with <literal>-</literal>, in which case it will be ignored + when its source path does not exist.</para> <para><varname>BindPaths=</varname> creates regular writable bind mounts (unless the source file system mount is already marked read-only), while <varname>BindReadOnlyPaths=</varname> creates read-only bind mounts. These @@ -631,8 +633,8 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting> processes. In this modes multiple units running processes under the same user ID may share key material. Unless <option>inherit</option> is selected the unique invocation ID for the unit (see below) is added as a protected key by the name <literal>invocation_id</literal> to the newly created session keyring. Defaults to - <option>private</option> for the system service manager and to <option>inherit</option> for the user service - manager.</para></listitem> + <option>private</option> for services of the system service manager and to <option>inherit</option> for + non-service units and for services of the user service manager.</para></listitem> </varlistentry> <varlistentry> @@ -786,14 +788,24 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting> <varlistentry> <term><varname>ProtectHome=</varname></term> - <listitem><para>Takes a boolean argument or <literal>read-only</literal>. If true, the directories - <filename>/home</filename>, <filename>/root</filename> and <filename>/run/user</filename> are made inaccessible - and empty for processes invoked by this unit. If set to <literal>read-only</literal>, the three directories are - made read-only instead. It is recommended to enable this setting for all long-running services (in particular - network-facing ones), to ensure they cannot get access to private user data, unless the services actually - require access to the user's private data. This setting is implied if <varname>DynamicUser=</varname> is - set. For this setting the same restrictions regarding mount propagation and privileges apply as for - <varname>ReadOnlyPaths=</varname> and related calls, see below.</para></listitem> + <listitem><para>Takes a boolean argument or the special values <literal>read-only</literal> or + <literal>tmpfs</literal>. If true, the directories <filename>/home</filename>, <filename>/root</filename> and + <filename>/run/user</filename> are made inaccessible and empty for processes invoked by this unit. If set to + <literal>read-only</literal>, the three directories are made read-only instead. If set to <literal>tmpfs</literal>, + temporary file systems are mounted on the three directories in read-only mode. The value <literal>tmpfs</literal> + is useful to hide home directories not relevant to the processes invoked by the unit, while necessary directories + are still visible by combining with <varname>BindPaths=</varname> or <varname>BindReadOnlyPaths=</varname>.</para> + + <para>Setting this to <literal>yes</literal> is mostly equivalent to set the three directories in + <varname>InaccessiblePaths=</varname>. Similary, <literal>read-only</literal> is mostly equivalent to + <varname>ReadOnlyPaths=</varname>, and <literal>tmpfs</literal> is mostly equivalent to + <varname>TemporaryFileSystem=</varname>.</para> + + <para> It is recommended to enable this setting for all long-running services (in particular network-facing ones), + to ensure they cannot get access to private user data, unless the services actually require access to the user's + private data. This setting is implied if <varname>DynamicUser=</varname> is set. For this setting the same + restrictions regarding mount propagation and privileges apply as for <varname>ReadOnlyPaths=</varname> and related + calls, see below.</para></listitem> </varlistentry> <varlistentry> @@ -904,9 +916,13 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting> reading only, writing will be refused even if the usual file access controls would permit this. Nest <varname>ReadWritePaths=</varname> inside of <varname>ReadOnlyPaths=</varname> in order to provide writable subdirectories within read-only directories. Use <varname>ReadWritePaths=</varname> in order to whitelist - specific paths for write access if <varname>ProtectSystem=strict</varname> is used. Paths listed in - <varname>InaccessiblePaths=</varname> will be made inaccessible for processes inside the namespace (along with - everything below them in the file system hierarchy).</para> + specific paths for write access if <varname>ProtectSystem=strict</varname> is used.</para> + + <para>Paths listed in <varname>InaccessiblePaths=</varname> will be made inaccessible for processes inside + the namespace along with everything below them in the file system hierarchy. This may be more restrictive than + desired, because it is not possible to nest <varname>ReadWritePaths=</varname>, <varname>ReadOnlyPaths=</varname>, + <varname>BindPaths=</varname>, or <varname>BindReadOnlyPaths=</varname> inside it. For a more flexible option, + see <varname>TemporaryFileSystem=</varname>.</para> <para>Note that restricting access with these options does not extend to submounts of a directory that are created later on. Non-directory paths may be specified as well. These options may be specified more than once, @@ -931,6 +947,29 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting> </varlistentry> <varlistentry> + <term><varname>TemporaryFileSystem=</varname></term> + + <listitem><para>Takes a space-separated list of mount points for temporary file systems (tmpfs). If set, a new file + system namespace is set up for executed processes, and a temporary file system is mounted on each mount point. + This option may be specified more than once, in which case temporary file systems are mounted on all listed mount + points. If the empty string is assigned to this option, the list is reset, and all prior assignments have no effect. + Each mount point may optionally be suffixed with a colon (<literal>:</literal>) and mount options such as + <literal>size=10%</literal> or <literal>ro</literal>. By default, each temporary file system is mounted + with <literal>nodev,strictatime,mode=0755</literal>. These can be disabled by explicitly specifying the corresponding + mount options, e.g., <literal>dev</literal> or <literal>nostrictatime</literal>.</para> + + <para>This is useful to hide files or directories not relevant to the processes invoked by the unit, while necessary + files or directories can be still accessed by combining with <varname>BindPaths=</varname> or + <varname>BindReadOnlyPaths=</varname>. See the example below.</para> + + <para>Example: if a unit has the following, + <programlisting>TemporaryFileSystem=/var:ro +BindReadOnlyPaths=/var/lib/systemd</programlisting> + then the invoked processes by the unit cannot see any files or directories under <filename>/var</filename> except for + <filename>/var/lib/systemd</filename> or its contents.</para></listitem> + </varlistentry> + + <varlistentry> <term><varname>PrivateTmp=</varname></term> <listitem><para>Takes a boolean argument. If true, sets up a new file system namespace for the executed @@ -1429,17 +1468,19 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting> filter. The known architecture identifiers are the same as for <varname>ConditionArchitecture=</varname> described in <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>, as well as <constant>x32</constant>, <constant>mips64-n32</constant>, <constant>mips64-le-n32</constant>, and - the special identifier <constant>native</constant>. Only system calls of the specified architectures will be - permitted to processes of this unit. This is an effective way to disable compatibility with non-native - architectures for processes, for example to prohibit execution of 32-bit x86 binaries on 64-bit x86-64 - systems. The special <constant>native</constant> identifier implicitly maps to the native architecture of the - system (or more strictly: to the architecture the system manager is compiled for). If running in user mode, or - in system mode, but without the <constant>CAP_SYS_ADMIN</constant> capability (e.g. setting - <varname>User=nobody</varname>), <varname>NoNewPrivileges=yes</varname> is implied. Note that setting this - option to a non-empty list implies that <constant>native</constant> is included too. By default, this option is - set to the empty list, i.e. no system call architecture filtering is applied.</para> - - <para>Note that system call filtering is not equally effective on all architectures. For example, on x86 + the special identifier <constant>native</constant>. The special identifier <constant>native</constant> + implicitly maps to the native architecture of the system (or more precisely: to the architecture the system + manager is compiled for). If running in user mode, or in system mode, but without the + <constant>CAP_SYS_ADMIN</constant> capability (e.g. setting <varname>User=nobody</varname>), + <varname>NoNewPrivileges=yes</varname> is implied. By default, this option is set to the empty list, i.e. no + system call architecture filtering is applied.</para> + + <para>If this setting is used, processes of this unit will only be permitted to call native system calls, and + system calls of the specified architectures. For the purposes of this option, the x32 architecture is treated + as including x86-64 system calls. However, this setting still fulfills its purpose, as explained below, on + x32.</para> + + <para>System call filtering is not equally effective on all architectures. For example, on x86 filtering of network socket-related calls is not possible, due to ABI limitations — a limitation that x86-64 does not have, however. On systems supporting multiple ABIs at the same time — such as x86/x86-64 — it is hence recommended to limit the set of permitted system call architectures so that secondary ABIs may not be used to diff --git a/man/systemd.generator.xml b/man/systemd.generator.xml index 7ed6a2dc82..60ca0cecad 100644 --- a/man/systemd.generator.xml +++ b/man/systemd.generator.xml @@ -76,14 +76,33 @@ <refsect1> <title>Description</title> - <para>Generators are small executables that live in <filename>&systemgeneratordir;/</filename> and other - directories listed above. - <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry> will execute those - binaries very early at bootup and at configuration reload time — before unit files are loaded. Generators may - dynamically generate unit files (regular ones, instances as well as templates) and unit file - <filename>.d/</filename> drop-ins, or create symbolic links to unit files to add additional dependencies or - instantiate existing templates, thus extending or overriding existing definitions. Their main purpose is to convert - configuration files that are not native unit files dynamically into native unit files.</para> + <para>Generators are small executables that live in + <filename>&systemgeneratordir;/</filename> and other directories listed above. + <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry> + will execute those binaries very early at bootup and at configuration reload time + — before unit files are loaded. Their main purpose is to convert configuration + that is not native into dynamically generated unit files.</para> + + <para>Each generator is called with three directory paths that are to be used for + generator output. In these three directories, generators may dynamically generate + unit files (regular ones, instances, as well as templates), unit file + <filename>.d/</filename> drop-ins, and create symbolic links to unit files to add + additional dependencies, create aliases, or instantiate existing templates. Those + directories are included in the unit load path of + <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + allowing generated configuration to extend or override existing + definitions.</para> + + <para>Directory paths for generator output differ by priority: + <filename>…/generator.early</filename> has priority higher than the admin + configuration in <filename>/etc</filename>, while + <filename>…/generator</filename> has lower priority than + <filename>/etc</filename> but higher than vendor configuration in + <filename>/usr</filename>, and <filename>…/generator.late</filename> has priority + lower than all other configuration. See the next section and the discussion of + unit load paths and unit overriding in + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + </para> <para>Generators are loaded from a set of paths determined during compilation, as listed above. System and user generators are loaded @@ -110,171 +129,153 @@ </refsect1> <refsect1> - <title>Writing generators</title> + <title>Output directories</title> - <para>Generators are invoked with three arguments: paths to - runtime directories where generators can place their generated - unit files or symlinks.</para> + <para>Generators are invoked with three arguments: paths to directories where + generators can place their generated unit files or symlinks. By default those + paths are runtime directories that are included in the search path of + <command>systemd</command>, but a generator may be called with different paths + for debugging purposes.</para> <orderedlist> <listitem> <para><parameter>normal-dir</parameter></para> - <para>argv[1] may be used to override unit files in - <filename>/usr</filename>, but not those in - <filename>/run</filename> or in <filename>/etc</filename>. - This means that unit files placed - in this directory take precedence over vendor unit - configuration but not over native user/administrator unit - configuration.</para> + <para>In normal use this is <filename>/run/systemd/generator</filename> in + case of the system generators and + <filename>$XDG_RUNTIME_DIR/generator</filename> in case of the user + generators. Unit files placed in this directory take precedence over vendor + unit configuration but not over native user/administrator unit configuration. + </para> </listitem> <listitem> <para><parameter>early-dir</parameter></para> - <para>argv[2] may be used to override unit files in - <filename>/usr</filename>, in <filename>/run</filename> and in - <filename>/etc</filename>. This means that unit files placed - in this directory take precedence over all configuration, - both vendor and user/administrator.</para> + <para>In normal use this is <filename>/run/systemd/generator.early</filename> + in case of the system generators and + <filename>$XDG_RUNTIME_DIR/generator.early</filename> in case of the user + generators. Unit files placed in this directory override unit files in + <filename>/usr</filename>, <filename>/run</filename> and + <filename>/etc</filename>. This means that unit files placed in this + directory take precedence over all normal configuration, both vendor and + user/administrator.</para> </listitem> <listitem> <para><parameter>late-dir</parameter></para> - <para>argv[3] may be used to extend the unit file tree without - overriding any other unit files. Any native configuration - files supplied by the vendor or user/administrator take - precedence over the generated ones placed in this directory. - </para> + <para>In normal use this is <filename>/run/systemd/generator.late</filename> + in case of the system generators and + <filename>$XDG_RUNTIME_DIR/generator.late</filename> in case of the user + generators. This directory may be used to extend the unit file tree without + overriding any other unit files. Any native configuration files supplied by + the vendor or user/administrator take precedence.</para> </listitem> </orderedlist> + </refsect1> + + <refsect1> + <title>Notes about writing generators</title> + + <itemizedlist> + <listitem> + <para>All generators are executed in parallel. That means all executables are + started at the very same time and need to be able to cope with this + parallelism. + </para> + </listitem> + + <listitem> + <para>Generators are run very early at boot and cannot rely on any external + services. They may not talk to any other process. That includes simple things + such as logging to + <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>, + or <command>systemd</command> itself (this means: no + <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>)! + Non-essential file systems like <filename>/var</filename> and + <filename>/home</filename> are mounted after generators have run. Generators + can however rely on the most basic kernel functionality to be available, + including a mounted <filename>/sys</filename>, <filename>/proc</filename>, + <filename>/dev</filename>, <filename>/usr</filename>. + </para> + </listitem> + + <listitem> + <para>Units written by generators are removed when the configuration is + reloaded. That means the lifetime of the generated units is closely bound to + the reload cycles of <command>systemd</command> itself.</para> + </listitem> + + <listitem> + <para>Generators should only be used to generate unit files and symlinks to + them, not any other kind of configuration. Due to the lifecycle logic + mentioned above, generators are not a good fit to generate dynamic + configuration for other services. If you need to generate dynamic + configuration for other services, do so in normal services you order before + the service in question.</para> + </listitem> + + <listitem> + <para>Since + <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry> + + is not available (see above), log messages have to be written to + <filename>/dev/kmsg</filename> instead.</para> + </listitem> + + <listitem> + <para>It is a good idea to use the <varname>SourcePath=</varname> directive + in generated unit files to specify the source configuration file you are + generating the unit from. This makes things more easily understood by the + user and also has the benefit that systemd can warn the user about + configuration files that changed on disk but have not been read yet by + systemd.</para> + </listitem> - <refsect2> - <title>Notes</title> - - <itemizedlist> - <listitem> - <para> - All generators are executed in parallel. That means all - executables are started at the very same time and need to - be able to cope with this parallelism. - </para> - </listitem> - - <listitem> - <para> - Generators are run very early at boot and cannot rely on - any external services. They may not talk to any other - process. That includes simple things such as logging to - <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>, - or <command>systemd</command> itself (this means: no - <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>)! - Non-essential file systems like - <filename>/var</filename> and <filename>/home</filename> - are mounted after generators have run. Generators - can however rely on the most basic kernel functionality to be - available, including a mounted <filename>/sys</filename>, - <filename>/proc</filename>, <filename>/dev</filename>, - <filename>/usr</filename>. - </para> - </listitem> - - <listitem> - <para> - Units written by generators are removed when the configuration - is reloaded. That means the lifetime of the generated - units is closely bound to the reload cycles of - <command>systemd</command> itself. - </para> - </listitem> - - <listitem> - <para> - Generators should only be used to generate unit files and symlinks to them, not any other kind of - configuration. Due to the lifecycle logic mentioned above, generators are not a good fit to generate - dynamic configuration for other services. If you need to generate dynamic configuration for other services, - do so in normal services you order before the service in question. - </para> - </listitem> - - <listitem> - <para> - Since - <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry> - is not available (see above), log messages have to be - written to <filename>/dev/kmsg</filename> instead. - </para> - </listitem> - - <listitem> - <para> - It is a good idea to use the - <varname>SourcePath=</varname> directive in generated unit - files to specify the source configuration file you are - generating the unit from. This makes things more easily - understood by the user and also has the benefit that - systemd can warn the user about configuration files that - changed on disk but have not been read yet by systemd. - </para> - </listitem> - - <listitem> - <para> - Generators may write out dynamic unit files or just hook - unit files into other units with the usual - <filename>.wants/</filename> or - <filename>.requires/</filename> symlinks. Often, it is - nicer to simply instantiate a template unit file from - <filename>/usr</filename> with a generator instead of - writing out entirely dynamic unit files. Of course, this - works only if a single parameter is to be used. - </para> - </listitem> - - <listitem> - <para> - If you are careful, you can implement generators in shell - scripts. We do recommend C code however, since generators - are executed synchronously and hence delay the - entire boot if they are slow. - </para> - </listitem> - - <listitem> - <para>Regarding overriding semantics: there are two rules we - try to follow when thinking about the overriding semantics: - </para> - - <orderedlist numeration="lowerroman"> - <listitem> - <para>User configuration should override vendor - configuration. This (mostly) means that stuff from - <filename>/etc</filename> should override stuff from - <filename>/usr</filename>.</para> - </listitem> - - <listitem> - <para>Native configuration should override non-native - configuration. This (mostly) means that stuff you - generate should never override native unit files for the - same purpose.</para> - </listitem> - </orderedlist> - - <para>Of these two rules the first rule is probably the more - important one and breaks the second one sometimes. Hence, - when deciding whether to use argv[1], argv[2], or argv[3], - your default choice should probably be argv[1].</para> - </listitem> - - <listitem> - <para> - Instead of heading off now and writing all kind of - generators for legacy configuration file formats, please - think twice! It is often a better idea to just deprecate - old stuff instead of keeping it artificially alive. - </para> - </listitem> - </itemizedlist> - </refsect2> + <listitem> + <para>Generators may write out dynamic unit files or just hook unit files + into other units with the usual <filename>.wants/</filename> or + <filename>.requires/</filename> symlinks. Often, it is nicer to simply + instantiate a template unit file from <filename>/usr</filename> with a + generator instead of writing out entirely dynamic unit files. Of course, this + works only if a single parameter is to be used.</para> + </listitem> + + <listitem> + <para>If you are careful, you can implement generators in shell scripts. We + do recommend C code however, since generators are executed synchronously and + hence delay the entire boot if they are slow.</para> + </listitem> + + <listitem> + <para>Regarding overriding semantics: there are two rules we try to follow + when thinking about the overriding semantics:</para> + + <orderedlist numeration="lowerroman"> + <listitem> + <para>User configuration should override vendor configuration. This + (mostly) means that stuff from <filename>/etc</filename> should override + stuff from <filename>/usr</filename>.</para> + </listitem> + + <listitem> + <para>Native configuration should override non-native configuration. This + (mostly) means that stuff you generate should never override native unit + files for the same purpose.</para> + </listitem> + </orderedlist> + + <para>Of these two rules the first rule is probably the more important one + and breaks the second one sometimes. Hence, when deciding whether to use + argv[1], argv[2], or argv[3], your default choice should probably be + argv[1].</para> + </listitem> + + <listitem> + <para>Instead of heading off now and writing all kind of generators for + legacy configuration file formats, please think twice! It is often a better + idea to just deprecate old stuff instead of keeping it artificially alive. + </para> + </listitem> + </itemizedlist> </refsect1> <refsect1> @@ -283,22 +284,18 @@ <title>systemd-fstab-generator</title> <para><citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> - converts <filename>/etc/fstab</filename> into native mount - units. It uses argv[1] as location to place the generated unit - files in order to allow the user to override - <filename>/etc/fstab</filename> with her own native unit files, - but also to ensure that <filename>/etc/fstab</filename> - overrides any vendor default from <filename>/usr</filename>. - </para> - - <para>After editing <filename>/etc/fstab</filename>, the user - should invoke <command>systemctl daemon-reload</command>. This - will re-run all generators and cause <command>systemd</command> - to reload units from disk. To actually mount new directories - added to <filename>fstab</filename>, <command>systemctl start - <replaceable>/path/to/mountpoint</replaceable></command> or - <command>systemctl start local-fs.target</command> may be used. - </para> + converts <filename>/etc/fstab</filename> into native mount units. It uses + argv[1] as location to place the generated unit files in order to allow the + user to override <filename>/etc/fstab</filename> with her own native unit + files, but also to ensure that <filename>/etc/fstab</filename> overrides any + vendor default from <filename>/usr</filename>.</para> + + <para>After editing <filename>/etc/fstab</filename>, the user should invoke + <command>systemctl daemon-reload</command>. This will re-run all generators and + cause <command>systemd</command> to reload units from disk. To actually mount + new directories added to <filename>fstab</filename>, <command>systemctl start + <replaceable>/path/to/mountpoint</replaceable></command> or <command>systemctl + start local-fs.target</command> may be used.</para> </example> <example> @@ -307,9 +304,9 @@ <para><citerefentry><refentrytitle>systemd-system-update-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> temporarily redirects <filename>default.target</filename> to <filename>system-update.target</filename>, if a system update is - scheduled. Since this needs to override the default user - configuration for <filename>default.target</filename>, it uses - argv[2]. For details about this logic, see + scheduled. Since this needs to override the default user configuration for + <filename>default.target</filename>, it uses argv[2]. For details about this + logic, see <citerefentry><refentrytitle>systemd.offline-updates</refentrytitle><manvolnum>7</manvolnum></citerefentry>. </para> </example> diff --git a/man/systemd.netdev.xml b/man/systemd.netdev.xml index eb86db9792..af46360f49 100644 --- a/man/systemd.netdev.xml +++ b/man/systemd.netdev.xml @@ -544,7 +544,7 @@ <varlistentry> <term><varname>Remote=</varname></term> <listitem> - <para>Configures destination multicast group IP address.</para> + <para>Configures destination IP address.</para> </listitem> </varlistentry> <varlistentry> @@ -1025,7 +1025,10 @@ <para>The Base64 encoded private key for the interface. It can be generated using the <command>wg genkey</command> command (see <citerefentry project="wireguard"><refentrytitle>wg</refentrytitle><manvolnum>8</manvolnum></citerefentry>). - This option is mandatory to use wireguard.</para> + This option is mandatory to use WireGuard. + Note that because this information is secret, you may want to set + the permissions of the .netdev file to be owned by <literal>root:systemd-networkd</literal> + with a <literal>0640</literal> file mode.</para> </listitem> </varlistentry> <varlistentry> @@ -1040,7 +1043,7 @@ <varlistentry> <term><varname>FwMark=</varname></term> <listitem> - <para>Sets a firewall mark on outgoing wireguard packets from this interface.</para> + <para>Sets a firewall mark on outgoing WireGuard packets from this interface.</para> </listitem> </varlistentry> </variablelist> @@ -1070,7 +1073,10 @@ by the <command>wg genpsk</command> command. This option adds an additional layer of symmetric-key cryptography to be mixed into the already existing public-key cryptography, for post-quantum - resistance.</para> + resistance. + Note that because this information is secret, you may want to set + the permissions of the .netdev file to be owned by <literal>root:systemd-networkd</literal> + with a <literal>0640</literal> file mode.</para> </listitem> </varlistentry> <varlistentry> diff --git a/man/systemd.resource-control.xml b/man/systemd.resource-control.xml index 18b7bf8f6a..5033802c85 100644 --- a/man/systemd.resource-control.xml +++ b/man/systemd.resource-control.xml @@ -484,15 +484,17 @@ <listitem> <para>Takes a boolean argument. If true, turns on IPv4 and IPv6 network traffic accounting for packets sent or received by the unit. When this option is turned on, all IPv4 and IPv6 sockets created by any process of - the unit are accounted for. When this option is used in socket units, it applies to all IPv4 and IPv6 sockets + the unit are accounted for.</para> + + <para>When this option is used in socket units, it applies to all IPv4 and IPv6 sockets associated with it (including both listening and connection sockets where this applies). Note that for socket-activated services, this configuration setting and the accounting data of the service unit and the socket unit are kept separate, and displayed separately. No propagation of the setting and the collected statistics is done, in either direction. Moreover, any traffic sent or received on any of the socket unit's sockets is accounted to the socket unit — and never to the service unit it might have activated, even if the - socket is used by it. Note that IP accounting is currently not supported for slice units, and enabling this - option for them has no effect. The system default for this setting may be controlled with - <varname>DefaultIPAccounting=</varname> in + socket is used by it.</para> + + <para>The system default for this setting may be controlled with <varname>DefaultIPAccounting=</varname> in <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para> </listitem> </varlistentry> diff --git a/man/systemd.service.xml b/man/systemd.service.xml index e796245ae5..b68d351dff 100644 --- a/man/systemd.service.xml +++ b/man/systemd.service.xml @@ -56,7 +56,7 @@ <title>Description</title> <para>A unit configuration file whose name ends in - <filename>.service</filename> encodes information about a process + <literal>.service</literal> encodes information about a process controlled and supervised by systemd.</para> <para>This man page lists the configuration options specific to @@ -1009,9 +1009,7 @@ <para>The command line accepts <literal>%</literal> specifiers as described in - <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. - Note that the first argument of the command line (i.e. the program - to execute) may not include specifiers.</para> + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para> <para>Basic environment variable substitution is supported. Use <literal>${FOO}</literal> as part of a word, or as a word of its diff --git a/man/systemd.special.xml b/man/systemd.special.xml index 2810d6f52c..4f29a24c27 100644 --- a/man/systemd.special.xml +++ b/man/systemd.special.xml @@ -483,7 +483,7 @@ <para>A special target unit for shutting down and powering off the system.</para> - <para>Applications wanting to reboot the system should not start this unit + <para>Applications wanting to power off the system should not start this unit directly, but should instead execute <command>systemctl poweroff</command> (possibly with the <option>--no-block</option> option) or call <citerefentry><refentrytitle>systemd-logind</refentrytitle><manvolnum>8</manvolnum></citerefentry>'s diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml index 90ca378e84..8365cddc42 100644 --- a/man/systemd.unit.xml +++ b/man/systemd.unit.xml @@ -65,19 +65,31 @@ <filename><replaceable>slice</replaceable>.slice</filename>, <filename><replaceable>scope</replaceable>.scope</filename></para> - <para><literallayout><filename>/etc/systemd/system/*</filename> + <para><literallayout><filename>/etc/systemd/system.control/*</filename> +<filename>/run/systemd/system.control/*</filename> +<filename>/run/systemd/transient/*</filename> +<filename>/run/systemd/generator.early/*</filename> +<filename>/etc/systemd/system/*</filename> <filename>/run/systemd/system/*</filename> -<filename>/usr/lib/systemd/system/*</filename> +<filename>/run/systemd/generator/*</filename> <filename>…</filename> +<filename>/usr/lib/systemd/system/*</filename> +<filename>/run/systemd/generator.late/*</filename> </literallayout></para> - <para><literallayout><filename>~/.config/systemd/user/*</filename> + <para><literallayout><filename>~/.config/systemd/user.control/*</filename> +<filename>$XDG_RUNTIME_DIR/systemd/user.control/*</filename> +<filename>$XDG_RUNTIME_DIR/systemd/transient/*</filename> +<filename>$XDG_RUNTIME_DIR/systemd/generator.early/*</filename> +<filename>~/.config/systemd/user/*</filename> <filename>/etc/systemd/user/*</filename> <filename>$XDG_RUNTIME_DIR/systemd/user/*</filename> <filename>/run/systemd/user/*</filename> +<filename>$XDG_RUNTIME_DIR/systemd/generator/*</filename> <filename>~/.local/share/systemd/user/*</filename> -<filename>/usr/lib/systemd/user/*</filename> <filename>…</filename> +<filename>/usr/lib/systemd/user/*</filename> +<filename>$XDG_RUNTIME_DIR/systemd/generator.late/*</filename> </literallayout></para> </refsynopsisdiv> @@ -343,6 +355,22 @@ </thead> <tbody> <row> + <entry><filename>/etc/systemd/system.control</filename></entry> + <entry morerows="1">Persistent and transient configuration created using the dbus API</entry> + </row> + <row> + <entry><filename>/run/systemd/system.control</filename></entry> + </row> + <row> + <entry><filename>/run/systemd/transient</filename></entry> + <entry>Dynamic configuration for transient units</entry> + </row> + <row> + <entry><filename>/run/systemd/generator.early</filename></entry> + <entry>Generated units with high priority (see <replaceable>early-dir</replaceable> in <citerefentry + ><refentrytitle>system.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>)</entry> + </row> + <row> <entry><filename>/etc/systemd/system</filename></entry> <entry>Local configuration</entry> </row> @@ -351,8 +379,21 @@ <entry>Runtime units</entry> </row> <row> + <entry><filename>/run/systemd/generator</filename></entry> + <entry>Generated units with medium priority (see <replaceable>normal-dir</replaceable> in <citerefentry + ><refentrytitle>system.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>)</entry> + </row> + <row> + <entry><filename>/usr/local/lib/systemd/system</filename></entry> + <entry morerows="1">Units of installed packages</entry> + </row> + <row> <entry><filename>/usr/lib/systemd/system</filename></entry> - <entry>Units of installed packages</entry> + </row> + <row> + <entry><filename>/run/systemd/generator.late</filename></entry> + <entry>Generated units with low priority (see <replaceable>late-dir</replaceable> in <citerefentry + ><refentrytitle>system.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>)</entry> </row> </tbody> </tgroup> @@ -374,12 +415,25 @@ </thead> <tbody> <row> - <entry><filename>$XDG_CONFIG_HOME/systemd/user</filename></entry> - <entry>User configuration (only used when $XDG_CONFIG_HOME is set)</entry> + <entry><filename>$XDG_CONFIG_HOME/systemd/user.control</filename> or <filename + >~/.config/systemd/user.control</filename></entry> + <entry morerows="1">Persistent and transient configuration created using the dbus API (<varname>$XDG_CONFIG_HOME</varname> is used if set, <filename>~/.config</filename> otherwise)</entry> + </row> + <row> + <entry><filename>$XDG_RUNTIME_DIR/systemd/user.control</filename></entry> + </row> + <row> + <entry><filename>/run/systemd/transient</filename></entry> + <entry>Dynamic configuration for transient units</entry> + </row> + <row> + <entry><filename>/run/systemd/generator.early</filename></entry> + <entry>Generated units with high priority (see <replaceable>early-dir</replaceable> in <citerefentry + ><refentrytitle>system.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>)</entry> </row> <row> - <entry><filename>$HOME/.config/systemd/user</filename></entry> - <entry>User configuration (only used when $XDG_CONFIG_HOME is not set)</entry> + <entry><filename>$XDG_CONFIG_HOME/systemd/user</filename> or <filename>$HOME/.config/systemd/user</filename></entry> + <entry>User configuration (<varname>$XDG_CONFIG_HOME</varname> is used if set, <filename>~/.config</filename> otherwise)</entry> </row> <row> <entry><filename>/etc/systemd/user</filename></entry> @@ -394,27 +448,50 @@ <entry>Runtime units</entry> </row> <row> - <entry><filename>$XDG_DATA_HOME/systemd/user</filename></entry> - <entry>Units of packages that have been installed in the home directory (only used when $XDG_DATA_HOME is set)</entry> + <entry><filename>$XDG_RUNTIME_DIR/systemd/generator</filename></entry> + <entry>Generated units with medium priority (see <replaceable>normal-dir</replaceable> in <citerefentry + ><refentrytitle>system.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>)</entry> </row> <row> - <entry><filename>$HOME/.local/share/systemd/user</filename></entry> - <entry>Units of packages that have been installed in the home directory (only used when $XDG_DATA_HOME is not set)</entry> + <entry><filename>$XDG_DATA_HOME/systemd/user</filename> or <filename>$HOME/.local/share/systemd/user</filename></entry> + <entry>Units of packages that have been installed in the home directory (<varname>$XDG_DATA_HOME</varname> is used if set, <filename>~/.local/share</filename> otherwise)</entry> + </row> + <row> + <entry><filename>$dir/systemd/user</filename> for each <varname noindex='true'>$dir</varname> in <varname>$XDG_DATA_DIRS</varname></entry> + <entry>Additional locations for installed user units, one for each entry in <varname>$XDG_DATA_DIRS</varname></entry> + </row> + <row> + <entry><filename>/usr/local/lib/systemd/user</filename></entry> + <entry morerows="1">Units of packages that have been installed system-wide</entry> </row> <row> <entry><filename>/usr/lib/systemd/user</filename></entry> - <entry>Units of packages that have been installed system-wide</entry> + </row> + <row> + <entry><filename>$XDG_RUNTIME_DIR/systemd/generator.late</filename></entry> + <entry>Generated units with low priority (see <replaceable>late-dir</replaceable> in <citerefentry + ><refentrytitle>system.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>)</entry> </row> </tbody> </tgroup> </table> - <para>Additional units might be loaded into systemd ("linked") - from directories not on the unit load path. See the - <command>link</command> command for + <para>The set of load paths for the user manager instance may be augmented or + changed using various environment variables. And environment variables may in + turn be set using environment generators, see + <citerefentry><refentrytitle>system.environment-generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>. + In particular, <varname>$XDG_DATA_HOME</varname> and + <varname>$XDG_DATA_DIRS</varname> may be easily set using + <citerefentry><refentrytitle>systemd-environment-d-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>. + Thus, directories listed here are just the defaults. To see the actual list that + would be used based on compilation options and current environment use + <programlisting>systemd-analyze --user unit-paths</programlisting> + </para> + + <para>Moreover, additional units might be loaded into systemd ("linked") from + directories not on the unit load path. See the <command>link</command> command + for <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>. - Also, some units are dynamically created via a - <citerefentry><refentrytitle>systemd.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>. </para> </refsect1> @@ -905,9 +982,7 @@ <term><varname>SuccessAction=</varname></term> <listitem><para>Configure the action to take when the unit stops and enters a failed state or inactive state. Takes the same values as the setting <varname>StartLimitAction=</varname> setting and executes the same - actions (see - <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>). Both options - default to <option>none</option>.</para></listitem> + actions. Both options default to <option>none</option>.</para></listitem> </varlistentry> <varlistentry> @@ -1016,6 +1091,8 @@ <varname>xen</varname>, <varname>bochs</varname>, <varname>uml</varname>, + <varname>bhyve</varname>, + <varname>qnx</varname>, <varname>openvz</varname>, <varname>lxc</varname>, <varname>lxc-libvirt</varname>, diff --git a/man/sysusers.d.xml b/man/sysusers.d.xml index c0d8a1682a..1c87b1bdd1 100644 --- a/man/sysusers.d.xml +++ b/man/sysusers.d.xml @@ -57,11 +57,14 @@ <refsect1> <title>Description</title> - <para><command>systemd-sysusers</command> uses the files from <filename>sysusers.d</filename> directory to create - system users and groups at package installation or boot time. This tool may be used to allocate system users and - groups only, it is not useful for creating non-system (i.e. regular, "human") users and groups, as it accesses - <filename>/etc/passwd</filename> and <filename>/etc/group</filename> directly, bypassing any more complex user - databases, for example any database involving NIS or LDAP.</para> + <para><command>systemd-sysusers</command> uses the files from + <filename>sysusers.d</filename> directory to create system users and groups and + to add users to groups, at package installation or boot time. This tool may be + used to allocate system users and groups only, it is not useful for creating + non-system (i.e. regular, "human") users and groups, as it accesses + <filename>/etc/passwd</filename> and <filename>/etc/group</filename> directly, + bypassing any more complex user databases, for example any database involving NIS + or LDAP.</para> </refsect1> <refsect1> @@ -100,15 +103,16 @@ <refsect1> <title>Configuration File Format</title> - <para>The file format is one line per user or group containing - name, ID, GECOS field description and home directory:</para> + <para>The file format is one line per user or group containing name, ID, GECOS + field description, home directory, and login shell:</para> - <programlisting>#Type Name ID GECOS Home directory -u httpd 440 "HTTP User" -u authd /usr/bin/authd "Authorization user" -g input - - -m authd input -u root 0 "Superuser" /root</programlisting> + <programlisting>#Type Name ID GECOS Home directory Shell +u httpd 404 "HTTP User" +u authd /usr/bin/authd "Authorization user" +u postgres - "Postgresql Database" /var/lib/pgsql /usr/libexec/postgresdb +g input - - +m authd input +u root 0 "Superuser" /root /bin/zsh</programlisting> <para>Empty lines and lines beginning with the <literal>#</literal> character are ignored, and may be used for commenting.</para> @@ -122,14 +126,10 @@ u root 0 "Superuser" /root</programlisting> <variablelist> <varlistentry> <term><varname>u</varname></term> - <listitem><para>Create a system user and group of the - specified name should they not exist yet. The user's primary - group will be set to the group bearing the same name. The - user's shell will be set to - <filename>/sbin/nologin</filename>, the home directory to - the specified home directory, or <filename>/</filename> if - none is given. The account will be created disabled, so that - logins are not allowed.</para></listitem> + <listitem><para>Create a system user and group of the specified name should + they not exist yet. The user's primary group will be set to the group + bearing the same name. The account will be created disabled, so that logins + are not allowed.</para></listitem> </varlistentry> <varlistentry> @@ -187,13 +187,15 @@ u root 0 "Superuser" /root</programlisting> numeric 32-bit UID or GID of the user/group. Do not use IDs 65535 or 4294967295, as they have special placeholder meanings. Specify <literal>-</literal> for automatic UID/GID allocation - for the user or group. Alternatively, specify an absolute path + for the user or group (this is strongly recommended unless it is strictly + necessary to use a specific UID or GID). Alternatively, specify an absolute path in the file system. In this case, the UID/GID is read from the path's owner/group. This is useful to create users whose UID/GID match the owners of pre-existing files (such as SUID or SGID binaries). The syntax <literal><replaceable>uid</replaceable>:<replaceable>gid</replaceable></literal> is also supported to - allow creating user and group pairs with different numeric UID and GID values. The group with the indicated GID must get created explicitly before or it must already exist. + allow creating user and group pairs with different numeric UID and GID values. The group with the indicated GID must get created explicitly before or it must already exist. Specifying <literal>-</literal> for the UID in this syntax + is also supported. </para> <para>For <varname>m</varname> lines, this field should contain @@ -209,37 +211,45 @@ u root 0 "Superuser" /root</programlisting> <refsect2> <title>GECOS</title> - <para>A short, descriptive string for users to be created, - enclosed in quotation marks. Note that this field may not - contain colons.</para> + <para>A short, descriptive string for users to be created, enclosed in + quotation marks. Note that this field may not contain colons.</para> - <para>Only applies to lines of type <varname>u</varname> and - should otherwise be left unset, or be set to - <literal>-</literal>.</para> + <para>Only applies to lines of type <varname>u</varname> and should otherwise + be left unset (or <literal>-</literal>).</para> </refsect2> <refsect2> <title>Home Directory</title> - <para>The home directory for a new system user. If omitted, - defaults to the root directory. It is recommended to not - unnecessarily specify home directories for system users, unless - software strictly requires one to be set.</para> + <para>The home directory for a new system user. If omitted, defaults to the + root directory.</para> - <para>Only applies to lines of type <varname>u</varname> and - should otherwise be left unset, or be set to - <literal>-</literal>.</para> + <para>Only applies to lines of type <varname>u</varname> and should otherwise + be left unset (or <literal>-</literal>). It is recommended to omit this, unless + software strictly requires a home directory to be set.</para> + </refsect2> + + <refsect2> + <title>Shell</title> + + <para>The login shell of the user. If not specified, this will be set to + <filename>/sbin/nologin</filename>, except if the UID of the user is 0, in + which case <filename>/bin/sh</filename> will be used.</para> + + <para>Only applies to lines of type <varname>u</varname> and should otherwise + be left unset (or <literal>-</literal>). It is recommended to omit this, unless + a shell different <filename>/sbin/nologin</filename> must be used.</para> </refsect2> </refsect1> <refsect1> <title>Idempotence</title> - <para>Note that <command>systemd-sysusers</command> will do - nothing if the specified users or groups already exist, so - normally, there is no reason to override - <filename>sysusers.d</filename> vendor configuration, except to - block certain users or groups from being created.</para> + <para>Note that <command>systemd-sysusers</command> will do nothing if the + specified users or groups already exist or the users are members of specified + groups, so normally there is no reason to override + <filename>sysusers.d</filename> vendor configuration, except to block certain + users or groups from being created.</para> </refsect1> <refsect1> diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml index c3a43d36e4..7341495b1d 100644 --- a/man/tmpfiles.d.xml +++ b/man/tmpfiles.d.xml @@ -579,6 +579,13 @@ r! /tmp/.X[0-9]*-lock</programlisting> <literal>~</literal>, the clean-up is only applied to files and directories one level inside the directory specified, but not the files and directories immediately inside it.</para> + + <para>The age of a file system entry is determined from its last + modification timestamp (mtime), its last access timestamp (atime), + and (except for directories) its last status change timestamp + (ctime). Any of these three (or two) values will prevent cleanup + if it is more recent than the current time minus the age + field.</para> </refsect2> <refsect2> diff --git a/man/udevadm.xml b/man/udevadm.xml index 753ddf98da..1495f556f3 100644 --- a/man/udevadm.xml +++ b/man/udevadm.xml @@ -335,6 +335,17 @@ device.</para> </listitem> </varlistentry> + <varlistentry> + <term><option>-w</option></term> + <term><option>--settle</option></term> + <listitem> + <para>Apart from triggering events, also waits for those events to + finish. Note that this is different from calling <command>udevadm + settle</command>. <command>udevadm settle</command> waits for all + events to finish. This option only waits for events triggered by + the same command to finish.</para> + </listitem> + </varlistentry> <xi:include href="standard-options.xml" xpointer="version" /> <xi:include href="standard-options.xml" xpointer="help" /> diff --git a/meson.build b/meson.build index 36a62d280d..30b7f1bafa 100644 --- a/meson.build +++ b/meson.build @@ -16,7 +16,7 @@ # along with systemd; If not, see <http://www.gnu.org/licenses/>. project('systemd', 'c', - version : '237', + version : '238', license : 'LGPLv2+', default_options: [ 'c_std=gnu99', @@ -27,8 +27,8 @@ project('systemd', 'c', meson_version : '>= 0.41', ) -libsystemd_version = '0.21.0' -libudev_version = '1.6.9' +libsystemd_version = '0.22.0' +libudev_version = '1.6.10' # We need the same data in three different formats, ugh! # Also, for hysterical reasons, we use different variable @@ -54,13 +54,26 @@ endif ##################################################################### -split_usr = get_option('split-usr') -conf.set10('HAVE_SPLIT_USR', split_usr) +if get_option('split-usr') == 'auto' + split_usr = run_command('test', '-L', '/bin').returncode() != 0 +else + split_usr = get_option('split-usr') == 'true' +endif +conf.set10('HAVE_SPLIT_USR', split_usr, + description : '/usr/bin and /bin directories are separate') + +if get_option('split-bin') == 'auto' + split_bin = run_command('test', '-L', '/usr/sbin').returncode() != 0 +else + split_bin = get_option('split-bin') == 'true' +endif +conf.set10('HAVE_SPLIT_BIN', split_bin, + description : 'bin and sbin directories are separate') rootprefixdir = get_option('rootprefix') # Unusual rootprefixdir values are used by some distros # (see https://github.com/systemd/systemd/pull/7461). -rootprefix_default = get_option('split-usr') ? '/' : '/usr' +rootprefix_default = split_usr ? '/' : '/usr' if rootprefixdir == '' rootprefixdir = rootprefix_default endif @@ -87,6 +100,7 @@ datadir = join_paths(prefixdir, get_option('datadir')) localstatedir = join_paths('/', get_option('localstatedir')) rootbindir = join_paths(rootprefixdir, 'bin') +rootsbindir = join_paths(rootprefixdir, split_bin ? 'sbin' : 'bin') rootlibexecdir = join_paths(rootprefixdir, 'lib/systemd') rootlibdir = get_option('rootlibdir') @@ -136,13 +150,17 @@ udevhwdbdir = join_paths(udevlibexecdir, 'hwdb.d') catalogdir = join_paths(prefixdir, 'lib/systemd/catalog') kernelinstalldir = join_paths(prefixdir, 'lib/kernel/install.d') factorydir = join_paths(datadir, 'factory') -docdir = join_paths(datadir, 'doc/systemd') bootlibdir = join_paths(prefixdir, 'lib/systemd/boot/efi') testsdir = join_paths(prefixdir, 'lib/systemd/tests') systemdstatedir = join_paths(localstatedir, 'lib/systemd') catalogstatedir = join_paths(systemdstatedir, 'catalog') randomseeddir = join_paths(localstatedir, 'lib/systemd') +docdir = get_option('docdir') +if docdir == '' + docdir = join_paths(datadir, 'doc/systemd') +endif + dbuspolicydir = get_option('dbuspolicydir') if dbuspolicydir == '' dbuspolicydir = join_paths(datadir, 'dbus-1/system.d') @@ -168,6 +186,8 @@ if pamconfdir == '' pamconfdir = join_paths(sysconfdir, 'pam.d') endif +memory_accounting_default = get_option('memory-accounting-default') + conf.set_quoted('PKGSYSCONFDIR', pkgsysconfdir) conf.set_quoted('SYSTEM_CONFIG_UNIT_PATH', join_paths(pkgsysconfdir, 'system')) conf.set_quoted('SYSTEM_DATA_UNIT_PATH', systemunitdir) @@ -175,6 +195,9 @@ conf.set_quoted('SYSTEM_SYSVINIT_PATH', sysvinit_path) conf.set_quoted('SYSTEM_SYSVRCND_PATH', sysvrcnd_path) conf.set_quoted('RC_LOCAL_SCRIPT_PATH_START', get_option('rc-local')) conf.set_quoted('RC_LOCAL_SCRIPT_PATH_STOP', get_option('halt-local')) + +conf.set('ANSI_OK_COLOR', 'ANSI_' + get_option('ok-color').underscorify().to_upper()) + conf.set_quoted('USER_CONFIG_UNIT_PATH', join_paths(pkgsysconfdir, 'user')) conf.set_quoted('USER_DATA_UNIT_PATH', userunitdir) conf.set_quoted('CERTIFICATE_ROOT', get_option('certificate-root')) @@ -213,6 +236,8 @@ conf.set_quoted('SYSTEMD_EXPORT_PATH', join_paths(rootlib conf.set_quoted('VENDOR_KEYRING_PATH', join_paths(rootlibexecdir, 'import-pubring.gpg')) conf.set_quoted('USER_KEYRING_PATH', join_paths(pkgsysconfdir, 'import-pubring.gpg')) conf.set_quoted('DOCUMENT_ROOT', join_paths(pkgdatadir, 'gatewayd')) +conf.set('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_default ? 'true' : 'false') +conf.set_quoted('MEMORY_ACCOUNTING_DEFAULT_ON_OFF', memory_accounting_default ? 'on' : 'off') conf.set_quoted('ABS_BUILD_DIR', meson.build_root()) conf.set_quoted('ABS_SRC_DIR', meson.source_root()) @@ -253,6 +278,7 @@ substs.set('SYSTEM_SYSVINIT_PATH', sysvinit_path) substs.set('SYSTEM_SYSVRCND_PATH', sysvrcnd_path) substs.set('RC_LOCAL_SCRIPT_PATH_START', get_option('rc-local')) substs.set('RC_LOCAL_SCRIPT_PATH_STOP', get_option('halt-local')) +substs.set('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_default ? 'yes' : 'no') ##################################################################### @@ -344,7 +370,7 @@ foreach arg : ['unused-parameter', endif endforeach -if cc.compiles(' +if cc.compiles(''' #include <time.h> #include <inttypes.h> typedef uint64_t usec_t; @@ -353,7 +379,7 @@ if cc.compiles(' struct timespec now; return 0; } -', name : '-Werror=shadow with local shadowing') +''', name : '-Werror=shadow with local shadowing') add_project_arguments('-Werror=shadow', language : 'c') endif @@ -440,6 +466,8 @@ decl_headers = ''' #include <uchar.h> #include <linux/ethtool.h> #include <linux/fib_rules.h> +#include <linux/stat.h> +#include <sys/stat.h> ''' # FIXME: key_serial_t is only defined in keyutils.h, this is bound to fail @@ -448,6 +476,7 @@ foreach decl : ['char16_t', 'key_serial_t', 'struct ethtool_link_settings', 'struct fib_rule_uid_range', + 'struct statx', ] # We get -1 if the size cannot be determined @@ -509,7 +538,11 @@ foreach ident : [ #include <unistd.h>'''], ['bpf', '''#include <sys/syscall.h> #include <unistd.h>'''], + ['statx', '''#include <sys/types.h> + #include <sys/stat.h> + #include <unistd.h>'''], ['explicit_bzero' , '''#include <string.h>'''], + ['reallocarray', '''#include <malloc.h>'''], ] have = cc.has_function(ident[0], prefix : ident[1], args : '-D_GNU_SOURCE') @@ -647,8 +680,11 @@ system_uid_max = get_option('system-uid-max') if system_uid_max == '' system_uid_max = run_command( awk, - 'BEGIN { uid=999 } /^\s*SYS_UID_MAX\s+/ { uid=$2 } END { print uid }', - '/etc/login.defs').stdout() + '/^\s*SYS_UID_MAX\s+/ { uid=$2 } END { print uid }', + '/etc/login.defs').stdout().strip() + if system_uid_max == '' + system_uid_max = '999' + endif endif system_uid_max = system_uid_max.to_int() conf.set('SYSTEM_UID_MAX', system_uid_max) @@ -659,8 +695,11 @@ system_gid_max = get_option('system-gid-max') if system_gid_max == '' system_gid_max = run_command( awk, - 'BEGIN { gid=999 } /^\s*SYS_GID_MAX\s+/ { gid=$2 } END { print gid }', - '/etc/login.defs').stdout() + '/^\s*SYS_GID_MAX\s+/ { gid=$2 } END { print gid }', + '/etc/login.defs').stdout().strip() + if system_gid_max == '' + system_gid_max = '999' + endif endif system_gid_max = system_gid_max.to_int() conf.set('SYSTEM_GID_MAX', system_gid_max) @@ -1431,6 +1470,10 @@ executable('systemd', install : true, install_dir : rootlibexecdir) +meson.add_install_script(meson_make_symlink, + join_paths(rootlibexecdir, 'systemd'), + join_paths(rootsbindir, 'init')) + exe = executable('systemd-analyze', systemd_analyze_sources, include_directories : includes, @@ -1690,6 +1733,12 @@ exe = executable('systemctl', 'src/systemctl/systemctl.c', install_dir : rootbindir) public_programs += [exe] +foreach alias : ['halt', 'poweroff', 'reboot', 'runlevel', 'shutdown', 'telinit'] + meson.add_install_script(meson_make_symlink, + join_paths(rootbindir, 'systemctl'), + join_paths(rootsbindir, alias)) +endforeach + if conf.get('ENABLE_BACKLIGHT') == 1 executable('systemd-backlight', 'src/backlight/backlight.c', @@ -2574,15 +2623,17 @@ install_data('xorg/50-systemd-user.sh', install_dir : xinitrcdir) install_data('modprobe.d/systemd.conf', install_dir : modprobedir) -install_data('README', - 'NEWS', - 'CODING_STYLE', - 'DISTRO_PORTING', - 'ENVIRONMENT.md', - 'LICENSE.GPL2', +install_data('LICENSE.GPL2', 'LICENSE.LGPL2.1', - 'TRANSIENT-SETTINGS.md', - 'UIDS-GIDS.md', + 'NEWS', + 'README', + 'doc/CODING_STYLE', + 'doc/DISTRO_PORTING', + 'doc/ENVIRONMENT.md', + 'doc/HACKING', + 'doc/TRANSIENT-SETTINGS.md', + 'doc/TRANSLATORS', + 'doc/UIDS-GIDS.md', 'src/libsystemd/sd-bus/GVARIANT-SERIALIZATION', install_dir : docdir) @@ -2703,6 +2754,8 @@ run_target( status = [ '@0@ @1@'.format(meson.project_name(), meson.project_version()), + 'split /usr: @0@'.format(split_usr), + 'split bin-sbin: @0@'.format(split_bin), 'prefix directory: @0@'.format(prefixdir), 'rootprefix directory: @0@'.format(rootprefixdir), 'sysconf directory: @0@'.format(sysconfdir), @@ -2839,7 +2892,6 @@ foreach tuple : [ ['man pages', want_man], ['html pages', want_html], ['man page indices', want_man and have_lxml], - ['split /usr', conf.get('HAVE_SPLIT_USR') == 1], ['SysV compat'], ['utmp'], ['ldconfig'], diff --git a/meson_options.txt b/meson_options.txt index 39822d6cdc..4efb422f90 100644 --- a/meson_options.txt +++ b/meson_options.txt @@ -16,8 +16,10 @@ # You should have received a copy of the GNU Lesser General Public License # along with systemd; If not, see <http://www.gnu.org/licenses/>. -option('split-usr', type : 'boolean', value : false, - description : '''assume that /bin, /sbin aren't symlinks into /usr''') +option('split-usr', type : 'combo', choices : ['auto', 'true', 'false'], + description : '''/bin, /sbin aren't symlinks into /usr''') +option('split-bin', type : 'combo', choices : ['auto', 'true', 'false'], + description : '''sbin is not a symlink to bin''') option('rootlibdir', type : 'string', description : '''[/usr]/lib/x86_64-linux-gnu or such''') option('rootprefix', type : 'string', @@ -53,6 +55,8 @@ option('debug-tty', type : 'string', value : '/dev/tty9', description : 'specify the tty device for debug shell') option('debug', type : 'string', description : 'enable extra debugging (hashmap,mmap-cache)') +option('memory-accounting-default', type : 'boolean', + description : 'enable MemoryAccounting= by default') option('utmp', type : 'boolean', description : 'support for utmp/wtmp log handling') @@ -134,6 +138,8 @@ option('pamlibdir', type : 'string', description : 'directory for PAM modules') option('pamconfdir', type : 'string', description : 'directory for PAM configuration ["no" disables]') +option('docdir', type : 'string', + description : 'documentation directory') option('fallback-hostname', type : 'string', value : 'localhost', description : 'the hostname used if none configured') @@ -294,6 +300,14 @@ option('slow-tests', type : 'boolean', value : 'false', option('install-tests', type : 'boolean', value : 'false', description : 'install test executables') +option('ok-color', type: 'combo', + choices : ['black', 'red', 'green', 'yellow', 'blue', 'magenta', 'cyan', + 'white', 'highlight-black', 'highlight-red', 'highlight-green', + 'highlight-yellow', 'highlight-blue', 'highlight-magenta', + 'highlight-cyan', 'highlight-white'], + value : 'green', + description: 'color of the "OK" status message') + option('oss-fuzz', type : 'boolean', value : 'false', description : 'build against oss-fuzz') option('llvm-fuzz', type : 'boolean', value : 'false', diff --git a/mkosi.build b/mkosi.build index 38cfe25025..7cdcd6c741 100755 --- a/mkosi.build +++ b/mkosi.build @@ -25,45 +25,69 @@ set -ex # as out-of-tree build dir. Otherwise, let's make up our own builddir. [ -z "$BUILDDIR" ] && BUILDDIR=build -export LC_CTYPE=en_US.UTF-8 +# Meson uses Python 3 and requires a locale with an UTF-8 character map. +# Not running under UTF-8 makes the `ninja test` step break with a CodecError. +# So let's ensure we're running under UTF-8. +# +# If our current locale already is UTF-8, then we don't need to do anything: +if [ "$(locale charmap)" != "UTF-8" ] ; then + # Try using C.UTF-8 locale, if available. This locale is not shipped + # by upstream glibc, so it's not available in all distros. + # (In particular, it's not available in Arch Linux.) + export LC_CTYPE=C.UTF-8 + if [ "$(locale charmap)" != "UTF-8" ] ; then + # Finally, try something like en_US.UTF-8, which should be + # available in Arch Linux, but is not present in Debian's + # minimal image in our mkosi config. + export LC_CTYPE=en_US.UTF-8 + if [ "$(locale charmap)" != "UTF-8" ] ; then + # If nothing works, fail early. + echo "*** Could not find a valid locale that supports UTF-8. ***" >&2 + exit 1 + fi + fi +fi -sysvinit_path=`realpath /etc/init.d` +if [ ! -f "$BUILDDIR"/build.ninja ] ; then + sysvinit_path=`realpath /etc/init.d` -nobody_user=`id -u -n 65534 2> /dev/null` -if [ "$nobody_user" != "" ] ; then - # Validate that we can translate forth and back - if [ "`id -u $nobody_user`" != 65534 ] ; then - nobody_user="" + nobody_user=`id -u -n 65534 2> /dev/null` + if [ "$nobody_user" != "" ] ; then + # Validate that we can translate forth and back + if [ "`id -u $nobody_user`" != 65534 ] ; then + nobody_user="" + fi fi -fi -if [ "$nobody_user" = "" ] ; then - if id -u nobody 2> /dev/null ; then - # The "nobody" user is defined already for something else, pick the Fedora name - nobody_user=nfsnobody - else - # The "nobody" user name is free, use it - nobody_user=nobody + if [ "$nobody_user" = "" ] ; then + if id -u nobody 2> /dev/null ; then + # The "nobody" user is defined already for something else, pick the Fedora name + nobody_user=nfsnobody + else + # The "nobody" user name is free, use it + nobody_user=nobody + fi fi -fi -nobody_group=`id -g -n 65534 2> /dev/null` -if [ "$nobody_group" != "" ] ; then - # Validate that we can translate forth and back - if [ "`id -g $nobody_group`" != 65534 ] ; then - nobody_group="" + nobody_group=`id -g -n 65534 2> /dev/null` + if [ "$nobody_group" != "" ] ; then + # Validate that we can translate forth and back + if [ "`id -g $nobody_group`" != 65534 ] ; then + nobody_group="" + fi fi -fi -if [ "$nobody_group" = "" ] ; then - if id -u nobody 2> /dev/null ; then - # The "nobody" group is defined already for something else, pick the Fedora name - nobody_group=nfsnobody - else - # The "nobody" group name is free, use it - nobody_group=nobody + if [ "$nobody_group" = "" ] ; then + if id -u nobody 2> /dev/null ; then + # The "nobody" group is defined already for something else, pick the Fedora name + nobody_group=nfsnobody + else + # The "nobody" group name is free, use it + nobody_group=nobody + fi fi + + meson "$BUILDDIR" -D "sysvinit-path=$sysvinit_path" -D default-hierarchy=unified -D man=false -D "nobody-user=$nobody_user" -D "nobody-group=$nobody_group" fi -[ -f "$BUILDDIR"/build.ninja ] || meson "$BUILDDIR" -D "sysvinit-path=$sysvinit_path" -D default-hierarchy=unified -D man=false -D "nobody-user=$nobody_user" -D "nobody-group=$nobody_group" ninja -C "$BUILDDIR" all [ "$WITH_TESTS" = 0 ] || ninja -C "$BUILDDIR" test || ( RET="$?" ; cat "$BUILDDIR"/meson-logs/testlog.txt ; exit "$RET" ) ninja -C "$BUILDDIR" install diff --git a/po/.gitignore b/po/.gitignore new file mode 100644 index 0000000000..46202f3c8b --- /dev/null +++ b/po/.gitignore @@ -0,0 +1 @@ +/systemd.pot diff --git a/po/LINGUAS b/po/LINGUAS index 36949b7234..4bd8e6642f 100644 --- a/po/LINGUAS +++ b/po/LINGUAS @@ -13,6 +13,7 @@ hr hu id it +ja ko pl pt_BR diff --git a/po/POTFILES.in b/po/POTFILES.in index f33c53fb4a..470829acae 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -1,8 +1,9 @@ -src/core/org.freedesktop.systemd1.policy.in.in -src/hostname/org.freedesktop.hostname1.policy.in -src/import/org.freedesktop.import1.policy.in -src/locale/org.freedesktop.locale1.policy.in -src/login/org.freedesktop.login1.policy.in -src/machine/org.freedesktop.machine1.policy.in -src/timedate/org.freedesktop.timedate1.policy.in +src/core/org.freedesktop.systemd1.policy.in +src/hostname/org.freedesktop.hostname1.policy +src/import/org.freedesktop.import1.policy +src/locale/org.freedesktop.locale1.policy +src/login/org.freedesktop.login1.policy +src/machine/org.freedesktop.machine1.policy +src/resolve/org.freedesktop.resolve1.policy +src/timedate/org.freedesktop.timedate1.policy src/core/dbus-unit.c diff --git a/po/POTFILES.skip b/po/POTFILES.skip index b56a9984c4..e6ef4d7920 100644 --- a/po/POTFILES.skip +++ b/po/POTFILES.skip @@ -12,9 +12,9 @@ src/core/dbus-target.c src/core/dbus-timer.c src/core/dbus-unit.c src/core/dbus-scope.c +src/core/org.freedesktop.systemd1.policy src/hostname/hostnamed.c src/locale/localed.c -src/core/org.freedesktop.systemd1.policy.in src/timedate/timedated.c units/user@.service.in units/debug-shell.service.in @@ -1,527 +1,670 @@ # SPDX-License-Identifier: LGPL-2.1+ -# +# # Catalan translation for systemd. # Copyright (C) 2015 systemd's COPYRIGHT HOLDER # This file is distributed under the same license as the systemd package. # Walter Garcia-Fontes <walter.garcia@upf.edu>, 2016. -# +# Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>, 2018. #zanata +# Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>, 2018. #zanata msgid "" msgstr "" -"Project-Id-Version: systemd master\n" +"Project-Id-Version: systemd\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2015-11-22 16:37+0100\n" -"PO-Revision-Date: 2016-12-29 09:02+0100\n" -"Last-Translator: Walter Garcia-Fontes <walter.garcia@upf.edu>\n" -"Language-Team: Català <ubuntu-l10n-ca@lists.ubuntu.com>\n" -"Language: ca\n" +"POT-Creation-Date: 2018-02-19 13:32+0100\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" +"PO-Revision-Date: 2018-02-27 04:18-0500\n" +"Last-Translator: Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>\n" +"Language-Team: Català <ubuntu-l10n-ca@lists.ubuntu.com>\n" +"Language: ca\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Poedit 1.8.7.1\n" +"X-Generator: Zanata 3.9.6\n" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:1 +#: src/core/org.freedesktop.systemd1.policy.in:22 msgid "Send passphrase back to system" -msgstr "Retornar la contrasenya al sistema" +msgstr "Retorna la frase de pas al sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:2 +#: src/core/org.freedesktop.systemd1.policy.in:23 msgid "" "Authentication is required to send the entered passphrase back to the system." -msgstr "Es requereix autenticació per retornar la contrasenya entrada al sistema." +"" +msgstr "" +"Es requereix autenticació per retornar la frase de pas introduïda al sistema." +"" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:3 +#: src/core/org.freedesktop.systemd1.policy.in:33 msgid "Manage system services or other units" -msgstr "Administrar serveis del sistema o d'altres unitats." +msgstr "Gestiona els serveis del sistema o bé altres unitats." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:4 +#: src/core/org.freedesktop.systemd1.policy.in:34 msgid "Authentication is required to manage system services or other units." -msgstr "Es requereix autenticació per administrar els serveis de sistemes o d'altres unitats." +msgstr "" +"Es requereix autenticació per gestionar els serveis del sistema o bé altres " +"unitats." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:5 +#: src/core/org.freedesktop.systemd1.policy.in:43 msgid "Manage system service or unit files" -msgstr "Gestiona un servei de sistema o fitxers d'unitat" +msgstr "Gestiona el servei del sistema o bé fitxers d'unitats" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:6 +#: src/core/org.freedesktop.systemd1.policy.in:44 msgid "Authentication is required to manage system service or unit files." -msgstr "Cal autenticació per gestionar un servei de sistema o fitxers d'unitat." +msgstr "" +"Es requereix autenticació per gestionar un servei del sistema o bé fitxers " +"d'unitats." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:7 +#: src/core/org.freedesktop.systemd1.policy.in:53 msgid "Set or unset system and service manager environment variables" -msgstr "Administrar variables de entorno del sistema y del gestor de servicios" +msgstr "" +"Estableix o desestableix les variables d'entorn del gestor de serveis o del " +"sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:8 +#: src/core/org.freedesktop.systemd1.policy.in:54 msgid "" "Authentication is required to set or unset system and service manager " "environment variables." -msgstr "Cal autenticació per establir o cancel·lar variables d'entorn de sistema o del gestor de serveis." +msgstr "" +"Es requereix autenticació per establir o desestablir les variables d'entorn " +"del gestor de serveis o del sistema." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:9 +#: src/core/org.freedesktop.systemd1.policy.in:63 msgid "Reload the systemd state" -msgstr "Recarrega l'estat del systemd" +msgstr "Torna a carregar l'estat de systemd" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:10 +#: src/core/org.freedesktop.systemd1.policy.in:64 msgid "Authentication is required to reload the systemd state." -msgstr "Cal autenticació per establir el nom de l'ordinador local." +msgstr "Es requereix autenticació per tornar a carregar l'estat de systemd." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:1 +#: src/hostname/org.freedesktop.hostname1.policy:22 msgid "Set host name" -msgstr "Estableix el nom de l'ordinador" +msgstr "Estableix el nom d'amfitrió" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:2 +#: src/hostname/org.freedesktop.hostname1.policy:23 msgid "Authentication is required to set the local host name." -msgstr "Cal autenticació per establir el nom de l'ordinador local." +msgstr "Es requereix autenticació per establir el nom d'amfitrió local." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:3 +#: src/hostname/org.freedesktop.hostname1.policy:32 msgid "Set static host name" -msgstr "Estableix el nom estàtic de l'ordinador" +msgstr "Estableix el nom d'amfitrió estàtic" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:4 +#: src/hostname/org.freedesktop.hostname1.policy:33 msgid "" "Authentication is required to set the statically configured local host name, " "as well as the pretty host name." -msgstr "Cal autenticació per establir el nom configurat estàticament de l'ordinador local, així com el nom de l'ordinador de nivell superior." +msgstr "" +"Es requereix autenticació per establir el nom d'amfitrió local configurat " +"estàticament, així com el nom bonic d'amfitrió." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:5 +#: src/hostname/org.freedesktop.hostname1.policy:43 msgid "Set machine information" -msgstr "Estableix la informació de l'ordinador" +msgstr "Estableix la informació de la màquina" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:6 +#: src/hostname/org.freedesktop.hostname1.policy:44 msgid "Authentication is required to set local machine information." -msgstr "Cal autenticació per establir la informació de l'ordinador local." +msgstr "" +"Es requereix autenticació per establir la informació de la màquina local." -#: ../src/import/org.freedesktop.import1.policy.in.h:1 +#: src/import/org.freedesktop.import1.policy:22 msgid "Import a VM or container image" msgstr "Importa una màquina virtual o una imatge de contenidor" -#: ../src/import/org.freedesktop.import1.policy.in.h:2 +#: src/import/org.freedesktop.import1.policy:23 msgid "Authentication is required to import a VM or container image" -msgstr "Cal autenticació per importar una màquina virtual o una imatge de contenidor" +msgstr "" +"Es requereix autenticació per importar una màquina virtual o una imatge de " +"contenidor" -#: ../src/import/org.freedesktop.import1.policy.in.h:3 +#: src/import/org.freedesktop.import1.policy:32 msgid "Export a VM or container image" msgstr "Exporta una màquina virtual o una imatge de contenidor" -#: ../src/import/org.freedesktop.import1.policy.in.h:4 +#: src/import/org.freedesktop.import1.policy:33 msgid "Authentication is required to export a VM or container image" -msgstr "Cal autenticació per exportar una màquina virtual o una imatge de contenidor" +msgstr "" +"Es requereix autenticació per exportar una màquina virtual o una imatge de " +"contenidor" -#: ../src/import/org.freedesktop.import1.policy.in.h:5 +#: src/import/org.freedesktop.import1.policy:42 msgid "Download a VM or container image" -msgstr "Descarrega una màquina virtual o una imatge de contenidor" +msgstr "Baixa una màquina virtual o una imatge de contenidor" -#: ../src/import/org.freedesktop.import1.policy.in.h:6 +#: src/import/org.freedesktop.import1.policy:43 msgid "Authentication is required to download a VM or container image" -msgstr "Cal autenticació per descarregar una màquina virtual o una imatge de contenidor" +msgstr "" +"Es requereix autenticació per baixar una màquina virtual o una imatge de " +"contenidor" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:1 +#: src/locale/org.freedesktop.locale1.policy:22 msgid "Set system locale" -msgstr "Estableix la regió del sistema" +msgstr "Estableix la configuració regional del sistema" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:2 +#: src/locale/org.freedesktop.locale1.policy:23 msgid "Authentication is required to set the system locale." -msgstr "Cal autenticació per establir la regió del sistema." +msgstr "" +"Es requereix autenticació per establir la configuració regional del sistema." -#: ../src/locale/org.freedesktop.locale1.policy.in.h:3 +#: src/locale/org.freedesktop.locale1.policy:33 msgid "Set system keyboard settings" -msgstr "Estableix la configuració del teclat del sistema." +msgstr "Estableix els ajusts del teclat del sistema" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:4 +#: src/locale/org.freedesktop.locale1.policy:34 msgid "Authentication is required to set the system keyboard settings." -msgstr "Cal autenticació per establir la configuració del teclat del sistema." +msgstr "" +"Es requereix autenticació per establir els ajusts del teclat del sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:1 +#: src/login/org.freedesktop.login1.policy:22 msgid "Allow applications to inhibit system shutdown" msgstr "Permet a les aplicacions inhibir l'apagada del sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:2 +#: src/login/org.freedesktop.login1.policy:23 msgid "" "Authentication is required for an application to inhibit system shutdown." -msgstr "Cal autenticació perquè una aplicació inhibeixi l'apagada del sistema." +msgstr "" +"Es requereix autenticació perquè una aplicació inhibeixi l'apagada del " +"sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:3 +#: src/login/org.freedesktop.login1.policy:33 msgid "Allow applications to delay system shutdown" msgstr "Permet a les aplicacions endarrerir l'apagada del sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:4 -msgid "Authentication is required for an application to delay system shutdown." -msgstr "Cal autenticació perquè una aplicació endarrereixi l'apagada del sistema." +#: src/login/org.freedesktop.login1.policy:34 +msgid "" +"Authentication is required for an application to delay system shutdown." +msgstr "" +"Es requereix autenticació perquè una aplicació endarrereixi l'apagada del " +"sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:5 +#: src/login/org.freedesktop.login1.policy:44 msgid "Allow applications to inhibit system sleep" -msgstr "Permet a les aplicacions inhibir la hibernació del sistema" +msgstr "Permet a les aplicacions inhibir el repòs del sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:6 +#: src/login/org.freedesktop.login1.policy:45 msgid "Authentication is required for an application to inhibit system sleep." -msgstr "Cal autenticació perquè una aplicació inhibeixi la hibernació del sistema." +msgstr "" +"Es requereix autenticació perquè una aplicació inhibeixi el repòs del " +"sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:7 +#: src/login/org.freedesktop.login1.policy:55 msgid "Allow applications to delay system sleep" -msgstr "Permet a les aplicacions endarrerir la hibernació del sistema" +msgstr "Permet a les aplicacions endarrerir el repòs del sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:8 +#: src/login/org.freedesktop.login1.policy:56 msgid "Authentication is required for an application to delay system sleep." -msgstr "Cal autenticació perquè una aplicació endarrereixi la hibernació del sistema." +msgstr "" +"Es requereix autenticació perquè una aplicació endarrereixi el repòs del " +"sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:9 +#: src/login/org.freedesktop.login1.policy:65 msgid "Allow applications to inhibit automatic system suspend" msgstr "Permet a les aplicacions inhibir la suspensió automàtica del sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:10 +#: src/login/org.freedesktop.login1.policy:66 msgid "" "Authentication is required for an application to inhibit automatic system " "suspend." -msgstr "Cal autenticació perquè una aplicació inhibeixi la suspensió automàtica del sistema." +msgstr "" +"Es requereix autenticació perquè una aplicació inhibeixi la suspensió " +"automàtica del sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:11 +#: src/login/org.freedesktop.login1.policy:75 msgid "Allow applications to inhibit system handling of the power key" -msgstr "Permet a les aplicacions inhibir la gestió de la tecla d'encesa per part del sistema" +msgstr "" +"Permet a les aplicacions inhibir la gestió de la tecla d'encesa per part del " +"sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:12 +#: src/login/org.freedesktop.login1.policy:76 msgid "" "Authentication is required for an application to inhibit system handling of " "the power key." -msgstr "Cal autenticació perquè una aplicació inhibeixi la gestió de la tecla d'encesa per part del sistema." +msgstr "" +"Es requereix autenticació perquè una aplicació inhibeixi la gestió de la " +"tecla d'encesa per part del sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:13 +#: src/login/org.freedesktop.login1.policy:86 msgid "Allow applications to inhibit system handling of the suspend key" -msgstr "Permet a les aplicacions inhibir la tecla de suspensió per part del sistema" +msgstr "" +"Permet a les aplicacions inhibir la tecla de suspensió per part del sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:14 +#: src/login/org.freedesktop.login1.policy:87 msgid "" "Authentication is required for an application to inhibit system handling of " "the suspend key." -msgstr "Cal autenticació perquè una aplicació inhibeixi la gestió de la tecla de suspensió per part del sistema." +msgstr "" +"Es requereix autenticació perquè una aplicació inhibeixi la gestió de la " +"tecla de suspensió per part del sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:15 +#: src/login/org.freedesktop.login1.policy:97 msgid "Allow applications to inhibit system handling of the hibernate key" -msgstr "Permet a les aplicacions inhibir la gestió de la tecla d'hibernació per part del sistema" +msgstr "" +"Permet a les aplicacions inhibir la gestió de la tecla d'hibernació per part " +"del sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:16 +#: src/login/org.freedesktop.login1.policy:98 msgid "" "Authentication is required for an application to inhibit system handling of " "the hibernate key." -msgstr "Cal autenticació perquè una aplicació inhibeixi la gestió de la tecla d'hibernació per part del sistema." +msgstr "" +"Es requereix autenticació perquè una aplicació inhibeixi la gestió de la " +"tecla d'hibernació per part del sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:17 +#: src/login/org.freedesktop.login1.policy:107 msgid "Allow applications to inhibit system handling of the lid switch" -msgstr "Permet a les aplicacions la gestió del tancament de la tapa per part del sistema" +msgstr "" +"Permet a les aplicacions la gestió del tancament de la tapa per part del " +"sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:18 +#: src/login/org.freedesktop.login1.policy:108 msgid "" "Authentication is required for an application to inhibit system handling of " "the lid switch." -msgstr "Cal autenticació perquè una aplicació inhibeixi la gestió del tancament de la tapa per part del sistema." +msgstr "" +"Es requereix autenticació perquè una aplicació inhibeixi la gestió del " +"tancament de la tapa per part del sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:19 +#: src/login/org.freedesktop.login1.policy:117 +msgid "Allow non-logged-in user to run programs" +msgstr "Permet a l'usuari sense inici de sessió executar programes" + +#: src/login/org.freedesktop.login1.policy:118 +msgid "Explicit request is required to run programs as a non-logged-in user." +msgstr "" +"Es requereix una sol·licitud explícita per executar programes com a usuari " +"sense inici de sessió." + +#: src/login/org.freedesktop.login1.policy:127 msgid "Allow non-logged-in users to run programs" -msgstr "Permet l'execució de programes als usuaris sense inici de sessió" +msgstr "Permet als usuaris sense inici de sessió executar programes" -#: ../src/login/org.freedesktop.login1.policy.in.h:20 +#: src/login/org.freedesktop.login1.policy:128 msgid "Authentication is required to run programs as a non-logged-in user." -msgstr "Cal autenticació per a la execució de programes per part d'usuaris sense inici de sessió" +msgstr "" +"Es requereix una sol·licitud explícita per executar programes com a usuari " +"sense inici de sessió." -#: ../src/login/org.freedesktop.login1.policy.in.h:21 +#: src/login/org.freedesktop.login1.policy:137 msgid "Allow attaching devices to seats" msgstr "Permet l'annexió de dispositius als llocs de treball" -#: ../src/login/org.freedesktop.login1.policy.in.h:22 +#: src/login/org.freedesktop.login1.policy:138 msgid "Authentication is required for attaching a device to a seat." -msgstr "Cal autenticació per annexar un dispositiu a un lloc de treball." +msgstr "" +"Es requereix autenticació per annexar un dispositiu a un lloc de treball." -#: ../src/login/org.freedesktop.login1.policy.in.h:23 +#: src/login/org.freedesktop.login1.policy:148 msgid "Flush device to seat attachments" -msgstr "Allibera les annexions de dispositius a llocs de treball" +msgstr "Allibera els dispositius a les annexions dels llocs de treball" -#: ../src/login/org.freedesktop.login1.policy.in.h:24 +#: src/login/org.freedesktop.login1.policy:149 msgid "" "Authentication is required for resetting how devices are attached to seats." -msgstr "Cal autenticació per restablir les annexions dels dispositius als llocs de treball." +msgstr "" +"Es requereix autenticació per restablir com s'annexionen els dispositius als " +"llocs de treball." -#: ../src/login/org.freedesktop.login1.policy.in.h:25 +#: src/login/org.freedesktop.login1.policy:158 msgid "Power off the system" msgstr "Apaga el sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:26 +#: src/login/org.freedesktop.login1.policy:159 msgid "Authentication is required for powering off the system." -msgstr "Cal autenticació per apagar el sistema" +msgstr "Es requereix autenticació per apagar el sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:27 +#: src/login/org.freedesktop.login1.policy:169 msgid "Power off the system while other users are logged in" -msgstr "Apaga el sistema mentre que altres usuaris tenen sessió iniciada" +msgstr "Apaga el sistema mentre hi ha altres usuaris amb la sessió iniciada" -#: ../src/login/org.freedesktop.login1.policy.in.h:28 +#: src/login/org.freedesktop.login1.policy:170 msgid "" "Authentication is required for powering off the system while other users are " "logged in." -msgstr "Cal autenticació per apagar el sistema mentre que altres usuaris tenen sessió iniciada." +msgstr "" +"Es requereix autenticació per apagar el sistema mentre hi ha altres usuaris " +"amb la sessió iniciada." -#: ../src/login/org.freedesktop.login1.policy.in.h:29 +#: src/login/org.freedesktop.login1.policy:180 msgid "Power off the system while an application asked to inhibit it" -msgstr "Apaga el sistema mentre que una aplicació ha demanat inhibir-lo" +msgstr "Apaga el sistema mentre hi ha una aplicació que ha demanat inhibir-ho" -#: ../src/login/org.freedesktop.login1.policy.in.h:30 +#: src/login/org.freedesktop.login1.policy:181 msgid "" "Authentication is required for powering off the system while an application " "asked to inhibit it." -msgstr "Cal autenticació per apagar el sistema mentre que una aplicació ha demanat inhibir-lo." +msgstr "" +"Es requereix autenticació per apagar el sistema mentre hi ha una aplicació " +"que ha demanat inhibir-ho." -#: ../src/login/org.freedesktop.login1.policy.in.h:31 +#: src/login/org.freedesktop.login1.policy:191 msgid "Reboot the system" msgstr "Reinicia el sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:32 +#: src/login/org.freedesktop.login1.policy:192 msgid "Authentication is required for rebooting the system." -msgstr "Cal autenticació per reiniciar el sistema." +msgstr "Es requereix autenticació per reiniciar el sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:33 +#: src/login/org.freedesktop.login1.policy:202 msgid "Reboot the system while other users are logged in" -msgstr "Reinicia el sistema mentre hi ha usuaris amb sessió iniciada" +msgstr "Reinicia el sistema mentre hi ha usuaris amb la sessió iniciada" -#: ../src/login/org.freedesktop.login1.policy.in.h:34 +#: src/login/org.freedesktop.login1.policy:203 msgid "" "Authentication is required for rebooting the system while other users are " "logged in." -msgstr "Cal autenticació per reiniciar el sistema mentre hi ha usuaris amb sessió iniciada." +msgstr "" +"Es requereix autenticació per reiniciar el sistema mentre hi ha usuaris amb " +"la sessió iniciada." -#: ../src/login/org.freedesktop.login1.policy.in.h:35 +#: src/login/org.freedesktop.login1.policy:213 msgid "Reboot the system while an application asked to inhibit it" -msgstr "Reinicia el sistema malgrat hi ha una aplicació que ho impedeix" +msgstr "" +"Reinicia el sistema mentre hi ha una aplicació que ha demanat inhibir-ho" -#: ../src/login/org.freedesktop.login1.policy.in.h:36 +#: src/login/org.freedesktop.login1.policy:214 msgid "" "Authentication is required for rebooting the system while an application " "asked to inhibit it." -msgstr "Cal autenticació per reiniciar el sistema malgrat hi ha una aplicació que ho impedeix." +msgstr "" +"Es requereix autenticació per reiniciar el sistema mentre hi ha una " +"aplicació que ha demanat inhibir-ho." + +#: src/login/org.freedesktop.login1.policy:224 +msgid "Halt the system" +msgstr "Atura el sistema" + +#: src/login/org.freedesktop.login1.policy:225 +msgid "Authentication is required for halting the system." +msgstr "Es requereix autenticació per aturar el sistema." + +#: src/login/org.freedesktop.login1.policy:235 +msgid "Halt the system while other users are logged in" +msgstr "Atura el sistema mentre hi ha altres usuaris amb la sessió iniciada" -#: ../src/login/org.freedesktop.login1.policy.in.h:37 +#: src/login/org.freedesktop.login1.policy:236 +msgid "" +"Authentication is required for halting the system while other users are " +"logged in." +msgstr "" +"Es requereix autenticació per aturar el sistema mentre hi ha altres usuaris " +"amb la sessió iniciada." + +#: src/login/org.freedesktop.login1.policy:246 +msgid "Halt the system while an application asked to inhibit it" +msgstr "" +"Atura el sistema mentre hi ha una aplicació que ha demanat d'inhibir-ho" + +#: src/login/org.freedesktop.login1.policy:247 +msgid "" +"Authentication is required for halting the system while an application asked " +"to inhibit it." +msgstr "" +"Es requereix autenticació per aturar el sistema mentre hi ha una aplicació " +"que ha demanat d'inhibir-ho." + +#: src/login/org.freedesktop.login1.policy:257 msgid "Suspend the system" msgstr "Suspèn el sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:38 +#: src/login/org.freedesktop.login1.policy:258 msgid "Authentication is required for suspending the system." -msgstr "Cal autenticació per suspendre el sistema" +msgstr "Es requereix autenticació per suspendre el sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:39 +#: src/login/org.freedesktop.login1.policy:267 msgid "Suspend the system while other users are logged in" -msgstr "Suspèn el sistema mentre hi ha altres usuaris amb sessió iniciada" +msgstr "Suspèn el sistema mentre hi ha altres usuaris amb la sessió iniciada" -#: ../src/login/org.freedesktop.login1.policy.in.h:40 +#: src/login/org.freedesktop.login1.policy:268 msgid "" "Authentication is required for suspending the system while other users are " "logged in." -msgstr "Cal autenticació per reiniciar el sistema mentre hi ha usuaris amb sessió iniciada." +msgstr "" +"Es requereix autenticació per reiniciar el sistema mentre hi ha altres " +"usuaris amb la sessió iniciada." -#: ../src/login/org.freedesktop.login1.policy.in.h:41 +#: src/login/org.freedesktop.login1.policy:278 msgid "Suspend the system while an application asked to inhibit it" -msgstr "Suspèn el sistema mentre una aplicació ha demanat d'inhibir-lo" +msgstr "" +"Suspèn el sistema mentre hi ha una aplicació que ha demanat d'inhibir-ho" -#: ../src/login/org.freedesktop.login1.policy.in.h:42 +#: src/login/org.freedesktop.login1.policy:279 msgid "" "Authentication is required for suspending the system while an application " "asked to inhibit it." -msgstr "Cal autenticació per suspendre el sistema mentre una aplicació ha demanat d'inhibir-lo." +msgstr "" +"Es requereix autenticació per suspendre el sistema mentre hi ha una " +"aplicació que ha demanat d'inhibir-ho." -#: ../src/login/org.freedesktop.login1.policy.in.h:43 +#: src/login/org.freedesktop.login1.policy:289 msgid "Hibernate the system" msgstr "Hiberna el sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:44 +#: src/login/org.freedesktop.login1.policy:290 msgid "Authentication is required for hibernating the system." -msgstr "Cal autenticació per hibernar el sistema." +msgstr "Es requereix autenticació per hibernar el sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:45 +#: src/login/org.freedesktop.login1.policy:299 msgid "Hibernate the system while other users are logged in" -msgstr "Hiberna el sistema mentre hi ha altres usuaris amb sessió iniciada" +msgstr "Hiberna el sistema mentre hi ha altres usuaris amb la sessió iniciada" -#: ../src/login/org.freedesktop.login1.policy.in.h:46 +#: src/login/org.freedesktop.login1.policy:300 msgid "" "Authentication is required for hibernating the system while other users are " "logged in." -msgstr "Cal autenticació per hibernar el sistema mentre hi ha altres usuaris amb sessió iniciada." +msgstr "" +"Es requereix autenticació per hibernar el sistema mentre hi ha altres " +"usuaris amb la sessió iniciada." -#: ../src/login/org.freedesktop.login1.policy.in.h:47 +#: src/login/org.freedesktop.login1.policy:310 msgid "Hibernate the system while an application asked to inhibit it" -msgstr "Hiberna el sistema mentre una aplicació ha demanat inhibir-ho" +msgstr "" +"Hiberna el sistema mentre hi ha una aplicació que ha demanat d'inhibir-ho" -#: ../src/login/org.freedesktop.login1.policy.in.h:48 +#: src/login/org.freedesktop.login1.policy:311 msgid "" "Authentication is required for hibernating the system while an application " "asked to inhibit it." -msgstr "Cal autenticació per hibernar el sistema mentre una aplicació ha demanat inhibir-ho." +msgstr "" +"Es requereix autenticació per hibernar el sistema mentre hi ha una aplicació " +"que ha demanat d'inhibir-ho." -#: ../src/login/org.freedesktop.login1.policy.in.h:49 +#: src/login/org.freedesktop.login1.policy:321 msgid "Manage active sessions, users and seats" msgstr "Gestiona les sessions, usuaris i llocs de treball actius" -#: ../src/login/org.freedesktop.login1.policy.in.h:50 +#: src/login/org.freedesktop.login1.policy:322 msgid "" "Authentication is required for managing active sessions, users and seats." -msgstr "Cal autenticació per administrar les sessions, usuaris i llocs de treball actius." +msgstr "" +"Es requereix autenticació per gestionar les sessions, usuaris i llocs de " +"treball actius." -#: ../src/login/org.freedesktop.login1.policy.in.h:51 +#: src/login/org.freedesktop.login1.policy:331 msgid "Lock or unlock active sessions" msgstr "Bloqueja o desbloqueja les sessions actives" -#: ../src/login/org.freedesktop.login1.policy.in.h:52 +#: src/login/org.freedesktop.login1.policy:332 msgid "Authentication is required to lock or unlock active sessions." -msgstr "Cal autenticació per bloquejar o desbloquejar les sessions actives." +msgstr "" +"Es requereix autenticació per bloquejar o desbloquejar les sessions actives." -#: ../src/login/org.freedesktop.login1.policy.in.h:53 +#: src/login/org.freedesktop.login1.policy:341 msgid "Allow indication to the firmware to boot to setup interface" -msgstr "Permet una indicació al microprogramari per iniciar a la interfície de configuració" +msgstr "" +"Permet la indicació al microprogramari en l'arrencada perquè prepari la " +"interfície" -#: ../src/login/org.freedesktop.login1.policy.in.h:54 +#: src/login/org.freedesktop.login1.policy:342 msgid "" "Authentication is required to indicate to the firmware to boot to setup " "interface." -msgstr "Cal autenticació per indicar al microprogramari que iniciï a la interfície de configuració." +msgstr "" +"Es requereix autenticació per indicar al microprogramari en l'arrencada " +"perquè prepari la interfície." -#: ../src/login/org.freedesktop.login1.policy.in.h:55 +#: src/login/org.freedesktop.login1.policy:351 msgid "Set a wall message" msgstr "Estableix un missatge de mur" -#: ../src/login/org.freedesktop.login1.policy.in.h:56 +#: src/login/org.freedesktop.login1.policy:352 msgid "Authentication is required to set a wall message" -msgstr "Cal autenticació per establir un text de mur" +msgstr "Es requereix autenticació per establir un missatge de mur" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:1 +#: src/machine/org.freedesktop.machine1.policy:22 msgid "Log into a local container" -msgstr "Inicia sessió a un contenidor local" +msgstr "Inicia la sessió a un contenidor local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:2 +#: src/machine/org.freedesktop.machine1.policy:23 msgid "Authentication is required to log into a local container." -msgstr "Cal autenticació per iniciar sessió a un contenidor local." +msgstr "" +"Es requereix autenticació per iniciar la sessió a un contenidor local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:3 +#: src/machine/org.freedesktop.machine1.policy:32 msgid "Log into the local host" -msgstr "Inicia sessió a l'ordinador local" +msgstr "Inicia la sessió a l'amfitrió local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:4 +#: src/machine/org.freedesktop.machine1.policy:33 msgid "Authentication is required to log into the local host." -msgstr "Cal autenticació per iniciar sessió a l'ordinador local." +msgstr "Es requereix autenticació per iniciar la sessió a l'amfitrió local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:5 +#: src/machine/org.freedesktop.machine1.policy:42 msgid "Acquire a shell in a local container" -msgstr "Adquireix un intèrpret d'ordres a un contenidor local" +msgstr "Adquireix un shell en un contenidor local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:6 +#: src/machine/org.freedesktop.machine1.policy:43 msgid "Authentication is required to acquire a shell in a local container." -msgstr "Cal autenticació per adquirir un intèrpret d'ordres a un contenidor local." +msgstr "" +"Es requereix autenticació per adquirir un shell en un contenidor local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:7 +#: src/machine/org.freedesktop.machine1.policy:53 msgid "Acquire a shell on the local host" -msgstr "Adquireix un intèrpret d'ordres a l'ordinador local" +msgstr "Adquireix un shell a l'amfitrió local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:8 +#: src/machine/org.freedesktop.machine1.policy:54 msgid "Authentication is required to acquire a shell on the local host." -msgstr "Cal autenticació per adquirir un intèrpret d'ordres a l'ordinador local." +msgstr "Es requereix autenticació per adquirir un shell a l'amfitrió local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:9 +#: src/machine/org.freedesktop.machine1.policy:64 msgid "Acquire a pseudo TTY in a local container" -msgstr "Adquireix un pseudo-terminal al contenidor local" +msgstr "Adquireix un pseudo TTY en un contenidor local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:10 +#: src/machine/org.freedesktop.machine1.policy:65 msgid "" "Authentication is required to acquire a pseudo TTY in a local container." -msgstr "Cal autenticació per adquirir una pseudo-terminal al contenidor local." +msgstr "" +"Es requereix autenticació per adquirir un pseudo TTY en un contenidor local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:11 +#: src/machine/org.freedesktop.machine1.policy:74 msgid "Acquire a pseudo TTY on the local host" -msgstr "Adquireix una pseudo-terminal a l'ordinador local" +msgstr "Adquireix un pseudo TTY a l'amfitrió local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:12 +#: src/machine/org.freedesktop.machine1.policy:75 msgid "Authentication is required to acquire a pseudo TTY on the local host." -msgstr "Cal autenticació per adquirir una pseudo-terminal a l'ordinador local." +msgstr "" +"Es requereix autenticació per adquirir un pseudo TTY a l'amfitrió local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:13 +#: src/machine/org.freedesktop.machine1.policy:84 msgid "Manage local virtual machines and containers" msgstr "Gestiona les màquines virtuals i els contenidors locals " -#: ../src/machine/org.freedesktop.machine1.policy.in.h:14 +#: src/machine/org.freedesktop.machine1.policy:85 msgid "" "Authentication is required to manage local virtual machines and containers." -msgstr "Cal autenticació per gestionar les màquines virtuals i els contenidors locals." +msgstr "" +"Es requereix autenticació per gestionar les màquines virtuals i els " +"contenidors locals." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:15 +#: src/machine/org.freedesktop.machine1.policy:95 msgid "Manage local virtual machine and container images" -msgstr "Gestiona les imatges locals de màquines virtuals i contenidors" +msgstr "Gestiona les màquines virtuals i les imatges dels contenidors locals" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:16 +#: src/machine/org.freedesktop.machine1.policy:96 msgid "" "Authentication is required to manage local virtual machine and container " "images." -msgstr "Cal autenticació per gestionar les imatges locals de màquines virtuals i contenidors." +msgstr "" +"Es requereix autenticació per gestionar les màquines virtuals i les imatges " +"dels contenidors locals." + +#: src/resolve/org.freedesktop.resolve1.policy:22 +msgid "Register a DNS-SD service" +msgstr "Registra un servei DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy:23 +msgid "Authentication is required to register a DNS-SD service" +msgstr "Es requereix autenticació per registrar un servei DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy:33 +msgid "Unregister a DNS-SD service" +msgstr "Desregistra un servei DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy:34 +msgid "Authentication is required to unregister a DNS-SD service" +msgstr "Es requereix autenticació per desregistrar un servei DNS-SD" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:1 +#: src/timedate/org.freedesktop.timedate1.policy:22 msgid "Set system time" -msgstr "Estableix la data i l'hora del sistema" +msgstr "Estableix l'hora del sistema" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:2 +#: src/timedate/org.freedesktop.timedate1.policy:23 msgid "Authentication is required to set the system time." -msgstr "Cal autenticació per establir la data i l'hora del sistema." +msgstr "Es requereix autenticació per establir l'hora del sistema." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:3 +#: src/timedate/org.freedesktop.timedate1.policy:33 msgid "Set system timezone" msgstr "Estableix la zona horària del sistema" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:4 +#: src/timedate/org.freedesktop.timedate1.policy:34 msgid "Authentication is required to set the system timezone." -msgstr "Cal autenticació per establir la zona horària del sistema." +msgstr "Es requereix autenticació per establir la zona horària del sistema." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:5 +#: src/timedate/org.freedesktop.timedate1.policy:43 msgid "Set RTC to local timezone or UTC" -msgstr "Estableix el rellotge del sistema a la zona horària local o a UTC" +msgstr "Estableix el rellotge del sistema a la zona horària local o de l'UTC" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:6 +#: src/timedate/org.freedesktop.timedate1.policy:44 msgid "" "Authentication is required to control whether the RTC stores the local or " "UTC time." -msgstr "Cal autenticació per controlar si el rellotge del sistema emmagatzema la data i l'hora locals o UTC." +msgstr "" +"Es requereix autenticació per controlar si el rellotge del sistema " +"emmagatzema l'hora local o l'UTC." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:7 +#: src/timedate/org.freedesktop.timedate1.policy:54 msgid "Turn network time synchronization on or off" -msgstr "Activa o desactiva la sincronització de data i hora de xarxa" +msgstr "Activa o desactiva la sincronització de l'hora de xarxa" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:8 +#: src/timedate/org.freedesktop.timedate1.policy:55 msgid "" "Authentication is required to control whether network time synchronization " "shall be enabled." -msgstr "Cal autenticació per controlar si s'ha d'activar la sincronització de data i hora de xarxa." +msgstr "" +"Es requereix autenticació per controlar si s'ha d'activar la sincronització " +"de l'hora de xarxa." -#: ../src/core/dbus-unit.c:428 +#: src/core/dbus-unit.c:496 msgid "Authentication is required to start '$(unit)'." -msgstr "Cal autenticació per iniciar «$(unit)»." +msgstr "Es requereix autenticació per iniciar «$(unit)»." -#: ../src/core/dbus-unit.c:429 +#: src/core/dbus-unit.c:497 msgid "Authentication is required to stop '$(unit)'." -msgstr "Cal autenticació per aturar «$(unit)»." +msgstr "Es requereix autenticació per aturar «$(unit)»." -#: ../src/core/dbus-unit.c:430 +#: src/core/dbus-unit.c:498 msgid "Authentication is required to reload '$(unit)'." -msgstr "Cal autenticació per tornar a carregar «$(unit)»." +msgstr "Es requereix autenticació per tornar a carregar «$(unit)»." -#: ../src/core/dbus-unit.c:431 ../src/core/dbus-unit.c:432 +#: src/core/dbus-unit.c:499 src/core/dbus-unit.c:500 msgid "Authentication is required to restart '$(unit)'." -msgstr "Cal autenticació per tornar a reiniciar «$(unit)»." +msgstr "Es requereix autenticació per reiniciar «$(unit)»." -#: ../src/core/dbus-unit.c:535 +#: src/core/dbus-unit.c:607 msgid "Authentication is required to kill '$(unit)'." -msgstr "Cal autenticació per matar a «$(unit)»." +msgstr "Es requereix autenticació per matar «$(unit)»." -#: ../src/core/dbus-unit.c:565 +#: src/core/dbus-unit.c:638 msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." -msgstr "Cal autenticació per reiniciar l'estat «fallat» de «$(unit)»." +msgstr "" +"Es requereix autenticació per restablir l'estat «failed» de «$(unit)»." -#: ../src/core/dbus-unit.c:597 +#: src/core/dbus-unit.c:671 msgid "Authentication is required to set properties on '$(unit)'." -msgstr "Cal autenticació per establir propietats a «$(unit)»." - -#~ msgid "Press Ctrl+C to cancel all filesystem checks in progress" -#~ msgstr "" -#~ "Presione Ctrl+C para cancelar todas las comprobaciones del sistema de " -#~ "archivos en curso" +msgstr "Es requereix autenticació per establir les propietats a «$(unit)»." -#~ msgid "Checking in progress on %d disk (%3.1f%% complete)" -#~ msgid_plural "Checking in progress on %d disks (%3.1f%% complete)" -#~ msgstr[0] "Comprobando progreso en %d disco (%3.1f %% completado)" -#~ msgstr[1] "Comprobando progreso en %d discos (%3.1f %% completado)" @@ -9,8 +9,8 @@ msgid "" msgstr "" "Project-Id-Version: systemd\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2016-04-24 21:13+0200\n" -"PO-Revision-Date: 2017-10-18 21:30+0200\n" +"POT-Creation-Date: 2018-02-13 20:30+0100\n" +"PO-Revision-Date: 2018-02-13 21:45+0200\n" "Last-Translator: Sylvain Plantefève <sylvain.plantefeve@gmail.com>\n" "Language-Team: French\n" "Language: fr\n" @@ -19,41 +19,41 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:1 +#: src/core/org.freedesktop.systemd1.policy.in.in:22 msgid "Send passphrase back to system" msgstr "Renvoyer la phrase secrète au système" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:2 +#: src/core/org.freedesktop.systemd1.policy.in.in:23 msgid "" "Authentication is required to send the entered passphrase back to the system." msgstr "Authentification requise pour renvoyer la phrase secrète au système." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:3 +#: src/core/org.freedesktop.systemd1.policy.in.in:33 msgid "Manage system services or other units" msgstr "Gérer les services système ou les unités" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:4 +#: src/core/org.freedesktop.systemd1.policy.in.in:34 msgid "Authentication is required to manage system services or other units." msgstr "" "Authentification requise pour gérer les services système ou les unités." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:5 +#: src/core/org.freedesktop.systemd1.policy.in.in:43 msgid "Manage system service or unit files" msgstr "Gérer le service système ou ses fichiers unités" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:6 +#: src/core/org.freedesktop.systemd1.policy.in.in:44 msgid "Authentication is required to manage system service or unit files." msgstr "" "Authentification requise pour gérer le service système ou ses fichiers " "unités." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:7 +#: src/core/org.freedesktop.systemd1.policy.in.in:53 msgid "Set or unset system and service manager environment variables" msgstr "" "Définir ou supprimer des variables d'environnement du système ou du " "gestionnaire de services" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:8 +#: src/core/org.freedesktop.systemd1.policy.in.in:54 msgid "" "Authentication is required to set or unset system and service manager " "environment variables." @@ -61,27 +61,27 @@ msgstr "" "Authentification requise pour définir ou supprimer des variables " "d'environnement du système ou du gestionnaire de services." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:9 +#: src/core/org.freedesktop.systemd1.policy.in.in:63 msgid "Reload the systemd state" msgstr "Recharger l'état de systemd" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:10 +#: src/core/org.freedesktop.systemd1.policy.in.in:64 msgid "Authentication is required to reload the systemd state." msgstr "Authentification requise pour recharger l'état de systemd" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:1 +#: src/hostname/org.freedesktop.hostname1.policy.in:22 msgid "Set host name" msgstr "Définir le nom d'hôte" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:2 +#: src/hostname/org.freedesktop.hostname1.policy.in:23 msgid "Authentication is required to set the local host name." msgstr "Authentification requise pour définir le nom d'hôte local." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:3 +#: src/hostname/org.freedesktop.hostname1.policy.in:32 msgid "Set static host name" msgstr "Définir le nom d'hôte statique" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:4 +#: src/hostname/org.freedesktop.hostname1.policy.in:33 msgid "" "Authentication is required to set the statically configured local host name, " "as well as the pretty host name." @@ -89,109 +89,109 @@ msgstr "" "Authentification requise pour définir le nom d'hôte local de manière " "statique, tout comme le nom d'hôte familier." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:5 +#: src/hostname/org.freedesktop.hostname1.policy.in:43 msgid "Set machine information" msgstr "Définir les informations sur la machine" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:6 +#: src/hostname/org.freedesktop.hostname1.policy.in:44 msgid "Authentication is required to set local machine information." msgstr "" "Authentification requise pour définir les informations sur la machine locale." -#: ../src/import/org.freedesktop.import1.policy.in.h:1 +#: src/import/org.freedesktop.import1.policy.in:22 msgid "Import a VM or container image" msgstr "Importer une image de machine virtuelle (VM) ou de conteneur" -#: ../src/import/org.freedesktop.import1.policy.in.h:2 +#: src/import/org.freedesktop.import1.policy.in:23 msgid "Authentication is required to import a VM or container image" msgstr "" "Authentification requise pour importer une image de machine virtuelle (VM) " "ou de conteneur." -#: ../src/import/org.freedesktop.import1.policy.in.h:3 +#: src/import/org.freedesktop.import1.policy.in:32 msgid "Export a VM or container image" msgstr "Exporter une image de machine virtuelle (VM) ou de conteneur" -#: ../src/import/org.freedesktop.import1.policy.in.h:4 +#: src/import/org.freedesktop.import1.policy.in:33 msgid "Authentication is required to export a VM or container image" msgstr "" "Authentification requise pour exporter une image de machine virtuelle (VM) " "ou de conteneur." -#: ../src/import/org.freedesktop.import1.policy.in.h:5 +#: src/import/org.freedesktop.import1.policy.in:42 msgid "Download a VM or container image" msgstr "Télécharger une image de machine virtuelle (VM) ou de conteneur" -#: ../src/import/org.freedesktop.import1.policy.in.h:6 +#: src/import/org.freedesktop.import1.policy.in:43 msgid "Authentication is required to download a VM or container image" msgstr "" "Authentification requise pour télécharger une image de machine virtuelle " "(VM) ou de conteneur." -#: ../src/locale/org.freedesktop.locale1.policy.in.h:1 +#: src/locale/org.freedesktop.locale1.policy.in:22 msgid "Set system locale" msgstr "Définir la langue du système" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:2 +#: src/locale/org.freedesktop.locale1.policy.in:23 msgid "Authentication is required to set the system locale." msgstr "Authentification requise pour définir la langue du système." -#: ../src/locale/org.freedesktop.locale1.policy.in.h:3 +#: src/locale/org.freedesktop.locale1.policy.in:33 msgid "Set system keyboard settings" msgstr "Définir les paramètres de clavier du système" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:4 +#: src/locale/org.freedesktop.locale1.policy.in:34 msgid "Authentication is required to set the system keyboard settings." msgstr "" "Authentification requise pour définir les paramètres de clavier du système." -#: ../src/login/org.freedesktop.login1.policy.in.h:1 +#: src/login/org.freedesktop.login1.policy.in:22 msgid "Allow applications to inhibit system shutdown" msgstr "Permet aux applications d'empêcher l'arrêt du système" -#: ../src/login/org.freedesktop.login1.policy.in.h:2 +#: src/login/org.freedesktop.login1.policy.in:23 msgid "" "Authentication is required for an application to inhibit system shutdown." msgstr "" "Authentification requise pour permettre à une application d'empêcher l'arrêt " "du système." -#: ../src/login/org.freedesktop.login1.policy.in.h:3 +#: src/login/org.freedesktop.login1.policy.in:33 msgid "Allow applications to delay system shutdown" msgstr "Permet aux applications de retarder l'arrêt du système" -#: ../src/login/org.freedesktop.login1.policy.in.h:4 +#: src/login/org.freedesktop.login1.policy.in:34 msgid "Authentication is required for an application to delay system shutdown." msgstr "" "Authentification requise pour permettre à une application de retarder " "l'arrêt du système." -#: ../src/login/org.freedesktop.login1.policy.in.h:5 +#: src/login/org.freedesktop.login1.policy.in:44 msgid "Allow applications to inhibit system sleep" msgstr "Permet aux applications d'empêcher la mise en veille du système" -#: ../src/login/org.freedesktop.login1.policy.in.h:6 +#: src/login/org.freedesktop.login1.policy.in:45 msgid "Authentication is required for an application to inhibit system sleep." msgstr "" "Authentification requise pour permettre à une application d'empêcher la mise " "en veille du système." -#: ../src/login/org.freedesktop.login1.policy.in.h:7 +#: src/login/org.freedesktop.login1.policy.in:55 msgid "Allow applications to delay system sleep" msgstr "Permet aux applications de retarder la mise en veille du système" -#: ../src/login/org.freedesktop.login1.policy.in.h:8 +#: src/login/org.freedesktop.login1.policy.in:56 msgid "Authentication is required for an application to delay system sleep." msgstr "" "Authentification requise pour permettre à une application de retarder la " "mise en veille du système." -#: ../src/login/org.freedesktop.login1.policy.in.h:9 +#: src/login/org.freedesktop.login1.policy.in:65 msgid "Allow applications to inhibit automatic system suspend" msgstr "" "Permet aux applications d'empêcher l'hibernation automatique du système" -#: ../src/login/org.freedesktop.login1.policy.in.h:10 +#: src/login/org.freedesktop.login1.policy.in:66 msgid "" "Authentication is required for an application to inhibit automatic system " "suspend." @@ -199,13 +199,13 @@ msgstr "" "Authentification requise pour permettre à une application d'empêcher " "l'hibernation automatique du système." -#: ../src/login/org.freedesktop.login1.policy.in.h:11 +#: src/login/org.freedesktop.login1.policy.in:75 msgid "Allow applications to inhibit system handling of the power key" msgstr "" "Permet aux applications d'empêcher la gestion du bouton d'alimentation du " "système" -#: ../src/login/org.freedesktop.login1.policy.in.h:12 +#: src/login/org.freedesktop.login1.policy.in:76 msgid "" "Authentication is required for an application to inhibit system handling of " "the power key." @@ -213,13 +213,13 @@ msgstr "" "Authentification requise pour permettre à une application d'empêcher la " "gestion du bouton d'alimentation du système." -#: ../src/login/org.freedesktop.login1.policy.in.h:13 +#: src/login/org.freedesktop.login1.policy.in:86 msgid "Allow applications to inhibit system handling of the suspend key" msgstr "" "Permet aux applications d'empêcher la gestion du bouton de mise en veille du " "système" -#: ../src/login/org.freedesktop.login1.policy.in.h:14 +#: src/login/org.freedesktop.login1.policy.in:87 msgid "" "Authentication is required for an application to inhibit system handling of " "the suspend key." @@ -227,13 +227,13 @@ msgstr "" "Authentification requise pour permettre à une application d'empêcher la " "gestion du bouton de mise en veille du système." -#: ../src/login/org.freedesktop.login1.policy.in.h:15 +#: src/login/org.freedesktop.login1.policy.in:97 msgid "Allow applications to inhibit system handling of the hibernate key" msgstr "" "Permet aux applications d'empêcher la gestion du bouton d'hibernation du " "système" -#: ../src/login/org.freedesktop.login1.policy.in.h:16 +#: src/login/org.freedesktop.login1.policy.in:98 msgid "" "Authentication is required for an application to inhibit system handling of " "the hibernate key." @@ -241,13 +241,13 @@ msgstr "" "Authentification requise pour permettre à une application d'empêcher la " "gestion du bouton d'hibernation du système." -#: ../src/login/org.freedesktop.login1.policy.in.h:17 +#: src/login/org.freedesktop.login1.policy.in:107 msgid "Allow applications to inhibit system handling of the lid switch" msgstr "" "Permet aux applications d'empêcher la gestion par le système du rabat de " "l'écran" -#: ../src/login/org.freedesktop.login1.policy.in.h:18 +#: src/login/org.freedesktop.login1.policy.in:108 msgid "" "Authentication is required for an application to inhibit system handling of " "the lid switch." @@ -255,59 +255,59 @@ msgstr "" "Authentification requise pour permettre à une application d'empêcher la " "gestion par le système du rabat de l'écran." -#: ../src/login/org.freedesktop.login1.policy.in.h:19 +#: src/login/org.freedesktop.login1.policy.in:117 msgid "Allow non-logged-in user to run programs" msgstr "Permet à un utilisateur non connecté d'exécuter des programmes" -#: ../src/login/org.freedesktop.login1.policy.in.h:20 +#: src/login/org.freedesktop.login1.policy.in:118 msgid "Explicit request is required to run programs as a non-logged-in user." msgstr "" "Requête explicite requise pour exécuter des programmes en tant " "qu'utilisateur non connecté." -#: ../src/login/org.freedesktop.login1.policy.in.h:21 +#: src/login/org.freedesktop.login1.policy.in:127 msgid "Allow non-logged-in users to run programs" msgstr "Permet aux utilisateurs non connectés d'exécuter des programmes" -#: ../src/login/org.freedesktop.login1.policy.in.h:22 +#: src/login/org.freedesktop.login1.policy.in:128 msgid "Authentication is required to run programs as a non-logged-in user." msgstr "" "Authentification requise pour exécuter des programmes en tant qu'utilisateur " "non connecté." -#: ../src/login/org.freedesktop.login1.policy.in.h:23 +#: src/login/org.freedesktop.login1.policy.in:137 msgid "Allow attaching devices to seats" msgstr "Permet d'associer des périphériques à des postes (seats)" -#: ../src/login/org.freedesktop.login1.policy.in.h:24 +#: src/login/org.freedesktop.login1.policy.in:138 msgid "Authentication is required for attaching a device to a seat." msgstr "" "Authentification requise pour associer un périphérique à un poste (seat)." -#: ../src/login/org.freedesktop.login1.policy.in.h:25 +#: src/login/org.freedesktop.login1.policy.in:148 msgid "Flush device to seat attachments" msgstr "Révoquer les associations de périphériques aux postes (seats)" -#: ../src/login/org.freedesktop.login1.policy.in.h:26 +#: src/login/org.freedesktop.login1.policy.in:149 msgid "" "Authentication is required for resetting how devices are attached to seats." msgstr "" "Authentification requise pour révoquer les associations de périphériques aux " "postes (seats)." -#: ../src/login/org.freedesktop.login1.policy.in.h:27 +#: src/login/org.freedesktop.login1.policy.in:158 msgid "Power off the system" msgstr "Éteindre le système" -#: ../src/login/org.freedesktop.login1.policy.in.h:28 +#: src/login/org.freedesktop.login1.policy.in:159 msgid "Authentication is required for powering off the system." msgstr "Authentification requise pour éteindre le système." -#: ../src/login/org.freedesktop.login1.policy.in.h:29 +#: src/login/org.freedesktop.login1.policy.in:169 msgid "Power off the system while other users are logged in" msgstr "Éteindre le système alors que d'autres utilisateurs sont connectés" -#: ../src/login/org.freedesktop.login1.policy.in.h:30 +#: src/login/org.freedesktop.login1.policy.in:170 msgid "" "Authentication is required for powering off the system while other users are " "logged in." @@ -315,11 +315,11 @@ msgstr "" "Authentification requise pour éteindre le système alors que d'autres " "utilisateurs sont connectés." -#: ../src/login/org.freedesktop.login1.policy.in.h:31 +#: src/login/org.freedesktop.login1.policy.in:180 msgid "Power off the system while an application asked to inhibit it" msgstr "Éteindre le système alors qu'une application a demandé de l'empêcher" -#: ../src/login/org.freedesktop.login1.policy.in.h:32 +#: src/login/org.freedesktop.login1.policy.in:181 msgid "" "Authentication is required for powering off the system while an application " "asked to inhibit it." @@ -327,19 +327,19 @@ msgstr "" "Authentification requise pour éteindre le système alors qu'une application a " "demandé de l'empêcher." -#: ../src/login/org.freedesktop.login1.policy.in.h:33 +#: src/login/org.freedesktop.login1.policy.in:191 msgid "Reboot the system" msgstr "Redémarrer le système" -#: ../src/login/org.freedesktop.login1.policy.in.h:34 +#: src/login/org.freedesktop.login1.policy.in:192 msgid "Authentication is required for rebooting the system." msgstr "Authentification requise pour redémarrer le système." -#: ../src/login/org.freedesktop.login1.policy.in.h:35 +#: src/login/org.freedesktop.login1.policy.in:202 msgid "Reboot the system while other users are logged in" msgstr "Redémarrer le système alors que d'autres utilisateurs sont connectés" -#: ../src/login/org.freedesktop.login1.policy.in.h:36 +#: src/login/org.freedesktop.login1.policy.in:203 msgid "" "Authentication is required for rebooting the system while other users are " "logged in." @@ -347,11 +347,11 @@ msgstr "" "Authentification requise pour redémarrer le système alors que d'autres " "utilisateurs sont connectés." -#: ../src/login/org.freedesktop.login1.policy.in.h:37 +#: src/login/org.freedesktop.login1.policy.in:213 msgid "Reboot the system while an application asked to inhibit it" msgstr "Redémarrer le système alors qu'une application a demandé de l'empêcher" -#: ../src/login/org.freedesktop.login1.policy.in.h:38 +#: src/login/org.freedesktop.login1.policy.in:214 msgid "" "Authentication is required for rebooting the system while an application " "asked to inhibit it." @@ -359,20 +359,19 @@ msgstr "" "Authentification requise pour redémarrer le système alors qu'une application " "a demandé de l'empêcher." -#: ../src/login/org.freedesktop.login1.policy.in.h:39 +#: src/login/org.freedesktop.login1.policy.in:224 msgid "Halt the system" msgstr "Arrêter le système" -#: ../src/login/org.freedesktop.login1.policy.in.h:40 +#: src/login/org.freedesktop.login1.policy.in:225 msgid "Authentication is required for halting the system." msgstr "Authentification requise pour arrêter le système." -#: ../src/login/org.freedesktop.login1.policy.in.h:41 +#: src/login/org.freedesktop.login1.policy.in:235 msgid "Halt the system while other users are logged in" -msgstr "" -"Arrêter le système alors que d'autres utilisateurs sont connectés" +msgstr "Arrêter le système alors que d'autres utilisateurs sont connectés" -#: ../src/login/org.freedesktop.login1.policy.in.h:42 +#: src/login/org.freedesktop.login1.policy.in:236 msgid "" "Authentication is required for halting the system while other users are " "logged in." @@ -380,33 +379,32 @@ msgstr "" "Authentification requise pour arrêter le système alors que d'autres " "utilisateurs sont connectés." -#: ../src/login/org.freedesktop.login1.policy.in.h:43 +#: src/login/org.freedesktop.login1.policy.in:246 msgid "Halt the system while an application asked to inhibit it" -msgstr "" -"Arrêter le système alors qu'une application a demandé de l'empêcher" +msgstr "Arrêter le système alors qu'une application a demandé de l'empêcher" -#: ../src/login/org.freedesktop.login1.policy.in.h:44 +#: src/login/org.freedesktop.login1.policy.in:247 msgid "" -"Authentication is required for halting the system while an application " -"asked to inhibit it." +"Authentication is required for halting the system while an application asked " +"to inhibit it." msgstr "" -"Authentification requise pour arrêter le système alors qu'une " -"application a demandé de l'empêcher." +"Authentification requise pour arrêter le système alors qu'une application a " +"demandé de l'empêcher." -#: ../src/login/org.freedesktop.login1.policy.in.h:45 +#: src/login/org.freedesktop.login1.policy.in:257 msgid "Suspend the system" msgstr "Mettre le système en veille" -#: ../src/login/org.freedesktop.login1.policy.in.h:46 +#: src/login/org.freedesktop.login1.policy.in:258 msgid "Authentication is required for suspending the system." msgstr "Authentification requise pour mettre le système en veille." -#: ../src/login/org.freedesktop.login1.policy.in.h:47 +#: src/login/org.freedesktop.login1.policy.in:267 msgid "Suspend the system while other users are logged in" msgstr "" "Mettre le système en veille alors que d'autres utilisateurs sont connectés" -#: ../src/login/org.freedesktop.login1.policy.in.h:48 +#: src/login/org.freedesktop.login1.policy.in:268 msgid "" "Authentication is required for suspending the system while other users are " "logged in." @@ -414,12 +412,12 @@ msgstr "" "Authentification requise pour mettre le système en veille alors que d'autres " "utilisateurs sont connectés." -#: ../src/login/org.freedesktop.login1.policy.in.h:49 +#: src/login/org.freedesktop.login1.policy.in:278 msgid "Suspend the system while an application asked to inhibit it" msgstr "" "Mettre le système en veille alors qu'une application a demandé de l'empêcher" -#: ../src/login/org.freedesktop.login1.policy.in.h:50 +#: src/login/org.freedesktop.login1.policy.in:279 msgid "" "Authentication is required for suspending the system while an application " "asked to inhibit it." @@ -427,21 +425,21 @@ msgstr "" "Authentification requise pour mettre le système en veille alors qu'une " "application a demandé de l'empêcher." -#: ../src/login/org.freedesktop.login1.policy.in.h:51 +#: src/login/org.freedesktop.login1.policy.in:289 msgid "Hibernate the system" msgstr "Mettre le système en hibernation" -#: ../src/login/org.freedesktop.login1.policy.in.h:52 +#: src/login/org.freedesktop.login1.policy.in:290 msgid "Authentication is required for hibernating the system." msgstr "Authentification requise pour mettre le système en hibernation." -#: ../src/login/org.freedesktop.login1.policy.in.h:53 +#: src/login/org.freedesktop.login1.policy.in:299 msgid "Hibernate the system while other users are logged in" msgstr "" "Mettre le système en hibernation alors que d'autres utilisateurs sont " "connectés" -#: ../src/login/org.freedesktop.login1.policy.in.h:54 +#: src/login/org.freedesktop.login1.policy.in:300 msgid "" "Authentication is required for hibernating the system while other users are " "logged in." @@ -449,13 +447,13 @@ msgstr "" "Authentification requise pour mettre le système en hibernation alors que " "d'autres utilisateurs sont connectés." -#: ../src/login/org.freedesktop.login1.policy.in.h:55 +#: src/login/org.freedesktop.login1.policy.in:310 msgid "Hibernate the system while an application asked to inhibit it" msgstr "" "Mettre le système en hibernation alors qu'une application a demandé de " "l'empêcher" -#: ../src/login/org.freedesktop.login1.policy.in.h:56 +#: src/login/org.freedesktop.login1.policy.in:311 msgid "" "Authentication is required for hibernating the system while an application " "asked to inhibit it." @@ -463,34 +461,34 @@ msgstr "" "Authentification requise pour mettre le système en hibernation alors qu'une " "application a demandé de l'empêcher." -#: ../src/login/org.freedesktop.login1.policy.in.h:57 +#: src/login/org.freedesktop.login1.policy.in:321 msgid "Manage active sessions, users and seats" msgstr "Gérer les sessions actives, les utilisateurs et les postes (seats)" -#: ../src/login/org.freedesktop.login1.policy.in.h:58 +#: src/login/org.freedesktop.login1.policy.in:322 msgid "" "Authentication is required for managing active sessions, users and seats." msgstr "" "Authentification requise pour gérer les sessions actives, les utilisateurs " "et les postes (seats)." -#: ../src/login/org.freedesktop.login1.policy.in.h:59 +#: src/login/org.freedesktop.login1.policy.in:331 msgid "Lock or unlock active sessions" msgstr "Verrouiller ou déverrouiller des sessions actives" -#: ../src/login/org.freedesktop.login1.policy.in.h:60 +#: src/login/org.freedesktop.login1.policy.in:332 msgid "Authentication is required to lock or unlock active sessions." msgstr "" "Authentification requise pour verrouiller ou déverrouiller des sessions " "actives." -#: ../src/login/org.freedesktop.login1.policy.in.h:61 +#: src/login/org.freedesktop.login1.policy.in:341 msgid "Allow indication to the firmware to boot to setup interface" msgstr "" "Permet d'indiquer au micrologiciel de démarrer sur l'interface de " "configuration" -#: ../src/login/org.freedesktop.login1.policy.in.h:62 +#: src/login/org.freedesktop.login1.policy.in:342 msgid "" "Authentication is required to indicate to the firmware to boot to setup " "interface." @@ -498,86 +496,86 @@ msgstr "" "Authentification requise pour indiquer au micrologiciel de démarrer sur " "l'interface de configuration." -#: ../src/login/org.freedesktop.login1.policy.in.h:63 +#: src/login/org.freedesktop.login1.policy.in:351 msgid "Set a wall message" msgstr "Définir un message wall" -#: ../src/login/org.freedesktop.login1.policy.in.h:64 +#: src/login/org.freedesktop.login1.policy.in:352 msgid "Authentication is required to set a wall message" msgstr "Authentification requise pour définir un message wall." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:1 +#: src/machine/org.freedesktop.machine1.policy.in:22 msgid "Log into a local container" msgstr "Connexion dans un conteneur local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:2 +#: src/machine/org.freedesktop.machine1.policy.in:23 msgid "Authentication is required to log into a local container." msgstr "" "Authentification requise pour permettre la connexion dans un conteneur local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:3 +#: src/machine/org.freedesktop.machine1.policy.in:32 msgid "Log into the local host" msgstr "Connexion à l'hôte local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:4 +#: src/machine/org.freedesktop.machine1.policy.in:33 msgid "Authentication is required to log into the local host." msgstr "Authentification requise pour permettre la connexion à l'hôte local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:5 +#: src/machine/org.freedesktop.machine1.policy.in:42 msgid "Acquire a shell in a local container" msgstr "Obtenir une interface système dans un conteneur local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:6 +#: src/machine/org.freedesktop.machine1.policy.in:43 msgid "Authentication is required to acquire a shell in a local container." msgstr "" "Authentification requise pour obtenir une interface système dans un " "conteneur local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:7 +#: src/machine/org.freedesktop.machine1.policy.in:53 msgid "Acquire a shell on the local host" msgstr "Obtenir une interface système sur l'hôte local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:8 +#: src/machine/org.freedesktop.machine1.policy.in:54 msgid "Authentication is required to acquire a shell on the local host." msgstr "" "Authentification requise pour obtenir une interface système sur l'hôte local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:9 +#: src/machine/org.freedesktop.machine1.policy.in:64 msgid "Acquire a pseudo TTY in a local container" msgstr "Obtenir un pseudo terminal dans un conteneur local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:10 +#: src/machine/org.freedesktop.machine1.policy.in:65 msgid "" "Authentication is required to acquire a pseudo TTY in a local container." msgstr "" "Authentification requise pour obtenir un pseudo terminal dans un conteneur " "local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:11 +#: src/machine/org.freedesktop.machine1.policy.in:74 msgid "Acquire a pseudo TTY on the local host" msgstr "Obtenir un pseudo terminal sur l'hôte local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:12 +#: src/machine/org.freedesktop.machine1.policy.in:75 msgid "Authentication is required to acquire a pseudo TTY on the local host." msgstr "" "Authentification requise pour obtenir un pseudo terminal sur l'hôte local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:13 +#: src/machine/org.freedesktop.machine1.policy.in:84 msgid "Manage local virtual machines and containers" msgstr "Gérer les machines virtuelles (VM) et conteneurs locaux" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:14 +#: src/machine/org.freedesktop.machine1.policy.in:85 msgid "" "Authentication is required to manage local virtual machines and containers." msgstr "" "Authentification requise pour gérer les machines virtuelles (VM) et les " "conteneurs locaux." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:15 +#: src/machine/org.freedesktop.machine1.policy.in:95 msgid "Manage local virtual machine and container images" msgstr "Gérer les images locales de machines virtuelles (VM) et de conteneurs" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:16 +#: src/machine/org.freedesktop.machine1.policy.in:96 msgid "" "Authentication is required to manage local virtual machine and container " "images." @@ -585,29 +583,45 @@ msgstr "" "Authentification requise pour gérer les images locales de machines " "virtuelles (VM) et de conteneurs." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:1 +#: src/resolve/org.freedesktop.resolve1.policy.in:22 +msgid "Register a DNS-SD service" +msgstr "Enregistrer un service DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy.in:23 +msgid "Authentication is required to register a DNS-SD service" +msgstr "Authentification requise pour enregistrer un service DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy.in:33 +msgid "Unregister a DNS-SD service" +msgstr "Retirer un service DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy.in:34 +msgid "Authentication is required to unregister a DNS-SD service" +msgstr "Authentification requise pour retirer un service DNS-SD" + +#: src/timedate/org.freedesktop.timedate1.policy.in:22 msgid "Set system time" msgstr "Définir l'heure du système" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:2 +#: src/timedate/org.freedesktop.timedate1.policy.in:23 msgid "Authentication is required to set the system time." msgstr "Authentification requise pour définir l'heure du système." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:3 +#: src/timedate/org.freedesktop.timedate1.policy.in:33 msgid "Set system timezone" msgstr "Définir le fuseau horaire du système" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:4 +#: src/timedate/org.freedesktop.timedate1.policy.in:34 msgid "Authentication is required to set the system timezone." msgstr "Authentification requise pour définir le fuseau horaire du système." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:5 +#: src/timedate/org.freedesktop.timedate1.policy.in:43 msgid "Set RTC to local timezone or UTC" msgstr "" "Positionner l'horloge matérielle à l'heure locale ou sur le temps universel " "coordonné (UTC)" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:6 +#: src/timedate/org.freedesktop.timedate1.policy.in:44 msgid "" "Authentication is required to control whether the RTC stores the local or " "UTC time." @@ -615,11 +629,11 @@ msgstr "" "Authentification requise pour positionner l'horloge matérielle à l'heure " "locale ou sur le temps universel coordonné (UTC)." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:7 +#: src/timedate/org.freedesktop.timedate1.policy.in:54 msgid "Turn network time synchronization on or off" msgstr "Activer ou désactiver la synchronisation de l'heure avec le réseau" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:8 +#: src/timedate/org.freedesktop.timedate1.policy.in:55 msgid "" "Authentication is required to control whether network time synchronization " "shall be enabled." @@ -627,33 +641,33 @@ msgstr "" "Authentification requise pour activer ou désactiver la synchronisation de " "l'heure avec le réseau." -#: ../src/core/dbus-unit.c:458 +#: src/core/dbus-unit.c:496 msgid "Authentication is required to start '$(unit)'." msgstr "Authentification requise pour démarrer « $(unit) »." -#: ../src/core/dbus-unit.c:459 +#: src/core/dbus-unit.c:497 msgid "Authentication is required to stop '$(unit)'." msgstr "Authentification requise pour arrêter « $(unit) »." -#: ../src/core/dbus-unit.c:460 +#: src/core/dbus-unit.c:498 msgid "Authentication is required to reload '$(unit)'." msgstr "Authentification requise pour recharger « $(unit) »." -#: ../src/core/dbus-unit.c:461 ../src/core/dbus-unit.c:462 +#: src/core/dbus-unit.c:499 src/core/dbus-unit.c:500 msgid "Authentication is required to restart '$(unit)'." msgstr "Authentification requise pour redémarrer « $(unit) »." -#: ../src/core/dbus-unit.c:569 +#: src/core/dbus-unit.c:607 msgid "Authentication is required to kill '$(unit)'." msgstr "Authentification requise pour tuer « $(unit) »." -#: ../src/core/dbus-unit.c:600 +#: src/core/dbus-unit.c:638 msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." msgstr "" "Authentification requise pour réinitialiser l'état d'« échec » de " "« $(unit) »." -#: ../src/core/dbus-unit.c:633 +#: src/core/dbus-unit.c:671 msgid "Authentication is required to set properties on '$(unit)'." msgstr "Authentification requise pour définir des propriétés de « $(unit) »." @@ -9,49 +9,49 @@ msgid "" msgstr "" "Project-Id-Version: systemd master\n" "Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n" -"POT-Creation-Date: 2016-04-23 02:33+0000\n" -"PO-Revision-Date: 2016-06-28 13:18+0700\n" -"Last-Translator: Andika Triwidada <andika@gmail.com>\n" +"POT-Creation-Date: 2018-03-04 11:09+0700\n" +"PO-Revision-Date: 2018-03-04 11:12+0700\n" +"Last-Translator: Andika Triwidada <atriwidada@gnome.org>\n" "Language-Team: Indonesian <gnome-l10n-id@googlegroups.com>\n" "Language: id\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: Poedit 1.8.8\n" +"X-Generator: Poedit 1.8.11\n" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:1 +#: src/core/org.freedesktop.systemd1.policy.in:22 msgid "Send passphrase back to system" msgstr "Kirim frasa sandi kembali ke sistem" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:2 +#: src/core/org.freedesktop.systemd1.policy.in:23 msgid "" "Authentication is required to send the entered passphrase back to the system." msgstr "" "Otentikasi diperlukan untuk mengirim frasa sandi yang dimasukkan kembali ke " "sistem." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:3 +#: src/core/org.freedesktop.systemd1.policy.in:33 msgid "Manage system services or other units" msgstr "Kelola layanan sistem atau unit lainnya" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:4 +#: src/core/org.freedesktop.systemd1.policy.in:34 msgid "Authentication is required to manage system services or other units." msgstr "" "Otentikasi diperlukan untuk mengelola layanan sistem atau unit lainnya." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:5 +#: src/core/org.freedesktop.systemd1.policy.in:43 msgid "Manage system service or unit files" msgstr "Kelola layanan sistem atau berkas unit" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:6 +#: src/core/org.freedesktop.systemd1.policy.in:44 msgid "Authentication is required to manage system service or unit files." msgstr "Otentikasi diperlukan untuk mengelola layanan sistem atau berkas unit." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:7 +#: src/core/org.freedesktop.systemd1.policy.in:53 msgid "Set or unset system and service manager environment variables" msgstr "Atur atau hapus variabel lingkungan manajer layanan dan sistem" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:8 +#: src/core/org.freedesktop.systemd1.policy.in:54 msgid "" "Authentication is required to set or unset system and service manager " "environment variables." @@ -59,27 +59,27 @@ msgstr "" "Otentikasi diperlukan untuk menata atau menghapus variabel lingkungan " "manajer layanan dan sistem." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:9 +#: src/core/org.freedesktop.systemd1.policy.in:63 msgid "Reload the systemd state" msgstr "Muat ulang keadaan systemd" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:10 +#: src/core/org.freedesktop.systemd1.policy.in:64 msgid "Authentication is required to reload the systemd state." msgstr "Otentikasi diperlukan untuk memuat ulang keadaan systemd." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:1 +#: src/hostname/org.freedesktop.hostname1.policy:22 msgid "Set host name" msgstr "Setel nama host" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:2 +#: src/hostname/org.freedesktop.hostname1.policy:23 msgid "Authentication is required to set the local host name." msgstr "Otentikasi diperlukan untuk menata nama host lokal." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:3 +#: src/hostname/org.freedesktop.hostname1.policy:32 msgid "Set static host name" msgstr "Setel nama host statik" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:4 +#: src/hostname/org.freedesktop.hostname1.policy:33 msgid "" "Authentication is required to set the statically configured local host name, " "as well as the pretty host name." @@ -87,105 +87,105 @@ msgstr "" "Otentikasi diperlukan untuk menata nama host lokal yang dikonfigurasi " "statik, maupun nama host cantik." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:5 +#: src/hostname/org.freedesktop.hostname1.policy:43 msgid "Set machine information" msgstr "Setel informasi mesin" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:6 +#: src/hostname/org.freedesktop.hostname1.policy:44 msgid "Authentication is required to set local machine information." msgstr "Otentikasi diperlukan untuk menata informasi mesin lokal." -#: ../src/import/org.freedesktop.import1.policy.in.h:1 +#: src/import/org.freedesktop.import1.policy:22 msgid "Import a VM or container image" msgstr "Impor sebuah image kontainer atau VM" -#: ../src/import/org.freedesktop.import1.policy.in.h:2 +#: src/import/org.freedesktop.import1.policy:23 msgid "Authentication is required to import a VM or container image" msgstr "Otentikasi diperlukan untuk mengimpor suatu image kontainer atau VM" -#: ../src/import/org.freedesktop.import1.policy.in.h:3 +#: src/import/org.freedesktop.import1.policy:32 msgid "Export a VM or container image" msgstr "Ekspor sebuah image kontainer atau VM" -#: ../src/import/org.freedesktop.import1.policy.in.h:4 +#: src/import/org.freedesktop.import1.policy:33 msgid "Authentication is required to export a VM or container image" msgstr "Otentikasi diperlukan untuk mengekspor suatu image kontainer atau VM" -#: ../src/import/org.freedesktop.import1.policy.in.h:5 +#: src/import/org.freedesktop.import1.policy:42 msgid "Download a VM or container image" msgstr "Unduh sebuah image kontainer atau VM" -#: ../src/import/org.freedesktop.import1.policy.in.h:6 +#: src/import/org.freedesktop.import1.policy:43 msgid "Authentication is required to download a VM or container image" msgstr "Otentikasi diperlukan untuk mengunduh suatu image kontainer atau VM" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:1 +#: src/locale/org.freedesktop.locale1.policy:22 msgid "Set system locale" msgstr "Setel locale sistem" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:2 +#: src/locale/org.freedesktop.locale1.policy:23 msgid "Authentication is required to set the system locale." msgstr "Otentikasi diperlukan untuk menyetel locale sistem." -#: ../src/locale/org.freedesktop.locale1.policy.in.h:3 +#: src/locale/org.freedesktop.locale1.policy:33 msgid "Set system keyboard settings" msgstr "Setel pengaturan papan tik sistem" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:4 +#: src/locale/org.freedesktop.locale1.policy:34 msgid "Authentication is required to set the system keyboard settings." msgstr "Otentikasi diperlukan untuk menyetel pengaturan papan tik sistem." -#: ../src/login/org.freedesktop.login1.policy.in.h:1 +#: src/login/org.freedesktop.login1.policy:22 msgid "Allow applications to inhibit system shutdown" msgstr "Ijinkan aplikasi untuk mencegah shutdown sistem" -#: ../src/login/org.freedesktop.login1.policy.in.h:2 +#: src/login/org.freedesktop.login1.policy:23 msgid "" "Authentication is required for an application to inhibit system shutdown." msgstr "" "Otentikasi diperlukan bagi suatu aplikasi untuk mencegah shutdown sistem." -#: ../src/login/org.freedesktop.login1.policy.in.h:3 +#: src/login/org.freedesktop.login1.policy:33 msgid "Allow applications to delay system shutdown" msgstr "Ijinkan aplikasi untuk menunda shutdown sistem" -#: ../src/login/org.freedesktop.login1.policy.in.h:4 +#: src/login/org.freedesktop.login1.policy:34 msgid "Authentication is required for an application to delay system shutdown." msgstr "" "Otentikasi diperlukan bagi suatu aplikasi untuk menunda shutdown sistem." -#: ../src/login/org.freedesktop.login1.policy.in.h:5 +#: src/login/org.freedesktop.login1.policy:44 msgid "Allow applications to inhibit system sleep" msgstr "Ijinkan aplikasi untuk mencegah tidur sistem" -#: ../src/login/org.freedesktop.login1.policy.in.h:6 +#: src/login/org.freedesktop.login1.policy:45 msgid "Authentication is required for an application to inhibit system sleep." msgstr "Otentikasi diperlukan bagi suatu aplikasi untuk menunda tidur sistem." -#: ../src/login/org.freedesktop.login1.policy.in.h:7 +#: src/login/org.freedesktop.login1.policy:55 msgid "Allow applications to delay system sleep" msgstr "Ijinkan aplikasi untuk menunda tidur sistem" -#: ../src/login/org.freedesktop.login1.policy.in.h:8 +#: src/login/org.freedesktop.login1.policy:56 msgid "Authentication is required for an application to delay system sleep." msgstr "Otentikasi diperlukan bagi suatu aplikasi untuk menunda tidur sistem." -#: ../src/login/org.freedesktop.login1.policy.in.h:9 +#: src/login/org.freedesktop.login1.policy:65 msgid "Allow applications to inhibit automatic system suspend" msgstr "Ijinkan aplikasi mencegah suspensi sistem otomatis" -#: ../src/login/org.freedesktop.login1.policy.in.h:10 +#: src/login/org.freedesktop.login1.policy:66 msgid "" "Authentication is required for an application to inhibit automatic system " "suspend." msgstr "" "Otentikasi diperlukan bagi suatu aplikasi untuk mencegah suspensi sistem." -#: ../src/login/org.freedesktop.login1.policy.in.h:11 +#: src/login/org.freedesktop.login1.policy:75 msgid "Allow applications to inhibit system handling of the power key" msgstr "Ijinkan aplikasi mencegah penanganan sistem atas tombol daya" -#: ../src/login/org.freedesktop.login1.policy.in.h:12 +#: src/login/org.freedesktop.login1.policy:76 msgid "" "Authentication is required for an application to inhibit system handling of " "the power key." @@ -193,11 +193,11 @@ msgstr "" "Otentikasi diperlukan bagi suatu aplikasi untuk mencegah penanganan sistem " "atas tombol daya." -#: ../src/login/org.freedesktop.login1.policy.in.h:13 +#: src/login/org.freedesktop.login1.policy:86 msgid "Allow applications to inhibit system handling of the suspend key" msgstr "Ijinkan aplikasi mencegah penanganan sistem atas tombol suspensi" -#: ../src/login/org.freedesktop.login1.policy.in.h:14 +#: src/login/org.freedesktop.login1.policy:87 msgid "" "Authentication is required for an application to inhibit system handling of " "the suspend key." @@ -205,11 +205,11 @@ msgstr "" "Otentikasi diperlukan bagi suatu aplikasi untuk mencegah penanganan sistem " "atas tombol suspensi." -#: ../src/login/org.freedesktop.login1.policy.in.h:15 +#: src/login/org.freedesktop.login1.policy:97 msgid "Allow applications to inhibit system handling of the hibernate key" msgstr "Ijinkan aplikasi mencegah penanganan sistem atas tombol hibernasi" -#: ../src/login/org.freedesktop.login1.policy.in.h:16 +#: src/login/org.freedesktop.login1.policy:98 msgid "" "Authentication is required for an application to inhibit system handling of " "the hibernate key." @@ -217,11 +217,11 @@ msgstr "" "Otentikasi diperlukan bagi suatu aplikasi untuk mencegah penanganan sistem " "dari tombol hibernasi." -#: ../src/login/org.freedesktop.login1.policy.in.h:17 +#: src/login/org.freedesktop.login1.policy:107 msgid "Allow applications to inhibit system handling of the lid switch" msgstr "Ijinkan aplikasi mencegah penanganan sistem atas saklar lid" -#: ../src/login/org.freedesktop.login1.policy.in.h:18 +#: src/login/org.freedesktop.login1.policy:108 msgid "" "Authentication is required for an application to inhibit system handling of " "the lid switch." @@ -229,57 +229,57 @@ msgstr "" "Otentikasi diperlukan bagi suatu aplikasi untuk mencegah penanganan sistem " "atas saklar lid." -#: ../src/login/org.freedesktop.login1.policy.in.h:19 +#: src/login/org.freedesktop.login1.policy:117 msgid "Allow non-logged-in user to run programs" msgstr "Ijinkan pengguna yang tidak log masuk menjalankan program" -#: ../src/login/org.freedesktop.login1.policy.in.h:20 +#: src/login/org.freedesktop.login1.policy:118 msgid "Explicit request is required to run programs as a non-logged-in user." msgstr "" "Permintaan eksplisit diperlukan untuk menjalankan program sebagai pengguna " "yang tidak log masuk." -#: ../src/login/org.freedesktop.login1.policy.in.h:21 +#: src/login/org.freedesktop.login1.policy:127 msgid "Allow non-logged-in users to run programs" msgstr "Ijinkan pengguna yang tidak log masuk menjalankan program" -#: ../src/login/org.freedesktop.login1.policy.in.h:22 +#: src/login/org.freedesktop.login1.policy:128 msgid "Authentication is required to run programs as a non-logged-in user." msgstr "" "Otentikasi diperlukan untuk menjalankan program sebagai pengguna yang tidak " "log masuk." -#: ../src/login/org.freedesktop.login1.policy.in.h:23 +#: src/login/org.freedesktop.login1.policy:137 msgid "Allow attaching devices to seats" msgstr "Ijinkan mencantolkan perangkat ke seat" -#: ../src/login/org.freedesktop.login1.policy.in.h:24 +#: src/login/org.freedesktop.login1.policy:138 msgid "Authentication is required for attaching a device to a seat." msgstr "Otentikasi diperlukan untuk mencantol suatu perangkat ke sebuah seat." -#: ../src/login/org.freedesktop.login1.policy.in.h:25 +#: src/login/org.freedesktop.login1.policy:148 msgid "Flush device to seat attachments" msgstr "Siram perangkat untuk mendudukkan lampiran" -#: ../src/login/org.freedesktop.login1.policy.in.h:26 +#: src/login/org.freedesktop.login1.policy:149 msgid "" "Authentication is required for resetting how devices are attached to seats." msgstr "" "Otentikasi diperlukan untuk me-reset bagaimana perangkat dicantolkan ke seat." -#: ../src/login/org.freedesktop.login1.policy.in.h:27 +#: src/login/org.freedesktop.login1.policy:158 msgid "Power off the system" msgstr "Matikan daya sistem" -#: ../src/login/org.freedesktop.login1.policy.in.h:28 +#: src/login/org.freedesktop.login1.policy:159 msgid "Authentication is required for powering off the system." msgstr "Otentikasi diperlukan untuk mematikan daya sistem." -#: ../src/login/org.freedesktop.login1.policy.in.h:29 +#: src/login/org.freedesktop.login1.policy:169 msgid "Power off the system while other users are logged in" msgstr "Matikan daya sistem ketika pengguna lain sedang log masuk" -#: ../src/login/org.freedesktop.login1.policy.in.h:30 +#: src/login/org.freedesktop.login1.policy:170 msgid "" "Authentication is required for powering off the system while other users are " "logged in." @@ -287,11 +287,11 @@ msgstr "" "Otentikasi diperlukan untuk mematikan daya sistem ketika pengguna lain " "sedang log masuk." -#: ../src/login/org.freedesktop.login1.policy.in.h:31 +#: src/login/org.freedesktop.login1.policy:180 msgid "Power off the system while an application asked to inhibit it" msgstr "Matikan daya sistem ketika sebuah aplikasi meminta untuk mencegahnya" -#: ../src/login/org.freedesktop.login1.policy.in.h:32 +#: src/login/org.freedesktop.login1.policy:181 msgid "" "Authentication is required for powering off the system while an application " "asked to inhibit it." @@ -299,19 +299,19 @@ msgstr "" "Otentikasi diperlukan untuk mematikan daya sistem ketika sebuah aplikasi " "meminta untuk mencegahnya." -#: ../src/login/org.freedesktop.login1.policy.in.h:33 +#: src/login/org.freedesktop.login1.policy:191 msgid "Reboot the system" msgstr "Boot ulang sistem" -#: ../src/login/org.freedesktop.login1.policy.in.h:34 +#: src/login/org.freedesktop.login1.policy:192 msgid "Authentication is required for rebooting the system." msgstr "Otentikasi diperlukan untuk mem-boot ulang sistem." -#: ../src/login/org.freedesktop.login1.policy.in.h:35 +#: src/login/org.freedesktop.login1.policy:202 msgid "Reboot the system while other users are logged in" msgstr "Boot ulang sistem ketika pengguna lain sedang log masuk" -#: ../src/login/org.freedesktop.login1.policy.in.h:36 +#: src/login/org.freedesktop.login1.policy:203 msgid "" "Authentication is required for rebooting the system while other users are " "logged in." @@ -319,11 +319,11 @@ msgstr "" "Otentikasi diperlukan untuk mem-boot ulang sistem ketika pengguna lain " "sedang log masuk." -#: ../src/login/org.freedesktop.login1.policy.in.h:37 +#: src/login/org.freedesktop.login1.policy:213 msgid "Reboot the system while an application asked to inhibit it" msgstr "Boot ulang sistem ketika sebuah aplikasi meminta untuk mencegahnya" -#: ../src/login/org.freedesktop.login1.policy.in.h:38 +#: src/login/org.freedesktop.login1.policy:214 msgid "" "Authentication is required for rebooting the system while an application " "asked to inhibit it." @@ -331,19 +331,51 @@ msgstr "" "Otentikasi diperlukan untuk mem-boot ulang sistem ketika sebuah aplikasi " "meminta untuk mencegahnya." -#: ../src/login/org.freedesktop.login1.policy.in.h:39 +#: src/login/org.freedesktop.login1.policy:224 +msgid "Halt the system" +msgstr "Halt sistem" + +#: src/login/org.freedesktop.login1.policy:225 +msgid "Authentication is required for halting the system." +msgstr "Otentikasi diperlukan untuk meng-halt sistem." + +#: src/login/org.freedesktop.login1.policy:235 +msgid "Halt the system while other users are logged in" +msgstr "Halt sistem ketika pengguna lain sedang log masuk" + +#: src/login/org.freedesktop.login1.policy:236 +msgid "" +"Authentication is required for halting the system while other users are " +"logged in." +msgstr "" +"Otentikasi diperlukan untuk meng-halt sistem ketika pengguna lain sedang log " +"masuk." + +#: src/login/org.freedesktop.login1.policy:246 +msgid "Halt the system while an application asked to inhibit it" +msgstr "Halt sistem ketika sebuah aplikasi meminta untuk mencegahnya" + +#: src/login/org.freedesktop.login1.policy:247 +msgid "" +"Authentication is required for halting the system while an application asked " +"to inhibit it." +msgstr "" +"Otentikasi diperlukan untuk meng-halt sistem ketika sebuah aplikasi meminta " +"untuk mencegahnya." + +#: src/login/org.freedesktop.login1.policy:257 msgid "Suspend the system" msgstr "Suspensikan sistem" -#: ../src/login/org.freedesktop.login1.policy.in.h:40 +#: src/login/org.freedesktop.login1.policy:258 msgid "Authentication is required for suspending the system." msgstr "Otentikasi diperlukan untuk mensuspensi sistem." -#: ../src/login/org.freedesktop.login1.policy.in.h:41 +#: src/login/org.freedesktop.login1.policy:267 msgid "Suspend the system while other users are logged in" msgstr "Suspensikan sistem ketika pengguna lain sedang log masuk" -#: ../src/login/org.freedesktop.login1.policy.in.h:42 +#: src/login/org.freedesktop.login1.policy:268 msgid "" "Authentication is required for suspending the system while other users are " "logged in." @@ -351,11 +383,11 @@ msgstr "" "Otentikasi diperlukan untuk mensuspensi sistem ketika pengguna lain sedang " "log masuk." -#: ../src/login/org.freedesktop.login1.policy.in.h:43 +#: src/login/org.freedesktop.login1.policy:278 msgid "Suspend the system while an application asked to inhibit it" msgstr "Suspensikan sistem ketika sebuah aplikasi meminta untuk mencegahnya" -#: ../src/login/org.freedesktop.login1.policy.in.h:44 +#: src/login/org.freedesktop.login1.policy:279 msgid "" "Authentication is required for suspending the system while an application " "asked to inhibit it." @@ -363,19 +395,19 @@ msgstr "" "Otentikasi diperlukan untuk mensuspensi sistem ketika suatu aplikasi meminta " "untuk mencegahnya." -#: ../src/login/org.freedesktop.login1.policy.in.h:45 +#: src/login/org.freedesktop.login1.policy:289 msgid "Hibernate the system" msgstr "Hibernasikan sistem" -#: ../src/login/org.freedesktop.login1.policy.in.h:46 +#: src/login/org.freedesktop.login1.policy:290 msgid "Authentication is required for hibernating the system." msgstr "Otentikasi diperlukan untuk menghibernasi sistem." -#: ../src/login/org.freedesktop.login1.policy.in.h:47 +#: src/login/org.freedesktop.login1.policy:299 msgid "Hibernate the system while other users are logged in" msgstr "Hibernasikan sistem ketika pengguna lain sedang log masuk." -#: ../src/login/org.freedesktop.login1.policy.in.h:48 +#: src/login/org.freedesktop.login1.policy:300 msgid "" "Authentication is required for hibernating the system while other users are " "logged in." @@ -383,11 +415,11 @@ msgstr "" "Otentikasi diperlukan untuk menghibernasi sistem ketika pengguna lain sedang " "log masuk." -#: ../src/login/org.freedesktop.login1.policy.in.h:49 +#: src/login/org.freedesktop.login1.policy:310 msgid "Hibernate the system while an application asked to inhibit it" msgstr "Hibernasikan sistem ketika sebuah aplikasi meminta untuk mencegahnya." -#: ../src/login/org.freedesktop.login1.policy.in.h:50 +#: src/login/org.freedesktop.login1.policy:311 msgid "" "Authentication is required for hibernating the system while an application " "asked to inhibit it." @@ -395,28 +427,28 @@ msgstr "" "Otentikasi diperlukan untuk menghibernasi sistem ketika sebuah aplikasi " "meminta mencegahnya." -#: ../src/login/org.freedesktop.login1.policy.in.h:51 +#: src/login/org.freedesktop.login1.policy:321 msgid "Manage active sessions, users and seats" msgstr "Kelola seat, pengguna, dan sesi aktif" -#: ../src/login/org.freedesktop.login1.policy.in.h:52 +#: src/login/org.freedesktop.login1.policy:322 msgid "" "Authentication is required for managing active sessions, users and seats." msgstr "Otentikasi diperlukan untuk mengelola seat, pengguna, dan sesi aktif." -#: ../src/login/org.freedesktop.login1.policy.in.h:53 +#: src/login/org.freedesktop.login1.policy:331 msgid "Lock or unlock active sessions" msgstr "Kunci/buka kunci sesi aktif" -#: ../src/login/org.freedesktop.login1.policy.in.h:54 +#: src/login/org.freedesktop.login1.policy:332 msgid "Authentication is required to lock or unlock active sessions." msgstr "Otentikasi diperlukan untuk mengunci atau membuka kunci sesi aktif." -#: ../src/login/org.freedesktop.login1.policy.in.h:55 +#: src/login/org.freedesktop.login1.policy:341 msgid "Allow indication to the firmware to boot to setup interface" msgstr "Ijinkan indikasi ke firmware untuk boot ke antar muka penyiapan" -#: ../src/login/org.freedesktop.login1.policy.in.h:56 +#: src/login/org.freedesktop.login1.policy:342 msgid "" "Authentication is required to indicate to the firmware to boot to setup " "interface." @@ -424,83 +456,83 @@ msgstr "" "Otentikasi diperlukan untuk mengindikasikan ke firmware agar boot ke " "antarmuka penyiapan." -#: ../src/login/org.freedesktop.login1.policy.in.h:57 +#: src/login/org.freedesktop.login1.policy:351 msgid "Set a wall message" msgstr "Setel suatu pesan wall" -#: ../src/login/org.freedesktop.login1.policy.in.h:58 +#: src/login/org.freedesktop.login1.policy:352 msgid "Authentication is required to set a wall message" msgstr "Otentikasi diperlukan untuk menyetel pesan wall" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:1 +#: src/machine/org.freedesktop.machine1.policy:22 msgid "Log into a local container" msgstr "Log masuk ke dalam suatu kontainer lokal" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:2 +#: src/machine/org.freedesktop.machine1.policy:23 msgid "Authentication is required to log into a local container." msgstr "Otentikasi diperlukan untuk log masuk ke dalam suatu kontainer lokal." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:3 +#: src/machine/org.freedesktop.machine1.policy:32 msgid "Log into the local host" msgstr "Log masuk ke dalam host lokal" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:4 +#: src/machine/org.freedesktop.machine1.policy:33 msgid "Authentication is required to log into the local host." msgstr "Otentikasi diperlukan untuk log masuk ke dalam host lokal." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:5 +#: src/machine/org.freedesktop.machine1.policy:42 msgid "Acquire a shell in a local container" msgstr "Dapatkan sebuah shell dalam kontainer lokal" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:6 +#: src/machine/org.freedesktop.machine1.policy:43 msgid "Authentication is required to acquire a shell in a local container." msgstr "" "Otentikasi diperlukan untuk mendapatkan suatu shell dalam sebuah kontainer " "lokal." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:7 +#: src/machine/org.freedesktop.machine1.policy:53 msgid "Acquire a shell on the local host" msgstr "Dapatkan sebuah shell pada host lokal" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:8 +#: src/machine/org.freedesktop.machine1.policy:54 msgid "Authentication is required to acquire a shell on the local host." msgstr "Otentikasi diperlukan untuk mendapatkan suatu shell pada host lokal." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:9 +#: src/machine/org.freedesktop.machine1.policy:64 msgid "Acquire a pseudo TTY in a local container" msgstr "Dapatkan sebuah TTY semu dalam suatu kontainer lokal" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:10 +#: src/machine/org.freedesktop.machine1.policy:65 msgid "" "Authentication is required to acquire a pseudo TTY in a local container." msgstr "" "Otentikasi diperlukan untuk mendapatkan suatu TTY semu dalam sebuah " "kontainer lokal." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:11 +#: src/machine/org.freedesktop.machine1.policy:74 msgid "Acquire a pseudo TTY on the local host" msgstr "Dapatkan sebuah TTY semu pada host lokal" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:12 +#: src/machine/org.freedesktop.machine1.policy:75 msgid "Authentication is required to acquire a pseudo TTY on the local host." msgstr "" "Otentikasi diperlukan untuk mendapatkan suatu TTY semu pada host lokal." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:13 +#: src/machine/org.freedesktop.machine1.policy:84 msgid "Manage local virtual machines and containers" msgstr "Kelola mesin virtual lokal dan kontainer" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:14 +#: src/machine/org.freedesktop.machine1.policy:85 msgid "" "Authentication is required to manage local virtual machines and containers." msgstr "" "Otentikasi diperlukan untuk mengelola mesin virtual lokal dan kontainer." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:15 +#: src/machine/org.freedesktop.machine1.policy:95 msgid "Manage local virtual machine and container images" msgstr "Kelola mesin virtual lokal dan image kontainer" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:16 +#: src/machine/org.freedesktop.machine1.policy:96 msgid "" "Authentication is required to manage local virtual machine and container " "images." @@ -508,27 +540,43 @@ msgstr "" "Otentikasi diperlukan untuk mengelola mesin virtual lokal dan image " "kontainer." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:1 +#: src/resolve/org.freedesktop.resolve1.policy:22 +msgid "Register a DNS-SD service" +msgstr "Daftarkan suatu layanan DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy:23 +msgid "Authentication is required to register a DNS-SD service" +msgstr "Otentikasi diperlukan untuk mendaftarkan suatu layanan DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy:33 +msgid "Unregister a DNS-SD service" +msgstr "Cabut pendaftaran suatu layanan DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy:34 +msgid "Authentication is required to unregister a DNS-SD service" +msgstr "Otentikasi diperlukan untuk mencabut pendaftaran suatu layanan DNS-SD" + +#: src/timedate/org.freedesktop.timedate1.policy:22 msgid "Set system time" msgstr "Setel waktu sistem" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:2 +#: src/timedate/org.freedesktop.timedate1.policy:23 msgid "Authentication is required to set the system time." msgstr "Otentikasi diperlukan untuk menyetel waktu sistem." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:3 +#: src/timedate/org.freedesktop.timedate1.policy:33 msgid "Set system timezone" msgstr "Setel zona waktu sistem" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:4 +#: src/timedate/org.freedesktop.timedate1.policy:34 msgid "Authentication is required to set the system timezone." msgstr "Otentikasi diperlukan untuk menyetel zona waktu sistem." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:5 +#: src/timedate/org.freedesktop.timedate1.policy:43 msgid "Set RTC to local timezone or UTC" msgstr "Atur RTC ke zona waktu lokal atau UTC" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:6 +#: src/timedate/org.freedesktop.timedate1.policy:44 msgid "" "Authentication is required to control whether the RTC stores the local or " "UTC time." @@ -536,11 +584,11 @@ msgstr "" "Otentikasi diperlukan untuk mengendalikan apakah RTC menyimpan waktu UTC " "atau lokal." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:7 +#: src/timedate/org.freedesktop.timedate1.policy:54 msgid "Turn network time synchronization on or off" msgstr "Nyalakan atau matikan penyelarasan waktu jaringan" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:8 +#: src/timedate/org.freedesktop.timedate1.policy:55 msgid "" "Authentication is required to control whether network time synchronization " "shall be enabled." @@ -548,31 +596,31 @@ msgstr "" "Otentikasi diperlukan untuk mengendalikan apakah sinkronisasi waktu jaringan " "mesti difungsikan." -#: ../src/core/dbus-unit.c:450 +#: src/core/dbus-unit.c:496 msgid "Authentication is required to start '$(unit)'." msgstr "Otentikasi diperlukan untuk memulai '$(unit)'." -#: ../src/core/dbus-unit.c:451 +#: src/core/dbus-unit.c:497 msgid "Authentication is required to stop '$(unit)'." msgstr "Otentikasi diperlukan untuk menghentikan '$(unit)'." -#: ../src/core/dbus-unit.c:452 +#: src/core/dbus-unit.c:498 msgid "Authentication is required to reload '$(unit)'." msgstr "Otentikasi diperlukan untuk memuat ulang '$(unit)'." -#: ../src/core/dbus-unit.c:453 ../src/core/dbus-unit.c:454 +#: src/core/dbus-unit.c:499 src/core/dbus-unit.c:500 msgid "Authentication is required to restart '$(unit)'." msgstr "Otentikasi diperlukan untuk memulai ulang '$(unit)'." -#: ../src/core/dbus-unit.c:560 +#: src/core/dbus-unit.c:607 msgid "Authentication is required to kill '$(unit)'." msgstr "Otentikasi diperlukan untuk mematikan '$(unit)'." -#: ../src/core/dbus-unit.c:590 +#: src/core/dbus-unit.c:638 msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." msgstr "" "Otentikasi diperlukan untuk me-reset keadaan \"failed\" dari '$(unit)'." -#: ../src/core/dbus-unit.c:622 +#: src/core/dbus-unit.c:671 msgid "Authentication is required to set properties on '$(unit)'." msgstr "Otentikasi diperlukan untuk menata properti pada '$(unit)'." @@ -1,16 +1,16 @@ # SPDX-License-Identifier: LGPL-2.1+ # -# Italian translations for systemd package +# Italian translation for systemd package # Traduzione in italiano per il pacchetto systemd # This file is distributed under the same license as the systemd package. -# Daniele Medri <dmedri@gmail.com>, 2013-2016. +# Daniele Medri <dmedri@gmail.com>, 2013-2018. # msgid "" msgstr "" "Project-Id-Version: systemd\n" -"Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n" -"POT-Creation-Date: 2016-07-15 13:11+0200\n" -"PO-Revision-Date: 2016-07-20 10:54+0200\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2018-02-23 09:35+0100\n" +"PO-Revision-Date: 2018-02-23 09:45+0100\n" "Last-Translator: Daniele Medri <dmedri@gmail.com>\n" "Language-Team: Italian\n" "Language: it\n" @@ -18,44 +18,44 @@ msgstr "" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Generator: Poedit 1.8.7.1\n" +"X-Generator: Poedit 2.0.3\n" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:1 +#: src/core/org.freedesktop.systemd1.policy.in:22 msgid "Send passphrase back to system" msgstr "Invia la frase segreta (passphrase) al sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:2 +#: src/core/org.freedesktop.systemd1.policy.in:23 msgid "" "Authentication is required to send the entered passphrase back to the system." msgstr "" "Autenticazione richiesta per inviare la frase segreta (passphrase) al " "sistema." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:3 +#: src/core/org.freedesktop.systemd1.policy.in:33 msgid "Manage system services or other units" msgstr "Gestisci i servizi o le altre unità di sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:4 +#: src/core/org.freedesktop.systemd1.policy.in:34 msgid "Authentication is required to manage system services or other units." msgstr "" "Autenticazione richiesta per gestire i servizi o le altre unità di sistema." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:5 +#: src/core/org.freedesktop.systemd1.policy.in:43 msgid "Manage system service or unit files" msgstr "Gestisci i file dei servizi o delle unità di sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:6 +#: src/core/org.freedesktop.systemd1.policy.in:44 msgid "Authentication is required to manage system service or unit files." msgstr "" "Autenticazione richiesta per gestire i file dei servizi o delle unità di " "sistema." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:7 +#: src/core/org.freedesktop.systemd1.policy.in:53 msgid "Set or unset system and service manager environment variables" msgstr "" "Configura le variabili d'ambiente per la gestione dei servizi e del sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:8 +#: src/core/org.freedesktop.systemd1.policy.in:54 msgid "" "Authentication is required to set or unset system and service manager " "environment variables." @@ -63,27 +63,27 @@ msgstr "" "Autenticazione richiesta per configurare le variabili d'ambiente per la " "gestione dei servizi e del sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:9 +#: src/core/org.freedesktop.systemd1.policy.in:63 msgid "Reload the systemd state" msgstr "Ricarica lo stato di systemd" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:10 +#: src/core/org.freedesktop.systemd1.policy.in:64 msgid "Authentication is required to reload the systemd state." msgstr "Autenticazione richiesta per riavviare lo stato di sistemd." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:1 +#: src/hostname/org.freedesktop.hostname1.policy:22 msgid "Set host name" msgstr "Configura il nome host" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:2 +#: src/hostname/org.freedesktop.hostname1.policy:23 msgid "Authentication is required to set the local host name." msgstr "Autenticazione richiesta per configurare il nome host locale." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:3 +#: src/hostname/org.freedesktop.hostname1.policy:32 msgid "Set static host name" msgstr "Configura il nome host statico" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:4 +#: src/hostname/org.freedesktop.hostname1.policy:33 msgid "" "Authentication is required to set the statically configured local host name, " "as well as the pretty host name." @@ -91,104 +91,104 @@ msgstr "" "Autenticazione richiesta per configurare staticamente il nome host locale e " "il nome host descrittivo." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:5 +#: src/hostname/org.freedesktop.hostname1.policy:43 msgid "Set machine information" msgstr "Configura le informazioni sulla macchina" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:6 +#: src/hostname/org.freedesktop.hostname1.policy:44 msgid "Authentication is required to set local machine information." msgstr "" "Autenticazione richiesta per configurare le informazioni sulla macchina " "locale." -#: ../src/import/org.freedesktop.import1.policy.in.h:1 +#: src/import/org.freedesktop.import1.policy:22 msgid "Import a VM or container image" msgstr "Importa un'immagine VM o un container" -#: ../src/import/org.freedesktop.import1.policy.in.h:2 +#: src/import/org.freedesktop.import1.policy:23 msgid "Authentication is required to import a VM or container image" msgstr "Autenticazione richiesta per importare un'immagine VM o un container" -#: ../src/import/org.freedesktop.import1.policy.in.h:3 +#: src/import/org.freedesktop.import1.policy:32 msgid "Export a VM or container image" msgstr "Esporta un'immagine VM o un container" -#: ../src/import/org.freedesktop.import1.policy.in.h:4 +#: src/import/org.freedesktop.import1.policy:33 msgid "Authentication is required to export a VM or container image" msgstr "Autenticazione richiesta per esportare un'immagine VM o un container" -#: ../src/import/org.freedesktop.import1.policy.in.h:5 +#: src/import/org.freedesktop.import1.policy:42 msgid "Download a VM or container image" msgstr "Scarica un'immagine VM o un container" -#: ../src/import/org.freedesktop.import1.policy.in.h:6 +#: src/import/org.freedesktop.import1.policy:43 msgid "Authentication is required to download a VM or container image" msgstr "Autenticazione richiesta per scaricare un'immagine VM o un container" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:1 +#: src/locale/org.freedesktop.locale1.policy:22 msgid "Set system locale" msgstr "Configura le impostazioni regionali di sistema" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:2 +#: src/locale/org.freedesktop.locale1.policy:23 msgid "Authentication is required to set the system locale." msgstr "" "Autenticazione richiesta per configurare le impostazioni regionali di " "sistema." -#: ../src/locale/org.freedesktop.locale1.policy.in.h:3 +#: src/locale/org.freedesktop.locale1.policy:33 msgid "Set system keyboard settings" msgstr "Configura la tastiera di sistema" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:4 +#: src/locale/org.freedesktop.locale1.policy:34 msgid "Authentication is required to set the system keyboard settings." msgstr "Autenticazione richiesta per configurare la tastiera di sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:1 +#: src/login/org.freedesktop.login1.policy:22 msgid "Allow applications to inhibit system shutdown" msgstr "Consenti alle applicazioni di inibire lo spegnimento del sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:2 +#: src/login/org.freedesktop.login1.policy:23 msgid "" "Authentication is required for an application to inhibit system shutdown." msgstr "" "Autenticazione richiesta per un'applicazione per inibire lo spegnimento del " "sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:3 +#: src/login/org.freedesktop.login1.policy:33 msgid "Allow applications to delay system shutdown" msgstr "Consenti alle applicazioni di ritardare lo spegnimento del sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:4 +#: src/login/org.freedesktop.login1.policy:34 msgid "Authentication is required for an application to delay system shutdown." msgstr "" "Autenticazione richiesta per un'applicazione per ritardare lo spegnimento " "del sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:5 +#: src/login/org.freedesktop.login1.policy:44 msgid "Allow applications to inhibit system sleep" msgstr "Consenti alle applicazioni di inibire il sistema in pausa" -#: ../src/login/org.freedesktop.login1.policy.in.h:6 +#: src/login/org.freedesktop.login1.policy:45 msgid "Authentication is required for an application to inhibit system sleep." msgstr "" "Autenticazione richiesta per un'applicazione per inibire il sistema in pausa." -#: ../src/login/org.freedesktop.login1.policy.in.h:7 +#: src/login/org.freedesktop.login1.policy:55 msgid "Allow applications to delay system sleep" msgstr "Consenti alle applicazioni di ritardare il sistema in pausa" -#: ../src/login/org.freedesktop.login1.policy.in.h:8 +#: src/login/org.freedesktop.login1.policy:56 msgid "Authentication is required for an application to delay system sleep." msgstr "" "Autenticazione richiesta per un'applicazione per ritardare il sistema in " "pausa." -#: ../src/login/org.freedesktop.login1.policy.in.h:9 +#: src/login/org.freedesktop.login1.policy:65 msgid "Allow applications to inhibit automatic system suspend" msgstr "" "Consenti alle applicazioni di inibire la sospesione automatica del sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:10 +#: src/login/org.freedesktop.login1.policy:66 msgid "" "Authentication is required for an application to inhibit automatic system " "suspend." @@ -196,13 +196,13 @@ msgstr "" "Autenticazione richiesta per un'applicazione per inibire la sospensione " "automatica del sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:11 +#: src/login/org.freedesktop.login1.policy:75 msgid "Allow applications to inhibit system handling of the power key" msgstr "" "Consenti alle applicazioni di inibire la gestione di sistema del tasto di " "accensione" -#: ../src/login/org.freedesktop.login1.policy.in.h:12 +#: src/login/org.freedesktop.login1.policy:76 msgid "" "Authentication is required for an application to inhibit system handling of " "the power key." @@ -210,13 +210,13 @@ msgstr "" "Autenticazione richiesta per un'applicazione per inibire la gestione di " "sistema del tasto di accensione." -#: ../src/login/org.freedesktop.login1.policy.in.h:13 +#: src/login/org.freedesktop.login1.policy:86 msgid "Allow applications to inhibit system handling of the suspend key" msgstr "" "Consenti alle applicazioni di inibire la gestione di sistema del tasto di " "sospensione" -#: ../src/login/org.freedesktop.login1.policy.in.h:14 +#: src/login/org.freedesktop.login1.policy:87 msgid "" "Authentication is required for an application to inhibit system handling of " "the suspend key." @@ -224,13 +224,13 @@ msgstr "" "Autenticazione richiesta per un'applicazione per inibire la gestione di " "sistema del tasto di sospensione." -#: ../src/login/org.freedesktop.login1.policy.in.h:15 +#: src/login/org.freedesktop.login1.policy:97 msgid "Allow applications to inhibit system handling of the hibernate key" msgstr "" "Consenti alle applicazioni di inibire la gestione di sistema del tasto di " "ibernazione" -#: ../src/login/org.freedesktop.login1.policy.in.h:16 +#: src/login/org.freedesktop.login1.policy:98 msgid "" "Authentication is required for an application to inhibit system handling of " "the hibernate key." @@ -238,13 +238,13 @@ msgstr "" "Autenticazione richiesta per un'applicazione per inibire la gestione di " "sistema del tasto di ibernazione." -#: ../src/login/org.freedesktop.login1.policy.in.h:17 +#: src/login/org.freedesktop.login1.policy:107 msgid "Allow applications to inhibit system handling of the lid switch" msgstr "" "Consenti alle applicazioni di inibire la gestione di sistema alla apertura/" "chiusura del portatile" -#: ../src/login/org.freedesktop.login1.policy.in.h:18 +#: src/login/org.freedesktop.login1.policy:108 msgid "" "Authentication is required for an application to inhibit system handling of " "the lid switch." @@ -252,59 +252,59 @@ msgstr "" "Autenticazione richiesta per consentire ad un'applicazione di inibire la " "gestione di sistema alla apertura/chiusura del portatile." -#: ../src/login/org.freedesktop.login1.policy.in.h:19 +#: src/login/org.freedesktop.login1.policy:117 msgid "Allow non-logged-in user to run programs" msgstr "Consenti agli utenti non connessi di eseguire programmi" -#: ../src/login/org.freedesktop.login1.policy.in.h:20 +#: src/login/org.freedesktop.login1.policy:118 msgid "Explicit request is required to run programs as a non-logged-in user." msgstr "" "E' necessaria un'esplicita richiesta per eseguire programmi come utenti non " "connessi." -#: ../src/login/org.freedesktop.login1.policy.in.h:21 +#: src/login/org.freedesktop.login1.policy:127 msgid "Allow non-logged-in users to run programs" msgstr "Consenti agli utenti non connessi di eseguire programmi" -#: ../src/login/org.freedesktop.login1.policy.in.h:22 +#: src/login/org.freedesktop.login1.policy:128 msgid "Authentication is required to run programs as a non-logged-in user." msgstr "" "Autenticazione richiesta per consentire agli utenti non connessi di eseguire " "programmi." -#: ../src/login/org.freedesktop.login1.policy.in.h:23 +#: src/login/org.freedesktop.login1.policy:137 msgid "Allow attaching devices to seats" msgstr "Consenti di collegare dispositivi alle postazioni" -#: ../src/login/org.freedesktop.login1.policy.in.h:24 +#: src/login/org.freedesktop.login1.policy:138 msgid "Authentication is required for attaching a device to a seat." msgstr "" "Autenticazione richiesta per collegare un dispositivo ad una postazione." -#: ../src/login/org.freedesktop.login1.policy.in.h:25 +#: src/login/org.freedesktop.login1.policy:148 msgid "Flush device to seat attachments" msgstr "Scollega i dispositivi dalla postazione" -#: ../src/login/org.freedesktop.login1.policy.in.h:26 +#: src/login/org.freedesktop.login1.policy:149 msgid "" "Authentication is required for resetting how devices are attached to seats." msgstr "" "Autenticazione richiesta per ripristinare come i dispositivi sono collegati " "alle postazioni." -#: ../src/login/org.freedesktop.login1.policy.in.h:27 +#: src/login/org.freedesktop.login1.policy:158 msgid "Power off the system" msgstr "Spegni il sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:28 +#: src/login/org.freedesktop.login1.policy:159 msgid "Authentication is required for powering off the system." msgstr "Autenticazione richiesta per spegnere il sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:29 +#: src/login/org.freedesktop.login1.policy:169 msgid "Power off the system while other users are logged in" msgstr "Spegni il sistema mentre altri utenti sono connessi" -#: ../src/login/org.freedesktop.login1.policy.in.h:30 +#: src/login/org.freedesktop.login1.policy:170 msgid "" "Authentication is required for powering off the system while other users are " "logged in." @@ -312,11 +312,11 @@ msgstr "" "Autenticazione richiesta per spegnere il sistema mentre altri utenti sono " "connessi." -#: ../src/login/org.freedesktop.login1.policy.in.h:31 +#: src/login/org.freedesktop.login1.policy:180 msgid "Power off the system while an application asked to inhibit it" msgstr "Spegni il sistema mentre un'applicazione chiede di inibirne l'azione" -#: ../src/login/org.freedesktop.login1.policy.in.h:32 +#: src/login/org.freedesktop.login1.policy:181 msgid "" "Authentication is required for powering off the system while an application " "asked to inhibit it." @@ -324,19 +324,19 @@ msgstr "" "Autenticazione richiesta per spegnere il sistema mentre un'applicazione " "chiede di inibirne l'azione." -#: ../src/login/org.freedesktop.login1.policy.in.h:33 +#: src/login/org.freedesktop.login1.policy:191 msgid "Reboot the system" msgstr "Riavvia il sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:34 +#: src/login/org.freedesktop.login1.policy:192 msgid "Authentication is required for rebooting the system." msgstr "Autenticazione richiesta per riavviare il sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:35 +#: src/login/org.freedesktop.login1.policy:202 msgid "Reboot the system while other users are logged in" msgstr "Riavvia il sistema mentre altri utenti sono connessi" -#: ../src/login/org.freedesktop.login1.policy.in.h:36 +#: src/login/org.freedesktop.login1.policy:203 msgid "" "Authentication is required for rebooting the system while other users are " "logged in." @@ -344,11 +344,11 @@ msgstr "" "Autenticazione richiesta per riavviare il sistema mentre altri utenti sono " "connessi." -#: ../src/login/org.freedesktop.login1.policy.in.h:37 +#: src/login/org.freedesktop.login1.policy:213 msgid "Reboot the system while an application asked to inhibit it" msgstr "Riavvia il sistema mentre un'applicazione chiede di inibirne l'azione" -#: ../src/login/org.freedesktop.login1.policy.in.h:38 +#: src/login/org.freedesktop.login1.policy:214 msgid "" "Authentication is required for rebooting the system while an application " "asked to inhibit it." @@ -356,19 +356,51 @@ msgstr "" "Autenticazione richiesta per riavviare il sistema mentre un'applicazione " "chiede di inibirne l'azione." -#: ../src/login/org.freedesktop.login1.policy.in.h:39 +#: src/login/org.freedesktop.login1.policy:224 +msgid "Halt the system" +msgstr "Ferma il sistema" + +#: src/login/org.freedesktop.login1.policy:225 +msgid "Authentication is required for halting the system." +msgstr "Autenticazione richiesta per fermare il sistema." + +#: src/login/org.freedesktop.login1.policy:235 +msgid "Halt the system while other users are logged in" +msgstr "Ferma il sistema mentre altri utenti sono connessi" + +#: src/login/org.freedesktop.login1.policy:236 +msgid "" +"Authentication is required for halting the system while other users are " +"logged in." +msgstr "" +"Autenticazione richiesta per fermare il sistema mentre altri utenti sono " +"connessi." + +#: src/login/org.freedesktop.login1.policy:246 +msgid "Halt the system while an application asked to inhibit it" +msgstr "Ferma il sistema mentre un'applicazione chiede di inibirne l'azione" + +#: src/login/org.freedesktop.login1.policy:247 +msgid "" +"Authentication is required for halting the system while an application asked " +"to inhibit it." +msgstr "" +"Autenticazione richiesta per fermare il sistema mentre un'applicazione " +"chiede di inibirne l'azione." + +#: src/login/org.freedesktop.login1.policy:257 msgid "Suspend the system" msgstr "Sospendi il sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:40 +#: src/login/org.freedesktop.login1.policy:258 msgid "Authentication is required for suspending the system." msgstr "Autenticazione richiesta per sospendere il sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:41 +#: src/login/org.freedesktop.login1.policy:267 msgid "Suspend the system while other users are logged in" msgstr "Sospendi il sistema mentre altri utenti sono connessi" -#: ../src/login/org.freedesktop.login1.policy.in.h:42 +#: src/login/org.freedesktop.login1.policy:268 msgid "" "Authentication is required for suspending the system while other users are " "logged in." @@ -376,11 +408,11 @@ msgstr "" "Autenticazione richiesta per sospendere il sistema mentre altri utenti sono " "connessi." -#: ../src/login/org.freedesktop.login1.policy.in.h:43 +#: src/login/org.freedesktop.login1.policy:278 msgid "Suspend the system while an application asked to inhibit it" msgstr "Sospendi il sistema mentre un'applicazione chiede di inibirne l'azione" -#: ../src/login/org.freedesktop.login1.policy.in.h:44 +#: src/login/org.freedesktop.login1.policy:279 msgid "" "Authentication is required for suspending the system while an application " "asked to inhibit it." @@ -388,19 +420,19 @@ msgstr "" "Autenticazione richiesta per sospendere il sistema mentre un'applicazione " "chiede di inibirne l'azione." -#: ../src/login/org.freedesktop.login1.policy.in.h:45 +#: src/login/org.freedesktop.login1.policy:289 msgid "Hibernate the system" msgstr "Iberna il sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:46 +#: src/login/org.freedesktop.login1.policy:290 msgid "Authentication is required for hibernating the system." msgstr "Autenticazione richiesta per ibernare il sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:47 +#: src/login/org.freedesktop.login1.policy:299 msgid "Hibernate the system while other users are logged in" msgstr "Iberna il sistema mentre altri utenti sono connessi" -#: ../src/login/org.freedesktop.login1.policy.in.h:48 +#: src/login/org.freedesktop.login1.policy:300 msgid "" "Authentication is required for hibernating the system while other users are " "logged in." @@ -408,11 +440,11 @@ msgstr "" "Autenticazione richiesta per ibernare il sistema mentre altri utenti sono " "connessi." -#: ../src/login/org.freedesktop.login1.policy.in.h:49 +#: src/login/org.freedesktop.login1.policy:310 msgid "Hibernate the system while an application asked to inhibit it" msgstr "Iberna il sistema mentre un'applicazione chiede di inibirne l'azione" -#: ../src/login/org.freedesktop.login1.policy.in.h:50 +#: src/login/org.freedesktop.login1.policy:311 msgid "" "Authentication is required for hibernating the system while an application " "asked to inhibit it." @@ -420,31 +452,31 @@ msgstr "" "Autenticazione richiesta per ibernare il sistema mentre un'applicazione " "chiede di inibirne l'azione." -#: ../src/login/org.freedesktop.login1.policy.in.h:51 +#: src/login/org.freedesktop.login1.policy:321 msgid "Manage active sessions, users and seats" msgstr "Gestione delle sessioni attive, utenti e postazioni" -#: ../src/login/org.freedesktop.login1.policy.in.h:52 +#: src/login/org.freedesktop.login1.policy:322 msgid "" "Authentication is required for managing active sessions, users and seats." msgstr "" "Autenticazione richiesta per gestire le sessioni attive, gli utenti e le " "postazioni." -#: ../src/login/org.freedesktop.login1.policy.in.h:53 +#: src/login/org.freedesktop.login1.policy:331 msgid "Lock or unlock active sessions" msgstr "Blocca/sblocca sessioni attive" -#: ../src/login/org.freedesktop.login1.policy.in.h:54 +#: src/login/org.freedesktop.login1.policy:332 msgid "Authentication is required to lock or unlock active sessions." msgstr "Autenticazione richiesta per bloccare o sbloccare le sessioni attive." -#: ../src/login/org.freedesktop.login1.policy.in.h:55 +#: src/login/org.freedesktop.login1.policy:341 msgid "Allow indication to the firmware to boot to setup interface" msgstr "" "Permette indicazioni al firmware per avviare l'interfaccia di configurazione" -#: ../src/login/org.freedesktop.login1.policy.in.h:56 +#: src/login/org.freedesktop.login1.policy:342 msgid "" "Authentication is required to indicate to the firmware to boot to setup " "interface." @@ -452,79 +484,79 @@ msgstr "" "Autenticazione richiesta per indicare al firmware di avviare l'interfaccia " "di configurazione." -#: ../src/login/org.freedesktop.login1.policy.in.h:57 +#: src/login/org.freedesktop.login1.policy:351 msgid "Set a wall message" msgstr "Configura un messaggio per gli utenti" -#: ../src/login/org.freedesktop.login1.policy.in.h:58 +#: src/login/org.freedesktop.login1.policy:352 msgid "Authentication is required to set a wall message" msgstr "Autenticazione richiesta per configurare un messaggio per gli utenti" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:1 +#: src/machine/org.freedesktop.machine1.policy:22 msgid "Log into a local container" msgstr "Accedi in un container locale" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:2 +#: src/machine/org.freedesktop.machine1.policy:23 msgid "Authentication is required to log into a local container." msgstr "Autenticazione richiesta per accedere in un container locale." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:3 +#: src/machine/org.freedesktop.machine1.policy:32 msgid "Log into the local host" msgstr "Accedi in un host locale" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:4 +#: src/machine/org.freedesktop.machine1.policy:33 msgid "Authentication is required to log into the local host." msgstr "Autenticazione richiesta per accedere in un host locale." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:5 +#: src/machine/org.freedesktop.machine1.policy:42 msgid "Acquire a shell in a local container" msgstr "Apri una shell in un container locale" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:6 +#: src/machine/org.freedesktop.machine1.policy:43 msgid "Authentication is required to acquire a shell in a local container." msgstr "Autenticazione richiesta per aprire una shell in un container locale." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:7 +#: src/machine/org.freedesktop.machine1.policy:53 msgid "Acquire a shell on the local host" msgstr "Apri una shell in un host locale" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:8 +#: src/machine/org.freedesktop.machine1.policy:54 msgid "Authentication is required to acquire a shell on the local host." msgstr "Autenticazione richiesta per aprire una shell in un host locale." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:9 +#: src/machine/org.freedesktop.machine1.policy:64 msgid "Acquire a pseudo TTY in a local container" msgstr "Apri un pseudo TTY in un container locale" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:10 +#: src/machine/org.freedesktop.machine1.policy:65 msgid "" "Authentication is required to acquire a pseudo TTY in a local container." msgstr "" "Autenticazione richiesta per aprire un pseudo TTY in un container locale." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:11 +#: src/machine/org.freedesktop.machine1.policy:74 msgid "Acquire a pseudo TTY on the local host" msgstr "Apri un pseudo TTY in un host locale" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:12 +#: src/machine/org.freedesktop.machine1.policy:75 msgid "Authentication is required to acquire a pseudo TTY on the local host." msgstr "Autenticazione richiesta per aprire un pseudo TTY in un host locale." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:13 +#: src/machine/org.freedesktop.machine1.policy:84 msgid "Manage local virtual machines and containers" msgstr "Gestisci le virtual machine e i container locali" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:14 +#: src/machine/org.freedesktop.machine1.policy:85 msgid "" "Authentication is required to manage local virtual machines and containers." msgstr "" "Autenticazione richiesta per gestire le virtual machine e i container locali." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:15 +#: src/machine/org.freedesktop.machine1.policy:95 msgid "Manage local virtual machine and container images" msgstr "Gestisci le immagini locali delle virtual machine e dei container" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:16 +#: src/machine/org.freedesktop.machine1.policy:96 msgid "" "Authentication is required to manage local virtual machine and container " "images." @@ -532,29 +564,46 @@ msgstr "" "Autenticazione richiesta per gestire le immagini delle virtual machine e dei " "container locali." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:1 +#: src/resolve/org.freedesktop.resolve1.policy:22 +msgid "Register a DNS-SD service" +msgstr "Registra un servizio DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy:23 +msgid "Authentication is required to register a DNS-SD service" +msgstr "Autenticazione richiesta per registrare un servizio DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy:33 +msgid "Unregister a DNS-SD service" +msgstr "Annulla la registrazione di un servizio DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy:34 +msgid "Authentication is required to unregister a DNS-SD service" +msgstr "" +"Autenticazione richiesta per annullare la registrare di un servizio DNS-SD" + +#: src/timedate/org.freedesktop.timedate1.policy:22 msgid "Set system time" msgstr "Configura l'orario di sistema" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:2 +#: src/timedate/org.freedesktop.timedate1.policy:23 msgid "Authentication is required to set the system time." msgstr "Autenticazione richiesta per configurare l'orario di sistema." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:3 +#: src/timedate/org.freedesktop.timedate1.policy:33 msgid "Set system timezone" msgstr "Configura il fuso orario di sistema" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:4 +#: src/timedate/org.freedesktop.timedate1.policy:34 msgid "Authentication is required to set the system timezone." msgstr "Autenticazione richiesta per configurare il fuso orario di sistema." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:5 +#: src/timedate/org.freedesktop.timedate1.policy:43 msgid "Set RTC to local timezone or UTC" msgstr "" "Configura l'orologio di sistema (RTC) al fuso orario locale o al tempo " "civile (UTC)" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:6 +#: src/timedate/org.freedesktop.timedate1.policy:44 msgid "" "Authentication is required to control whether the RTC stores the local or " "UTC time." @@ -562,11 +611,11 @@ msgstr "" "Autenticazione richiesta per verificare se l'orologio di sistema (RTC) è " "configurato all'orario locale o al tempo civile (UTC)." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:7 +#: src/timedate/org.freedesktop.timedate1.policy:54 msgid "Turn network time synchronization on or off" msgstr "Abilita o meno la sincronizzazione dell'orario in rete" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:8 +#: src/timedate/org.freedesktop.timedate1.policy:55 msgid "" "Authentication is required to control whether network time synchronization " "shall be enabled." @@ -574,31 +623,31 @@ msgstr "" "Autenticazione richiesta per verificare se la sincronizzazione dell'orario " "in rete possa essere attivata." -#: ../src/core/dbus-unit.c:450 +#: src/core/dbus-unit.c:496 msgid "Authentication is required to start '$(unit)'." msgstr "Autenticazione richiesta per avviare '$(unit)'." -#: ../src/core/dbus-unit.c:451 +#: src/core/dbus-unit.c:497 msgid "Authentication is required to stop '$(unit)'." msgstr "Autenticazione richiesta per fermare '$(unit)'." -#: ../src/core/dbus-unit.c:452 +#: src/core/dbus-unit.c:498 msgid "Authentication is required to reload '$(unit)'." msgstr "Autenticazione richiesta per ricaricare '$(unit)'." -#: ../src/core/dbus-unit.c:453 ../src/core/dbus-unit.c:454 +#: src/core/dbus-unit.c:499 src/core/dbus-unit.c:500 msgid "Authentication is required to restart '$(unit)'." msgstr "Autenticazione richiesta per riavviare '$(unit)'." -#: ../src/core/dbus-unit.c:560 +#: src/core/dbus-unit.c:607 msgid "Authentication is required to kill '$(unit)'." msgstr "Autenticazione richiesta per terminare '$(unit)'." -#: ../src/core/dbus-unit.c:590 +#: src/core/dbus-unit.c:638 msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." msgstr "" "Autenticazione richiesta per riconfigurare lo stato \"fallito\" di '$(unit)'." -#: ../src/core/dbus-unit.c:622 +#: src/core/dbus-unit.c:671 msgid "Authentication is required to set properties on '$(unit)'." msgstr "Autenticazione richiesta per configurare le proprietà di '$(unit)'." diff --git a/po/ja.po b/po/ja.po new file mode 100644 index 0000000000..7f0b81bf19 --- /dev/null +++ b/po/ja.po @@ -0,0 +1,568 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# Japanese translation for systemd. +# Copyright (C) 2018 systemd's COPYRIGHT HOLDER +# This file is distributed under the same license as the systemd package. +# Yu Watanabe <watanabe.yu+github@gmail.com>, 2018. +# +msgid "" +msgstr "" +"Project-Id-Version: systemd\n" +"Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n" +"POT-Creation-Date: 2018-02-27 16:46+0900\n" +"PO-Revision-Date: 2018-02-27 16:55+0900\n" +"Last-Translator: Yu Watanabe <watanabe.yu+github@gmail.com>\n" +"Language-Team: \n" +"Language: ja\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#: src/core/org.freedesktop.systemd1.policy.in:22 +msgid "Send passphrase back to system" +msgstr "パスフレーズをシステムに送信" + +#: src/core/org.freedesktop.systemd1.policy.in:23 +msgid "" +"Authentication is required to send the entered passphrase back to the system." +msgstr "" +"パスフレーズをシステムに送信するには認証が必要です。" + +#: src/core/org.freedesktop.systemd1.policy.in:33 +msgid "Manage system services or other units" +msgstr "システムサービスやその他のユニットの管理" + +#: src/core/org.freedesktop.systemd1.policy.in:34 +msgid "Authentication is required to manage system services or other units." +msgstr "システムサービスやその他のユニットを管理するには認証が必要です。" + +#: src/core/org.freedesktop.systemd1.policy.in:43 +msgid "Manage system service or unit files" +msgstr "システムサービスファイルやその他のユニットファイルの管理" + +#: src/core/org.freedesktop.systemd1.policy.in:44 +msgid "Authentication is required to manage system service or unit files." +msgstr "システムサービスファイルやその他のユニットファイルを管理するには認証が必要です。" + +#: src/core/org.freedesktop.systemd1.policy.in:53 +msgid "Set or unset system and service manager environment variables" +msgstr "システムマネージャ環境変数の設定もしくは解除" + +#: src/core/org.freedesktop.systemd1.policy.in:54 +msgid "" +"Authentication is required to set or unset system and service manager " +"environment variables." +msgstr "システムマネージャ環境変数を設定もしくは解除するには認証が必要です。" + +#: src/core/org.freedesktop.systemd1.policy.in:63 +msgid "Reload the systemd state" +msgstr "systemdの状態の再読込" + +#: src/core/org.freedesktop.systemd1.policy.in:64 +msgid "Authentication is required to reload the systemd state." +msgstr "systemdの状態を再読込するには認証が必要です。" + +#: src/hostname/org.freedesktop.hostname1.policy:22 +msgid "Set host name" +msgstr "ホスト名の設定" + +#: src/hostname/org.freedesktop.hostname1.policy:23 +msgid "Authentication is required to set the local host name." +msgstr "ホスト名を設定するには認証が必要です。" + +#: src/hostname/org.freedesktop.hostname1.policy:32 +msgid "Set static host name" +msgstr "静的なホスト名の設定" + +#: src/hostname/org.freedesktop.hostname1.policy:33 +msgid "" +"Authentication is required to set the statically configured local host name, " +"as well as the pretty host name." +msgstr "静的なホスト名を設定するには認証が必要です。" + +#: src/hostname/org.freedesktop.hostname1.policy:43 +msgid "Set machine information" +msgstr "マシン情報の設定" + +#: src/hostname/org.freedesktop.hostname1.policy:44 +msgid "Authentication is required to set local machine information." +msgstr "マシン情報を設定するには認証が必要です。" + +#: src/import/org.freedesktop.import1.policy:22 +msgid "Import a VM or container image" +msgstr "仮想マシンもしくはコンテナイメージの読込" + +#: src/import/org.freedesktop.import1.policy:23 +msgid "Authentication is required to import a VM or container image" +msgstr "仮想マシンもしくはコンテナイメージを読込むには認証が必要です。" + +#: src/import/org.freedesktop.import1.policy:32 +msgid "Export a VM or container image" +msgstr "仮想マシンもしくはコンテナイメージの書出し" + +#: src/import/org.freedesktop.import1.policy:33 +msgid "Authentication is required to export a VM or container image" +msgstr "仮想マシンもしくはコンテナイメージを書出すには認証が必要です。" + +#: src/import/org.freedesktop.import1.policy:42 +msgid "Download a VM or container image" +msgstr "仮想マシンもしくはコンテナイメージのダウンロード" + +#: src/import/org.freedesktop.import1.policy:43 +msgid "Authentication is required to download a VM or container image" +msgstr "仮想マシンもしくはコンテナイメージをダウンロードするには認証が必要です。" + +#: src/locale/org.freedesktop.locale1.policy:22 +msgid "Set system locale" +msgstr "システムロケールの設定" + +#: src/locale/org.freedesktop.locale1.policy:23 +msgid "Authentication is required to set the system locale." +msgstr "システムロケールを設定するには認証が必要です。" + +#: src/locale/org.freedesktop.locale1.policy:33 +msgid "Set system keyboard settings" +msgstr "システムキーボードの設定" + +#: src/locale/org.freedesktop.locale1.policy:34 +msgid "Authentication is required to set the system keyboard settings." +msgstr "システムキーボードを設定するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:22 +msgid "Allow applications to inhibit system shutdown" +msgstr "アプリケーションがシステムのシャットダウンを阻害することを許可" + +#: src/login/org.freedesktop.login1.policy:23 +msgid "" +"Authentication is required for an application to inhibit system shutdown." +msgstr "アプリケーションがシステムのシャットダウンを阻害するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:33 +msgid "Allow applications to delay system shutdown" +msgstr "アプリケーションがシステムのシャットダウンを遅延させることを許可" + +#: src/login/org.freedesktop.login1.policy:34 +msgid "Authentication is required for an application to delay system shutdown." +msgstr "アプリケーションがシステムのシャットダウンを遅延させるには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:44 +msgid "Allow applications to inhibit system sleep" +msgstr "アプリケーションがシステムのスリープを阻害することを許可" + +#: src/login/org.freedesktop.login1.policy:45 +msgid "Authentication is required for an application to inhibit system sleep." +msgstr "アプリケーションがシステムのスリープを阻害するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:55 +msgid "Allow applications to delay system sleep" +msgstr "アプリケーションがシステムのスリープを遅延させることを許可" + +#: src/login/org.freedesktop.login1.policy:56 +msgid "Authentication is required for an application to delay system sleep." +msgstr "アプリケーションがシステムのスリープを遅延させるには許可が必要です。" + +#: src/login/org.freedesktop.login1.policy:65 +msgid "Allow applications to inhibit automatic system suspend" +msgstr "アプリケーションがシステムの自動的なサスペンドを阻害することを許可" + +#: src/login/org.freedesktop.login1.policy:66 +msgid "" +"Authentication is required for an application to inhibit automatic system " +"suspend." +msgstr "アプリケーションがシステムの自動的なサスペンドを阻害するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:75 +msgid "Allow applications to inhibit system handling of the power key" +msgstr "アプリケーションが電源ボタンによる動作を阻害することを許可" + +#: src/login/org.freedesktop.login1.policy:76 +msgid "" +"Authentication is required for an application to inhibit system handling of " +"the power key." +msgstr "アプリケーションが電源ボタンによる動作を阻害するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:86 +msgid "Allow applications to inhibit system handling of the suspend key" +msgstr "アプリケーションがサスペンドキーによる動作を阻害することを許可" + +#: src/login/org.freedesktop.login1.policy:87 +msgid "" +"Authentication is required for an application to inhibit system handling of " +"the suspend key." +msgstr "アプリケーションがサスペンドキーによる動作を阻害するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:97 +msgid "Allow applications to inhibit system handling of the hibernate key" +msgstr "アプリケーションがハイバネートキーによる動作を阻害することを許可" + +#: src/login/org.freedesktop.login1.policy:98 +msgid "" +"Authentication is required for an application to inhibit system handling of " +"the hibernate key." +msgstr "アプリケーションがハイバネートキーによる動作を阻害するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:107 +msgid "Allow applications to inhibit system handling of the lid switch" +msgstr "アプリケーションが液晶開閉による動作を阻害することを許可" + +#: src/login/org.freedesktop.login1.policy:108 +msgid "" +"Authentication is required for an application to inhibit system handling of " +"the lid switch." +msgstr "アプリケーションが液晶開閉による動作を阻害するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:117 +msgid "Allow non-logged-in user to run programs" +msgstr "ログインしていないユーザがプログラムを実行することを許可" + +#: src/login/org.freedesktop.login1.policy:118 +msgid "Explicit request is required to run programs as a non-logged-in user." +msgstr "ログインしていないユーザがプログラムを実行するには明示的な要求が必要です。" + +#: src/login/org.freedesktop.login1.policy:127 +msgid "Allow non-logged-in users to run programs" +msgstr "ログインしていないユーザがプログラムを実行することを許可" + +#: src/login/org.freedesktop.login1.policy:128 +msgid "Authentication is required to run programs as a non-logged-in user." +msgstr "ログインしていないユーザがプログラムを実行するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:137 +msgid "Allow attaching devices to seats" +msgstr "シートにデバイスを接続することを許可" + +#: src/login/org.freedesktop.login1.policy:138 +msgid "Authentication is required for attaching a device to a seat." +msgstr "シートにデバイスを接続するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:148 +msgid "Flush device to seat attachments" +msgstr "デバイスのシートへの接続のリセット" + +#: src/login/org.freedesktop.login1.policy:149 +msgid "" +"Authentication is required for resetting how devices are attached to seats." +msgstr "デバイスのシートへの接続をリセットするには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:158 +msgid "Power off the system" +msgstr "システムの電源を切る" + +#: src/login/org.freedesktop.login1.policy:159 +msgid "Authentication is required for powering off the system." +msgstr "システムの電源を切るには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:169 +msgid "Power off the system while other users are logged in" +msgstr "他のユーザがログインしている状態でシステムの電源を切る" + +#: src/login/org.freedesktop.login1.policy:170 +msgid "" +"Authentication is required for powering off the system while other users are " +"logged in." +msgstr "他のユーザがログインしている状態でシステムの電源を切るには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:180 +msgid "Power off the system while an application asked to inhibit it" +msgstr "アプリケーションが使用されている状態でシステムの電源を切る" + +#: src/login/org.freedesktop.login1.policy:181 +msgid "" +"Authentication is required for powering off the system while an application " +"asked to inhibit it." +msgstr "アプリケーションが使用されている状態でシステムの電源を切るには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:191 +msgid "Reboot the system" +msgstr "システムの再起動" + +#: src/login/org.freedesktop.login1.policy:192 +msgid "Authentication is required for rebooting the system." +msgstr "システムの再起動には認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:202 +msgid "Reboot the system while other users are logged in" +msgstr "他のユーザがログインしている状態でシステムを再起動する" + +#: src/login/org.freedesktop.login1.policy:203 +msgid "" +"Authentication is required for rebooting the system while other users are " +"logged in." +msgstr "他のユーザがログインしている状態でシステムを再起動するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:213 +msgid "Reboot the system while an application asked to inhibit it" +msgstr "アプリケーションが使用されている状態でシステムを再起動する" + +#: src/login/org.freedesktop.login1.policy:214 +msgid "" +"Authentication is required for rebooting the system while an application " +"asked to inhibit it." +msgstr "アプリケーションが使用されている状態でシステムを再起動するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:224 +msgid "Halt the system" +msgstr "システムの停止" + +#: src/login/org.freedesktop.login1.policy:225 +msgid "Authentication is required for halting the system." +msgstr "システムを停止するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:235 +msgid "Halt the system while other users are logged in" +msgstr "他のユーザがログインしている状態でシステムを停止する" + +#: src/login/org.freedesktop.login1.policy:236 +msgid "" +"Authentication is required for halting the system while other users are " +"logged in." +msgstr "他のユーザがログインしている状態でシステムを停止するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:246 +msgid "Halt the system while an application asked to inhibit it" +msgstr "アプリケーションが使用されている状態でシステムを停止する" + +#: src/login/org.freedesktop.login1.policy:247 +msgid "" +"Authentication is required for halting the system while an application asked " +"to inhibit it." +msgstr "アプリケーションが使用されている状態でシステムを停止するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:257 +msgid "Suspend the system" +msgstr "システムのサスペンド" + +#: src/login/org.freedesktop.login1.policy:258 +msgid "Authentication is required for suspending the system." +msgstr "システムのサスペンドには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:267 +msgid "Suspend the system while other users are logged in" +msgstr "他のユーザがログインしている状態でシステムをサスペンドする" + +#: src/login/org.freedesktop.login1.policy:268 +msgid "" +"Authentication is required for suspending the system while other users are " +"logged in." +msgstr "他のユーザがログインしている状態でシステムをサスペンドするには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:278 +msgid "Suspend the system while an application asked to inhibit it" +msgstr "アプリケーションが使用されている状態でシステムをサスペンドする" + +#: src/login/org.freedesktop.login1.policy:279 +msgid "" +"Authentication is required for suspending the system while an application " +"asked to inhibit it." +msgstr "アプリケーションが使用されている状態でシステムをサスペンドするには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:289 +msgid "Hibernate the system" +msgstr "システムのハイバネート" + +#: src/login/org.freedesktop.login1.policy:290 +msgid "Authentication is required for hibernating the system." +msgstr "システムのハイバネートには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:299 +msgid "Hibernate the system while other users are logged in" +msgstr "他のユーザがログインしている状態でシステムをハイバネートする" + +#: src/login/org.freedesktop.login1.policy:300 +msgid "" +"Authentication is required for hibernating the system while other users are " +"logged in." +msgstr "他のユーザがログインしている状態でシステムをハイバネートするには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:310 +msgid "Hibernate the system while an application asked to inhibit it" +msgstr "アプリケーションが使用されている状態でシステムをハイバネートする" + +#: src/login/org.freedesktop.login1.policy:311 +msgid "" +"Authentication is required for hibernating the system while an application " +"asked to inhibit it." +msgstr "アプリケーションが使用されている状態でシステムをハイバネートするには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:321 +msgid "Manage active sessions, users and seats" +msgstr "アクティブなセッションやユーザ,シートの管理" + +#: src/login/org.freedesktop.login1.policy:322 +msgid "" +"Authentication is required for managing active sessions, users and seats." +msgstr "アクティブなセッションやユーザ,シートを管理するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:331 +msgid "Lock or unlock active sessions" +msgstr "アクティブなセッションのロックもしくはアンロック" + +#: src/login/org.freedesktop.login1.policy:332 +msgid "Authentication is required to lock or unlock active sessions." +msgstr "アクティブなセッションをロックもしくはアンロックするには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:341 +msgid "Allow indication to the firmware to boot to setup interface" +msgstr "ファームウェアに「インターフェースの設定を起動」を表示する" + +#: src/login/org.freedesktop.login1.policy:342 +msgid "" +"Authentication is required to indicate to the firmware to boot to setup " +"interface." +msgstr "ファームウェアに「インターフェースの設定を起動」を表示するには認証が必要です。" + +#: src/login/org.freedesktop.login1.policy:351 +msgid "Set a wall message" +msgstr "全ユーザへのメッセージの設定" + +#: src/login/org.freedesktop.login1.policy:352 +msgid "Authentication is required to set a wall message" +msgstr "全ユーザへのメッセージを設定するには認証が必要です。" + +#: src/machine/org.freedesktop.machine1.policy:22 +msgid "Log into a local container" +msgstr "ローカルなコンテナへログイン" + +#: src/machine/org.freedesktop.machine1.policy:23 +msgid "Authentication is required to log into a local container." +msgstr "ローカルなコンテナへログインするには認証が必要です。" + +#: src/machine/org.freedesktop.machine1.policy:32 +msgid "Log into the local host" +msgstr "ローカルホストへログイン" + +#: src/machine/org.freedesktop.machine1.policy:33 +msgid "Authentication is required to log into the local host." +msgstr "ローカルホストへログインするには認証が必要です。" + +#: src/machine/org.freedesktop.machine1.policy:42 +msgid "Acquire a shell in a local container" +msgstr "ローカルなコンテナのシェルを取得" + +#: src/machine/org.freedesktop.machine1.policy:43 +msgid "Authentication is required to acquire a shell in a local container." +msgstr "ローカルなコンテナのシェルを取得するには認証が必要です。" + +#: src/machine/org.freedesktop.machine1.policy:53 +msgid "Acquire a shell on the local host" +msgstr "ローカルホストのシェルを取得" + +#: src/machine/org.freedesktop.machine1.policy:54 +msgid "Authentication is required to acquire a shell on the local host." +msgstr "ローカルホストのシェルを取得するには認証が必要です。" + +#: src/machine/org.freedesktop.machine1.policy:64 +msgid "Acquire a pseudo TTY in a local container" +msgstr "ローカルなコンテナの仮想TTYを取得" + +#: src/machine/org.freedesktop.machine1.policy:65 +msgid "" +"Authentication is required to acquire a pseudo TTY in a local container." +msgstr "ローカルなコンテナの仮想TTYを取得するには認証が必要です。" + +#: src/machine/org.freedesktop.machine1.policy:74 +msgid "Acquire a pseudo TTY on the local host" +msgstr "ローカルホストの仮想TTYを取得する" + +#: src/machine/org.freedesktop.machine1.policy:75 +msgid "Authentication is required to acquire a pseudo TTY on the local host." +msgstr "ローカルホストの仮想TTYを取得するには認証が必要です。" + +#: src/machine/org.freedesktop.machine1.policy:84 +msgid "Manage local virtual machines and containers" +msgstr "ローカルな仮想マシンやコンテナの管理" + +#: src/machine/org.freedesktop.machine1.policy:85 +msgid "" +"Authentication is required to manage local virtual machines and containers." +msgstr "ローカルな仮想マシンやコンテナを管理するには認証が必要です。" + +#: src/machine/org.freedesktop.machine1.policy:95 +msgid "Manage local virtual machine and container images" +msgstr "ローカルな仮想マシンやコンテナのイメージ管理" + +#: src/machine/org.freedesktop.machine1.policy:96 +msgid "" +"Authentication is required to manage local virtual machine and container " +"images." +msgstr "ローカルな仮想マシンやコンテナのイメージを管理するには認証が必要です。" + +#: src/resolve/org.freedesktop.resolve1.policy:22 +msgid "Register a DNS-SD service" +msgstr "DNS-SDサービスを登録" + +#: src/resolve/org.freedesktop.resolve1.policy:23 +msgid "Authentication is required to register a DNS-SD service" +msgstr "DNS-SDサービスを登録するには認証が必要です。" + +#: src/resolve/org.freedesktop.resolve1.policy:33 +msgid "Unregister a DNS-SD service" +msgstr "DNS-SDサービスへの登録を解除" + +#: src/resolve/org.freedesktop.resolve1.policy:34 +msgid "Authentication is required to unregister a DNS-SD service" +msgstr "DNS-SDサービスへの登録を解除するには認証が必要です。" + +#: src/timedate/org.freedesktop.timedate1.policy:22 +msgid "Set system time" +msgstr "システムの時刻設定" + +#: src/timedate/org.freedesktop.timedate1.policy:23 +msgid "Authentication is required to set the system time." +msgstr "システムの時刻を設定するには認証が必要です。" + +#: src/timedate/org.freedesktop.timedate1.policy:33 +msgid "Set system timezone" +msgstr "システムのタイムゾーンを設定" + +#: src/timedate/org.freedesktop.timedate1.policy:34 +msgid "Authentication is required to set the system timezone." +msgstr "システムのタイムゾーンを設定するには認証が必要です。" + +#: src/timedate/org.freedesktop.timedate1.policy:43 +msgid "Set RTC to local timezone or UTC" +msgstr "ハードウェア時刻をローカルタイムゾーンもしくはUTCに設定" + +#: src/timedate/org.freedesktop.timedate1.policy:44 +msgid "" +"Authentication is required to control whether the RTC stores the local or " +"UTC time." +msgstr "ハードウェア時刻をローカルタイムゾーンもしくはUTCに設定するには認証が必要です。" + +#: src/timedate/org.freedesktop.timedate1.policy:54 +msgid "Turn network time synchronization on or off" +msgstr "ネットワーク経由の時刻同期の有効化もしくは無効化" + +#: src/timedate/org.freedesktop.timedate1.policy:55 +msgid "" +"Authentication is required to control whether network time synchronization " +"shall be enabled." +msgstr "ネットワーク経由の時刻同期を有効もしくは無効にするには認証が必要です。" + +#: src/core/dbus-unit.c:496 +msgid "Authentication is required to start '$(unit)'." +msgstr "'$(unit)'を開始するには認証が必要です。" + +#: src/core/dbus-unit.c:497 +msgid "Authentication is required to stop '$(unit)'." +msgstr "'$(unit)'を停止するには認証が必要です。" + +#: src/core/dbus-unit.c:498 +msgid "Authentication is required to reload '$(unit)'." +msgstr "'$(unit)'を再読込するには認証が必要です。" + +#: src/core/dbus-unit.c:499 src/core/dbus-unit.c:500 +msgid "Authentication is required to restart '$(unit)'." +msgstr "'$(unit)'を再起動するには認証が必要です。" + +#: src/core/dbus-unit.c:607 +msgid "Authentication is required to kill '$(unit)'." +msgstr "'$(unit)'を強制停止するには認証が必要です。" + +#: src/core/dbus-unit.c:638 +msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." +msgstr "'$(unit)'の「失敗」状態をリセットするには認証が必要です。" + +#: src/core/dbus-unit.c:671 +msgid "Authentication is required to set properties on '$(unit)'." +msgstr "'$(unit)'のプロパティを設定するには認証が必要です。" diff --git a/po/meson.build b/po/meson.build index 7ba08fba18..01ab7a3a54 100644 --- a/po/meson.build +++ b/po/meson.build @@ -16,6 +16,6 @@ # along with systemd; If not, see <http://www.gnu.org/licenses/>. i18n = import('i18n') -i18n.gettext(meson.project_name(), preset: 'glib') - -po_dir = meson.current_source_dir() +i18n.gettext(meson.project_name(), + preset : 'glib', + data_dirs : '.') @@ -1,17 +1,17 @@ # SPDX-License-Identifier: LGPL-2.1+ # # Polish translation for systemd. -# Copyright © 2011-2017 the systemd authors. +# Copyright © 2011-2018 the systemd authors. # This file is distributed under the same license as the systemd package. -# Piotr Drąg <piotrdrag@gmail.com>, 2011, 2013-2017. +# Piotr Drąg <piotrdrag@gmail.com>, 2011, 2013-2018. # Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>, 2011. # msgid "" msgstr "" "Project-Id-Version: systemd\n" -"Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2017-10-06 15:29+0200\n" -"PO-Revision-Date: 2017-10-05 15:30+0200\n" +"Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n" +"POT-Creation-Date: 2018-02-13 03:26+0000\n" +"PO-Revision-Date: 2018-02-13 16:50+0100\n" "Last-Translator: Piotr Drąg <piotrdrag@gmail.com>\n" "Language-Team: Polish <trans-pl@lists.fedoraproject.org>\n" "Language: pl\n" @@ -21,43 +21,43 @@ msgstr "" "Plural-Forms: nplurals=3; plural=(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 " "|| n%100>=20) ? 1 : 2);\n" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:1 +#: src/core/org.freedesktop.systemd1.policy.in.in:22 msgid "Send passphrase back to system" msgstr "Wysłanie hasła z powrotem do systemu" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:2 +#: src/core/org.freedesktop.systemd1.policy.in.in:23 msgid "" "Authentication is required to send the entered passphrase back to the system." msgstr "" "Wymagane jest uwierzytelnienie, aby wysłać podane hasło z powrotem do " "systemu." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:3 +#: src/core/org.freedesktop.systemd1.policy.in.in:33 msgid "Manage system services or other units" msgstr "Zarządzanie usługami lub innymi jednostkami systemu" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:4 +#: src/core/org.freedesktop.systemd1.policy.in.in:34 msgid "Authentication is required to manage system services or other units." msgstr "" "Wymagane jest uwierzytelnienie, aby zarządzać usługami lub innymi " "jednostkami systemu." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:5 +#: src/core/org.freedesktop.systemd1.policy.in.in:43 msgid "Manage system service or unit files" msgstr "Zarządzanie plikami usług lub jednostek systemu" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:6 +#: src/core/org.freedesktop.systemd1.policy.in.in:44 msgid "Authentication is required to manage system service or unit files." msgstr "" "Wymagane jest uwierzytelnienie, aby zarządzać plikami usług lub jednostek " "systemu." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:7 +#: src/core/org.freedesktop.systemd1.policy.in.in:53 msgid "Set or unset system and service manager environment variables" msgstr "" "Ustawienie lub usunięcie zmiennych środowiskowych menedżera systemu i usług" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:8 +#: src/core/org.freedesktop.systemd1.policy.in.in:54 msgid "" "Authentication is required to set or unset system and service manager " "environment variables." @@ -65,27 +65,27 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby ustawić lub usunąć zmienne środowiskowe " "menedżera systemu i usług." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:9 +#: src/core/org.freedesktop.systemd1.policy.in.in:63 msgid "Reload the systemd state" msgstr "Ponowne wczytanie stanu systemd" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:10 +#: src/core/org.freedesktop.systemd1.policy.in.in:64 msgid "Authentication is required to reload the systemd state." msgstr "Wymagane jest uwierzytelnienie, aby ponownie wczytać stan systemd." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:1 +#: src/hostname/org.freedesktop.hostname1.policy.in:22 msgid "Set host name" msgstr "Ustawienie nazwy komputera" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:2 +#: src/hostname/org.freedesktop.hostname1.policy.in:23 msgid "Authentication is required to set the local host name." msgstr "Wymagane jest uwierzytelnienie, aby ustawić nazwę lokalnego komputera." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:3 +#: src/hostname/org.freedesktop.hostname1.policy.in:32 msgid "Set static host name" msgstr "Ustawienie statycznej nazwy komputera" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:4 +#: src/hostname/org.freedesktop.hostname1.policy.in:33 msgid "" "Authentication is required to set the statically configured local host name, " "as well as the pretty host name." @@ -93,111 +93,111 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby ustawić statycznie skonfigurowaną nazwę " "lokalnego komputera, a także jego nazwę czytelną dla człowieka." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:5 +#: src/hostname/org.freedesktop.hostname1.policy.in:43 msgid "Set machine information" msgstr "Ustawienie informacji o komputerze" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:6 +#: src/hostname/org.freedesktop.hostname1.policy.in:44 msgid "Authentication is required to set local machine information." msgstr "" "Wymagane jest uwierzytelnienie, aby ustawić informacje o lokalnym komputerze." -#: ../src/import/org.freedesktop.import1.policy.in.h:1 +#: src/import/org.freedesktop.import1.policy.in:22 msgid "Import a VM or container image" msgstr "Import obrazu maszyny wirtualnej lub kontenera" -#: ../src/import/org.freedesktop.import1.policy.in.h:2 +#: src/import/org.freedesktop.import1.policy.in:23 msgid "Authentication is required to import a VM or container image" msgstr "" "Wymagane jest uwierzytelnienie, aby zaimportować obraz maszyny wirtualnej " "lub kontenera" -#: ../src/import/org.freedesktop.import1.policy.in.h:3 +#: src/import/org.freedesktop.import1.policy.in:32 msgid "Export a VM or container image" msgstr "Eksport obrazu maszyny wirtualnej lub kontenera" -#: ../src/import/org.freedesktop.import1.policy.in.h:4 +#: src/import/org.freedesktop.import1.policy.in:33 msgid "Authentication is required to export a VM or container image" msgstr "" "Wymagane jest uwierzytelnienie, aby wyeksportować obraz maszyny wirtualnej " "lub kontenera" -#: ../src/import/org.freedesktop.import1.policy.in.h:5 +#: src/import/org.freedesktop.import1.policy.in:42 msgid "Download a VM or container image" msgstr "Pobranie obrazu maszyny wirtualnej lub kontenera" -#: ../src/import/org.freedesktop.import1.policy.in.h:6 +#: src/import/org.freedesktop.import1.policy.in:43 msgid "Authentication is required to download a VM or container image" msgstr "" "Wymagane jest uwierzytelnienie, aby pobrać obraz maszyny wirtualnej lub " "kontenera" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:1 +#: src/locale/org.freedesktop.locale1.policy.in:22 msgid "Set system locale" msgstr "Ustawienie lokalizacji systemu" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:2 +#: src/locale/org.freedesktop.locale1.policy.in:23 msgid "Authentication is required to set the system locale." msgstr "Wymagane jest uwierzytelnienie, aby ustawić lokalizację systemu." -#: ../src/locale/org.freedesktop.locale1.policy.in.h:3 +#: src/locale/org.freedesktop.locale1.policy.in:33 msgid "Set system keyboard settings" msgstr "Ustawienie klawiatury systemu" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:4 +#: src/locale/org.freedesktop.locale1.policy.in:34 msgid "Authentication is required to set the system keyboard settings." msgstr "Wymagane jest uwierzytelnienie, aby ustawić klawiaturę systemu." -#: ../src/login/org.freedesktop.login1.policy.in.h:1 +#: src/login/org.freedesktop.login1.policy.in:22 msgid "Allow applications to inhibit system shutdown" msgstr "Zezwolenie programom na wstrzymywanie wyłączenia systemu" -#: ../src/login/org.freedesktop.login1.policy.in.h:2 +#: src/login/org.freedesktop.login1.policy.in:23 msgid "" "Authentication is required for an application to inhibit system shutdown." msgstr "Program wymaga uwierzytelnienia, aby wstrzymać wyłączenie systemu." -#: ../src/login/org.freedesktop.login1.policy.in.h:3 +#: src/login/org.freedesktop.login1.policy.in:33 msgid "Allow applications to delay system shutdown" msgstr "Zezwolenie programom na opóźnienie wyłączenia systemu" -#: ../src/login/org.freedesktop.login1.policy.in.h:4 +#: src/login/org.freedesktop.login1.policy.in:34 msgid "Authentication is required for an application to delay system shutdown." msgstr "Program wymaga uwierzytelnienia, aby opóźnić wyłączenie systemu." -#: ../src/login/org.freedesktop.login1.policy.in.h:5 +#: src/login/org.freedesktop.login1.policy.in:44 msgid "Allow applications to inhibit system sleep" msgstr "Zezwolenie programom na wstrzymanie uśpienia systemu" -#: ../src/login/org.freedesktop.login1.policy.in.h:6 +#: src/login/org.freedesktop.login1.policy.in:45 msgid "Authentication is required for an application to inhibit system sleep." msgstr "Program wymaga uwierzytelnienia, aby wstrzymać uśpienie systemu." -#: ../src/login/org.freedesktop.login1.policy.in.h:7 +#: src/login/org.freedesktop.login1.policy.in:55 msgid "Allow applications to delay system sleep" msgstr "Zezwolenie programom na opóźnienie uśpienia systemu" -#: ../src/login/org.freedesktop.login1.policy.in.h:8 +#: src/login/org.freedesktop.login1.policy.in:56 msgid "Authentication is required for an application to delay system sleep." msgstr "Program wymaga uwierzytelnienia, aby opóźnić uśpienie systemu." -#: ../src/login/org.freedesktop.login1.policy.in.h:9 +#: src/login/org.freedesktop.login1.policy.in:65 msgid "Allow applications to inhibit automatic system suspend" msgstr "Zezwolenie programom na wstrzymanie automatycznego uśpienia systemu" -#: ../src/login/org.freedesktop.login1.policy.in.h:10 +#: src/login/org.freedesktop.login1.policy.in:66 msgid "" "Authentication is required for an application to inhibit automatic system " "suspend." msgstr "" "Program wymaga uwierzytelnienia, aby wstrzymać automatyczne uśpienie systemu." -#: ../src/login/org.freedesktop.login1.policy.in.h:11 +#: src/login/org.freedesktop.login1.policy.in:75 msgid "Allow applications to inhibit system handling of the power key" msgstr "" "Zezwolenie programom na wstrzymanie obsługi klawisza zasilania przez system" -#: ../src/login/org.freedesktop.login1.policy.in.h:12 +#: src/login/org.freedesktop.login1.policy.in:76 msgid "" "Authentication is required for an application to inhibit system handling of " "the power key." @@ -205,12 +205,12 @@ msgstr "" "Program wymaga uwierzytelnienia, aby wstrzymać obsługę klawisza zasilania " "przez system." -#: ../src/login/org.freedesktop.login1.policy.in.h:13 +#: src/login/org.freedesktop.login1.policy.in:86 msgid "Allow applications to inhibit system handling of the suspend key" msgstr "" "Zezwolenie programom na wstrzymanie obsługi klawisza uśpienia przez system" -#: ../src/login/org.freedesktop.login1.policy.in.h:14 +#: src/login/org.freedesktop.login1.policy.in:87 msgid "" "Authentication is required for an application to inhibit system handling of " "the suspend key." @@ -218,12 +218,12 @@ msgstr "" "Program wymaga uwierzytelnienia, aby wstrzymać obsługę klawisza uśpienia " "przez system." -#: ../src/login/org.freedesktop.login1.policy.in.h:15 +#: src/login/org.freedesktop.login1.policy.in:97 msgid "Allow applications to inhibit system handling of the hibernate key" msgstr "" "Zezwolenie programom na wstrzymanie obsługi klawisza hibernacji przez system" -#: ../src/login/org.freedesktop.login1.policy.in.h:16 +#: src/login/org.freedesktop.login1.policy.in:98 msgid "" "Authentication is required for an application to inhibit system handling of " "the hibernate key." @@ -231,12 +231,12 @@ msgstr "" "Program wymaga uwierzytelnienia, aby wstrzymać obsługę klawisza hibernacji " "przez system." -#: ../src/login/org.freedesktop.login1.policy.in.h:17 +#: src/login/org.freedesktop.login1.policy.in:107 msgid "Allow applications to inhibit system handling of the lid switch" msgstr "" "Zezwolenie programom na wstrzymanie obsługi przełącznika pokrywy przez system" -#: ../src/login/org.freedesktop.login1.policy.in.h:18 +#: src/login/org.freedesktop.login1.policy.in:108 msgid "" "Authentication is required for an application to inhibit system handling of " "the lid switch." @@ -244,59 +244,59 @@ msgstr "" "Program wymaga uwierzytelnienia, aby wstrzymać obsługę przełącznika pokrywy " "przez system." -#: ../src/login/org.freedesktop.login1.policy.in.h:19 +#: src/login/org.freedesktop.login1.policy.in:117 msgid "Allow non-logged-in user to run programs" msgstr "Zezwolenie niezalogowanemu użytkownikowi na uruchamianie programów" -#: ../src/login/org.freedesktop.login1.policy.in.h:20 +#: src/login/org.freedesktop.login1.policy.in:118 msgid "Explicit request is required to run programs as a non-logged-in user." msgstr "" "Wymagane jest bezpośrednie żądanie, aby uruchamiać programy jako " "niezalogowany użytkownik." -#: ../src/login/org.freedesktop.login1.policy.in.h:21 +#: src/login/org.freedesktop.login1.policy.in:127 msgid "Allow non-logged-in users to run programs" msgstr "Zezwolenie niezalogowanym użytkownikom na uruchamianie programów" -#: ../src/login/org.freedesktop.login1.policy.in.h:22 +#: src/login/org.freedesktop.login1.policy.in:128 msgid "Authentication is required to run programs as a non-logged-in user." msgstr "" "Wymagane jest uwierzytelnienie, aby uruchamiać programy jako niezalogowany " "użytkownik." -#: ../src/login/org.freedesktop.login1.policy.in.h:23 +#: src/login/org.freedesktop.login1.policy.in:137 msgid "Allow attaching devices to seats" msgstr "Zezwolenie na podłączanie urządzeń do stanowisk" -#: ../src/login/org.freedesktop.login1.policy.in.h:24 +#: src/login/org.freedesktop.login1.policy.in:138 msgid "Authentication is required for attaching a device to a seat." msgstr "" "Wymagane jest uwierzytelnienie, aby podłączyć urządzenie do stanowiska." -#: ../src/login/org.freedesktop.login1.policy.in.h:25 +#: src/login/org.freedesktop.login1.policy.in:148 msgid "Flush device to seat attachments" msgstr "Usunięcie podłączenia urządzeń do stanowisk" -#: ../src/login/org.freedesktop.login1.policy.in.h:26 +#: src/login/org.freedesktop.login1.policy.in:149 msgid "" "Authentication is required for resetting how devices are attached to seats." msgstr "" "Wymagane jest uwierzytelnienie, aby ponownie ustawić sposób podłączenia " "urządzeń do stanowisk." -#: ../src/login/org.freedesktop.login1.policy.in.h:27 +#: src/login/org.freedesktop.login1.policy.in:158 msgid "Power off the system" msgstr "Wyłączenie systemu" -#: ../src/login/org.freedesktop.login1.policy.in.h:28 +#: src/login/org.freedesktop.login1.policy.in:159 msgid "Authentication is required for powering off the system." msgstr "Wymagane jest uwierzytelnienie, aby wyłączyć system." -#: ../src/login/org.freedesktop.login1.policy.in.h:29 +#: src/login/org.freedesktop.login1.policy.in:169 msgid "Power off the system while other users are logged in" msgstr "Wyłączenie systemu, kiedy są zalogowani inni użytkownicy" -#: ../src/login/org.freedesktop.login1.policy.in.h:30 +#: src/login/org.freedesktop.login1.policy.in:170 msgid "" "Authentication is required for powering off the system while other users are " "logged in." @@ -304,11 +304,11 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby wyłączyć system, kiedy są zalogowani " "inni użytkownicy." -#: ../src/login/org.freedesktop.login1.policy.in.h:31 +#: src/login/org.freedesktop.login1.policy.in:180 msgid "Power off the system while an application asked to inhibit it" msgstr "Wyłączenie systemu, kiedy program zażądał jego wstrzymania" -#: ../src/login/org.freedesktop.login1.policy.in.h:32 +#: src/login/org.freedesktop.login1.policy.in:181 msgid "" "Authentication is required for powering off the system while an application " "asked to inhibit it." @@ -316,19 +316,19 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby wyłączyć system, kiedy program zażądał " "jego wstrzymania." -#: ../src/login/org.freedesktop.login1.policy.in.h:33 +#: src/login/org.freedesktop.login1.policy.in:191 msgid "Reboot the system" msgstr "Ponowne uruchomienie systemu" -#: ../src/login/org.freedesktop.login1.policy.in.h:34 +#: src/login/org.freedesktop.login1.policy.in:192 msgid "Authentication is required for rebooting the system." msgstr "Wymagane jest uwierzytelnienie, aby ponownie uruchomić system." -#: ../src/login/org.freedesktop.login1.policy.in.h:35 +#: src/login/org.freedesktop.login1.policy.in:202 msgid "Reboot the system while other users are logged in" msgstr "Ponowne uruchomienie systemu, kiedy są zalogowani inni użytkownicy" -#: ../src/login/org.freedesktop.login1.policy.in.h:36 +#: src/login/org.freedesktop.login1.policy.in:203 msgid "" "Authentication is required for rebooting the system while other users are " "logged in." @@ -336,11 +336,11 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby ponownie uruchomić system, kiedy są " "zalogowani inni użytkownicy." -#: ../src/login/org.freedesktop.login1.policy.in.h:37 +#: src/login/org.freedesktop.login1.policy.in:213 msgid "Reboot the system while an application asked to inhibit it" msgstr "Ponowne uruchomienie systemu, kiedy program zażądał jego wstrzymania" -#: ../src/login/org.freedesktop.login1.policy.in.h:38 +#: src/login/org.freedesktop.login1.policy.in:214 msgid "" "Authentication is required for rebooting the system while an application " "asked to inhibit it." @@ -348,19 +348,19 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby ponownie uruchomić system, kiedy program " "zażądał jego wstrzymania." -#: ../src/login/org.freedesktop.login1.policy.in.h:39 +#: src/login/org.freedesktop.login1.policy.in:224 msgid "Halt the system" msgstr "Zatrzymanie systemu" -#: ../src/login/org.freedesktop.login1.policy.in.h:40 +#: src/login/org.freedesktop.login1.policy.in:225 msgid "Authentication is required for halting the system." msgstr "Wymagane jest uwierzytelnienie, aby zatrzymać system." -#: ../src/login/org.freedesktop.login1.policy.in.h:41 +#: src/login/org.freedesktop.login1.policy.in:235 msgid "Halt the system while other users are logged in" msgstr "Zatrzymanie systemu, kiedy są zalogowani inni użytkownicy" -#: ../src/login/org.freedesktop.login1.policy.in.h:42 +#: src/login/org.freedesktop.login1.policy.in:236 msgid "" "Authentication is required for halting the system while other users are " "logged in." @@ -368,11 +368,11 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby zatrzymać system, kiedy są zalogowani " "inni użytkownicy." -#: ../src/login/org.freedesktop.login1.policy.in.h:43 +#: src/login/org.freedesktop.login1.policy.in:246 msgid "Halt the system while an application asked to inhibit it" msgstr "Zatrzymanie systemu, kiedy program zażądał jego wstrzymania" -#: ../src/login/org.freedesktop.login1.policy.in.h:44 +#: src/login/org.freedesktop.login1.policy.in:247 msgid "" "Authentication is required for halting the system while an application asked " "to inhibit it." @@ -380,19 +380,19 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby zatrzymać system, kiedy program zażądał " "jego wstrzymania." -#: ../src/login/org.freedesktop.login1.policy.in.h:45 +#: src/login/org.freedesktop.login1.policy.in:257 msgid "Suspend the system" msgstr "Uśpienie systemu" -#: ../src/login/org.freedesktop.login1.policy.in.h:46 +#: src/login/org.freedesktop.login1.policy.in:258 msgid "Authentication is required for suspending the system." msgstr "Wymagane jest uwierzytelnienie, aby uśpić system." -#: ../src/login/org.freedesktop.login1.policy.in.h:47 +#: src/login/org.freedesktop.login1.policy.in:267 msgid "Suspend the system while other users are logged in" msgstr "Uśpienie systemu, kiedy są zalogowani inni użytkownicy" -#: ../src/login/org.freedesktop.login1.policy.in.h:48 +#: src/login/org.freedesktop.login1.policy.in:268 msgid "" "Authentication is required for suspending the system while other users are " "logged in." @@ -400,11 +400,11 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby uśpić system, kiedy są zalogowani inni " "użytkownicy." -#: ../src/login/org.freedesktop.login1.policy.in.h:49 +#: src/login/org.freedesktop.login1.policy.in:278 msgid "Suspend the system while an application asked to inhibit it" msgstr "Uśpienie systemu, kiedy program zażądał jego wstrzymania" -#: ../src/login/org.freedesktop.login1.policy.in.h:50 +#: src/login/org.freedesktop.login1.policy.in:279 msgid "" "Authentication is required for suspending the system while an application " "asked to inhibit it." @@ -412,19 +412,19 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby uśpić system, kiedy program zażądał jego " "wstrzymania." -#: ../src/login/org.freedesktop.login1.policy.in.h:51 +#: src/login/org.freedesktop.login1.policy.in:289 msgid "Hibernate the system" msgstr "Hibernacja systemu" -#: ../src/login/org.freedesktop.login1.policy.in.h:52 +#: src/login/org.freedesktop.login1.policy.in:290 msgid "Authentication is required for hibernating the system." msgstr "Wymagane jest uwierzytelnienie, aby zahibernować system." -#: ../src/login/org.freedesktop.login1.policy.in.h:53 +#: src/login/org.freedesktop.login1.policy.in:299 msgid "Hibernate the system while other users are logged in" msgstr "Hibernacja systemu, kiedy są zalogowani inni użytkownicy" -#: ../src/login/org.freedesktop.login1.policy.in.h:54 +#: src/login/org.freedesktop.login1.policy.in:300 msgid "" "Authentication is required for hibernating the system while other users are " "logged in." @@ -432,11 +432,11 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby zahibernować system, kiedy są zalogowani " "inni użytkownicy." -#: ../src/login/org.freedesktop.login1.policy.in.h:55 +#: src/login/org.freedesktop.login1.policy.in:310 msgid "Hibernate the system while an application asked to inhibit it" msgstr "Hibernacja systemu, kiedy program zażądał jej wstrzymania" -#: ../src/login/org.freedesktop.login1.policy.in.h:56 +#: src/login/org.freedesktop.login1.policy.in:311 msgid "" "Authentication is required for hibernating the system while an application " "asked to inhibit it." @@ -444,31 +444,31 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby zahibernować system, kiedy program " "zażądał jej wstrzymania." -#: ../src/login/org.freedesktop.login1.policy.in.h:57 +#: src/login/org.freedesktop.login1.policy.in:321 msgid "Manage active sessions, users and seats" msgstr "Zarządzanie aktywnymi sesjami, użytkownikami i stanowiskami" -#: ../src/login/org.freedesktop.login1.policy.in.h:58 +#: src/login/org.freedesktop.login1.policy.in:322 msgid "" "Authentication is required for managing active sessions, users and seats." msgstr "" "Wymagane jest uwierzytelnienie, aby zarządzać aktywnymi sesjami, " "użytkownikami i stanowiskami." -#: ../src/login/org.freedesktop.login1.policy.in.h:59 +#: src/login/org.freedesktop.login1.policy.in:331 msgid "Lock or unlock active sessions" msgstr "Zablokowanie lub odblokowanie aktywnych sesji" -#: ../src/login/org.freedesktop.login1.policy.in.h:60 +#: src/login/org.freedesktop.login1.policy.in:332 msgid "Authentication is required to lock or unlock active sessions." msgstr "" "Wymagane jest uwierzytelnienie, aby zablokować lub odblokować aktywne sesje." -#: ../src/login/org.freedesktop.login1.policy.in.h:61 +#: src/login/org.freedesktop.login1.policy.in:341 msgid "Allow indication to the firmware to boot to setup interface" msgstr "Wskazanie oprogramowaniu sprzętowemu, aby uruchomić interfejs ustawień" -#: ../src/login/org.freedesktop.login1.policy.in.h:62 +#: src/login/org.freedesktop.login1.policy.in:342 msgid "" "Authentication is required to indicate to the firmware to boot to setup " "interface." @@ -476,86 +476,86 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby wskazać oprogramowaniu sprzętowemu, że " "należy uruchomić interfejs ustawień." -#: ../src/login/org.freedesktop.login1.policy.in.h:63 +#: src/login/org.freedesktop.login1.policy.in:351 msgid "Set a wall message" msgstr "Ustawienie komunikatu wall" -#: ../src/login/org.freedesktop.login1.policy.in.h:64 +#: src/login/org.freedesktop.login1.policy.in:352 msgid "Authentication is required to set a wall message" msgstr "Wymagane jest uwierzytelnienie, aby ustawić komunikat wall" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:1 +#: src/machine/org.freedesktop.machine1.policy.in:22 msgid "Log into a local container" msgstr "Logowanie do lokalnego kontenera" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:2 +#: src/machine/org.freedesktop.machine1.policy.in:23 msgid "Authentication is required to log into a local container." msgstr "" "Wymagane jest uwierzytelnienie, aby zalogować się do lokalnego kontenera." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:3 +#: src/machine/org.freedesktop.machine1.policy.in:32 msgid "Log into the local host" msgstr "Logowanie do lokalnego komputera" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:4 +#: src/machine/org.freedesktop.machine1.policy.in:33 msgid "Authentication is required to log into the local host." msgstr "" "Wymagane jest uwierzytelnienie, aby zalogować się do lokalnego komputera." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:5 +#: src/machine/org.freedesktop.machine1.policy.in:42 msgid "Acquire a shell in a local container" msgstr "Uzyskanie powłoki w lokalnym kontenerze" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:6 +#: src/machine/org.freedesktop.machine1.policy.in:43 msgid "Authentication is required to acquire a shell in a local container." msgstr "" "Wymagane jest uwierzytelnienie, aby uzyskać powłokę w lokalnym kontenerze." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:7 +#: src/machine/org.freedesktop.machine1.policy.in:53 msgid "Acquire a shell on the local host" msgstr "Uzyskanie powłoki na lokalnym komputerze" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:8 +#: src/machine/org.freedesktop.machine1.policy.in:54 msgid "Authentication is required to acquire a shell on the local host." msgstr "" "Wymagane jest uwierzytelnienie, aby uzyskać powłokę na lokalnym komputerze." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:9 +#: src/machine/org.freedesktop.machine1.policy.in:64 msgid "Acquire a pseudo TTY in a local container" msgstr "Uzyskanie pseudo-TTY w lokalnym kontenerze" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:10 +#: src/machine/org.freedesktop.machine1.policy.in:65 msgid "" "Authentication is required to acquire a pseudo TTY in a local container." msgstr "" "Wymagane jest uwierzytelnienie, aby uzyskać pseudo-TTY w lokalnym kontenerze." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:11 +#: src/machine/org.freedesktop.machine1.policy.in:74 msgid "Acquire a pseudo TTY on the local host" msgstr "Uzyskanie pseudo-TTY na lokalnym komputerze" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:12 +#: src/machine/org.freedesktop.machine1.policy.in:75 msgid "Authentication is required to acquire a pseudo TTY on the local host." msgstr "" "Wymagane jest uwierzytelnienie, aby uzyskać pseudo-TTY na lokalnym " "komputerze." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:13 +#: src/machine/org.freedesktop.machine1.policy.in:84 msgid "Manage local virtual machines and containers" msgstr "Zarządzanie lokalnymi maszynami wirtualnymi i kontenerami" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:14 +#: src/machine/org.freedesktop.machine1.policy.in:85 msgid "" "Authentication is required to manage local virtual machines and containers." msgstr "" "Wymagane jest uwierzytelnienie, aby zarządzać lokalnymi maszynami " "wirtualnymi i kontenerami." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:15 +#: src/machine/org.freedesktop.machine1.policy.in:95 msgid "Manage local virtual machine and container images" msgstr "Zarządzanie lokalnymi obrazami maszyn wirtualnych i kontenerów" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:16 +#: src/machine/org.freedesktop.machine1.policy.in:96 msgid "" "Authentication is required to manage local virtual machine and container " "images." @@ -563,27 +563,43 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby zarządzać lokalnymi obrazami maszyn " "wirtualnych i kontenerów." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:1 +#: src/resolve/org.freedesktop.resolve1.policy.in:22 +msgid "Register a DNS-SD service" +msgstr "Rejestracja usługi DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy.in:23 +msgid "Authentication is required to register a DNS-SD service" +msgstr "Wymagane jest uwierzytelnienie, aby zarejestrować usługę DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy.in:33 +msgid "Unregister a DNS-SD service" +msgstr "Wyrejestrowanie usługi DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy.in:34 +msgid "Authentication is required to unregister a DNS-SD service" +msgstr "Wymagane jest uwierzytelnienie, aby wyrejestrować usługę DNS-SD" + +#: src/timedate/org.freedesktop.timedate1.policy.in:22 msgid "Set system time" msgstr "Ustawienie czasu systemu" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:2 +#: src/timedate/org.freedesktop.timedate1.policy.in:23 msgid "Authentication is required to set the system time." msgstr "Wymagane jest uwierzytelnienie, aby ustawić czas systemu." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:3 +#: src/timedate/org.freedesktop.timedate1.policy.in:33 msgid "Set system timezone" msgstr "Ustawienie strefy czasowej systemu" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:4 +#: src/timedate/org.freedesktop.timedate1.policy.in:34 msgid "Authentication is required to set the system timezone." msgstr "Wymagane jest uwierzytelnienie, aby ustawić strefę czasową systemu." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:5 +#: src/timedate/org.freedesktop.timedate1.policy.in:43 msgid "Set RTC to local timezone or UTC" msgstr "Ustawienie RTC na lokalną strefę czasową lub strefę UTC" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:6 +#: src/timedate/org.freedesktop.timedate1.policy.in:44 msgid "" "Authentication is required to control whether the RTC stores the local or " "UTC time." @@ -591,11 +607,11 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby kontrolować, czy RTC przechowuje czas " "lokalny lub czas UTC." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:7 +#: src/timedate/org.freedesktop.timedate1.policy.in:54 msgid "Turn network time synchronization on or off" msgstr "Włączenie lub wyłączenie synchronizacji czasu przez sieć" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:8 +#: src/timedate/org.freedesktop.timedate1.policy.in:55 msgid "" "Authentication is required to control whether network time synchronization " "shall be enabled." @@ -603,36 +619,36 @@ msgstr "" "Wymagane jest uwierzytelnienie, aby kontrolować, czy włączyć synchronizację " "czasu przez sieć." -#: ../src/core/dbus-unit.c:458 +#: src/core/dbus-unit.c:496 msgid "Authentication is required to start '$(unit)'." msgstr "Wymagane jest uwierzytelnienie, aby uruchomić jednostkę „$(unit)”." -#: ../src/core/dbus-unit.c:459 +#: src/core/dbus-unit.c:497 msgid "Authentication is required to stop '$(unit)'." msgstr "Wymagane jest uwierzytelnienie, aby zatrzymać jednostkę „$(unit)”." -#: ../src/core/dbus-unit.c:460 +#: src/core/dbus-unit.c:498 msgid "Authentication is required to reload '$(unit)'." msgstr "" "Wymagane jest uwierzytelnienie, aby ponownie wczytać jednostkę „$(unit)”." -#: ../src/core/dbus-unit.c:461 ../src/core/dbus-unit.c:462 +#: src/core/dbus-unit.c:499 src/core/dbus-unit.c:500 msgid "Authentication is required to restart '$(unit)'." msgstr "" "Wymagane jest uwierzytelnienie, aby ponownie uruchomić jednostkę „$(unit)”." -#: ../src/core/dbus-unit.c:569 +#: src/core/dbus-unit.c:607 msgid "Authentication is required to kill '$(unit)'." msgstr "" "Wymagane jest uwierzytelnienie, aby wymusić wyłączenie jednostki „$(unit)”." -#: ../src/core/dbus-unit.c:600 +#: src/core/dbus-unit.c:638 msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." msgstr "" "Wymagane jest uwierzytelnienie, aby przywrócić stan „failed” (niepowodzenia) " "jednostki „$(unit)”." -#: ../src/core/dbus-unit.c:633 +#: src/core/dbus-unit.c:671 msgid "Authentication is required to set properties on '$(unit)'." msgstr "" "Wymagane jest uwierzytelnienie, aby ustawić właściwości jednostki „$(unit)”." diff --git a/po/pt_BR.po b/po/pt_BR.po index acc03af910..284ebca937 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -5,59 +5,61 @@ # This file is distributed under the same license as the systemd package. # Enrico Nicoletto <liverig@gmail.com>, 2014. # Rafael Fontenelle <rafaelff@gnome.org>, 2015, 2017. +# Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>, 2018. #zanata msgid "" msgstr "" -"Project-Id-Version: systemd master\n" -"Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n" -"POT-Creation-Date: 2016-11-17 03:29+0000\n" -"PO-Revision-Date: 2017-04-03 14:25-0200\n" -"Last-Translator: Rafael Fontenelle <rafaelff@gnome.org>\n" -"Language-Team: Brazilian Portuguese <gnome-pt_br-list@gnome.org>\n" -"Language: pt_BR\n" +"Project-Id-Version: systemd\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2018-02-19 13:32+0100\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" +"PO-Revision-Date: 2018-02-19 10:36-0500\n" +"Last-Translator: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>\n" +"Language-Team: Brazilian Portuguese <gnome-pt_br-list@gnome.org>\n" +"Language: pt-BR\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n" -"X-Generator: Virtaal 1.0.0-beta1\n" +"X-Generator: Zanata 3.9.6\n" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:1 +#: src/core/org.freedesktop.systemd1.policy.in:22 msgid "Send passphrase back to system" msgstr "Enviar frase secreta de volta ao sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:2 +#: src/core/org.freedesktop.systemd1.policy.in:23 msgid "" "Authentication is required to send the entered passphrase back to the system." +"" msgstr "" "É necessária autenticação para enviar a frase secreta informada de volta ao " "sistema." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:3 +#: src/core/org.freedesktop.systemd1.policy.in:33 msgid "Manage system services or other units" msgstr "Gerenciar serviços do sistema e outras unidades" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:4 +#: src/core/org.freedesktop.systemd1.policy.in:34 msgid "Authentication is required to manage system services or other units." msgstr "" "É necessária autenticação para gerenciar serviços do sistema ou outras " "unidades." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:5 +#: src/core/org.freedesktop.systemd1.policy.in:43 msgid "Manage system service or unit files" msgstr "Gerenciar arquivos de unidades e serviços do sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:6 +#: src/core/org.freedesktop.systemd1.policy.in:44 msgid "Authentication is required to manage system service or unit files." msgstr "" "É necessária autenticação para gerenciar arquivos \"unit\" e \"service\" do " "sistema." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:7 +#: src/core/org.freedesktop.systemd1.policy.in:53 msgid "Set or unset system and service manager environment variables" msgstr "" "Definir ou retirar definição de variáveis de ambiente de gerenciador de " "serviço e sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:8 +#: src/core/org.freedesktop.systemd1.policy.in:54 msgid "" "Authentication is required to set or unset system and service manager " "environment variables." @@ -65,27 +67,27 @@ msgstr "" "É necessária autenticação para definir ou retirar definição de variáveis de " "ambiente de gerenciador de serviço e sistema." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:9 +#: src/core/org.freedesktop.systemd1.policy.in:63 msgid "Reload the systemd state" msgstr "Recarregar o estado do sistema" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:10 +#: src/core/org.freedesktop.systemd1.policy.in:64 msgid "Authentication is required to reload the systemd state." msgstr "É necessária autenticação para recarregar o estado do sistema." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:1 +#: src/hostname/org.freedesktop.hostname1.policy:22 msgid "Set host name" msgstr "Definir nome de máquina" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:2 +#: src/hostname/org.freedesktop.hostname1.policy:23 msgid "Authentication is required to set the local host name." msgstr "É necessária autenticação para definir nome de máquina local." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:3 +#: src/hostname/org.freedesktop.hostname1.policy:32 msgid "Set static host name" msgstr "Definir nome estático de máquina" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:4 +#: src/hostname/org.freedesktop.hostname1.policy:33 msgid "" "Authentication is required to set the statically configured local host name, " "as well as the pretty host name." @@ -93,103 +95,105 @@ msgstr "" "É necessária autenticação para definir o nome de máquina local configurado " "estaticamente, assim como o nome apresentável de máquina." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:5 +#: src/hostname/org.freedesktop.hostname1.policy:43 msgid "Set machine information" msgstr "Definir informações da máquina" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:6 +#: src/hostname/org.freedesktop.hostname1.policy:44 msgid "Authentication is required to set local machine information." msgstr "É necessária autenticação para definir informações de máquina local." -#: ../src/import/org.freedesktop.import1.policy.in.h:1 +#: src/import/org.freedesktop.import1.policy:22 msgid "Import a VM or container image" msgstr "Importar uma VM ou imagem contêiner" -#: ../src/import/org.freedesktop.import1.policy.in.h:2 +#: src/import/org.freedesktop.import1.policy:23 msgid "Authentication is required to import a VM or container image" msgstr "É necessária autenticação para importar uma VM ou imagem contêiner" -#: ../src/import/org.freedesktop.import1.policy.in.h:3 +#: src/import/org.freedesktop.import1.policy:32 msgid "Export a VM or container image" msgstr "Exportar uma VM ou imagem contêiner" -#: ../src/import/org.freedesktop.import1.policy.in.h:4 +#: src/import/org.freedesktop.import1.policy:33 msgid "Authentication is required to export a VM or container image" msgstr "É necessária autenticação para exportar uma VM ou imagem contêiner" -#: ../src/import/org.freedesktop.import1.policy.in.h:5 +#: src/import/org.freedesktop.import1.policy:42 msgid "Download a VM or container image" msgstr "Baixar uma VM ou imagem contêiner" -#: ../src/import/org.freedesktop.import1.policy.in.h:6 +#: src/import/org.freedesktop.import1.policy:43 msgid "Authentication is required to download a VM or container image" msgstr "É necessária autenticação para baixar uma VM ou imagem contêiner" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:1 +#: src/locale/org.freedesktop.locale1.policy:22 msgid "Set system locale" msgstr "Definir configurações regionais do sistema" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:2 +#: src/locale/org.freedesktop.locale1.policy:23 msgid "Authentication is required to set the system locale." msgstr "" "É necessária autenticação para definir as configurações regionais do sistema." +"" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:3 +#: src/locale/org.freedesktop.locale1.policy:33 msgid "Set system keyboard settings" msgstr "Definir configurações de teclado do sistema" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:4 +#: src/locale/org.freedesktop.locale1.policy:34 msgid "Authentication is required to set the system keyboard settings." msgstr "" "É necessária autenticação para definir as configurações de teclado do " "sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:1 +#: src/login/org.freedesktop.login1.policy:22 msgid "Allow applications to inhibit system shutdown" msgstr "Permitir que aplicativos inibam o desligamento do sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:2 +#: src/login/org.freedesktop.login1.policy:23 msgid "" "Authentication is required for an application to inhibit system shutdown." msgstr "" "É necessária autenticação para que um aplicativo iniba o desligamento do " "sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:3 +#: src/login/org.freedesktop.login1.policy:33 msgid "Allow applications to delay system shutdown" msgstr "Permitir que aplicativos atrasem o desligamento do sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:4 -msgid "Authentication is required for an application to delay system shutdown." +#: src/login/org.freedesktop.login1.policy:34 +msgid "" +"Authentication is required for an application to delay system shutdown." msgstr "" "É necessária autenticação para que um aplicativo atrase o desligamento do " "sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:5 +#: src/login/org.freedesktop.login1.policy:44 msgid "Allow applications to inhibit system sleep" msgstr "Permitir que aplicativos inibam a suspensão do sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:6 +#: src/login/org.freedesktop.login1.policy:45 msgid "Authentication is required for an application to inhibit system sleep." msgstr "" "É necessária autenticação para que um aplicativo iniba a suspensão do " "sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:7 +#: src/login/org.freedesktop.login1.policy:55 msgid "Allow applications to delay system sleep" msgstr "Permite que aplicativos atrasem a suspensão do sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:8 +#: src/login/org.freedesktop.login1.policy:56 msgid "Authentication is required for an application to delay system sleep." msgstr "" "É necessária autenticação para que um aplicativo atrase a suspensão do " "sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:9 +#: src/login/org.freedesktop.login1.policy:65 msgid "Allow applications to inhibit automatic system suspend" msgstr "Permitir que aplicativos inibam a suspensão automática do sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:10 +#: src/login/org.freedesktop.login1.policy:66 msgid "" "Authentication is required for an application to inhibit automatic system " "suspend." @@ -197,12 +201,12 @@ msgstr "" "É necessária autenticação para que um aplicativo iniba a suspensão " "automática do sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:11 +#: src/login/org.freedesktop.login1.policy:75 msgid "Allow applications to inhibit system handling of the power key" msgstr "" "Permitir que aplicativos inibam o sistema de gerenciar o botão de energia" -#: ../src/login/org.freedesktop.login1.policy.in.h:12 +#: src/login/org.freedesktop.login1.policy:76 msgid "" "Authentication is required for an application to inhibit system handling of " "the power key." @@ -210,12 +214,12 @@ msgstr "" "É necessária autenticação para que um aplicativo iniba a manipulação do " "sistema sobre a chave de ligar/desligar." -#: ../src/login/org.freedesktop.login1.policy.in.h:13 +#: src/login/org.freedesktop.login1.policy:86 msgid "Allow applications to inhibit system handling of the suspend key" msgstr "" "Permitir que aplicativos inibam o sistema de gerenciar o botão de suspensão" -#: ../src/login/org.freedesktop.login1.policy.in.h:14 +#: src/login/org.freedesktop.login1.policy:87 msgid "" "Authentication is required for an application to inhibit system handling of " "the suspend key." @@ -223,12 +227,12 @@ msgstr "" "É necessária autenticação para que um aplicativo iniba a manipulação do " "sistema sobre a chave de suspensão." -#: ../src/login/org.freedesktop.login1.policy.in.h:15 +#: src/login/org.freedesktop.login1.policy:97 msgid "Allow applications to inhibit system handling of the hibernate key" msgstr "" "Permitir que aplicativos inibam o sistema de gerenciar o botão de hibernação" -#: ../src/login/org.freedesktop.login1.policy.in.h:16 +#: src/login/org.freedesktop.login1.policy:98 msgid "" "Authentication is required for an application to inhibit system handling of " "the hibernate key." @@ -236,13 +240,13 @@ msgstr "" "É necessária autenticação para que um aplicativo iniba a manipulação do " "sistema sobre a chave de hibernar." -#: ../src/login/org.freedesktop.login1.policy.in.h:17 +#: src/login/org.freedesktop.login1.policy:107 msgid "Allow applications to inhibit system handling of the lid switch" msgstr "" "Permitir que aplicativos inibam o sistema de gerenciar a abertura/fechamento " "da tampa do dispositivo portátil" -#: ../src/login/org.freedesktop.login1.policy.in.h:18 +#: src/login/org.freedesktop.login1.policy:108 msgid "" "Authentication is required for an application to inhibit system handling of " "the lid switch." @@ -250,62 +254,61 @@ msgstr "" "É necessária autenticação para que um aplicativo iniba a manipulação do " "sistema sobre o interruptor da tela." -#: ../src/login/org.freedesktop.login1.policy.in.h:19 -#| msgid "Allow non-logged-in users to run programs" +#: src/login/org.freedesktop.login1.policy:117 msgid "Allow non-logged-in user to run programs" msgstr "" "Permitir que programas sejam executados por usuário que não possui sessão" -#: ../src/login/org.freedesktop.login1.policy.in.h:20 -#| msgid "Authentication is required to run programs as a non-logged-in user." +#: src/login/org.freedesktop.login1.policy:118 msgid "Explicit request is required to run programs as a non-logged-in user." msgstr "" "É necessária requisição explícita para executar programas como usuário sem " "sessão aberta." -#: ../src/login/org.freedesktop.login1.policy.in.h:21 +#: src/login/org.freedesktop.login1.policy:127 msgid "Allow non-logged-in users to run programs" msgstr "" "Permitir que programas sejam executados por usuários que não possuem sessão" -#: ../src/login/org.freedesktop.login1.policy.in.h:22 +#: src/login/org.freedesktop.login1.policy:128 msgid "Authentication is required to run programs as a non-logged-in user." msgstr "" "É necessária autenticação para executar programas como usuário sem sessão " "aberta." -#: ../src/login/org.freedesktop.login1.policy.in.h:23 +#: src/login/org.freedesktop.login1.policy:137 msgid "Allow attaching devices to seats" msgstr "Permitir conectar dispositivos em estações" -#: ../src/login/org.freedesktop.login1.policy.in.h:24 +#: src/login/org.freedesktop.login1.policy:138 msgid "Authentication is required for attaching a device to a seat." -msgstr "É necessária autenticação para conectar um dispositivo em uma estação." +msgstr "" +"É necessária autenticação para conectar um dispositivo em uma estação." -#: ../src/login/org.freedesktop.login1.policy.in.h:25 +#: src/login/org.freedesktop.login1.policy:148 msgid "Flush device to seat attachments" msgstr "Liberar dispositivo para conexões da estação" -#: ../src/login/org.freedesktop.login1.policy.in.h:26 +#: src/login/org.freedesktop.login1.policy:149 msgid "" "Authentication is required for resetting how devices are attached to seats." msgstr "" "É necessária autenticação para redefinir a quantidade de dispositivos " "conectados na estação." -#: ../src/login/org.freedesktop.login1.policy.in.h:27 +#: src/login/org.freedesktop.login1.policy:158 msgid "Power off the system" msgstr "Desligar o sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:28 +#: src/login/org.freedesktop.login1.policy:159 msgid "Authentication is required for powering off the system." msgstr "É necessária autenticação para desligar o sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:29 +#: src/login/org.freedesktop.login1.policy:169 msgid "Power off the system while other users are logged in" msgstr "Desligar o sistema enquanto outros usuários estão conectados" -#: ../src/login/org.freedesktop.login1.policy.in.h:30 +#: src/login/org.freedesktop.login1.policy:170 msgid "" "Authentication is required for powering off the system while other users are " "logged in." @@ -313,11 +316,11 @@ msgstr "" "É necessária autenticação para desligar o sistema enquanto outros usuários " "estão conectados." -#: ../src/login/org.freedesktop.login1.policy.in.h:31 +#: src/login/org.freedesktop.login1.policy:180 msgid "Power off the system while an application asked to inhibit it" msgstr "Desligar o sistema enquanto um aplicativo solicitou inibição" -#: ../src/login/org.freedesktop.login1.policy.in.h:32 +#: src/login/org.freedesktop.login1.policy:181 msgid "" "Authentication is required for powering off the system while an application " "asked to inhibit it." @@ -325,19 +328,19 @@ msgstr "" "É necessária autenticação para desligar o sistema enquanto um aplicativo " "solicitou inibição." -#: ../src/login/org.freedesktop.login1.policy.in.h:33 +#: src/login/org.freedesktop.login1.policy:191 msgid "Reboot the system" msgstr "Reiniciar o sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:34 +#: src/login/org.freedesktop.login1.policy:192 msgid "Authentication is required for rebooting the system." msgstr "É necessária autenticação para reiniciar o sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:35 +#: src/login/org.freedesktop.login1.policy:202 msgid "Reboot the system while other users are logged in" msgstr "Reiniciar o sistema enquanto outros usuários estiverem conectados" -#: ../src/login/org.freedesktop.login1.policy.in.h:36 +#: src/login/org.freedesktop.login1.policy:203 msgid "" "Authentication is required for rebooting the system while other users are " "logged in." @@ -345,11 +348,11 @@ msgstr "" "É necessária autenticação para reiniciar o sistema enquanto outros usuários " "estiverem conectados." -#: ../src/login/org.freedesktop.login1.policy.in.h:37 +#: src/login/org.freedesktop.login1.policy:213 msgid "Reboot the system while an application asked to inhibit it" msgstr "Reiniciar o sistema enquanto um aplicativo solicitou inibição" -#: ../src/login/org.freedesktop.login1.policy.in.h:38 +#: src/login/org.freedesktop.login1.policy:214 msgid "" "Authentication is required for rebooting the system while an application " "asked to inhibit it." @@ -357,19 +360,47 @@ msgstr "" "É necessária autenticação para reiniciar o sistema enquanto um aplicativo " "solicitou inibição." -#: ../src/login/org.freedesktop.login1.policy.in.h:39 +#: src/login/org.freedesktop.login1.policy:224 +msgid "Halt the system" +msgstr "Pare o sistema" + +#: src/login/org.freedesktop.login1.policy:225 +msgid "Authentication is required for halting the system." +msgstr "" + +#: src/login/org.freedesktop.login1.policy:235 +msgid "Halt the system while other users are logged in" +msgstr "" + +#: src/login/org.freedesktop.login1.policy:236 +msgid "" +"Authentication is required for halting the system while other users are " +"logged in." +msgstr "" + +#: src/login/org.freedesktop.login1.policy:246 +msgid "Halt the system while an application asked to inhibit it" +msgstr "" + +#: src/login/org.freedesktop.login1.policy:247 +msgid "" +"Authentication is required for halting the system while an application asked " +"to inhibit it." +msgstr "" + +#: src/login/org.freedesktop.login1.policy:257 msgid "Suspend the system" msgstr "Suspender o sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:40 +#: src/login/org.freedesktop.login1.policy:258 msgid "Authentication is required for suspending the system." msgstr "É necessária autenticação para suspender o sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:41 +#: src/login/org.freedesktop.login1.policy:267 msgid "Suspend the system while other users are logged in" msgstr "Suspender o sistema enquanto outros usuários estiverem conectados" -#: ../src/login/org.freedesktop.login1.policy.in.h:42 +#: src/login/org.freedesktop.login1.policy:268 msgid "" "Authentication is required for suspending the system while other users are " "logged in." @@ -377,11 +408,11 @@ msgstr "" "É necessária autenticação para suspender o sistema enquanto outros usuários " "estiverem conectados." -#: ../src/login/org.freedesktop.login1.policy.in.h:43 +#: src/login/org.freedesktop.login1.policy:278 msgid "Suspend the system while an application asked to inhibit it" msgstr "Suspender o sistema enquanto um aplicativo solicitou inibição" -#: ../src/login/org.freedesktop.login1.policy.in.h:44 +#: src/login/org.freedesktop.login1.policy:279 msgid "" "Authentication is required for suspending the system while an application " "asked to inhibit it." @@ -389,19 +420,19 @@ msgstr "" "É necessária autenticação para suspender o sistema enquanto um aplicativo " "solicitou inibição." -#: ../src/login/org.freedesktop.login1.policy.in.h:45 +#: src/login/org.freedesktop.login1.policy:289 msgid "Hibernate the system" msgstr "Hibernar o sistema" -#: ../src/login/org.freedesktop.login1.policy.in.h:46 +#: src/login/org.freedesktop.login1.policy:290 msgid "Authentication is required for hibernating the system." msgstr "É necessária autenticação para hibernar o sistema." -#: ../src/login/org.freedesktop.login1.policy.in.h:47 +#: src/login/org.freedesktop.login1.policy:299 msgid "Hibernate the system while other users are logged in" msgstr "Hibernar o sistema enquanto outros usuários estiverem conectados" -#: ../src/login/org.freedesktop.login1.policy.in.h:48 +#: src/login/org.freedesktop.login1.policy:300 msgid "" "Authentication is required for hibernating the system while other users are " "logged in." @@ -409,11 +440,11 @@ msgstr "" "É necessária autenticação para hibernar o sistema enquanto outros usuários " "estiverem conectados." -#: ../src/login/org.freedesktop.login1.policy.in.h:49 +#: src/login/org.freedesktop.login1.policy:310 msgid "Hibernate the system while an application asked to inhibit it" msgstr "Hibernar o sistema enquanto um aplicativo solicitou inibição" -#: ../src/login/org.freedesktop.login1.policy.in.h:50 +#: src/login/org.freedesktop.login1.policy:311 msgid "" "Authentication is required for hibernating the system while an application " "asked to inhibit it." @@ -421,31 +452,32 @@ msgstr "" "É necessária autenticação para hibernar o sistema enquanto um aplicativo " "solicitou inibição." -#: ../src/login/org.freedesktop.login1.policy.in.h:51 +#: src/login/org.freedesktop.login1.policy:321 msgid "Manage active sessions, users and seats" msgstr "Gerenciar estações, usuários e sessões ativas" -#: ../src/login/org.freedesktop.login1.policy.in.h:52 +#: src/login/org.freedesktop.login1.policy:322 msgid "" "Authentication is required for managing active sessions, users and seats." msgstr "" "É necessária autenticação para gerenciar estações, usuários e sessões ativas." +"" -#: ../src/login/org.freedesktop.login1.policy.in.h:53 +#: src/login/org.freedesktop.login1.policy:331 msgid "Lock or unlock active sessions" msgstr "Travar ou destravar sessões ativas" -#: ../src/login/org.freedesktop.login1.policy.in.h:54 +#: src/login/org.freedesktop.login1.policy:332 msgid "Authentication is required to lock or unlock active sessions." msgstr "É necessária autenticação para travar ou destravar sessões ativas." -#: ../src/login/org.freedesktop.login1.policy.in.h:55 +#: src/login/org.freedesktop.login1.policy:341 msgid "Allow indication to the firmware to boot to setup interface" msgstr "" "Permitir indicação para o firmware inicializar para a interface de " "configuração" -#: ../src/login/org.freedesktop.login1.policy.in.h:56 +#: src/login/org.freedesktop.login1.policy:342 msgid "" "Authentication is required to indicate to the firmware to boot to setup " "interface." @@ -453,83 +485,83 @@ msgstr "" "É necessária autenticação para indicar para o firmware inicializar para a " "interface de configuração." -#: ../src/login/org.freedesktop.login1.policy.in.h:57 +#: src/login/org.freedesktop.login1.policy:351 msgid "Set a wall message" msgstr "Definir uma mensagem de parede" -#: ../src/login/org.freedesktop.login1.policy.in.h:58 +#: src/login/org.freedesktop.login1.policy:352 msgid "Authentication is required to set a wall message" msgstr "É necessária autenticação para definir uma mensagem de parede" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:1 +#: src/machine/org.freedesktop.machine1.policy:22 msgid "Log into a local container" msgstr "Conectar a um contêiner local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:2 +#: src/machine/org.freedesktop.machine1.policy:23 msgid "Authentication is required to log into a local container." msgstr "É necessária autenticação para se conectar a um contêiner local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:3 +#: src/machine/org.freedesktop.machine1.policy:32 msgid "Log into the local host" msgstr "Conectar a uma máquina local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:4 +#: src/machine/org.freedesktop.machine1.policy:33 msgid "Authentication is required to log into the local host." msgstr "É necessária autenticação para se conectar a uma máquina local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:5 +#: src/machine/org.freedesktop.machine1.policy:42 msgid "Acquire a shell in a local container" msgstr "Adquirir uma shell em um contêiner local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:6 +#: src/machine/org.freedesktop.machine1.policy:43 msgid "Authentication is required to acquire a shell in a local container." msgstr "" "É necessária autenticação para adquirir uma shell em um contêiner local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:7 +#: src/machine/org.freedesktop.machine1.policy:53 msgid "Acquire a shell on the local host" msgstr "Adquirir uma shell na máquina local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:8 +#: src/machine/org.freedesktop.machine1.policy:54 msgid "Authentication is required to acquire a shell on the local host." msgstr "" "É necessária autenticação para adquirir uma shell em uma máquina local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:9 +#: src/machine/org.freedesktop.machine1.policy:64 msgid "Acquire a pseudo TTY in a local container" msgstr "Adquirir um pseudo TTY em um contêiner local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:10 +#: src/machine/org.freedesktop.machine1.policy:65 msgid "" "Authentication is required to acquire a pseudo TTY in a local container." msgstr "" "É necessária autenticação para adquirir um pseudo TTY em um contêiner local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:11 +#: src/machine/org.freedesktop.machine1.policy:74 msgid "Acquire a pseudo TTY on the local host" msgstr "Adquiri um pseudo TTY na máquina local" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:12 +#: src/machine/org.freedesktop.machine1.policy:75 msgid "Authentication is required to acquire a pseudo TTY on the local host." msgstr "" "É necessária autenticação para adquirir um pseudo TTY em um máquina local." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:13 +#: src/machine/org.freedesktop.machine1.policy:84 msgid "Manage local virtual machines and containers" msgstr "Gerenciar máquinas virtuais locais e contêineres" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:14 +#: src/machine/org.freedesktop.machine1.policy:85 msgid "" "Authentication is required to manage local virtual machines and containers." msgstr "" "É necessária autenticação para gerenciar máquinas virtuais locais e " "contêineres." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:15 +#: src/machine/org.freedesktop.machine1.policy:95 msgid "Manage local virtual machine and container images" msgstr "Gerenciar máquinas virtuais locais e imagens contêineres" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:16 +#: src/machine/org.freedesktop.machine1.policy:96 msgid "" "Authentication is required to manage local virtual machine and container " "images." @@ -537,27 +569,43 @@ msgstr "" "É necessária autenticação para gerenciar máquinas virtuais locais e imagens " "contêineres." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:1 +#: src/resolve/org.freedesktop.resolve1.policy:22 +msgid "Register a DNS-SD service" +msgstr "" + +#: src/resolve/org.freedesktop.resolve1.policy:23 +msgid "Authentication is required to register a DNS-SD service" +msgstr "" + +#: src/resolve/org.freedesktop.resolve1.policy:33 +msgid "Unregister a DNS-SD service" +msgstr "" + +#: src/resolve/org.freedesktop.resolve1.policy:34 +msgid "Authentication is required to unregister a DNS-SD service" +msgstr "" + +#: src/timedate/org.freedesktop.timedate1.policy:22 msgid "Set system time" msgstr "Definir horário do sistema" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:2 +#: src/timedate/org.freedesktop.timedate1.policy:23 msgid "Authentication is required to set the system time." msgstr "É necessária autenticação para definir o horário do sistema." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:3 +#: src/timedate/org.freedesktop.timedate1.policy:33 msgid "Set system timezone" msgstr "Definir fuso horário do sistema" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:4 +#: src/timedate/org.freedesktop.timedate1.policy:34 msgid "Authentication is required to set the system timezone." msgstr "É necessária autenticação para definir o fuso horário do sistema." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:5 +#: src/timedate/org.freedesktop.timedate1.policy:43 msgid "Set RTC to local timezone or UTC" msgstr "Definir o relógio do sistema (RTC) para fuso horário local ou UTC" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:6 +#: src/timedate/org.freedesktop.timedate1.policy:44 msgid "" "Authentication is required to control whether the RTC stores the local or " "UTC time." @@ -565,11 +613,11 @@ msgstr "" "É necessária autenticação para controlar se o RTC deve, ou não, armazenar o " "horário local ou de UTC." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:7 +#: src/timedate/org.freedesktop.timedate1.policy:54 msgid "Turn network time synchronization on or off" msgstr "Ligar/desligar a sincronização do horário em rede" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:8 +#: src/timedate/org.freedesktop.timedate1.policy:55 msgid "" "Authentication is required to control whether network time synchronization " "shall be enabled." @@ -577,31 +625,31 @@ msgstr "" "É necessária autenticação para controlar se deve ser habilitada, ou não, a " "sincronização de horário através de rede." -#: ../src/core/dbus-unit.c:457 +#: src/core/dbus-unit.c:496 msgid "Authentication is required to start '$(unit)'." msgstr "É necessária autenticação para iniciar '$(unit)'." -#: ../src/core/dbus-unit.c:458 +#: src/core/dbus-unit.c:497 msgid "Authentication is required to stop '$(unit)'." msgstr "É necessária autenticação para parar '$(unit)'." -#: ../src/core/dbus-unit.c:459 +#: src/core/dbus-unit.c:498 msgid "Authentication is required to reload '$(unit)'." msgstr "É necessária autenticação para recarregar '$(unit)'." -#: ../src/core/dbus-unit.c:460 ../src/core/dbus-unit.c:461 +#: src/core/dbus-unit.c:499 src/core/dbus-unit.c:500 msgid "Authentication is required to restart '$(unit)'." msgstr "É necessária autenticação para reiniciar '$(unit)'." -#: ../src/core/dbus-unit.c:568 +#: src/core/dbus-unit.c:607 msgid "Authentication is required to kill '$(unit)'." msgstr "É necessária autenticação para matar '$(unit)'." -#: ../src/core/dbus-unit.c:599 +#: src/core/dbus-unit.c:638 msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." msgstr "" "É necessária autenticação para reiniciar o estado \"failed\" de '$(unit)'." -#: ../src/core/dbus-unit.c:632 +#: src/core/dbus-unit.c:671 msgid "Authentication is required to set properties on '$(unit)'." msgstr "É necessária autenticação para definir propriedades em '$(unit)'." @@ -2,14 +2,14 @@ # # translation of ru.po to Rissian # Julia Dronova <juliette.tux@gmail.com>, 2013. -# Sergey Ptashnick <0comffdiz@inbox.ru>, 2013-2017. +# Sergey Ptashnick <0comffdiz@inbox.ru>, 2013-2018. # msgid "" msgstr "" "Project-Id-Version: systemd\n" -"Report-Msgid-Bugs-To: \n" +"Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n" "POT-Creation-Date: 2015-11-22 16:37+0100\n" -"PO-Revision-Date: 2017-10-10 00:28+0300\n" +"PO-Revision-Date: 2018-02-22 13:25+0300\n" "Last-Translator: Sergey Ptashnick <0comffdiz@inbox.ru>\n" "Language: ru\n" "MIME-Version: 1.0\n" @@ -18,40 +18,40 @@ msgstr "" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2)\n" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:1 +#: src/core/org.freedesktop.systemd1.policy.in.in:22 msgid "Send passphrase back to system" msgstr "Отправить пароль системе" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:2 +#: src/core/org.freedesktop.systemd1.policy.in.in:23 msgid "" "Authentication is required to send the entered passphrase back to the system." msgstr "Чтобы отправить пароль системе, необходимо пройти аутентификацию." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:3 +#: src/core/org.freedesktop.systemd1.policy.in.in:33 msgid "Manage system services or other units" msgstr "Управление системными службами и юнитами" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:4 +#: src/core/org.freedesktop.systemd1.policy.in.in:34 msgid "Authentication is required to manage system services or other units." msgstr "" "Для управления системными службами и юнитами, необходимо пройти " "аутентификацию." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:5 +#: src/core/org.freedesktop.systemd1.policy.in.in:43 msgid "Manage system service or unit files" msgstr "Управление файлами конфигурации системных служб и юнитов" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:6 +#: src/core/org.freedesktop.systemd1.policy.in.in:44 msgid "Authentication is required to manage system service or unit files." msgstr "" "Для управления файлами конфигурации системных служб и юнитов, необходимо " "пройти аутентификацию." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:7 +#: src/core/org.freedesktop.systemd1.policy.in.in:53 msgid "Set or unset system and service manager environment variables" msgstr "Настроить переменные окружения для системного менеджера" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:8 +#: src/core/org.freedesktop.systemd1.policy.in.in:54 msgid "" "Authentication is required to set or unset system and service manager " "environment variables." @@ -59,29 +59,29 @@ msgstr "" "Чтобы настроить переменные окружения для системного менеджера, необходимо " "пройти аутентификацию." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:9 +#: src/core/org.freedesktop.systemd1.policy.in.in:63 msgid "Reload the systemd state" msgstr "Перечитать конфигурацию systemd" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:10 +#: src/core/org.freedesktop.systemd1.policy.in.in:64 msgid "Authentication is required to reload the systemd state." msgstr "" "Чтобы заставить systemd перечитать конфигурацию, необходимо пройти " "аутентификацию." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:1 +#: src/hostname/org.freedesktop.hostname1.policy.in:22 msgid "Set host name" msgstr "Настроить имя компьютера" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:2 +#: src/hostname/org.freedesktop.hostname1.policy.in:23 msgid "Authentication is required to set the local host name." msgstr "Чтобы настроить имя компьютера, необходимо пройти аутентификацию." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:3 +#: src/hostname/org.freedesktop.hostname1.policy.in:32 msgid "Set static host name" msgstr "Настроить статическое имя компьютера" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:4 +#: src/hostname/org.freedesktop.hostname1.policy.in:33 msgid "" "Authentication is required to set the statically configured local host name, " "as well as the pretty host name." @@ -89,110 +89,110 @@ msgstr "" "Чтобы настроить статическое имя компьютера, а также его «красивое» имя, " "необходимо пройти аутентификацию." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:5 +#: src/hostname/org.freedesktop.hostname1.policy.in:43 msgid "Set machine information" msgstr "Настроить информацию о компьютере" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:6 +#: src/hostname/org.freedesktop.hostname1.policy.in:44 msgid "Authentication is required to set local machine information." msgstr "" "Чтобы настроить информацию о компьютере, необходимо пройти аутентификацию." -#: ../src/import/org.freedesktop.import1.policy.in.h:1 +#: src/import/org.freedesktop.import1.policy.in:22 msgid "Import a VM or container image" msgstr "Импортировать образ виртуальной машины или контейнера" -#: ../src/import/org.freedesktop.import1.policy.in.h:2 +#: src/import/org.freedesktop.import1.policy.in:23 msgid "Authentication is required to import a VM or container image" msgstr "" "Чтобы импортировать образ виртуальной машины или контейнера, необходимо " "пройти аутентификацию." -#: ../src/import/org.freedesktop.import1.policy.in.h:3 +#: src/import/org.freedesktop.import1.policy.in:32 msgid "Export a VM or container image" msgstr "Экспортировать образ виртуальной машины или контейнера" -#: ../src/import/org.freedesktop.import1.policy.in.h:4 +#: src/import/org.freedesktop.import1.policy.in:33 msgid "Authentication is required to export a VM or container image" msgstr "" "Чтобы экспортировать образ виртуальной машины или контейнера, необходимо " "пройти аутентификацию." -#: ../src/import/org.freedesktop.import1.policy.in.h:5 +#: src/import/org.freedesktop.import1.policy.in:42 msgid "Download a VM or container image" msgstr "Загрузить образ виртуальной машины или контейнера" -#: ../src/import/org.freedesktop.import1.policy.in.h:6 +#: src/import/org.freedesktop.import1.policy.in:43 msgid "Authentication is required to download a VM or container image" msgstr "" "Чтобы загрузить образ виртуальной машины или контейнера, необходимо пройти " "аутентификацию." -#: ../src/locale/org.freedesktop.locale1.policy.in.h:1 +#: src/locale/org.freedesktop.locale1.policy.in:22 msgid "Set system locale" msgstr "Настроить системную локаль" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:2 +#: src/locale/org.freedesktop.locale1.policy.in:23 msgid "Authentication is required to set the system locale." msgstr "Чтобы настроить системную локаль, необходимо пройти аутентификацию." -#: ../src/locale/org.freedesktop.locale1.policy.in.h:3 +#: src/locale/org.freedesktop.locale1.policy.in:33 msgid "Set system keyboard settings" msgstr "Настроить параметры клавиатуры" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:4 +#: src/locale/org.freedesktop.locale1.policy.in:34 msgid "Authentication is required to set the system keyboard settings." msgstr "" "Чтобы настроить параметры клавиатуры, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:1 +#: src/login/org.freedesktop.login1.policy.in:22 msgid "Allow applications to inhibit system shutdown" msgstr "Разрешить приложениям устанавливать блокировку на выключение системы" -#: ../src/login/org.freedesktop.login1.policy.in.h:2 +#: src/login/org.freedesktop.login1.policy.in:23 msgid "" "Authentication is required for an application to inhibit system shutdown." msgstr "" "Чтобы разрешить приложениям устанавливать блокировку на выключение системы, " "необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:3 +#: src/login/org.freedesktop.login1.policy.in:33 msgid "Allow applications to delay system shutdown" msgstr "Разрешить приложениям устанавливать задержку на выключение системы" -#: ../src/login/org.freedesktop.login1.policy.in.h:4 +#: src/login/org.freedesktop.login1.policy.in:34 msgid "Authentication is required for an application to delay system shutdown." msgstr "" "Чтобы разрешить приложениям устанавливать задержку на выключение системы, " "необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:5 +#: src/login/org.freedesktop.login1.policy.in:44 msgid "Allow applications to inhibit system sleep" msgstr "Разрешить приложениям устанавливать блокировку на засыпание системы" -#: ../src/login/org.freedesktop.login1.policy.in.h:6 +#: src/login/org.freedesktop.login1.policy.in:45 msgid "Authentication is required for an application to inhibit system sleep." msgstr "" "Чтобы разрешить приложениям устанавливать блокировку на засыпание системы, " "необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:7 +#: src/login/org.freedesktop.login1.policy.in:55 msgid "Allow applications to delay system sleep" msgstr "Разрешить приложениям устанавливать задержку на засыпание системы" -#: ../src/login/org.freedesktop.login1.policy.in.h:8 +#: src/login/org.freedesktop.login1.policy.in:56 msgid "Authentication is required for an application to delay system sleep." msgstr "" "Чтобы разрешить приложениям устанавливать задержку на засыпание системы, " "необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:9 +#: src/login/org.freedesktop.login1.policy.in:65 msgid "Allow applications to inhibit automatic system suspend" msgstr "" "Разрешить приложениям устанавливать блокировку на автоматический переход " "системы в ждущий режим" -#: ../src/login/org.freedesktop.login1.policy.in.h:10 +#: src/login/org.freedesktop.login1.policy.in:66 msgid "" "Authentication is required for an application to inhibit automatic system " "suspend." @@ -200,13 +200,13 @@ msgstr "" "Чтобы разрешить приложениям устанавливать блокировку на автоматический " "переход системы в ждущий режим, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:11 +#: src/login/org.freedesktop.login1.policy.in:75 msgid "Allow applications to inhibit system handling of the power key" msgstr "" "Разрешить приложениям устанавливать блокировку обработки нажатий на кнопку " "выключения" -#: ../src/login/org.freedesktop.login1.policy.in.h:12 +#: src/login/org.freedesktop.login1.policy.in:76 msgid "" "Authentication is required for an application to inhibit system handling of " "the power key." @@ -214,13 +214,13 @@ msgstr "" "Чтобы разрешить приложениям устанавливать блокировку обработки нажатий на " "кнопку выключения, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:13 +#: src/login/org.freedesktop.login1.policy.in:86 msgid "Allow applications to inhibit system handling of the suspend key" msgstr "" "Разрешить приложениям устанавливать блокировку обработки нажатий на кнопку " "перехода в ждущий режим" -#: ../src/login/org.freedesktop.login1.policy.in.h:14 +#: src/login/org.freedesktop.login1.policy.in:87 msgid "" "Authentication is required for an application to inhibit system handling of " "the suspend key." @@ -228,13 +228,13 @@ msgstr "" "Чтобы разрешить приложениям устанавливать блокировку обработки нажатий на " "кнопку перехода в ждущий режим, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:15 +#: src/login/org.freedesktop.login1.policy.in:97 msgid "Allow applications to inhibit system handling of the hibernate key" msgstr "" "Разрешить приложениям устанавливать блокировку обработки нажатий на кнопку " "перехода в спящий режим" -#: ../src/login/org.freedesktop.login1.policy.in.h:16 +#: src/login/org.freedesktop.login1.policy.in:98 msgid "" "Authentication is required for an application to inhibit system handling of " "the hibernate key." @@ -242,13 +242,13 @@ msgstr "" "Чтобы разрешить приложениям устанавливать блокировку обработки нажатий на " "кнопку перехода в спящий режим, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:17 +#: src/login/org.freedesktop.login1.policy.in:107 msgid "Allow applications to inhibit system handling of the lid switch" msgstr "" "Разрешить приложениям устанавливать блокировку на обработку закрытия крышки " "ноутбука" -#: ../src/login/org.freedesktop.login1.policy.in.h:18 +#: src/login/org.freedesktop.login1.policy.in:108 msgid "" "Authentication is required for an application to inhibit system handling of " "the lid switch." @@ -256,64 +256,64 @@ msgstr "" "Чтобы разрешить приложениям устанавливать блокировку на обработку закрытия " "крышки ноутбука, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:19 +#: src/login/org.freedesktop.login1.policy.in:117 msgid "Allow non-logged-in user to run programs" msgstr "" "Разрешить работу программ в фоновом режиме после завершения сеанса" -#: ../src/login/org.freedesktop.login1.policy.in.h:20 +#: src/login/org.freedesktop.login1.policy.in:118 msgid "Explicit request is required to run programs as a non-logged-in user." msgstr "" "Чтобы разрешить работу программ в фоновом режиме после завершения сеанса, " "необходимо явное подтверждение." -#: ../src/login/org.freedesktop.login1.policy.in.h:21 +#: src/login/org.freedesktop.login1.policy.in:127 msgid "Allow non-logged-in users to run programs" msgstr "" "Разрешить пользователям оставлять программы в фоновом режиме после " "завершения сеанса" -#: ../src/login/org.freedesktop.login1.policy.in.h:22 +#: src/login/org.freedesktop.login1.policy.in:128 msgid "Authentication is required to run programs as a non-logged-in user." msgstr "" "Чтобы разрешить пользователям оставлять программы в фоновом режиме после " "завершения сеанса, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:23 +#: src/login/org.freedesktop.login1.policy.in:137 msgid "Allow attaching devices to seats" msgstr "Разрешить подключение устройств к рабочим местам" -#: ../src/login/org.freedesktop.login1.policy.in.h:24 +#: src/login/org.freedesktop.login1.policy.in:138 msgid "Authentication is required for attaching a device to a seat." msgstr "" "Чтобы разрешить подключение устройств к рабочим местам, необходимо пройти " "аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:25 +#: src/login/org.freedesktop.login1.policy.in:148 msgid "Flush device to seat attachments" msgstr "Сбросить привязки устройств к рабочим местам" -#: ../src/login/org.freedesktop.login1.policy.in.h:26 +#: src/login/org.freedesktop.login1.policy.in:149 msgid "" "Authentication is required for resetting how devices are attached to seats." msgstr "" "Чтобы сбросить привязки устройств к рабочим местам, необходимо пройти " "аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:27 +#: src/login/org.freedesktop.login1.policy.in:158 msgid "Power off the system" msgstr "Выключить систему" -#: ../src/login/org.freedesktop.login1.policy.in.h:28 +#: src/login/org.freedesktop.login1.policy.in:159 msgid "Authentication is required for powering off the system." msgstr "Чтобы выключить систему, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:29 +#: src/login/org.freedesktop.login1.policy.in:169 msgid "Power off the system while other users are logged in" msgstr "" "Выключить систему, несмотря на то, что в ней работают другие пользователи" -#: ../src/login/org.freedesktop.login1.policy.in.h:30 +#: src/login/org.freedesktop.login1.policy.in:170 msgid "" "Authentication is required for powering off the system while other users are " "logged in." @@ -321,13 +321,13 @@ msgstr "" "Чтобы выключить систему, несмотря на то, что в ней работают другие " "пользователи, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:31 +#: src/login/org.freedesktop.login1.policy.in:180 msgid "Power off the system while an application asked to inhibit it" msgstr "" "Выключить систему, несмотря на то, что приложение запросило блокировку " "выключения" -#: ../src/login/org.freedesktop.login1.policy.in.h:32 +#: src/login/org.freedesktop.login1.policy.in:181 msgid "" "Authentication is required for powering off the system while an application " "asked to inhibit it." @@ -335,20 +335,20 @@ msgstr "" "Чтобы выключить систему, несмотря на то, что приложение запросило блокировку " "выключения, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:33 +#: src/login/org.freedesktop.login1.policy.in:191 msgid "Reboot the system" msgstr "Перезагрузить систему" -#: ../src/login/org.freedesktop.login1.policy.in.h:34 +#: src/login/org.freedesktop.login1.policy.in:192 msgid "Authentication is required for rebooting the system." msgstr "Чтобы перезагрузить систему, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:35 +#: src/login/org.freedesktop.login1.policy.in:202 msgid "Reboot the system while other users are logged in" msgstr "" "Перезагрузить систему, несмотря на то, что в ней работают другие пользователи" -#: ../src/login/org.freedesktop.login1.policy.in.h:36 +#: src/login/org.freedesktop.login1.policy.in:203 msgid "" "Authentication is required for rebooting the system while other users are " "logged in." @@ -356,13 +356,13 @@ msgstr "" "Чтобы перезагрузить систему, несмотря на то, что в ней работают другие " "пользователи, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:37 +#: src/login/org.freedesktop.login1.policy.in:213 msgid "Reboot the system while an application asked to inhibit it" msgstr "" "Перезагрузить систему, несмотря на то, что приложение запросило блокировку " "выключения" -#: ../src/login/org.freedesktop.login1.policy.in.h:38 +#: src/login/org.freedesktop.login1.policy.in:214 msgid "" "Authentication is required for rebooting the system while an application " "asked to inhibit it." @@ -370,20 +370,20 @@ msgstr "" "Чтобы перезагрузить систему, несмотря на то, что приложение запросило " "блокировку выключения, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:39 +#: src/login/org.freedesktop.login1.policy.in:224 msgid "Halt the system" msgstr "Остановить систему" -#: ../src/login/org.freedesktop.login1.policy.in.h:40 +#: src/login/org.freedesktop.login1.policy.in:225 msgid "Authentication is required for halting the system." msgstr "Чтобы остановить систему, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:41 +#: src/login/org.freedesktop.login1.policy.in:235 msgid "Halt the system while other users are logged in" msgstr "" "Остановить систему, несмотря на то, что в ней работают другие пользователи" -#: ../src/login/org.freedesktop.login1.policy.in.h:42 +#: src/login/org.freedesktop.login1.policy.in:236 msgid "" "Authentication is required for halting the system while other users are " "logged in." @@ -391,13 +391,13 @@ msgstr "" "Чтобы остановить систему, несмотря на то, что в ней работают другие " "пользователи, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:43 +#: src/login/org.freedesktop.login1.policy.in:246 msgid "Halt the system while an application asked to inhibit it" msgstr "" "Остановить систему, несмотря на то, что приложение запросило блокировку " "выключения" -#: ../src/login/org.freedesktop.login1.policy.in.h:44 +#: src/login/org.freedesktop.login1.policy.in:247 msgid "" "Authentication is required for halting the system while an application asked " "to inhibit it." @@ -405,22 +405,22 @@ msgstr "" "Чтобы остановить систему, несмотря на то, что приложение запросило " "блокировку выключения, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:45 +#: src/login/org.freedesktop.login1.policy.in:257 msgid "Suspend the system" msgstr "Перевести систему в ждущий режим" -#: ../src/login/org.freedesktop.login1.policy.in.h:46 +#: src/login/org.freedesktop.login1.policy.in:258 msgid "Authentication is required for suspending the system." msgstr "" "Чтобы перевести систему в ждущий режим, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:47 +#: src/login/org.freedesktop.login1.policy.in:267 msgid "Suspend the system while other users are logged in" msgstr "" "Перевести систему в ждущий режим, несмотря на то, что в ней работают другие " "пользователи" -#: ../src/login/org.freedesktop.login1.policy.in.h:48 +#: src/login/org.freedesktop.login1.policy.in:268 msgid "" "Authentication is required for suspending the system while other users are " "logged in." @@ -428,13 +428,13 @@ msgstr "" "Чтобы перевести систему в ждущий режим, несмотря на то, что в ней работают " "другие пользователи, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:49 +#: src/login/org.freedesktop.login1.policy.in:278 msgid "Suspend the system while an application asked to inhibit it" msgstr "" "Перевести систему в ждущий режим, несмотря на то, что приложение запросило " "блокировку" -#: ../src/login/org.freedesktop.login1.policy.in.h:50 +#: src/login/org.freedesktop.login1.policy.in:279 msgid "" "Authentication is required for suspending the system while an application " "asked to inhibit it." @@ -442,22 +442,22 @@ msgstr "" "Чтобы перевести систему в ждущий режим, несмотря на то, что приложение " "запросило блокировку, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:51 +#: src/login/org.freedesktop.login1.policy.in:289 msgid "Hibernate the system" msgstr "Перевести систему в спящий режим" -#: ../src/login/org.freedesktop.login1.policy.in.h:52 +#: src/login/org.freedesktop.login1.policy.in:290 msgid "Authentication is required for hibernating the system." msgstr "" "Чтобы перевести систему в спящий режим, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:53 +#: src/login/org.freedesktop.login1.policy.in:299 msgid "Hibernate the system while other users are logged in" msgstr "" "Перевести систему в спящий режим, несмотря на то, что в ней работают другие " "пользователи" -#: ../src/login/org.freedesktop.login1.policy.in.h:54 +#: src/login/org.freedesktop.login1.policy.in:300 msgid "" "Authentication is required for hibernating the system while other users are " "logged in." @@ -465,13 +465,13 @@ msgstr "" "Чтобы перевести систему в спящий режим, несмотря на то, что в ней работают " "другие пользователи, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:55 +#: src/login/org.freedesktop.login1.policy.in:310 msgid "Hibernate the system while an application asked to inhibit it" msgstr "" "Перевести систему в спящий режим, несмотря на то, что приложение запросило " "блокировку" -#: ../src/login/org.freedesktop.login1.policy.in.h:56 +#: src/login/org.freedesktop.login1.policy.in:311 msgid "" "Authentication is required for hibernating the system while an application " "asked to inhibit it." @@ -479,32 +479,32 @@ msgstr "" "Чтобы перевести систему в спящий режим, несмотря на то, что приложение " "запросило блокировку, необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:57 +#: src/login/org.freedesktop.login1.policy.in:321 msgid "Manage active sessions, users and seats" msgstr "Управление текущими сеансами, пользователями и рабочими местами" -#: ../src/login/org.freedesktop.login1.policy.in.h:58 +#: src/login/org.freedesktop.login1.policy.in:322 msgid "" "Authentication is required for managing active sessions, users and seats." msgstr "" "Для управления текущими сеансами, пользователями и рабочими местами, " "необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:59 +#: src/login/org.freedesktop.login1.policy.in:331 msgid "Lock or unlock active sessions" msgstr "Заблокировать или разблокировать текущие сеансы" -#: ../src/login/org.freedesktop.login1.policy.in.h:60 +#: src/login/org.freedesktop.login1.policy.in:332 msgid "Authentication is required to lock or unlock active sessions." msgstr "" "Чтобы заблокировать или разблокировать текущие сеансы, необходимо пройти " "аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:61 +#: src/login/org.freedesktop.login1.policy.in:341 msgid "Allow indication to the firmware to boot to setup interface" msgstr "Разрешить загрузку в режиме настройки прошивки материнской платы" -#: ../src/login/org.freedesktop.login1.policy.in.h:62 +#: src/login/org.freedesktop.login1.policy.in:342 msgid "" "Authentication is required to indicate to the firmware to boot to setup " "interface." @@ -512,88 +512,88 @@ msgstr "" "Чтобы разрешить загрузку в режиме настройки прошивки материнской платы, " "необходимо пройти аутентификацию." -#: ../src/login/org.freedesktop.login1.policy.in.h:63 +#: src/login/org.freedesktop.login1.policy.in:351 msgid "Set a wall message" msgstr "Отправить сообщение на все терминалы" -#: ../src/login/org.freedesktop.login1.policy.in.h:64 +#: src/login/org.freedesktop.login1.policy.in:352 msgid "Authentication is required to set a wall message" msgstr "" "Чтобы отправить сообщение на все терминалы, необходимо пройти аутентификацию." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:1 +#: src/machine/org.freedesktop.machine1.policy.in:22 msgid "Log into a local container" msgstr "Зайти в локальный контейнер" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:2 +#: src/machine/org.freedesktop.machine1.policy.in:23 msgid "Authentication is required to log into a local container." msgstr "Чтобы зайти в локальный контейнер, необходимо пройти аутентификацию." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:3 +#: src/machine/org.freedesktop.machine1.policy.in:32 msgid "Log into the local host" msgstr "Зайти на этот компьютер" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:4 +#: src/machine/org.freedesktop.machine1.policy.in:33 msgid "Authentication is required to log into the local host." msgstr "Чтобы зайти на этот компьютер, необходимо пройти аутентификацию." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:5 +#: src/machine/org.freedesktop.machine1.policy.in:42 msgid "Acquire a shell in a local container" msgstr "Получить командную оболочку в локальном контейнере" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:6 +#: src/machine/org.freedesktop.machine1.policy.in:43 msgid "Authentication is required to acquire a shell in a local container." msgstr "" "Чтобы получить командную оболочку в локальном контейнере, необходимо пройти " "аутентификацию." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:7 +#: src/machine/org.freedesktop.machine1.policy.in:53 msgid "Acquire a shell on the local host" msgstr "Запустить командную оболочку на этом компьютере" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:8 +#: src/machine/org.freedesktop.machine1.policy.in:54 msgid "Authentication is required to acquire a shell on the local host." msgstr "" "Чтобы запустить командную оболочку на этом компьютере, необходимо пройти " "аутентификацию." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:9 +#: src/machine/org.freedesktop.machine1.policy.in:64 msgid "Acquire a pseudo TTY in a local container" msgstr "Получить псевдо-терминал в локальном контейнере" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:10 +#: src/machine/org.freedesktop.machine1.policy.in:65 msgid "" "Authentication is required to acquire a pseudo TTY in a local container." msgstr "" "Чтобы получить псевдо-терминал в локальном контейнере, необходимо пройти " "аутентификацию." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:11 +#: src/machine/org.freedesktop.machine1.policy.in:74 msgid "Acquire a pseudo TTY on the local host" msgstr "Получить псевдо-терминал на этом компьютере" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:12 +#: src/machine/org.freedesktop.machine1.policy.in:75 msgid "Authentication is required to acquire a pseudo TTY on the local host." msgstr "" "Чтобы получить псевдо-терминал на этом компьютере, необходимо пройти " "аутентификацию." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:13 +#: src/machine/org.freedesktop.machine1.policy.in:84 msgid "Manage local virtual machines and containers" msgstr "Управление виртуальными машинами и контейнерами" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:14 +#: src/machine/org.freedesktop.machine1.policy.in:85 msgid "" "Authentication is required to manage local virtual machines and containers." msgstr "" "Для управления виртуальными машинами и контейнерами, необходимо пройти " "аутентификацию." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:15 +#: src/machine/org.freedesktop.machine1.policy.in:95 msgid "Manage local virtual machine and container images" msgstr "Управление образами виртуальных машин и контейнеров" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:16 +#: src/machine/org.freedesktop.machine1.policy.in:96 msgid "" "Authentication is required to manage local virtual machine and container " "images." @@ -601,27 +601,44 @@ msgstr "" "Для управления образами виртуальных машин и контейнеров, необходимо пройти " "аутентификацию." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:1 +#: src/resolve/org.freedesktop.resolve1.policy.in:22 +msgid "Register a DNS-SD service" +msgstr "Зарегистрировать службу в DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy.in:23 +msgid "Authentication is required to register a DNS-SD service" +msgstr "Чтобы зарегистрировать службу в DNS-SD, необходимо пройти " +"аутентификацию." + +#: src/resolve/org.freedesktop.resolve1.policy.in:33 +msgid "Unregister a DNS-SD service" +msgstr "Удалить службу из DNS-SD" + +#: src/resolve/org.freedesktop.resolve1.policy.in:34 +msgid "Authentication is required to unregister a DNS-SD service" +msgstr "Чтобы удалить службу из DNS-SD, необходимо пройти аутентификацию." + +#: src/timedate/org.freedesktop.timedate1.policy.in:22 msgid "Set system time" msgstr "Настроить системное время" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:2 +#: src/timedate/org.freedesktop.timedate1.policy.in:23 msgid "Authentication is required to set the system time." msgstr "Чтобы настроить системное время, необходимо пройти аутентификацию." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:3 +#: src/timedate/org.freedesktop.timedate1.policy.in:33 msgid "Set system timezone" msgstr "Настроить часовой пояс" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:4 +#: src/timedate/org.freedesktop.timedate1.policy.in:34 msgid "Authentication is required to set the system timezone." msgstr "Чтобы настроить часовой пояс, необходимо пройти аутентификацию." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:5 +#: src/timedate/org.freedesktop.timedate1.policy.in:43 msgid "Set RTC to local timezone or UTC" msgstr "Установить аппаратные часы по местному времени или по Гринвичу" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:6 +#: src/timedate/org.freedesktop.timedate1.policy.in:44 msgid "" "Authentication is required to control whether the RTC stores the local or " "UTC time." @@ -629,11 +646,11 @@ msgstr "" "Чтобы контролировать, установлены аппаратные часы по местному времени или по " "Гринвичу, необходимо пройти аутентификацию." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:7 +#: src/timedate/org.freedesktop.timedate1.policy.in:54 msgid "Turn network time synchronization on or off" msgstr "Включить или выключить синхронизацию времени по сети" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:8 +#: src/timedate/org.freedesktop.timedate1.policy.in:55 msgid "" "Authentication is required to control whether network time synchronization " "shall be enabled." @@ -641,35 +658,35 @@ msgstr "" "Чтобы включить или выключить синхронизацию времени по сети, необходимо " "пройти аутентификацию." -#: ../src/core/dbus-unit.c:458 +#: src/core/dbus-unit.c:496 msgid "Authentication is required to start '$(unit)'." msgstr "Чтобы запустить «$(unit)», необходимо пройти аутентификацию." -#: ../src/core/dbus-unit.c:459 +#: src/core/dbus-unit.c:497 msgid "Authentication is required to stop '$(unit)'." msgstr "Чтобы остановить «$(unit)», необходимо пройти аутентификацию." -#: ../src/core/dbus-unit.c:460 +#: src/core/dbus-unit.c:498 msgid "Authentication is required to reload '$(unit)'." msgstr "" "Чтобы заставить «$(unit)» перечитать конфигурацию, необходимо пройти " "аутентификацию." -#: ../src/core/dbus-unit.c:461 ../src/core/dbus-unit.c:462 +#: src/core/dbus-unit.c:499 src/core/dbus-unit.c:500 msgid "Authentication is required to restart '$(unit)'." msgstr "Чтобы перезапустить «$(unit)», необходимо пройти аутентификацию." -#: ../src/core/dbus-unit.c:569 +#: src/core/dbus-unit.c:607 msgid "Authentication is required to kill '$(unit)'." msgstr "Чтобы убить юнит «$(unit)», необходимо пройти аутентификацию." -#: ../src/core/dbus-unit.c:600 +#: src/core/dbus-unit.c:638 msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." msgstr "" "Чтобы сбросить состояние «failed» у юнита «$(unit)», необходимо пройти " "аутентификацию." -#: ../src/core/dbus-unit.c:633 +#: src/core/dbus-unit.c:671 msgid "Authentication is required to set properties on '$(unit)'." msgstr "Чтобы изменить параметры юнита «$(unit)», необходимо пройти " "аутентификацию." @@ -9,54 +9,53 @@ msgid "" msgstr "" "Project-Id-Version: \n" "Report-Msgid-Bugs-To: https://github.com/systemd/systemd/issues\n" -"POT-Creation-Date: 2015-10-03 18:14+0200\n" -"PO-Revision-Date: 2015-10-03 21:01+0200\n" +"POT-Creation-Date: 2018-02-13 03:26+0000\n" +"PO-Revision-Date: 2018-02-18 22:03+0100\n" +"Last-Translator: Марко М. Костић <marko.m.kostic@gmail.com>\n" "Language-Team: \n" +"Language: sr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" -"X-Generator: Poedit 1.8.4\n" -"Last-Translator: Марко М. Костић (Marko M. Kostić) <marko.m.kostic@gmail." -"com>\n" +"X-Generator: Poedit 2.0.3\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" -"Language: sr\n" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:1 +#: src/core/org.freedesktop.systemd1.policy.in.in:22 msgid "Send passphrase back to system" -msgstr "Пошаљите фразу ка систему" +msgstr "Пошаљи фразу назад ка систему" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:2 +#: src/core/org.freedesktop.systemd1.policy.in.in:23 msgid "" "Authentication is required to send the entered passphrase back to the system." msgstr "" "Потребно је да се идентификујете да бисте послали фразу назад у систем." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:3 +#: src/core/org.freedesktop.systemd1.policy.in.in:33 msgid "Manage system services or other units" -msgstr "Управљајте системским услугама и другим јединицама" +msgstr "Управљај системским услугама и другим јединицама" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:4 +#: src/core/org.freedesktop.systemd1.policy.in.in:34 msgid "Authentication is required to manage system services or other units." msgstr "" "Потребно је да се идентификујете да бисте управљали системским услугама или " "другим јединицама." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:5 +#: src/core/org.freedesktop.systemd1.policy.in.in:43 msgid "Manage system service or unit files" -msgstr "Управљајте системском услугом или јединичним датотекама" +msgstr "Управљај системском услугом или јединичним датотекама" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:6 +#: src/core/org.freedesktop.systemd1.policy.in.in:44 msgid "Authentication is required to manage system service or unit files." msgstr "" "Потребно је да се идентификујете да бисте управљали системском услугом или " "јединичним датотекама." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:7 +#: src/core/org.freedesktop.systemd1.policy.in.in:53 msgid "Set or unset system and service manager environment variables" -msgstr "Мењајте променљиве окружења на систему и унутар управника услуга" +msgstr "Мењај променљиве окружења на систему и унутар управника услуга" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:8 +#: src/core/org.freedesktop.systemd1.policy.in.in:54 msgid "" "Authentication is required to set or unset system and service manager " "environment variables." @@ -64,28 +63,28 @@ msgstr "" "Потребно је да се идентификујете да бисте мењали променљиве окружења на " "систему и унутар управника услуга." -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:9 +#: src/core/org.freedesktop.systemd1.policy.in.in:63 msgid "Reload the systemd state" -msgstr "Поново учитајте стање систем-деа" +msgstr "Поново учитај стање систем-деа" -#: ../src/core/org.freedesktop.systemd1.policy.in.in.h:10 +#: src/core/org.freedesktop.systemd1.policy.in.in:64 msgid "Authentication is required to reload the systemd state." msgstr "" "Потребно је да се идентификујете да бисте поново учитали стање систем-деа." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:1 +#: src/hostname/org.freedesktop.hostname1.policy.in:22 msgid "Set host name" -msgstr "Поставите назив машине" +msgstr "Постави назив машине" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:2 +#: src/hostname/org.freedesktop.hostname1.policy.in:23 msgid "Authentication is required to set the local host name." msgstr "Потребно је да се идентификујете да бисте поставили назив машине." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:3 +#: src/hostname/org.freedesktop.hostname1.policy.in:32 msgid "Set static host name" -msgstr "Поставите статички назив машине" +msgstr "Постави статички назив машине" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:4 +#: src/hostname/org.freedesktop.hostname1.policy.in:33 msgid "" "Authentication is required to set the statically configured local host name, " "as well as the pretty host name." @@ -93,111 +92,111 @@ msgstr "" "Потребно је да се идентификујете да бисте поставили статички назив машине и " "да бисте поставили леп назив машине." -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:5 +#: src/hostname/org.freedesktop.hostname1.policy.in:43 msgid "Set machine information" -msgstr "Поставите податке о машини" +msgstr "Постави податке о машини" -#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:6 +#: src/hostname/org.freedesktop.hostname1.policy.in:44 msgid "Authentication is required to set local machine information." msgstr "" "Потребно је да се идентификујете да бисте поставили податке о локалној " "машини." -#: ../src/import/org.freedesktop.import1.policy.in.h:1 +#: src/import/org.freedesktop.import1.policy.in:22 msgid "Import a VM or container image" -msgstr "Увезите ВМ или слику контејнера" +msgstr "Увези ВМ или слику контејнера" -#: ../src/import/org.freedesktop.import1.policy.in.h:2 +#: src/import/org.freedesktop.import1.policy.in:23 msgid "Authentication is required to import a VM or container image" msgstr "" "Потребно је да се идентификујете да бисте увезли виртуелну машину или слику " "контејнера" -#: ../src/import/org.freedesktop.import1.policy.in.h:3 +#: src/import/org.freedesktop.import1.policy.in:32 msgid "Export a VM or container image" -msgstr "Извезите ВМ или слику контејнера" +msgstr "Извези ВМ или слику контејнера" -#: ../src/import/org.freedesktop.import1.policy.in.h:4 +#: src/import/org.freedesktop.import1.policy.in:33 msgid "Authentication is required to export a VM or container image" msgstr "" "Потребно је да се идентификујете да бисте извезли виртуелну машину или слику " "контејнера" -#: ../src/import/org.freedesktop.import1.policy.in.h:5 +#: src/import/org.freedesktop.import1.policy.in:42 msgid "Download a VM or container image" -msgstr "Преузмите ВМ или слику контејнера" +msgstr "Преузми ВМ или слику контејнера" -#: ../src/import/org.freedesktop.import1.policy.in.h:6 +#: src/import/org.freedesktop.import1.policy.in:43 msgid "Authentication is required to download a VM or container image" msgstr "" "Потребно је да се идентификујете да бисте преузели виртуелну машину или " "слику контејнера" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:1 +#: src/locale/org.freedesktop.locale1.policy.in:22 msgid "Set system locale" -msgstr "Поставите основни језик система" +msgstr "Постави основни језик система" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:2 +#: src/locale/org.freedesktop.locale1.policy.in:23 msgid "Authentication is required to set the system locale." msgstr "" "Потребно је да се идентификујете да бисте поставили основни језик система." -#: ../src/locale/org.freedesktop.locale1.policy.in.h:3 +#: src/locale/org.freedesktop.locale1.policy.in:33 msgid "Set system keyboard settings" -msgstr "Поставите подешавање системске тастатуре" +msgstr "Постави подешавање системске тастатуре" -#: ../src/locale/org.freedesktop.locale1.policy.in.h:4 +#: src/locale/org.freedesktop.locale1.policy.in:34 msgid "Authentication is required to set the system keyboard settings." msgstr "" "Потребно је да се идентификујете да бисте поставили подешавања системске " "тастатуре." -#: ../src/login/org.freedesktop.login1.policy.in.h:1 +#: src/login/org.freedesktop.login1.policy.in:22 msgid "Allow applications to inhibit system shutdown" -msgstr "Дозволите програмима да спрече гашење система" +msgstr "Дозволи програмима да спрече гашење система" -#: ../src/login/org.freedesktop.login1.policy.in.h:2 +#: src/login/org.freedesktop.login1.policy.in:23 msgid "" "Authentication is required for an application to inhibit system shutdown." msgstr "" "Потребно је да се идентификујете да бисте дозволили програму да спречи " "гашење система." -#: ../src/login/org.freedesktop.login1.policy.in.h:3 +#: src/login/org.freedesktop.login1.policy.in:33 msgid "Allow applications to delay system shutdown" -msgstr "Дозволите програмима да одложе гашење система" +msgstr "Дозволи програмима да одложе гашење система" -#: ../src/login/org.freedesktop.login1.policy.in.h:4 +#: src/login/org.freedesktop.login1.policy.in:34 msgid "Authentication is required for an application to delay system shutdown." msgstr "" "Потребно је да се идентификујете да бисте дозволили програму да одложи " "гашење система." -#: ../src/login/org.freedesktop.login1.policy.in.h:5 +#: src/login/org.freedesktop.login1.policy.in:44 msgid "Allow applications to inhibit system sleep" -msgstr "Дозволите програмима да спрече спавање система" +msgstr "Дозволи програмима да спрече спавање система" -#: ../src/login/org.freedesktop.login1.policy.in.h:6 +#: src/login/org.freedesktop.login1.policy.in:45 msgid "Authentication is required for an application to inhibit system sleep." msgstr "" "Потребно је да се идентификујете да бисте дозволили програму да спречи " "спавање система." -#: ../src/login/org.freedesktop.login1.policy.in.h:7 +#: src/login/org.freedesktop.login1.policy.in:55 msgid "Allow applications to delay system sleep" -msgstr "Дозволите програмима да одложе спавање система" +msgstr "Дозволи програмима да одложе спавање система" -#: ../src/login/org.freedesktop.login1.policy.in.h:8 +#: src/login/org.freedesktop.login1.policy.in:56 msgid "Authentication is required for an application to delay system sleep." msgstr "" "Потребно је да се идентификујете да бисте дозволили програму да одложи " "спавање система." -#: ../src/login/org.freedesktop.login1.policy.in.h:9 +#: src/login/org.freedesktop.login1.policy.in:65 msgid "Allow applications to inhibit automatic system suspend" -msgstr "Дозволите програмима да спрече самосталну обуставу система" +msgstr "Дозволи програмима да спрече самосталну обуставу система" -#: ../src/login/org.freedesktop.login1.policy.in.h:10 +#: src/login/org.freedesktop.login1.policy.in:66 msgid "" "Authentication is required for an application to inhibit automatic system " "suspend." @@ -205,11 +204,11 @@ msgstr "" "Потребно је да се идентификујете да бисте дозволили програму да спречи " "самосталну обуставу система." -#: ../src/login/org.freedesktop.login1.policy.in.h:11 +#: src/login/org.freedesktop.login1.policy.in:75 msgid "Allow applications to inhibit system handling of the power key" -msgstr "Дозволите програмима да спрече систему управљање дугметом за напајање" +msgstr "Дозволи програмима да спрече систему управљање дугметом за напајање" -#: ../src/login/org.freedesktop.login1.policy.in.h:12 +#: src/login/org.freedesktop.login1.policy.in:76 msgid "" "Authentication is required for an application to inhibit system handling of " "the power key." @@ -217,11 +216,11 @@ msgstr "" "Потребно је да се идентификујете да бисте дозволили програму да спречи " "систему управљање дугметом за напајање." -#: ../src/login/org.freedesktop.login1.policy.in.h:13 +#: src/login/org.freedesktop.login1.policy.in:86 msgid "Allow applications to inhibit system handling of the suspend key" -msgstr "Дозволите програмима да спрече систему управљање дугметом за обуставу" +msgstr "Дозволи програмима да спрече систему управљање дугметом за обуставу" -#: ../src/login/org.freedesktop.login1.policy.in.h:14 +#: src/login/org.freedesktop.login1.policy.in:87 msgid "" "Authentication is required for an application to inhibit system handling of " "the suspend key." @@ -229,11 +228,11 @@ msgstr "" "Потребно је да се идентификујете да бисте дозволили програму да спречи " "систему управљање дугметом за обуставу." -#: ../src/login/org.freedesktop.login1.policy.in.h:15 +#: src/login/org.freedesktop.login1.policy.in:97 msgid "Allow applications to inhibit system handling of the hibernate key" -msgstr "Дозволите програмима да спрече систему управљање дугметом за спавање" +msgstr "Дозволи програмима да спрече систему управљање дугметом за спавање" -#: ../src/login/org.freedesktop.login1.policy.in.h:16 +#: src/login/org.freedesktop.login1.policy.in:98 msgid "" "Authentication is required for an application to inhibit system handling of " "the hibernate key." @@ -241,13 +240,13 @@ msgstr "" "Потребно је да се идентификујете да бисте дозволили програму да спречи " "систему управљање дугметом за спавање." -#: ../src/login/org.freedesktop.login1.policy.in.h:17 +#: src/login/org.freedesktop.login1.policy.in:107 msgid "Allow applications to inhibit system handling of the lid switch" msgstr "" -"Дозволите програмима да спрече систему да уради било шта приликом заклапања " +"Дозволи програмима да спрече систему да уради било шта приликом заклапања " "екрана" -#: ../src/login/org.freedesktop.login1.policy.in.h:18 +#: src/login/org.freedesktop.login1.policy.in:108 msgid "" "Authentication is required for an application to inhibit system handling of " "the lid switch." @@ -255,48 +254,58 @@ msgstr "" "Потребно је да се идентификујете да бисте дозволили програму да спречи " "систему да уради било шта приликом заклапања екрана." -#: ../src/login/org.freedesktop.login1.policy.in.h:19 +#: src/login/org.freedesktop.login1.policy.in:117 +msgid "Allow non-logged-in user to run programs" +msgstr "Дозволи непријављеним корисницима да покрећу програме" + +#: src/login/org.freedesktop.login1.policy.in:118 +msgid "Explicit request is required to run programs as a non-logged-in user." +msgstr "" +"Експлицитан захтев је потребан да бисте покретали програме као непријављен " +"корисник." + +#: src/login/org.freedesktop.login1.policy.in:127 msgid "Allow non-logged-in users to run programs" -msgstr "Дозволите непријављеним корисницима да покрећу програме" +msgstr "Дозволи непријављеним корисницима да покрећу програме" -#: ../src/login/org.freedesktop.login1.policy.in.h:20 +#: src/login/org.freedesktop.login1.policy.in:128 msgid "Authentication is required to run programs as a non-logged-in user." msgstr "" "Потребно је да се идентификујете да бисте покретали програме као непријављен " "корисник." -#: ../src/login/org.freedesktop.login1.policy.in.h:21 +#: src/login/org.freedesktop.login1.policy.in:137 msgid "Allow attaching devices to seats" -msgstr "Дозволите качење уређаја на седишта" +msgstr "Дозволи качење уређаја на седишта" -#: ../src/login/org.freedesktop.login1.policy.in.h:22 +#: src/login/org.freedesktop.login1.policy.in:138 msgid "Authentication is required for attaching a device to a seat." msgstr "Потребно је да се идентификујете да бисте закачили уређај на седиште." -#: ../src/login/org.freedesktop.login1.policy.in.h:23 +#: src/login/org.freedesktop.login1.policy.in:148 msgid "Flush device to seat attachments" msgstr "Испери уређај да би уседиштио закачено" -#: ../src/login/org.freedesktop.login1.policy.in.h:24 +#: src/login/org.freedesktop.login1.policy.in:149 msgid "" "Authentication is required for resetting how devices are attached to seats." msgstr "" "Потребно је да се идентификујете да бисте поново подесили како се уређаји " "каче на седишта." -#: ../src/login/org.freedesktop.login1.policy.in.h:25 +#: src/login/org.freedesktop.login1.policy.in:158 msgid "Power off the system" -msgstr "Искључите систем" +msgstr "Искључи систем" -#: ../src/login/org.freedesktop.login1.policy.in.h:26 +#: src/login/org.freedesktop.login1.policy.in:159 msgid "Authentication is required for powering off the system." msgstr "Потребно је да се идентификујете да бисте искључили систем." -#: ../src/login/org.freedesktop.login1.policy.in.h:27 +#: src/login/org.freedesktop.login1.policy.in:169 msgid "Power off the system while other users are logged in" -msgstr "Искључите систем док су други корисници пријављени" +msgstr "Искључи систем док су други корисници пријављени" -#: ../src/login/org.freedesktop.login1.policy.in.h:28 +#: src/login/org.freedesktop.login1.policy.in:170 msgid "" "Authentication is required for powering off the system while other users are " "logged in." @@ -304,11 +313,11 @@ msgstr "" "Потребно је да се идентификујете да бисте искључили систем док су други " "корисници пријављени." -#: ../src/login/org.freedesktop.login1.policy.in.h:29 +#: src/login/org.freedesktop.login1.policy.in:180 msgid "Power off the system while an application asked to inhibit it" -msgstr "Искључите систем иако је програм затражио да се спречи гашење" +msgstr "Искључи систем иако је програм затражио да се спречи гашење" -#: ../src/login/org.freedesktop.login1.policy.in.h:30 +#: src/login/org.freedesktop.login1.policy.in:181 msgid "" "Authentication is required for powering off the system while an application " "asked to inhibit it." @@ -316,19 +325,19 @@ msgstr "" "Потребно је да се идентификујете да бисте искључили систем иако је програм " "затражио да се спречи гашење система." -#: ../src/login/org.freedesktop.login1.policy.in.h:31 +#: src/login/org.freedesktop.login1.policy.in:191 msgid "Reboot the system" -msgstr "Поново покрените систем" +msgstr "Поново покрени систем" -#: ../src/login/org.freedesktop.login1.policy.in.h:32 +#: src/login/org.freedesktop.login1.policy.in:192 msgid "Authentication is required for rebooting the system." msgstr "Потребно је да се идентификујете да бисте поново покренули систем." -#: ../src/login/org.freedesktop.login1.policy.in.h:33 +#: src/login/org.freedesktop.login1.policy.in:202 msgid "Reboot the system while other users are logged in" -msgstr "Поново покрените систем док су други корисници пријављени" +msgstr "Поново покрени систем док су други корисници пријављени" -#: ../src/login/org.freedesktop.login1.policy.in.h:34 +#: src/login/org.freedesktop.login1.policy.in:203 msgid "" "Authentication is required for rebooting the system while other users are " "logged in." @@ -336,11 +345,11 @@ msgstr "" "Потребно је да се идентификујете да бисте поново покренули систем док су " "други корисници пријављени." -#: ../src/login/org.freedesktop.login1.policy.in.h:35 +#: src/login/org.freedesktop.login1.policy.in:213 msgid "Reboot the system while an application asked to inhibit it" -msgstr "Поново покрените систем иако је програм затражио да се спречи гашење" +msgstr "Поново покрени систем иако је програм затражио да се спречи гашење" -#: ../src/login/org.freedesktop.login1.policy.in.h:36 +#: src/login/org.freedesktop.login1.policy.in:214 msgid "" "Authentication is required for rebooting the system while an application " "asked to inhibit it." @@ -348,19 +357,51 @@ msgstr "" "Потребно је да се идентификујете да бисте поново покренули систем иако је " "програм затражио да се спречи гашење система." -#: ../src/login/org.freedesktop.login1.policy.in.h:37 +#: src/login/org.freedesktop.login1.policy.in:224 +msgid "Halt the system" +msgstr "Заустави систем" + +#: src/login/org.freedesktop.login1.policy.in:225 +msgid "Authentication is required for halting the system." +msgstr "Потребно је да се идентификујете да бисте зауставили систем." + +#: src/login/org.freedesktop.login1.policy.in:235 +msgid "Halt the system while other users are logged in" +msgstr "Заустави систем док су други корисници пријављени" + +#: src/login/org.freedesktop.login1.policy.in:236 +msgid "" +"Authentication is required for halting the system while other users are " +"logged in." +msgstr "" +"Потребно је да се идентификујете да бисте зауставили систем док су други " +"корисници пријављени." + +#: src/login/org.freedesktop.login1.policy.in:246 +msgid "Halt the system while an application asked to inhibit it" +msgstr "Заустави систем иако програм тражи да се спречи заустављање" + +#: src/login/org.freedesktop.login1.policy.in:247 +msgid "" +"Authentication is required for halting the system while an application asked " +"to inhibit it." +msgstr "" +"Потребно је да се идентификујете да бисте зауставили систем иако програм " +"тражи да се спречи заустављање система." + +#: src/login/org.freedesktop.login1.policy.in:257 msgid "Suspend the system" -msgstr "Обуставите систем" +msgstr "Обустави систем" -#: ../src/login/org.freedesktop.login1.policy.in.h:38 +#: src/login/org.freedesktop.login1.policy.in:258 msgid "Authentication is required for suspending the system." msgstr "Потребно је да се идентификујете да бисте обуставили систем." -#: ../src/login/org.freedesktop.login1.policy.in.h:39 +#: src/login/org.freedesktop.login1.policy.in:267 msgid "Suspend the system while other users are logged in" -msgstr "Обуставите систем док су други корисници пријављени" +msgstr "Обустави систем док су други корисници пријављени" -#: ../src/login/org.freedesktop.login1.policy.in.h:40 +#: src/login/org.freedesktop.login1.policy.in:268 msgid "" "Authentication is required for suspending the system while other users are " "logged in." @@ -368,11 +409,11 @@ msgstr "" "Потребно је да се идентификујете да бисте обуставили систем док су други " "корисници пријављени." -#: ../src/login/org.freedesktop.login1.policy.in.h:41 +#: src/login/org.freedesktop.login1.policy.in:278 msgid "Suspend the system while an application asked to inhibit it" -msgstr "Обуставите систем иако је програм затражио да се спречи обустава" +msgstr "Обуставите систем иако програм тражи да се спречи обустава" -#: ../src/login/org.freedesktop.login1.policy.in.h:42 +#: src/login/org.freedesktop.login1.policy.in:279 msgid "" "Authentication is required for suspending the system while an application " "asked to inhibit it." @@ -380,19 +421,19 @@ msgstr "" "Потребно је да се идентификујете да бисте обуставили систем иако је програм " "затражио да се спречи обустава система." -#: ../src/login/org.freedesktop.login1.policy.in.h:43 +#: src/login/org.freedesktop.login1.policy.in:289 msgid "Hibernate the system" -msgstr "Успавајте систем" +msgstr "Успавај систем" -#: ../src/login/org.freedesktop.login1.policy.in.h:44 +#: src/login/org.freedesktop.login1.policy.in:290 msgid "Authentication is required for hibernating the system." msgstr "Потребно је да се идентификујете да бисте успавали систем." -#: ../src/login/org.freedesktop.login1.policy.in.h:45 +#: src/login/org.freedesktop.login1.policy.in:299 msgid "Hibernate the system while other users are logged in" -msgstr "Успавајте систем док су други корисници пријављени" +msgstr "Успавај систем док су други корисници пријављени" -#: ../src/login/org.freedesktop.login1.policy.in.h:46 +#: src/login/org.freedesktop.login1.policy.in:300 msgid "" "Authentication is required for hibernating the system while other users are " "logged in." @@ -400,11 +441,11 @@ msgstr "" "Потребно је да се идентификујете да бисте успавали систем док су други " "корисници пријављени." -#: ../src/login/org.freedesktop.login1.policy.in.h:47 +#: src/login/org.freedesktop.login1.policy.in:310 msgid "Hibernate the system while an application asked to inhibit it" -msgstr "Успавајте систем иако је програм затражио да се спречи спавање" +msgstr "Успавај систем иако је програм затражио да се спречи спавање" -#: ../src/login/org.freedesktop.login1.policy.in.h:48 +#: src/login/org.freedesktop.login1.policy.in:311 msgid "" "Authentication is required for hibernating the system while an application " "asked to inhibit it." @@ -412,32 +453,32 @@ msgstr "" "Потребно је да се идентификујете да бисте успавали систем иако је програм " "затражио да се спречи успављивање система." -#: ../src/login/org.freedesktop.login1.policy.in.h:49 +#: src/login/org.freedesktop.login1.policy.in:321 msgid "Manage active sessions, users and seats" -msgstr "Управљајте покренутим сесијама, корисницима и седиштима" +msgstr "Управљај покренутим сесијама, корисницима и седиштима" -#: ../src/login/org.freedesktop.login1.policy.in.h:50 +#: src/login/org.freedesktop.login1.policy.in:322 msgid "" "Authentication is required for managing active sessions, users and seats." msgstr "" "Потребно је да се идентификујете да бисте управљали покренутим сесијама, " "корисницима и седиштима." -#: ../src/login/org.freedesktop.login1.policy.in.h:51 +#: src/login/org.freedesktop.login1.policy.in:331 msgid "Lock or unlock active sessions" -msgstr "Закључајте или откључајте покренуте сесије" +msgstr "Закључај или откључај покренуте сесије" -#: ../src/login/org.freedesktop.login1.policy.in.h:52 +#: src/login/org.freedesktop.login1.policy.in:332 msgid "Authentication is required to lock or unlock active sessions." msgstr "" "Потребно је да се идентификујете да бисте закључавали или откључавали " "покренуте сесије." -#: ../src/login/org.freedesktop.login1.policy.in.h:53 +#: src/login/org.freedesktop.login1.policy.in:341 msgid "Allow indication to the firmware to boot to setup interface" -msgstr "Напомените фирмверу да се подигне у режим подешавања интерфејса" +msgstr "Напомени фирмверу да се подигне у режиму подешавања интерфејса" -#: ../src/login/org.freedesktop.login1.policy.in.h:54 +#: src/login/org.freedesktop.login1.policy.in:342 msgid "" "Authentication is required to indicate to the firmware to boot to setup " "interface." @@ -445,89 +486,89 @@ msgstr "" "Потребно је да се идентификујете да бисте напоменули фирмверу да се подигне " "у режиму подешавања интерфејса." -#: ../src/login/org.freedesktop.login1.policy.in.h:55 +#: src/login/org.freedesktop.login1.policy.in:351 msgid "Set a wall message" -msgstr "Поставите зидну поруку" +msgstr "Постави зидну поруку" -#: ../src/login/org.freedesktop.login1.policy.in.h:56 +#: src/login/org.freedesktop.login1.policy.in:352 msgid "Authentication is required to set a wall message" msgstr "Потребно је да се идентификујете да бисте поставили зидну поруку" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:1 +#: src/machine/org.freedesktop.machine1.policy.in:22 msgid "Log into a local container" -msgstr "Пријавите се у локални контејнер" +msgstr "Пријави се у локални контејнер" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:2 +#: src/machine/org.freedesktop.machine1.policy.in:23 msgid "Authentication is required to log into a local container." msgstr "" "Потребно је да се идентификујете да бисте се пријавили у локални контејнер." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:3 +#: src/machine/org.freedesktop.machine1.policy.in:32 msgid "Log into the local host" -msgstr "Пријавите се у локалног домаћина" +msgstr "Пријави се у локалног домаћина" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:4 +#: src/machine/org.freedesktop.machine1.policy.in:33 msgid "Authentication is required to log into the local host." msgstr "" "Потребно је да се идентификујете да бисте се пријавили у локалног домаћина." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:5 +#: src/machine/org.freedesktop.machine1.policy.in:42 msgid "Acquire a shell in a local container" -msgstr "Добијте приступ шкољци унутар локалног контејнера" +msgstr "Добиј приступ шкољци унутар локалног контејнера" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:6 +#: src/machine/org.freedesktop.machine1.policy.in:43 msgid "Authentication is required to acquire a shell in a local container." msgstr "" "Потребно је да се идентификујете да бисте добили приступ шкољци унутар " "локалног контејнера." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:7 +#: src/machine/org.freedesktop.machine1.policy.in:53 msgid "Acquire a shell on the local host" -msgstr "Добијте приступ шкољци на локалном домаћину" +msgstr "Добиј приступ шкољци на локалном домаћину" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:8 +#: src/machine/org.freedesktop.machine1.policy.in:54 msgid "Authentication is required to acquire a shell on the local host." msgstr "" "Потребно је да се идентификујете да бисте добили приступ шкољци на локалном " "домаћину." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:9 +#: src/machine/org.freedesktop.machine1.policy.in:64 msgid "Acquire a pseudo TTY in a local container" -msgstr "Добијте приступ псеудо писаћој машини унутар локалног контејнера" +msgstr "Добиј приступ псеудо писаћој машини унутар локалног контејнера" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:10 +#: src/machine/org.freedesktop.machine1.policy.in:65 msgid "" "Authentication is required to acquire a pseudo TTY in a local container." msgstr "" "Потребно је да се идентификујете да бисте добили приступ псеудо писаћој " "машини унутар локалног контејнера." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:11 +#: src/machine/org.freedesktop.machine1.policy.in:74 msgid "Acquire a pseudo TTY on the local host" -msgstr "Добијте приступ псеудо писаћој машини на локалном домаћину" +msgstr "Добиј приступ псеудо писаћој машини на локалном домаћину" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:12 +#: src/machine/org.freedesktop.machine1.policy.in:75 msgid "Authentication is required to acquire a pseudo TTY on the local host." msgstr "" "Потребно је да се идентификујете да бисте добили приступ псеудо писаћој " "машини на локалном домаћину." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:13 +#: src/machine/org.freedesktop.machine1.policy.in:84 msgid "Manage local virtual machines and containers" -msgstr "Управљајте локалним виртуелним машинама и контејнерима" +msgstr "Управљај локалним виртуелним машинама и контејнерима" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:14 +#: src/machine/org.freedesktop.machine1.policy.in:85 msgid "" "Authentication is required to manage local virtual machines and containers." msgstr "" "Потребно је да се идентификујете да бисте управљали локалним виртуелним " "машинама и контејнерима." -#: ../src/machine/org.freedesktop.machine1.policy.in.h:15 +#: src/machine/org.freedesktop.machine1.policy.in:95 msgid "Manage local virtual machine and container images" -msgstr "Управљајте локалним виртуелним машинама и сликама контејнера" +msgstr "Управљај локалним виртуелним машинама и сликама контејнера" -#: ../src/machine/org.freedesktop.machine1.policy.in.h:16 +#: src/machine/org.freedesktop.machine1.policy.in:96 msgid "" "Authentication is required to manage local virtual machine and container " "images." @@ -535,28 +576,46 @@ msgstr "" "Потребно је да се идентификујете да бисте управљали локалним виртуелним " "машинама и сликама контејнера." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:1 +#: src/resolve/org.freedesktop.resolve1.policy.in:22 +msgid "Register a DNS-SD service" +msgstr "Региструј DNS-SD услугу" + +#: src/resolve/org.freedesktop.resolve1.policy.in:23 +msgid "Authentication is required to register a DNS-SD service" +msgstr "Потребно је да се идентификујете да бисте регистровали DNS-SD услугу" + +#: src/resolve/org.freedesktop.resolve1.policy.in:33 +msgid "Unregister a DNS-SD service" +msgstr "Укини регистрацију DNS-SD услуге" + +#: src/resolve/org.freedesktop.resolve1.policy.in:34 +msgid "Authentication is required to unregister a DNS-SD service" +msgstr "" +"Потребно је да се идентификујете да бисте укинули регистрацију DNS-SD услуге" + +#: src/timedate/org.freedesktop.timedate1.policy.in:22 msgid "Set system time" -msgstr "Поставите системско време" +msgstr "Постави системско време" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:2 +#: src/timedate/org.freedesktop.timedate1.policy.in:23 msgid "Authentication is required to set the system time." msgstr "Потребно је да се идентификујете да бисте поставили системско време." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:3 +#: src/timedate/org.freedesktop.timedate1.policy.in:33 msgid "Set system timezone" -msgstr "Поставите системску временску зону" +msgstr "Постави системску временску зону" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:4 +#: src/timedate/org.freedesktop.timedate1.policy.in:34 msgid "Authentication is required to set the system timezone." msgstr "" "Потребно је да се идентификујете да бисте поставили системску временску зону." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:5 +#: src/timedate/org.freedesktop.timedate1.policy.in:43 msgid "Set RTC to local timezone or UTC" -msgstr "Поставите RTC на локалну временску зону или UTC зону" +msgstr "" +"Постави часовник реалног времена на локалну временску зону или UTC зону" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:6 +#: src/timedate/org.freedesktop.timedate1.policy.in:44 msgid "" "Authentication is required to control whether the RTC stores the local or " "UTC time." @@ -564,11 +623,11 @@ msgstr "" "Потребно је да се идентификујете да бисте подесили да ли RTC чува локално " "или UTC време." -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:7 +#: src/timedate/org.freedesktop.timedate1.policy.in:54 msgid "Turn network time synchronization on or off" -msgstr "Укључите или искључите усклађивање времена са мреже" +msgstr "Укључи или искључи усклађивање времена са мреже" -#: ../src/timedate/org.freedesktop.timedate1.policy.in.h:8 +#: src/timedate/org.freedesktop.timedate1.policy.in:55 msgid "" "Authentication is required to control whether network time synchronization " "shall be enabled." @@ -576,33 +635,43 @@ msgstr "" "Потребно је да се идентификујете да бисте подесили да ли се време усклађује " "са мреже." -#: ../src/core/dbus-unit.c:428 +#: src/core/dbus-unit.c:496 msgid "Authentication is required to start '$(unit)'." msgstr "Потребно је да се идентификујете да бисте покренули „$(unit)“." -#: ../src/core/dbus-unit.c:429 +#: src/core/dbus-unit.c:497 msgid "Authentication is required to stop '$(unit)'." msgstr "Потребно је да се идентификујете да бисте зауставили „$(unit)“." -#: ../src/core/dbus-unit.c:430 +#: src/core/dbus-unit.c:498 msgid "Authentication is required to reload '$(unit)'." msgstr "Потребно је да се идентификујете да бисте поново учитали „$(unit)“." -#: ../src/core/dbus-unit.c:431 ../src/core/dbus-unit.c:432 +#: src/core/dbus-unit.c:499 src/core/dbus-unit.c:500 msgid "Authentication is required to restart '$(unit)'." msgstr "Потребно је да се идентификујете да бисте поново покренули „$(unit)“." -#: ../src/core/dbus-unit.c:535 +#: src/core/dbus-unit.c:607 msgid "Authentication is required to kill '$(unit)'." msgstr "Потребно је да се идентификујете да бисте убили „$(unit)“." -#: ../src/core/dbus-unit.c:565 +#: src/core/dbus-unit.c:638 msgid "Authentication is required to reset the \"failed\" state of '$(unit)'." msgstr "" "Потребно је да се идентификујете да бисте поново поставили „неуспешно“ стање " "за „$(unit)“." -#: ../src/core/dbus-unit.c:597 +#: src/core/dbus-unit.c:671 msgid "Authentication is required to set properties on '$(unit)'." msgstr "" "Потребно је да се идентификујете да бисте поставили својства за „$(unit)“." + +msgid "Press Ctrl+C to cancel all filesystem checks in progress" +msgstr "" +"Притисните Ctrl+C да бисте прекинули све текуће провере система датотека" + +msgid "Checking in progress on %d disk (%3.1f%% complete)" +msgid_plural "Checking in progress on %d disks (%3.1f%% complete)" +msgstr[0] "Провера у току на %d диску (%3.1f%% готово)" +msgstr[1] "Провера у току на %d диска (%3.1f%% готово)" +msgstr[2] "Провера у току на %d дискова (%3.1f%% готово)" diff --git a/rules/50-udev-default.rules.in b/rules/50-udev-default.rules.in index 191f56f42e..f81c4d0fc5 100644 --- a/rules/50-udev-default.rules.in +++ b/rules/50-udev-default.rules.in @@ -22,7 +22,7 @@ SUBSYSTEM=="tty", KERNEL=="sclp_line[0-9]*", GROUP="tty", MODE="0620" SUBSYSTEM=="tty", KERNEL=="ttysclp[0-9]*", GROUP="tty", MODE="0620" SUBSYSTEM=="tty", KERNEL=="3270/tty[0-9]*", GROUP="tty", MODE="0620" SUBSYSTEM=="vc", KERNEL=="vcs*|vcsa*", GROUP="tty" -KERNEL=="tty[A-Z]*[0-9]|ttymxc[0-9]*|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="dialout" +KERNEL=="tty[A-Z]*[0-9]|ttymxc[0-9]*|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="uucp" SUBSYSTEM=="mem", KERNEL=="mem|kmem|port", GROUP="kmem", MODE="0640" @@ -57,13 +57,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp" SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??:*", GROUP="lp" SUBSYSTEM=="block", GROUP="disk" -SUBSYSTEM=="block", KERNEL=="sr[0-9]*", GROUP="cdrom" -SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", GROUP="cdrom" -KERNEL=="sch[0-9]*", GROUP="cdrom" -KERNEL=="pktcdvd[0-9]*", GROUP="cdrom" -KERNEL=="pktcdvd", GROUP="cdrom" +SUBSYSTEM=="block", KERNEL=="sr[0-9]*", GROUP="optical" +SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", GROUP="optical" +KERNEL=="sch[0-9]*", GROUP="optical" +KERNEL=="pktcdvd[0-9]*", GROUP="optical" +KERNEL=="pktcdvd", GROUP="optical" -SUBSYSTEM=="scsi_generic|scsi_tape", SUBSYSTEMS=="scsi", ATTRS{type}=="1|8", GROUP="tape" +SUBSYSTEM=="scsi_generic|scsi_tape", SUBSYSTEMS=="scsi", ATTRS{type}=="1|8", GROUP="storage" SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="0", GROUP="disk" KERNEL=="qft[0-9]*|nqft[0-9]*|zqft[0-9]*|nzqft[0-9]*|rawqft[0-9]*|nrawqft[0-9]*", GROUP="disk" KERNEL=="loop-control", GROUP="disk", OPTIONS+="static_node=loop-control" diff --git a/rules/64-btrfs.rules.in b/rules/64-btrfs.rules.in index c3a0972f2e..aad29afb8b 100644 --- a/rules/64-btrfs.rules.in +++ b/rules/64-btrfs.rules.in @@ -3,6 +3,7 @@ SUBSYSTEM!="block", GOTO="btrfs_end" ACTION=="remove", GOTO="btrfs_end" ENV{ID_FS_TYPE}!="btrfs", GOTO="btrfs_end" +ENV{SYSTEMD_READY}=="0", GOTO="btrfs_end" # let the kernel know about this btrfs filesystem, and check if it is complete IMPORT{builtin}="btrfs ready $devnode" diff --git a/shell-completion/bash/systemd-analyze b/shell-completion/bash/systemd-analyze index fb30487613..a66ddccb02 100644 --- a/shell-completion/bash/systemd-analyze +++ b/shell-completion/bash/systemd-analyze @@ -36,13 +36,13 @@ _systemd_analyze() { local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} local -A OPTS=( - [STANDALONE]='-h --help --version --system --user --order --require --no-pager + [STANDALONE]='-h --help --version --system --user --global --order --require --no-pager --man=no --generators=yes' [ARG]='-H --host -M --machine --fuzz --from-pattern --to-pattern' ) local -A VERBS=( - [STANDALONE]='time blame plot dump calendar' + [STANDALONE]='time blame plot dump unit-paths calendar' [CRITICAL_CHAIN]='critical-chain' [DOT]='dot' [LOG_LEVEL]='log-level' @@ -85,7 +85,7 @@ _systemd_analyze() { elif __contains_word "$verb" ${VERBS[STANDALONE]}; then if [[ $cur = -* ]]; then - comps='--help --version --system --user' + comps='--help --version --system --user --global' fi elif __contains_word "$verb" ${VERBS[CRITICAL_CHAIN]}; then @@ -95,7 +95,7 @@ _systemd_analyze() { elif __contains_word "$verb" ${VERBS[DOT]}; then if [[ $cur = -* ]]; then - comps='--help --version --system --user --from-pattern --to-pattern --order --require' + comps='--help --version --system --user --global --from-pattern --to-pattern --order --require' fi elif __contains_word "$verb" ${VERBS[LOG_LEVEL]}; then @@ -119,7 +119,7 @@ _systemd_analyze() { elif __contains_word "$verb" ${VERBS[VERIFY]}; then if [[ $cur = -* ]]; then - comps='--help --version --system --user --man=no --generators=yes' + comps='--help --version --system --user --global --man=no --generators=yes' else comps=$( compgen -A file -- "$cur" ) compopt -o filenames diff --git a/shell-completion/zsh/_systemd-analyze b/shell-completion/zsh/_systemd-analyze index ae13f4bbde..bccdb951f1 100644 --- a/shell-completion/zsh/_systemd-analyze +++ b/shell-completion/zsh/_systemd-analyze @@ -33,6 +33,7 @@ _systemd_analyze_command(){ 'plot:Output SVG graphic showing service initialization' 'dot:Dump dependency graph (in dot(1) format)' 'dump:Dump server status' + 'unit-paths':List unit load paths' 'log-level:Get/set systemd log threshold' 'log-target:Get/set systemd log target' 'service-watchdogs:Get/set service watchdog status' @@ -62,6 +63,7 @@ _arguments \ '--version[Show package version]' \ '--system[Operate on system systemd instance]' \ '--user[Operate on user systemd instance]' \ + '--global[Show global user instance config]' \ '--no-pager[Do not pipe output into a pager]' \ '--man=[Do (not) check for existence of man pages]:boolean:(1 0)' \ '--order[When generating graph for dot, show only order]' \ diff --git a/src/activate/activate.c b/src/activate/activate.c index c07dcb8626..c856c8c100 100644 --- a/src/activate/activate.c +++ b/src/activate/activate.c @@ -199,15 +199,10 @@ static int exec_process(const char* name, char **argv, char **env, int start_fd, if (arg_inetd) { assert(n_fds == 1); - r = dup2(start_fd, STDIN_FILENO); + r = rearrange_stdio(start_fd, start_fd, STDERR_FILENO); /* invalidates start_fd on success + error */ if (r < 0) - return log_error_errno(errno, "Failed to dup connection to stdin: %m"); + return log_error_errno(errno, "Failed to move fd to stdin+stdout: %m"); - r = dup2(start_fd, STDOUT_FILENO); - if (r < 0) - return log_error_errno(errno, "Failed to dup connection to stdout: %m"); - - start_fd = safe_close(start_fd); } else { if (start_fd != SD_LISTEN_FDS_START) { assert(n_fds == 1); diff --git a/src/analyze/analyze.c b/src/analyze/analyze.c index f9e05d4d2e..ab1895d1c3 100644 --- a/src/analyze/analyze.c +++ b/src/analyze/analyze.c @@ -80,7 +80,7 @@ static usec_t arg_fuzz = 0; static bool arg_no_pager = false; static BusTransport arg_transport = BUS_TRANSPORT_LOCAL; static const char *arg_host = NULL; -static bool arg_user = false; +static UnitFileScope arg_scope = UNIT_FILE_SYSTEM; static bool arg_man = true; static bool arg_generators = false; @@ -132,10 +132,12 @@ struct host_info { }; static int acquire_bus(bool need_full_bus, sd_bus **bus) { + bool user = arg_scope != UNIT_FILE_SYSTEM; + if (need_full_bus) - return bus_connect_transport(arg_transport, arg_host, arg_user, bus); + return bus_connect_transport(arg_transport, arg_host, user, bus); else - return bus_connect_transport_systemd(arg_transport, arg_host, arg_user, bus); + return bus_connect_transport_systemd(arg_transport, arg_host, user, bus); } static int bus_get_uint64_property(sd_bus *bus, const char *path, const char *interface, const char *property, uint64_t *val) { @@ -294,7 +296,12 @@ static int acquire_boot_times(sd_bus *bus, struct boot_times **bt) { return -EINPROGRESS; } - if (arg_user) { + if (arg_scope == UNIT_FILE_SYSTEM) { + if (times.initrd_time > 0) + times.kernel_done_time = times.initrd_time; + else + times.kernel_done_time = times.userspace_time; + } else { /* * User-instance-specific timestamps processing * (see comment to reverse_offset in struct boot_times). @@ -312,11 +319,6 @@ static int acquire_boot_times(sd_bus *bus, struct boot_times **bt) { subtract_timestamp(×.unitsload_start_time, times.reverse_offset); subtract_timestamp(×.unitsload_finish_time, times.reverse_offset); - } else { - if (times.initrd_time) - times.kernel_done_time = times.initrd_time; - else - times.kernel_done_time = times.userspace_time; } cached = true; @@ -439,8 +441,7 @@ static int acquire_time_data(sd_bus *bus, struct unit_times **out) { return c; fail: - if (unit_times) - free_unit_times(unit_times, (unsigned) c); + free_unit_times(unit_times, (unsigned) c); return r; } @@ -537,19 +538,20 @@ static int pretty_boot_time(sd_bus *bus, char **_buf) { size = sizeof(buf); size = strpcpyf(&ptr, size, "Startup finished in "); - if (t->firmware_time) + if (t->firmware_time > 0) size = strpcpyf(&ptr, size, "%s (firmware) + ", format_timespan(ts, sizeof(ts), t->firmware_time - t->loader_time, USEC_PER_MSEC)); - if (t->loader_time) + if (t->loader_time > 0) size = strpcpyf(&ptr, size, "%s (loader) + ", format_timespan(ts, sizeof(ts), t->loader_time, USEC_PER_MSEC)); - if (t->kernel_time) + if (t->kernel_time > 0) size = strpcpyf(&ptr, size, "%s (kernel) + ", format_timespan(ts, sizeof(ts), t->kernel_done_time, USEC_PER_MSEC)); if (t->initrd_time > 0) size = strpcpyf(&ptr, size, "%s (initrd) + ", format_timespan(ts, sizeof(ts), t->userspace_time - t->initrd_time, USEC_PER_MSEC)); size = strpcpyf(&ptr, size, "%s (userspace) ", format_timespan(ts, sizeof(ts), t->finish_time - t->userspace_time, USEC_PER_MSEC)); - strpcpyf(&ptr, size, "= %s", format_timespan(ts, sizeof(ts), t->firmware_time + t->finish_time, USEC_PER_MSEC)); + if (t->kernel_time > 0) + strpcpyf(&ptr, size, "= %s", format_timespan(ts, sizeof(ts), t->firmware_time + t->finish_time, USEC_PER_MSEC)); - if (unit_id && (activated_time > 0 && activated_time != USEC_INFINITY)) + if (unit_id && activated_time > 0 && activated_time != USEC_INFINITY) size = strpcpyf(&ptr, size, "\n%s reached after %s in userspace", unit_id, format_timespan(ts, sizeof(ts), activated_time - t->userspace_time, USEC_PER_MSEC)); else if (unit_id && activated_time == 0) size = strpcpyf(&ptr, size, "\n%s was never reached", unit_id); @@ -628,14 +630,14 @@ static int analyze_plot(int argc, char *argv[], void *userdata) { if (boot->firmware_time > boot->loader_time) m++; - if (boot->loader_time) { + if (boot->loader_time > 0) { m++; if (width < 1000.0) width = 1000.0; } - if (boot->initrd_time) + if (boot->initrd_time > 0) m++; - if (boot->kernel_time) + if (boot->kernel_time > 0) m++; for (u = times; u < times + n; u++) { @@ -724,22 +726,22 @@ static int analyze_plot(int argc, char *argv[], void *userdata) { svg("<g transform=\"translate(%.3f,100)\">\n", 20.0 + (SCALE_X * boot->firmware_time)); svg_graph_box(m, -(double) boot->firmware_time, boot->finish_time); - if (boot->firmware_time) { + if (boot->firmware_time > 0) { svg_bar("firmware", -(double) boot->firmware_time, -(double) boot->loader_time, y); svg_text(true, -(double) boot->firmware_time, y, "firmware"); y++; } - if (boot->loader_time) { + if (boot->loader_time > 0) { svg_bar("loader", -(double) boot->loader_time, 0, y); svg_text(true, -(double) boot->loader_time, y, "loader"); y++; } - if (boot->kernel_time) { + if (boot->kernel_time > 0) { svg_bar("kernel", 0, boot->kernel_done_time, y); svg_text(true, 0, y, "kernel"); y++; } - if (boot->initrd_time) { + if (boot->initrd_time > 0) { svg_bar("initrd", boot->initrd_time, boot->userspace_time, y); svg_text(true, boot->initrd_time, y, "initrd"); y++; @@ -817,7 +819,7 @@ static int list_dependencies_print(const char *name, unsigned int level, unsigne printf("%s", special_glyph(last ? TREE_RIGHT : TREE_BRANCH)); if (times) { - if (times->time) + if (times->time > 0) printf("%s%s @%s +%s%s", ansi_highlight_red(), name, format_timespan(ts, sizeof(ts), times->activating - boot->userspace_time, USEC_PER_MSEC), format_timespan(ts2, sizeof(ts2), times->time, USEC_PER_MSEC), ansi_normal()); @@ -863,6 +865,11 @@ static int list_dependencies_compare(const void *_a, const void *_b) { return usb - usa; } +static bool times_in_range(const struct unit_times *times, const struct boot_times *boot) { + return times && + times->activated > 0 && times->activated <= boot->finish_time; +} + static int list_dependencies_one(sd_bus *bus, const char *name, unsigned int level, char ***units, unsigned int branches) { _cleanup_strv_free_ char **deps = NULL; @@ -888,11 +895,9 @@ static int list_dependencies_one(sd_bus *bus, const char *name, unsigned int lev STRV_FOREACH(c, deps) { times = hashmap_get(unit_times_hashmap, *c); - if (times - && times->activated - && times->activated <= boot->finish_time - && (times->activated >= service_longest - || service_longest == 0)) { + if (times_in_range(times, boot) && + (times->activated >= service_longest + || service_longest == 0)) { service_longest = times->activated; break; } @@ -903,7 +908,8 @@ static int list_dependencies_one(sd_bus *bus, const char *name, unsigned int lev STRV_FOREACH(c, deps) { times = hashmap_get(unit_times_hashmap, *c); - if (times && times->activated && times->activated <= boot->finish_time && (service_longest - times->activated) <= arg_fuzz) + if (times_in_range(times, boot) && + service_longest - times->activated <= arg_fuzz) to_print++; } @@ -912,10 +918,8 @@ static int list_dependencies_one(sd_bus *bus, const char *name, unsigned int lev STRV_FOREACH(c, deps) { times = hashmap_get(unit_times_hashmap, *c); - if (!times - || !times->activated - || times->activated > boot->finish_time - || service_longest - times->activated > arg_fuzz) + if (!times_in_range(times, boot) || + service_longest - times->activated > arg_fuzz) continue; to_print--; @@ -937,7 +941,7 @@ static int list_dependencies_one(sd_bus *bus, const char *name, unsigned int lev if (r < 0) return r; - if (!to_print) + if (to_print == 0) break; } return 0; @@ -1291,7 +1295,7 @@ static int dump(int argc, char *argv[], void *userdata) { &reply, NULL); if (r < 0) - return log_error_errno(r, "Failed issue method call: %s", bus_error_message(&error, r)); + return log_error_errno(r, "Failed to issue method call: %s", bus_error_message(&error, r)); r = sd_bus_message_read(reply, "s", &text); if (r < 0) @@ -1413,6 +1417,21 @@ static int get_or_set_log_target(int argc, char *argv[], void *userdata) { return (argc == 1) ? get_log_target(argc, argv, userdata) : set_log_target(argc, argv, userdata); } +static int dump_unit_paths(int argc, char *argv[], void *userdata) { + _cleanup_lookup_paths_free_ LookupPaths paths = {}; + int r; + char **p; + + r = lookup_paths_init(&paths, arg_scope, 0, NULL); + if (r < 0) + return log_error_errno(r, "lookup_paths_init() failed: %m"); + + STRV_FOREACH(p, paths.search_path) + puts(*p); + + return 0; +} + #if HAVE_SECCOMP static void dump_syscall_filter(const SyscallFilterSet *set) { const char *syscall; @@ -1496,7 +1515,7 @@ static int test_calendar(int argc, char *argv[], void *userdata) { r = calendar_spec_to_string(spec, &t); if (r < 0) { - ret = log_error_errno(r, "Failed to fomat calendar specification '%s': %m", *p); + ret = log_error_errno(r, "Failed to format calendar specification '%s': %m", *p); continue; } @@ -1583,10 +1602,7 @@ static int service_watchdogs(int argc, char *argv[], void *userdata) { } static int do_verify(int argc, char *argv[], void *userdata) { - return verify_units(strv_skip(argv, 1), - arg_user ? UNIT_FILE_USER : UNIT_FILE_SYSTEM, - arg_man, - arg_generators); + return verify_units(strv_skip(argv, 1), arg_scope, arg_man, arg_generators); } static int help(int argc, char *argv[], void *userdata) { @@ -1600,6 +1616,7 @@ static int help(int argc, char *argv[], void *userdata) { " --no-pager Do not pipe output into a pager\n" " --system Operate on system systemd instance\n" " --user Operate on user systemd instance\n" + " --global Operate on global user configuration\n" " -H --host=[USER@]HOST Operate on remote host\n" " -M --machine=CONTAINER Operate on local container\n" " --order Show only order in the graph\n" @@ -1619,6 +1636,7 @@ static int help(int argc, char *argv[], void *userdata) { " log-level [LEVEL] Get/set logging threshold for manager\n" " log-target [TARGET] Get/set logging target for manager\n" " dump Output state serialization of service manager\n" + " unit-paths List load directories for units\n" " syscall-filter [NAME...] Print list of syscalls in seccomp filter\n" " verify FILE... Check unit files for correctness\n" " calendar SPEC... Validate repetitive calendar time events\n" @@ -1637,8 +1655,9 @@ static int parse_argv(int argc, char *argv[]) { ARG_VERSION = 0x100, ARG_ORDER, ARG_REQUIRE, - ARG_USER, ARG_SYSTEM, + ARG_USER, + ARG_GLOBAL, ARG_DOT_FROM_PATTERN, ARG_DOT_TO_PATTERN, ARG_FUZZ, @@ -1652,8 +1671,9 @@ static int parse_argv(int argc, char *argv[]) { { "version", no_argument, NULL, ARG_VERSION }, { "order", no_argument, NULL, ARG_ORDER }, { "require", no_argument, NULL, ARG_REQUIRE }, - { "user", no_argument, NULL, ARG_USER }, { "system", no_argument, NULL, ARG_SYSTEM }, + { "user", no_argument, NULL, ARG_USER }, + { "global", no_argument, NULL, ARG_GLOBAL }, { "from-pattern", required_argument, NULL, ARG_DOT_FROM_PATTERN }, { "to-pattern", required_argument, NULL, ARG_DOT_TO_PATTERN }, { "fuzz", required_argument, NULL, ARG_FUZZ }, @@ -1679,12 +1699,16 @@ static int parse_argv(int argc, char *argv[]) { case ARG_VERSION: return version(); + case ARG_SYSTEM: + arg_scope = UNIT_FILE_SYSTEM; + break; + case ARG_USER: - arg_user = true; + arg_scope = UNIT_FILE_USER; break; - case ARG_SYSTEM: - arg_user = false; + case ARG_GLOBAL: + arg_scope = UNIT_FILE_GLOBAL; break; case ARG_ORDER: @@ -1762,6 +1786,12 @@ static int parse_argv(int argc, char *argv[]) { assert_not_reached("Unhandled option code."); } + if (arg_scope == UNIT_FILE_GLOBAL && + !STR_IN_SET(argv[optind] ?: "time", "dot", "unit-paths", "verify")) { + log_error("Option --global only makes sense with verbs dot, unit-paths, verify."); + return -EINVAL; + } + return 1; /* work to do */ } @@ -1782,6 +1812,7 @@ int main(int argc, char *argv[]) { { "set-log-target", 2, 2, 0, set_log_target }, { "get-log-target", VERB_ANY, 1, 0, get_log_target }, { "dump", VERB_ANY, 1, 0, dump }, + { "unit-paths", 1, 1, 0, dump_unit_paths }, { "syscall-filter", VERB_ANY, VERB_ANY, 0, dump_syscall_filters }, { "verify", 2, VERB_ANY, 0, do_verify }, { "calendar", 2, VERB_ANY, 0, test_calendar }, diff --git a/src/basic/alloc-util.h b/src/basic/alloc-util.h index 02dee37d36..ec7808c1f7 100644 --- a/src/basic/alloc-util.h +++ b/src/basic/alloc-util.h @@ -74,12 +74,14 @@ _malloc_ _alloc_(1, 2) static inline void *malloc_multiply(size_t size, size_t return malloc(size * need); } -_alloc_(2, 3) static inline void *realloc_multiply(void *p, size_t size, size_t need) { +#if !HAVE_REALLOCARRAY +_alloc_(2, 3) static inline void *reallocarray(void *p, size_t need, size_t size) { if (size_multiply_overflow(size, need)) return NULL; return realloc(p, size * need); } +#endif _alloc_(2, 3) static inline void *memdup_multiply(const void *p, size_t size, size_t need) { if (size_multiply_overflow(size, need)) diff --git a/src/basic/bpf-program.c b/src/basic/bpf-program.c index 3690f812ae..a244742f91 100644 --- a/src/basic/bpf-program.c +++ b/src/basic/bpf-program.c @@ -28,6 +28,8 @@ #include "fd-util.h" #include "log.h" #include "missing.h" +#include "path-util.h" +#include "util.h" int bpf_program_new(uint32_t prog_type, BPFProgram **ret) { _cleanup_(bpf_program_unrefp) BPFProgram *p = NULL; @@ -36,6 +38,7 @@ int bpf_program_new(uint32_t prog_type, BPFProgram **ret) { if (!p) return log_oom(); + p->n_ref = 1; p->prog_type = prog_type; p->kernel_fd = -1; @@ -44,12 +47,39 @@ int bpf_program_new(uint32_t prog_type, BPFProgram **ret) { return 0; } +BPFProgram *bpf_program_ref(BPFProgram *p) { + if (!p) + return NULL; + + assert(p->n_ref > 0); + p->n_ref++; + + return p; +} + BPFProgram *bpf_program_unref(BPFProgram *p) { if (!p) return NULL; + assert(p->n_ref > 0); + p->n_ref--; + + if (p->n_ref > 0) + return NULL; + + /* Unfortunately, the kernel currently doesn't implicitly detach BPF programs from their cgroups when the last + * fd to the BPF program is closed. This has nasty side-effects since this means that abnormally terminated + * programs that attached one of their BPF programs to a cgroup will leave this programs pinned for good with + * zero chance of recovery, until the cgroup is removed. This is particularly problematic if the cgroup in + * question is the root cgroup (or any other cgroup belonging to a service that cannot be restarted during + * operation, such as dbus), as the memory for the BPF program can only be reclaimed through a reboot. To + * counter this, we track closely to which cgroup a program was attached to and will detach it on our own + * whenever we close the BPF fd. */ + (void) bpf_program_cgroup_detach(p); + safe_close(p->kernel_fd); free(p->instructions); + free(p->attached_path); return mfree(p); } @@ -58,6 +88,9 @@ int bpf_program_add_instructions(BPFProgram *p, const struct bpf_insn *instructi assert(p); + if (p->kernel_fd >= 0) /* don't allow modification after we uploaded things to the kernel */ + return -EBUSY; + if (!GREEDY_REALLOC(p->instructions, p->allocated, p->n_instructions + count)) return -ENOMEM; @@ -72,8 +105,10 @@ int bpf_program_load_kernel(BPFProgram *p, char *log_buf, size_t log_size) { assert(p); - if (p->kernel_fd >= 0) - return -EBUSY; + if (p->kernel_fd >= 0) { /* make this idempotent */ + memzero(log_buf, log_size); + return 0; + } attr = (union bpf_attr) { .prog_type = p->prog_type, @@ -93,13 +128,47 @@ int bpf_program_load_kernel(BPFProgram *p, char *log_buf, size_t log_size) { } int bpf_program_cgroup_attach(BPFProgram *p, int type, const char *path, uint32_t flags) { + _cleanup_free_ char *copy = NULL; _cleanup_close_ int fd = -1; union bpf_attr attr; + int r; assert(p); assert(type >= 0); assert(path); + if (!IN_SET(flags, 0, BPF_F_ALLOW_OVERRIDE, BPF_F_ALLOW_MULTI)) + return -EINVAL; + + /* We need to track which cgroup the program is attached to, and we can only track one attachment, hence let's + * refuse this early. */ + if (p->attached_path) { + if (!path_equal(p->attached_path, path)) + return -EBUSY; + if (p->attached_type != type) + return -EBUSY; + if (p->attached_flags != flags) + return -EBUSY; + + /* Here's a shortcut: if we previously attached this program already, then we don't have to do so + * again. Well, with one exception: if we are in BPF_F_ALLOW_OVERRIDE mode then someone else might have + * replaced our program since the last time, hence let's reattach it again, just to be safe. In flags + * == 0 mode this is not an issue since nobody else can replace our program in that case, and in flags + * == BPF_F_ALLOW_MULTI mode any other's program would be installed in addition to ours hence ours + * would remain in effect. */ + if (flags != BPF_F_ALLOW_OVERRIDE) + return 0; + } + + /* Ensure we have a kernel object for this. */ + r = bpf_program_load_kernel(p, NULL, 0); + if (r < 0) + return r; + + copy = strdup(path); + if (!copy) + return -ENOMEM; + fd = open(path, O_DIRECTORY|O_RDONLY|O_CLOEXEC); if (fd < 0) return -errno; @@ -114,26 +183,43 @@ int bpf_program_cgroup_attach(BPFProgram *p, int type, const char *path, uint32_ if (bpf(BPF_PROG_ATTACH, &attr, sizeof(attr)) < 0) return -errno; + free_and_replace(p->attached_path, copy); + p->attached_type = type; + p->attached_flags = flags; + return 0; } -int bpf_program_cgroup_detach(int type, const char *path) { +int bpf_program_cgroup_detach(BPFProgram *p) { _cleanup_close_ int fd = -1; - union bpf_attr attr; - assert(path); + assert(p); - fd = open(path, O_DIRECTORY|O_RDONLY|O_CLOEXEC); - if (fd < 0) - return -errno; + if (!p->attached_path) + return -EUNATCH; - attr = (union bpf_attr) { - .attach_type = type, - .target_fd = fd, - }; + fd = open(p->attached_path, O_DIRECTORY|O_RDONLY|O_CLOEXEC); + if (fd < 0) { + if (errno != ENOENT) + return -errno; - if (bpf(BPF_PROG_DETACH, &attr, sizeof(attr)) < 0) - return -errno; + /* If the cgroup does not exist anymore, then we don't have to explicitly detach, it got detached + * implicitly by the removal, hence don't complain */ + + } else { + union bpf_attr attr; + + attr = (union bpf_attr) { + .attach_type = p->attached_type, + .target_fd = fd, + .attach_bpf_fd = p->kernel_fd, + }; + + if (bpf(BPF_PROG_DETACH, &attr, sizeof(attr)) < 0) + return -errno; + } + + p->attached_path = mfree(p->attached_path); return 0; } diff --git a/src/basic/bpf-program.h b/src/basic/bpf-program.h index 146350d18e..3d6c5e50ef 100644 --- a/src/basic/bpf-program.h +++ b/src/basic/bpf-program.h @@ -32,22 +32,29 @@ typedef struct BPFProgram BPFProgram; struct BPFProgram { + unsigned n_ref; + int kernel_fd; uint32_t prog_type; size_t n_instructions; size_t allocated; struct bpf_insn *instructions; + + char *attached_path; + int attached_type; + uint32_t attached_flags; }; int bpf_program_new(uint32_t prog_type, BPFProgram **ret); BPFProgram *bpf_program_unref(BPFProgram *p); +BPFProgram *bpf_program_ref(BPFProgram *p); int bpf_program_add_instructions(BPFProgram *p, const struct bpf_insn *insn, size_t count); int bpf_program_load_kernel(BPFProgram *p, char *log_buf, size_t log_size); int bpf_program_cgroup_attach(BPFProgram *p, int type, const char *path, uint32_t flags); -int bpf_program_cgroup_detach(int type, const char *path); +int bpf_program_cgroup_detach(BPFProgram *p); int bpf_map_new(enum bpf_map_type type, size_t key_size, size_t value_size, size_t max_entries, uint32_t flags); int bpf_map_update_element(int fd, const void *key, void *value); diff --git a/src/basic/btrfs-util.c b/src/basic/btrfs-util.c index 19d385ab7c..3d30497f74 100644 --- a/src/basic/btrfs-util.c +++ b/src/basic/btrfs-util.c @@ -232,23 +232,18 @@ int btrfs_subvol_get_read_only_fd(int fd) { } int btrfs_reflink(int infd, int outfd) { - struct stat st; int r; assert(infd >= 0); assert(outfd >= 0); - /* Make sure we invoke the ioctl on a regular file, so that no - * device driver accidentally gets it. */ - - if (fstat(outfd, &st) < 0) - return -errno; + /* Make sure we invoke the ioctl on a regular file, so that no device driver accidentally gets it. */ - if (!S_ISREG(st.st_mode)) - return -EINVAL; - - r = ioctl(outfd, BTRFS_IOC_CLONE, infd); + r = fd_verify_regular(outfd); if (r < 0) + return r; + + if (ioctl(outfd, BTRFS_IOC_CLONE, infd) < 0) return -errno; return 0; @@ -261,21 +256,17 @@ int btrfs_clone_range(int infd, uint64_t in_offset, int outfd, uint64_t out_offs .src_length = sz, .dest_offset = out_offset, }; - struct stat st; int r; assert(infd >= 0); assert(outfd >= 0); assert(sz > 0); - if (fstat(outfd, &st) < 0) - return -errno; - - if (!S_ISREG(st.st_mode)) - return -EINVAL; - - r = ioctl(outfd, BTRFS_IOC_CLONE_RANGE, &args); + r = fd_verify_regular(outfd); if (r < 0) + return r; + + if (ioctl(outfd, BTRFS_IOC_CLONE_RANGE, &args) < 0) return -errno; return 0; @@ -760,15 +751,13 @@ int btrfs_subvol_get_subtree_quota(const char *path, uint64_t subvol_id, BtrfsQu } int btrfs_defrag_fd(int fd) { - struct stat st; + int r; assert(fd >= 0); - if (fstat(fd, &st) < 0) - return -errno; - - if (!S_ISREG(st.st_mode)) - return -EINVAL; + r = fd_verify_regular(fd); + if (r < 0) + return r; if (ioctl(fd, BTRFS_IOC_DEFRAG, NULL) < 0) return -errno; diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c index 7c0ba92110..9a4dd72270 100644 --- a/src/basic/cgroup-util.c +++ b/src/basic/cgroup-util.c @@ -1062,13 +1062,11 @@ int cg_pid_get_path(const char *controller, pid_t pid, char **path) { continue; *e = 0; - FOREACH_WORD_SEPARATOR(word, k, l, ",", state) { + FOREACH_WORD_SEPARATOR(word, k, l, ",", state) if (k == cs && memcmp(word, controller_str, cs) == 0) { found = true; break; } - } - if (!found) continue; } @@ -2032,46 +2030,84 @@ int cg_get_attribute(const char *controller, const char *path, const char *attri return read_one_line_file(p, ret); } -int cg_get_keyed_attribute(const char *controller, const char *path, const char *attribute, const char **keys, char **values) { - _cleanup_free_ char *filename = NULL, *content = NULL; - char *line, *p; - int i, r; +int cg_get_keyed_attribute( + const char *controller, + const char *path, + const char *attribute, + char **keys, + char **ret_values) { + + _cleanup_free_ char *filename = NULL, *contents = NULL; + _cleanup_fclose_ FILE *f = NULL; + const char *p; + size_t n, i, n_done = 0; + char **v; + int r; - for (i = 0; keys[i]; i++) - values[i] = NULL; + /* Reads one or more fields of a cgroupsv2 keyed attribute file. The 'keys' parameter should be an strv with + * all keys to retrieve. The 'ret_values' parameter should be passed as string size with the same number of + * entries as 'keys'. On success each entry will be set to the value of the matching key. + * + * If the attribute file doesn't exist at all returns ENOENT, if any key is not found returns ENXIO. */ r = cg_get_path(controller, path, attribute, &filename); if (r < 0) return r; - r = read_full_file(filename, &content, NULL); + r = read_full_file(filename, &contents, NULL); if (r < 0) return r; - p = content; - while ((line = strsep(&p, "\n"))) { - char *key; + n = strv_length(keys); + if (n == 0) /* No keys to retrieve? That's easy, we are done then */ + return 0; - key = strsep(&line, " "); + /* Let's build this up in a temporary array for now in order not to clobber the return parameter on failure */ + v = newa0(char*, n); - for (i = 0; keys[i]; i++) { - if (streq(key, keys[i])) { - values[i] = strdup(line); - break; + for (p = contents; *p;) { + const char *w = NULL; + + for (i = 0; i < n; i++) + if (!v[i]) { + w = first_word(p, keys[i]); + if (w) + break; } - } - } - for (i = 0; keys[i]; i++) { - if (!values[i]) { - for (i = 0; keys[i]; i++) { - values[i] = mfree(values[i]); + if (w) { + size_t l; + + l = strcspn(w, NEWLINE); + v[i] = strndup(w, l); + if (!v[i]) { + r = -ENOMEM; + goto fail; } - return -ENOENT; - } + + n_done++; + if (n_done >= n) + goto done; + + p = w + l; + } else + p += strcspn(p, NEWLINE); + + p += strspn(p, NEWLINE); } + r = -ENXIO; + +fail: + for (i = 0; i < n; i++) + free(v[i]); + + return r; + +done: + memcpy(ret_values, v, sizeof(char*) * n); return 0; + } int cg_create_everywhere(CGroupMask supported, CGroupMask mask, const char *path) { diff --git a/src/basic/cgroup-util.h b/src/basic/cgroup-util.h index 05c9f84505..068df102f7 100644 --- a/src/basic/cgroup-util.h +++ b/src/basic/cgroup-util.h @@ -186,7 +186,7 @@ int cg_create_and_attach(const char *controller, const char *path, pid_t pid); int cg_set_attribute(const char *controller, const char *path, const char *attribute, const char *value); int cg_get_attribute(const char *controller, const char *path, const char *attribute, char **ret); -int cg_get_keyed_attribute(const char *controller, const char *path, const char *attribute, const char **keys, char **values); +int cg_get_keyed_attribute(const char *controller, const char *path, const char *attribute, char **keys, char **values); int cg_set_access(const char *controller, const char *path, uid_t uid, gid_t gid); diff --git a/src/basic/conf-files.c b/src/basic/conf-files.c index c0ac202f57..8b4129e1cd 100644 --- a/src/basic/conf-files.c +++ b/src/basic/conf-files.c @@ -154,6 +154,82 @@ static int conf_files_list_strv_internal(char ***strv, const char *suffix, const return 0; } +int conf_files_insert(char ***strv, const char *root, char **dirs, const char *path) { + /* Insert a path into strv, at the place honouring the usual sorting rules: + * - we first compare by the basename + * - and then we compare by dirname, allowing just one file with the given + * basename. + * This means that we will + * - add a new entry if basename(path) was not on the list, + * - do nothing if an entry with higher priority was already present, + * - do nothing if our new entry matches the existing entry, + * - replace the existing entry if our new entry has higher priority. + */ + char *t; + unsigned i; + int r; + + for (i = 0; i < strv_length(*strv); i++) { + int c; + + c = base_cmp(*strv + i, &path); + if (c == 0) { + char **dir; + + /* Oh, we found our spot and it already contains something. */ + STRV_FOREACH(dir, dirs) { + char *p1, *p2; + + p1 = path_startswith((*strv)[i], root); + if (p1) + /* Skip "/" in *dir, because p1 is without "/" too */ + p1 = path_startswith(p1, *dir + 1); + if (p1) + /* Existing entry with higher priority + * or same priority, no need to do anything. */ + return 0; + + p2 = path_startswith(path, *dir); + if (p2) { + /* Our new entry has higher priority */ + t = path_join(root, path, NULL); + if (!t) + return log_oom(); + + return free_and_replace((*strv)[i], t); + } + } + + } else if (c > 0) + /* Following files have lower priority, let's go insert our + * new entry. */ + break; + + /* … we are not there yet, let's continue */ + } + + t = path_join(root, path, NULL); + if (!t) + return log_oom(); + + r = strv_insert(strv, i, t); + if (r < 0) + free(t); + return r; +} + +int conf_files_insert_nulstr(char ***strv, const char *root, const char *dirs, const char *path) { + _cleanup_strv_free_ char **d = NULL; + + assert(strv); + + d = strv_split_nulstr(dirs); + if (!d) + return -ENOMEM; + + return conf_files_insert(strv, root, d, path); +} + int conf_files_list_strv(char ***strv, const char *suffix, const char *root, unsigned flags, const char* const* dirs) { _cleanup_strv_free_ char **copy = NULL; @@ -182,14 +258,14 @@ int conf_files_list(char ***strv, const char *suffix, const char *root, unsigned return conf_files_list_strv_internal(strv, suffix, root, flags, dirs); } -int conf_files_list_nulstr(char ***strv, const char *suffix, const char *root, unsigned flags, const char *d) { - _cleanup_strv_free_ char **dirs = NULL; +int conf_files_list_nulstr(char ***strv, const char *suffix, const char *root, unsigned flags, const char *dirs) { + _cleanup_strv_free_ char **d = NULL; assert(strv); - dirs = strv_split_nulstr(d); - if (!dirs) + d = strv_split_nulstr(dirs); + if (!d) return -ENOMEM; - return conf_files_list_strv_internal(strv, suffix, root, flags, dirs); + return conf_files_list_strv_internal(strv, suffix, root, flags, d); } diff --git a/src/basic/conf-files.h b/src/basic/conf-files.h index 75dfd05e7c..5dc83578e4 100644 --- a/src/basic/conf-files.h +++ b/src/basic/conf-files.h @@ -28,3 +28,5 @@ enum { int conf_files_list(char ***ret, const char *suffix, const char *root, unsigned flags, const char *dir, ...); int conf_files_list_strv(char ***ret, const char *suffix, const char *root, unsigned flags, const char* const* dirs); int conf_files_list_nulstr(char ***ret, const char *suffix, const char *root, unsigned flags, const char *dirs); +int conf_files_insert(char ***strv, const char *root, char **dirs, const char *path); +int conf_files_insert_nulstr(char ***strv, const char *root, const char *dirs, const char *path); diff --git a/src/basic/copy.c b/src/basic/copy.c index 0673ecd4a2..a9e1a87622 100644 --- a/src/basic/copy.c +++ b/src/basic/copy.c @@ -239,7 +239,7 @@ static int fd_copy_regular( r = copy_bytes(fdf, fdt, (uint64_t) -1, copy_flags); if (r < 0) { - unlinkat(dt, to, 0); + (void) unlinkat(dt, to, 0); return r; } @@ -261,7 +261,7 @@ static int fd_copy_regular( if (q < 0) { r = -errno; - unlinkat(dt, to, 0); + (void) unlinkat(dt, to, 0); } return r; @@ -525,7 +525,7 @@ int copy_file(const char *from, const char *to, int flags, mode_t mode, unsigned r = copy_file_fd(from, fdt, copy_flags); if (r < 0) { close(fdt); - unlink(to); + (void) unlink(to); return r; } diff --git a/src/basic/env-util.c b/src/basic/env-util.c index e77f9d6d3f..0b1d086394 100644 --- a/src/basic/env-util.c +++ b/src/basic/env-util.c @@ -539,8 +539,7 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) { assert(format); - for (e = format, i = 0; *e && i < n; e ++, i ++) { - + for (e = format, i = 0; *e && i < n; e ++, i ++) switch (state) { case WORD: @@ -554,8 +553,7 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) { if (!k) return NULL; - free(r); - r = k; + free_and_replace(r, k); word = e-1; state = VARIABLE; @@ -565,8 +563,7 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) { if (!k) return NULL; - free(r); - r = k; + free_and_replace(r, k); word = e+1; state = WORD; @@ -576,8 +573,7 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) { if (!k) return NULL; - free(r); - r = k; + free_and_replace(r, k); word = e-1; state = VARIABLE_RAW; @@ -596,8 +592,7 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) { if (!k) return NULL; - free(r); - r = k; + free_and_replace(r, k); word = e+1; state = WORD; @@ -653,8 +648,7 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) { if (!k) return NULL; - free(r); - r = k; + free_and_replace(r, k); word = e+1; state = WORD; @@ -673,8 +667,7 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) { if (!k) return NULL; - free(r); - r = k; + free_and_replace(r, k); word = e--; i--; @@ -682,7 +675,6 @@ char *replace_env_n(const char *format, size_t n, char **env, unsigned flags) { } break; } - } if (state == VARIABLE_RAW) { const char *t; @@ -729,7 +721,7 @@ char **replace_env_argv(char **argv, char **env) { q = strv_length(m); l = l + q - 1; - w = realloc(ret, sizeof(char*) * (l+1)); + w = reallocarray(ret, l + 1, sizeof(char *)); if (!w) { ret[k] = NULL; strv_free(ret); diff --git a/src/basic/exec-util.c b/src/basic/exec-util.c index 0829b3d836..e0057a7572 100644 --- a/src/basic/exec-util.c +++ b/src/basic/exec-util.c @@ -62,12 +62,9 @@ static int do_spawn(const char *path, char *argv[], int stdout_fd, pid_t *pid) { char *_argv[2]; if (stdout_fd >= 0) { - /* If the fd happens to be in the right place, go along with that */ - if (stdout_fd != STDOUT_FILENO && - dup2(stdout_fd, STDOUT_FILENO) < 0) - return -errno; - - (void) fd_cloexec(STDOUT_FILENO, false); + r = rearrange_stdio(STDIN_FILENO, stdout_fd, STDERR_FILENO); + if (r < 0) + _exit(EXIT_FAILURE); } if (!argv) { diff --git a/src/basic/fd-util.c b/src/basic/fd-util.c index 404361e8c1..678ab12bb8 100644 --- a/src/basic/fd-util.c +++ b/src/basic/fd-util.c @@ -191,12 +191,6 @@ int fd_cloexec(int fd, bool cloexec) { return 0; } -void stdio_unset_cloexec(void) { - (void) fd_cloexec(STDIN_FILENO, false); - (void) fd_cloexec(STDOUT_FILENO, false); - (void) fd_cloexec(STDERR_FILENO, false); -} - _pure_ static bool fd_in_set(int fd, const int fdset[], unsigned n_fdset) { unsigned i; @@ -578,3 +572,155 @@ try_dev_shm_without_o_tmpfile: return -EOPNOTSUPP; } + +int fd_move_above_stdio(int fd) { + int flags, copy; + PROTECT_ERRNO; + + /* Moves the specified file descriptor if possible out of the range [0…2], i.e. the range of + * stdin/stdout/stderr. If it can't be moved outside of this range the original file descriptor is + * returned. This call is supposed to be used for long-lasting file descriptors we allocate in our code that + * might get loaded into foreign code, and where we want ensure our fds are unlikely used accidentally as + * stdin/stdout/stderr of unrelated code. + * + * Note that this doesn't fix any real bugs, it just makes it less likely that our code will be affected by + * buggy code from others that mindlessly invokes 'fprintf(stderr, …' or similar in places where stderr has + * been closed before. + * + * This function is written in a "best-effort" and "least-impact" style. This means whenever we encounter an + * error we simply return the original file descriptor, and we do not touch errno. */ + + if (fd < 0 || fd > 2) + return fd; + + flags = fcntl(fd, F_GETFD, 0); + if (flags < 0) + return fd; + + if (flags & FD_CLOEXEC) + copy = fcntl(fd, F_DUPFD_CLOEXEC, 3); + else + copy = fcntl(fd, F_DUPFD, 3); + if (copy < 0) + return fd; + + assert(copy > 2); + + (void) close(fd); + return copy; +} + +int rearrange_stdio(int original_input_fd, int original_output_fd, int original_error_fd) { + + int fd[3] = { /* Put together an array of fds we work on */ + original_input_fd, + original_output_fd, + original_error_fd + }; + + int r, i, + null_fd = -1, /* if we open /dev/null, we store the fd to it here */ + copy_fd[3] = { -1, -1, -1 }; /* This contains all fds we duplicate here temporarily, and hence need to close at the end */ + bool null_readable, null_writable; + + /* Sets up stdin, stdout, stderr with the three file descriptors passed in. If any of the descriptors is + * specified as -1 it will be connected with /dev/null instead. If any of the file descriptors is passed as + * itself (e.g. stdin as STDIN_FILENO) it is left unmodified, but the O_CLOEXEC bit is turned off should it be + * on. + * + * Note that if any of the passed file descriptors are > 2 they will be closed — both on success and on + * failure! Thus, callers should assume that when this function returns the input fds are invalidated. + * + * Note that when this function fails stdin/stdout/stderr might remain half set up! + * + * O_CLOEXEC is turned off for all three file descriptors (which is how it should be for + * stdin/stdout/stderr). */ + + null_readable = original_input_fd < 0; + null_writable = original_output_fd < 0 || original_error_fd < 0; + + /* First step, open /dev/null once, if we need it */ + if (null_readable || null_writable) { + + /* Let's open this with O_CLOEXEC first, and convert it to non-O_CLOEXEC when we move the fd to the final position. */ + null_fd = open("/dev/null", (null_readable && null_writable ? O_RDWR : + null_readable ? O_RDONLY : O_WRONLY) | O_CLOEXEC); + if (null_fd < 0) { + r = -errno; + goto finish; + } + + /* If this fd is in the 0…2 range, let's move it out of it */ + if (null_fd < 3) { + int copy; + + copy = fcntl(null_fd, F_DUPFD_CLOEXEC, 3); /* Duplicate this with O_CLOEXEC set */ + if (copy < 0) { + r = -errno; + goto finish; + } + + safe_close(null_fd); + null_fd = copy; + } + } + + /* Let's assemble fd[] with the fds to install in place of stdin/stdout/stderr */ + for (i = 0; i < 3; i++) { + + if (fd[i] < 0) + fd[i] = null_fd; /* A negative parameter means: connect this one to /dev/null */ + else if (fd[i] != i && fd[i] < 3) { + /* This fd is in the 0…2 territory, but not at its intended place, move it out of there, so that we can work there. */ + copy_fd[i] = fcntl(fd[i], F_DUPFD_CLOEXEC, 3); /* Duplicate this with O_CLOEXEC set */ + if (copy_fd[i] < 0) { + r = -errno; + goto finish; + } + + fd[i] = copy_fd[i]; + } + } + + /* At this point we now have the fds to use in fd[], and they are all above the stdio range, so that we + * have freedom to move them around. If the fds already were at the right places then the specific fds are + * -1. Let's now move them to the right places. This is the point of no return. */ + for (i = 0; i < 3; i++) { + + if (fd[i] == i) { + + /* fd is already in place, but let's make sure O_CLOEXEC is off */ + r = fd_cloexec(i, false); + if (r < 0) + goto finish; + + } else { + assert(fd[i] > 2); + + if (dup2(fd[i], i) < 0) { /* Turns off O_CLOEXEC on the new fd. */ + r = -errno; + goto finish; + } + } + } + + r = 0; + +finish: + /* Close the original fds, but only if they were outside of the stdio range. Also, properly check for the same + * fd passed in multiple times. */ + safe_close_above_stdio(original_input_fd); + if (original_output_fd != original_input_fd) + safe_close_above_stdio(original_output_fd); + if (original_error_fd != original_input_fd && original_error_fd != original_output_fd) + safe_close_above_stdio(original_error_fd); + + /* Close the copies we moved > 2 */ + for (i = 0; i < 3; i++) + safe_close(copy_fd[i]); + + /* Close our null fd, if it's > 2 */ + safe_close_above_stdio(null_fd); + + return r; +} diff --git a/src/basic/fd-util.h b/src/basic/fd-util.h index 84a0816f03..635a538b5a 100644 --- a/src/basic/fd-util.h +++ b/src/basic/fd-util.h @@ -35,6 +35,13 @@ int close_nointr(int fd); int safe_close(int fd); void safe_close_pair(int p[]); +static inline int safe_close_above_stdio(int fd) { + if (fd < 3) /* Don't close stdin/stdout/stderr, but still invalidate the fd by returning -1 */ + return -1; + + return safe_close(fd); +} + void close_many(const int fds[], unsigned n_fd); int fclose_nointr(FILE *f); @@ -64,7 +71,6 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(DIR*, closedir); int fd_nonblock(int fd, bool nonblock); int fd_cloexec(int fd, bool cloexec); -void stdio_unset_cloexec(void); int close_all_fds(const int except[], unsigned n_except); @@ -91,3 +97,11 @@ int acquire_data_fd(const void *data, size_t size, unsigned flags); /* Hint: ENETUNREACH happens if we try to connect to "non-existing" special IP addresses, such as ::5 */ #define ERRNO_IS_DISCONNECT(r) \ IN_SET(r, ENOTCONN, ECONNRESET, ECONNREFUSED, ECONNABORTED, EPIPE, ENETUNREACH) + +int fd_move_above_stdio(int fd); + +int rearrange_stdio(int original_input_fd, int original_output_fd, int original_error_fd); + +static inline int make_null_stdio(void) { + return rearrange_stdio(-1, -1, -1); +} diff --git a/src/basic/fileio-label.c b/src/basic/fileio-label.c index bf5fec1faa..b832b6bf04 100644 --- a/src/basic/fileio-label.c +++ b/src/basic/fileio-label.c @@ -67,3 +67,19 @@ int fopen_temporary_label(const char *target, return r; } + +int create_shutdown_run_nologin_or_warn(void) { + int r; + + /* This is used twice: once in systemd-user-sessions.service, in order to block logins when we actually go + * down, and once in systemd-logind.service when shutdowns are scheduled, and logins are to be turned off a bit + * in advance. We use the same wording of the message in both cases. */ + + r = write_string_file_atomic_label("/run/nologin", + "System is going down. Unprivileged users are not permitted to log in anymore. " + "For technical details, see pam_nologin(8)."); + if (r < 0) + return log_error_errno(r, "Failed to create /run/nologin: %m"); + + return 0; +} diff --git a/src/basic/fileio-label.h b/src/basic/fileio-label.h index 0adb895236..16d095f522 100644 --- a/src/basic/fileio-label.h +++ b/src/basic/fileio-label.h @@ -34,5 +34,6 @@ static inline int write_string_file_atomic_label(const char *fn, const char *lin return write_string_file_atomic_label_ts(fn, line, NULL); } int write_env_file_label(const char *fname, char **l); -int fopen_temporary_label(const char *target, - const char *path, FILE **f, char **temp_path); +int fopen_temporary_label(const char *target, const char *path, FILE **f, char **temp_path); + +int create_shutdown_run_nologin_or_warn(void); diff --git a/src/basic/fileio.c b/src/basic/fileio.c index 26d6174664..29b941348a 100644 --- a/src/basic/fileio.c +++ b/src/basic/fileio.c @@ -1187,6 +1187,10 @@ int fflush_sync_and_check(FILE *f) { if (fsync(fileno(f)) < 0) return -errno; + r = fsync_directory_of_file(fileno(f)); + if (r < 0) + return r; + return 0; } diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c index a8e50d4c78..85c8070a1b 100644 --- a/src/basic/fs-util.c +++ b/src/basic/fs-util.c @@ -225,49 +225,6 @@ int readlink_and_make_absolute(const char *p, char **r) { return 0; } -int readlink_and_canonicalize(const char *p, const char *root, char **ret) { - char *t, *s; - int r; - - assert(p); - assert(ret); - - r = readlink_and_make_absolute(p, &t); - if (r < 0) - return r; - - r = chase_symlinks(t, root, 0, &s); - if (r < 0) - /* If we can't follow up, then let's return the original string, slightly cleaned up. */ - *ret = path_kill_slashes(t); - else { - *ret = s; - free(t); - } - - return 0; -} - -int readlink_and_make_absolute_root(const char *root, const char *path, char **ret) { - _cleanup_free_ char *target = NULL, *t = NULL; - const char *full; - int r; - - full = prefix_roota(root, path); - r = readlink_malloc(full, &target); - if (r < 0) - return r; - - t = file_in_same_dir(path, target); - if (!t) - return -ENOMEM; - - *ret = t; - t = NULL; - - return 0; -} - int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid) { assert(path); @@ -597,6 +554,17 @@ int tmp_dir(const char **ret) { return tmp_dir_internal("/tmp", ret); } +int unlink_or_warn(const char *filename) { + if (unlink(filename) < 0 && errno != ENOENT) + /* If the file doesn't exist and the fs simply was read-only (in which + * case unlink() returns EROFS even if the file doesn't exist), don't + * complain */ + if (errno != EROFS || access(filename, F_OK) >= 0) + return log_error_errno(errno, "Failed to remove \"%s\": %m", filename); + + return 0; +} + int inotify_add_watch_fd(int fd, int what, uint32_t mask) { char path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1]; int r; @@ -930,3 +898,102 @@ int access_fd(int fd, int mode) { return r; } + +int unlinkat_deallocate(int fd, const char *name, int flags) { + _cleanup_close_ int truncate_fd = -1; + struct stat st; + off_t l, bs; + + /* Operates like unlinkat() but also deallocates the file contents if it is a regular file and there's no other + * link to it. This is useful to ensure that other processes that might have the file open for reading won't be + * able to keep the data pinned on disk forever. This call is particular useful whenever we execute clean-up + * jobs ("vacuuming"), where we want to make sure the data is really gone and the disk space released and + * returned to the free pool. + * + * Deallocation is preferably done by FALLOC_FL_PUNCH_HOLE|FALLOC_FL_KEEP_SIZE (👊) if supported, which means + * the file won't change size. That's a good thing since we shouldn't needlessly trigger SIGBUS in other + * programs that have mmap()ed the file. (The assumption here is that changing file contents to all zeroes + * underneath those programs is the better choice than simply triggering SIGBUS in them which truncation does.) + * However if hole punching is not implemented in the kernel or file system we'll fall back to normal file + * truncation (🔪), as our goal of deallocating the data space trumps our goal of being nice to readers (💐). + * + * Note that we attempt deallocation, but failure to succeed with that is not considered fatal, as long as the + * primary job – to delete the file – is accomplished. */ + + if ((flags & AT_REMOVEDIR) == 0) { + truncate_fd = openat(fd, name, O_WRONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW|O_NONBLOCK); + if (truncate_fd < 0) { + + /* If this failed because the file doesn't exist propagate the error right-away. Also, + * AT_REMOVEDIR wasn't set, and we tried to open the file for writing, which means EISDIR is + * returned when this is a directory but we are not supposed to delete those, hence propagate + * the error right-away too. */ + if (IN_SET(errno, ENOENT, EISDIR)) + return -errno; + + if (errno != ELOOP) /* don't complain if this is a symlink */ + log_debug_errno(errno, "Failed to open file '%s' for deallocation, ignoring: %m", name); + } + } + + if (unlinkat(fd, name, flags) < 0) + return -errno; + + if (truncate_fd < 0) /* Don't have a file handle, can't do more ☹️ */ + return 0; + + if (fstat(truncate_fd, &st) < 0) { + log_debug_errno(errno, "Failed to stat file '%s' for deallocation, ignoring.", name); + return 0; + } + + if (!S_ISREG(st.st_mode) || st.st_blocks == 0 || st.st_nlink > 0) + return 0; + + /* If this is a regular file, it actually took up space on disk and there are no other links it's time to + * punch-hole/truncate this to release the disk space. */ + + bs = MAX(st.st_blksize, 512); + l = DIV_ROUND_UP(st.st_size, bs) * bs; /* Round up to next block size */ + + if (fallocate(truncate_fd, FALLOC_FL_PUNCH_HOLE|FALLOC_FL_KEEP_SIZE, 0, l) >= 0) + return 0; /* Successfully punched a hole! 😊 */ + + /* Fall back to truncation */ + if (ftruncate(truncate_fd, 0) < 0) { + log_debug_errno(errno, "Failed to truncate file to 0, ignoring: %m"); + return 0; + } + + return 0; +} + +int fsync_directory_of_file(int fd) { + _cleanup_free_ char *path = NULL, *dn = NULL; + _cleanup_close_ int dfd = -1; + int r; + + r = fd_verify_regular(fd); + if (r < 0) + return r; + + r = fd_get_path(fd, &path); + if (r < 0) + return r; + + if (!path_is_absolute(path)) + return -EINVAL; + + dn = dirname_malloc(path); + if (!dn) + return -ENOMEM; + + dfd = open(dn, O_RDONLY|O_CLOEXEC|O_DIRECTORY); + if (dfd < 0) + return -errno; + + if (fsync(dfd) < 0) + return -errno; + + return 0; +} diff --git a/src/basic/fs-util.h b/src/basic/fs-util.h index 4dba1ea56a..82d7e765b3 100644 --- a/src/basic/fs-util.h +++ b/src/basic/fs-util.h @@ -41,8 +41,6 @@ int readlinkat_malloc(int fd, const char *p, char **ret); int readlink_malloc(const char *p, char **r); int readlink_value(const char *p, char **ret); int readlink_and_make_absolute(const char *p, char **r); -int readlink_and_canonicalize(const char *p, const char *root, char **r); -int readlink_and_make_absolute_root(const char *root, const char *path, char **ret); int chmod_and_chown(const char *path, mode_t mode, uid_t uid, gid_t gid); @@ -66,6 +64,8 @@ int get_files_in_directory(const char *path, char ***list); int tmp_dir(const char **ret); int var_tmp_dir(const char **ret); +int unlink_or_warn(const char *filename); + #define INOTIFY_EVENT_MAX (sizeof(struct inotify_event) + NAME_MAX + 1) #define FOREACH_INOTIFY_EVENT(e, buffer, sz) \ @@ -105,3 +105,7 @@ static inline void unlink_and_free(char *p) { DEFINE_TRIVIAL_CLEANUP_FUNC(char*, unlink_and_free); int access_fd(int fd, int mode); + +int unlinkat_deallocate(int fd, const char *name, int flags); + +int fsync_directory_of_file(int fd); diff --git a/src/basic/gcrypt-util.c b/src/basic/gcrypt-util.c index 1bfb776725..34d0d399b7 100644 --- a/src/basic/gcrypt-util.c +++ b/src/basic/gcrypt-util.c @@ -42,7 +42,7 @@ void initialize_libgcrypt(bool secmem) { } int string_hashsum(const char *s, size_t len, int md_algorithm, char **out) { - gcry_md_hd_t md = NULL; + _cleanup_(gcry_md_closep) gcry_md_hd_t md = NULL; size_t hash_size; void *hash; char *enc; diff --git a/src/basic/gcrypt-util.h b/src/basic/gcrypt-util.h index 69faf08e56..714cae673b 100644 --- a/src/basic/gcrypt-util.h +++ b/src/basic/gcrypt-util.h @@ -20,6 +20,8 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>. ***/ +#pragma once + #include <errno.h> #include <stdbool.h> #include <stddef.h> @@ -27,8 +29,12 @@ #if HAVE_GCRYPT #include <gcrypt.h> +#include "macro.h" + void initialize_libgcrypt(bool secmem); int string_hashsum(const char *s, size_t len, int md_algorithm, char **out); + +DEFINE_TRIVIAL_CLEANUP_FUNC(gcry_md_hd_t, gcry_md_close); #endif static inline int string_hashsum_sha224(const char *s, size_t len, char **out) { diff --git a/src/basic/glob-util.c b/src/basic/glob-util.c index 6e80a1e23b..4ac56c91d0 100644 --- a/src/basic/glob-util.c +++ b/src/basic/glob-util.c @@ -29,6 +29,10 @@ #include "path-util.h" #include "strv.h" +static void closedir_wrapper(void* v) { + (void) closedir(v); +} + int safe_glob(const char *path, int flags, glob_t *pglob) { int k; @@ -36,7 +40,7 @@ int safe_glob(const char *path, int flags, glob_t *pglob) { assert(!(flags & GLOB_ALTDIRFUNC)); if (!pglob->gl_closedir) - pglob->gl_closedir = (void (*)(void *)) closedir; + pglob->gl_closedir = closedir_wrapper; if (!pglob->gl_readdir) pglob->gl_readdir = (struct dirent *(*)(void *)) readdir_no_dot; if (!pglob->gl_opendir) diff --git a/src/basic/hash-funcs.c b/src/basic/hash-funcs.c index 5267758769..947bcfd584 100644 --- a/src/basic/hash-funcs.c +++ b/src/basic/hash-funcs.c @@ -22,6 +22,7 @@ #include <string.h> #include "hash-funcs.h" +#include "path-util.h" void string_hash_func(const void *p, struct siphash *state) { siphash24_compress(p, strlen(p) + 1, state); @@ -36,6 +37,55 @@ const struct hash_ops string_hash_ops = { .compare = string_compare_func }; + +void path_hash_func(const void *p, struct siphash *state) { + const char *q = p; + size_t n; + + assert(q); + assert(state); + + /* Calculates a hash for a path in a way this duplicate inner slashes don't make a differences, and also + * whether there's a trailing slash or not. This fits well with the semantics of path_compare(), which does + * similar checks and also doesn't care for trailing slashes. Note that relative and absolute paths (i.e. those + * which begin in a slash or not) will hash differently though. */ + + n = strspn(q, "/"); + if (n > 0) { /* Eat up initial slashes, and add one "/" to the hash for all of them */ + siphash24_compress(q, 1, state); + q += n; + } + + for (;;) { + /* Determine length of next component */ + n = strcspn(q, "/"); + if (n == 0) /* Reached the end? */ + break; + + /* Add this component to the hash and skip over it */ + siphash24_compress(q, n, state); + q += n; + + /* How many slashes follow this component? */ + n = strspn(q, "/"); + if (q[n] == 0) /* Is this a trailing slash? If so, we are at the end, and don't care about the slashes anymore */ + break; + + /* We are not add the end yet. Hash exactly one slash for all of the ones we just encountered. */ + siphash24_compress(q, 1, state); + q += n; + } +} + +int path_compare_func(const void *a, const void *b) { + return path_compare(a, b); +} + +const struct hash_ops path_hash_ops = { + .hash = path_hash_func, + .compare = path_compare_func +}; + void trivial_hash_func(const void *p, struct siphash *state) { siphash24_compress(&p, sizeof(p), state); } diff --git a/src/basic/hash-funcs.h b/src/basic/hash-funcs.h index 959e2c101d..945b4c251c 100644 --- a/src/basic/hash-funcs.h +++ b/src/basic/hash-funcs.h @@ -36,29 +36,28 @@ void string_hash_func(const void *p, struct siphash *state); int string_compare_func(const void *a, const void *b) _pure_; extern const struct hash_ops string_hash_ops; -/* This will compare the passed pointers directly, and will not - * dereference them. This is hence not useful for strings or - * suchlike. */ +void path_hash_func(const void *p, struct siphash *state); +int path_compare_func(const void *a, const void *b) _pure_; +extern const struct hash_ops path_hash_ops; + +/* This will compare the passed pointers directly, and will not dereference them. This is hence not useful for strings + * or suchlike. */ void trivial_hash_func(const void *p, struct siphash *state); int trivial_compare_func(const void *a, const void *b) _const_; extern const struct hash_ops trivial_hash_ops; -/* 32bit values we can always just embed in the pointer itself, but - * in order to support 32bit archs we need store 64bit values - * indirectly, since they don't fit in a pointer. */ +/* 32bit values we can always just embed in the pointer itself, but in order to support 32bit archs we need store 64bit + * values indirectly, since they don't fit in a pointer. */ void uint64_hash_func(const void *p, struct siphash *state); int uint64_compare_func(const void *a, const void *b) _pure_; extern const struct hash_ops uint64_hash_ops; -/* On some archs dev_t is 32bit, and on others 64bit. And sometimes - * it's 64bit on 32bit archs, and sometimes 32bit on 64bit archs. Yuck! */ +/* On some archs dev_t is 32bit, and on others 64bit. And sometimes it's 64bit on 32bit archs, and sometimes 32bit on + * 64bit archs. Yuck! */ #if SIZEOF_DEV_T != 8 void devt_hash_func(const void *p, struct siphash *state) _pure_; int devt_compare_func(const void *a, const void *b) _pure_; -extern const struct hash_ops devt_hash_ops = { - .hash = devt_hash_func, - .compare = devt_compare_func -}; +extern const struct hash_ops devt_hash_ops; #else #define devt_hash_func uint64_hash_func #define devt_compare_func uint64_compare_func diff --git a/src/basic/hashmap.c b/src/basic/hashmap.c index cc4423b2af..d0873f7ae5 100644 --- a/src/basic/hashmap.c +++ b/src/basic/hashmap.c @@ -229,6 +229,8 @@ struct HashmapBase { unsigned n_direct_entries:3; /* Number of entries in direct storage. * Only valid if !has_indirect. */ bool from_pool:1; /* whether was allocated from mempool */ + bool dirty:1; /* whether dirtied since last iterated_cache_get() */ + bool cached:1; /* whether this hashmap is being cached */ HASHMAP_DEBUG_FIELDS /* optional hashmap_debug_info */ }; @@ -248,6 +250,17 @@ struct Set { struct HashmapBase b; }; +typedef struct CacheMem { + const void **ptr; + size_t n_populated, n_allocated; + bool active:1; +} CacheMem; + +struct IteratedCache { + HashmapBase *hashmap; + CacheMem keys, values; +}; + DEFINE_MEMPOOL(hashmap_pool, Hashmap, 8); DEFINE_MEMPOOL(ordered_hashmap_pool, OrderedHashmap, 8); /* No need for a separate Set pool */ @@ -351,6 +364,11 @@ static unsigned base_bucket_hash(HashmapBase *h, const void *p) { } #define bucket_hash(h, p) base_bucket_hash(HASHMAP_BASE(h), p) +static inline void base_set_dirty(HashmapBase *h) { + h->dirty = true; +} +#define hashmap_set_dirty(h) base_set_dirty(HASHMAP_BASE(h)) + static void get_hash_key(uint8_t hash_key[HASH_KEY_SIZE], bool reuse_is_ok) { static uint8_t current[HASH_KEY_SIZE]; static bool current_initialized = false; @@ -568,6 +586,7 @@ static void base_remove_entry(HashmapBase *h, unsigned idx) { bucket_mark_free(h, prev); n_entries_dec(h); + base_set_dirty(h); } #define remove_entry(h, idx) base_remove_entry(HASHMAP_BASE(h), idx) @@ -737,6 +756,25 @@ bool set_iterate(Set *s, Iterator *i, void **value) { (idx != IDX_NIL); \ (idx) = hashmap_iterate_entry((h), &(i))) +IteratedCache *internal_hashmap_iterated_cache_new(HashmapBase *h) { + IteratedCache *cache; + + assert(h); + assert(!h->cached); + + if (h->cached) + return NULL; + + cache = new0(IteratedCache, 1); + if (!cache) + return NULL; + + cache->hashmap = h; + h->cached = true; + + return cache; +} + static void reset_direct_storage(HashmapBase *h) { const struct hashmap_type_info *hi = &hashmap_type_info[h->type]; void *p; @@ -897,6 +935,8 @@ void internal_hashmap_clear(HashmapBase *h) { OrderedHashmap *lh = (OrderedHashmap*) h; lh->iterate_list_head = lh->iterate_list_tail = IDX_NIL; } + + base_set_dirty(h); } void internal_hashmap_clear_free(HashmapBase *h) { @@ -1041,6 +1081,8 @@ static int hashmap_base_put_boldly(HashmapBase *h, unsigned idx, h->debug.max_entries = MAX(h->debug.max_entries, n_entries(h)); #endif + base_set_dirty(h); + return 1; } #define hashmap_put_boldly(h, idx, swap, may_resize) \ @@ -1277,6 +1319,8 @@ int hashmap_replace(Hashmap *h, const void *key, void *value) { #endif e->b.key = key; e->value = value; + hashmap_set_dirty(h); + return 0; } @@ -1299,6 +1343,8 @@ int hashmap_update(Hashmap *h, const void *key, void *value) { e = plain_bucket_at(h, idx); e->value = value; + hashmap_set_dirty(h); + return 0; } @@ -1851,3 +1897,95 @@ int set_put_strsplit(Set *s, const char *v, const char *separators, ExtractFlags return r; } } + +/* expand the cachemem if needed, return true if newly (re)activated. */ +static int cachemem_maintain(CacheMem *mem, unsigned size) { + assert(mem); + + if (!GREEDY_REALLOC(mem->ptr, mem->n_allocated, size)) { + if (size > 0) + return -ENOMEM; + } + + if (!mem->active) { + mem->active = true; + return true; + } + + return false; +} + +int iterated_cache_get(IteratedCache *cache, const void ***res_keys, const void ***res_values, unsigned *res_n_entries) { + bool sync_keys = false, sync_values = false; + unsigned size; + int r; + + assert(cache); + assert(cache->hashmap); + + size = n_entries(cache->hashmap); + + if (res_keys) { + r = cachemem_maintain(&cache->keys, size); + if (r < 0) + return r; + + sync_keys = r; + } else + cache->keys.active = false; + + if (res_values) { + r = cachemem_maintain(&cache->values, size); + if (r < 0) + return r; + + sync_values = r; + } else + cache->values.active = false; + + if (cache->hashmap->dirty) { + if (cache->keys.active) + sync_keys = true; + if (cache->values.active) + sync_values = true; + + cache->hashmap->dirty = false; + } + + if (sync_keys || sync_values) { + unsigned i, idx; + Iterator iter; + + i = 0; + HASHMAP_FOREACH_IDX(idx, cache->hashmap, iter) { + struct hashmap_base_entry *e; + + e = bucket_at(cache->hashmap, idx); + + if (sync_keys) + cache->keys.ptr[i] = e->key; + if (sync_values) + cache->values.ptr[i] = entry_value(cache->hashmap, e); + i++; + } + } + + if (res_keys) + *res_keys = cache->keys.ptr; + if (res_values) + *res_values = cache->values.ptr; + if (res_n_entries) + *res_n_entries = size; + + return 0; +} + +IteratedCache *iterated_cache_free(IteratedCache *cache) { + if (cache) { + free(cache->keys.ptr); + free(cache->values.ptr); + free(cache); + } + + return NULL; +} diff --git a/src/basic/hashmap.h b/src/basic/hashmap.h index 0eb763944c..b674910397 100644 --- a/src/basic/hashmap.h +++ b/src/basic/hashmap.h @@ -53,6 +53,8 @@ typedef struct Hashmap Hashmap; /* Maps keys to values */ typedef struct OrderedHashmap OrderedHashmap; /* Like Hashmap, but also remembers entry insertion order */ typedef struct Set Set; /* Stores just keys */ +typedef struct IteratedCache IteratedCache; /* Caches the iterated order of one of the above */ + /* Ideally the Iterator would be an opaque struct, but it is instantiated * by hashmap users, so the definition has to be here. Do not use its fields * directly. */ @@ -126,6 +128,9 @@ static inline OrderedHashmap *ordered_hashmap_free_free_free(OrderedHashmap *h) return (void*)hashmap_free_free_free(PLAIN_HASHMAP(h)); } +IteratedCache *iterated_cache_free(IteratedCache *cache); +int iterated_cache_get(IteratedCache *cache, const void ***res_keys, const void ***res_values, unsigned *res_n_entries); + HashmapBase *internal_hashmap_copy(HashmapBase *h); static inline Hashmap *hashmap_copy(Hashmap *h) { return (Hashmap*) internal_hashmap_copy(HASHMAP_BASE(h)); @@ -139,6 +144,14 @@ int internal_ordered_hashmap_ensure_allocated(OrderedHashmap **h, const struct h #define hashmap_ensure_allocated(h, ops) internal_hashmap_ensure_allocated(h, ops HASHMAP_DEBUG_SRC_ARGS) #define ordered_hashmap_ensure_allocated(h, ops) internal_ordered_hashmap_ensure_allocated(h, ops HASHMAP_DEBUG_SRC_ARGS) +IteratedCache *internal_hashmap_iterated_cache_new(HashmapBase *h); +static inline IteratedCache *hashmap_iterated_cache_new(Hashmap *h) { + return (IteratedCache*) internal_hashmap_iterated_cache_new(HASHMAP_BASE(h)); +} +static inline IteratedCache *ordered_hashmap_iterated_cache_new(OrderedHashmap *h) { + return (IteratedCache*) internal_hashmap_iterated_cache_new(HASHMAP_BASE(h)); +} + int hashmap_put(Hashmap *h, const void *key, void *value); static inline int ordered_hashmap_put(OrderedHashmap *h, const void *key, void *value) { return hashmap_put(PLAIN_HASHMAP(h), key, value); @@ -394,3 +407,7 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(OrderedHashmap*, ordered_hashmap_free_free_free); #define _cleanup_ordered_hashmap_free_ _cleanup_(ordered_hashmap_freep) #define _cleanup_ordered_hashmap_free_free_ _cleanup_(ordered_hashmap_free_freep) #define _cleanup_ordered_hashmap_free_free_free_ _cleanup_(ordered_hashmap_free_free_freep) + +DEFINE_TRIVIAL_CLEANUP_FUNC(IteratedCache*, iterated_cache_free); + +#define _cleanup_iterated_cache_free_ _cleanup_(iterated_cache_freep) diff --git a/src/basic/io-util.c b/src/basic/io-util.c index 08ad42ed95..a6e34cb762 100644 --- a/src/basic/io-util.c +++ b/src/basic/io-util.c @@ -137,7 +137,7 @@ int loop_write(int fd, const void *buf, size_t nbytes, bool do_poll) { assert(fd >= 0); assert(buf); - if (nbytes > (size_t) SSIZE_MAX) + if (_unlikely_(nbytes > (size_t) SSIZE_MAX)) return -EINVAL; do { diff --git a/src/basic/khash.c b/src/basic/khash.c index 694210512c..6463faf3e1 100644 --- a/src/basic/khash.c +++ b/src/basic/khash.c @@ -43,6 +43,66 @@ struct khash { bool digest_valid; }; +int khash_supported(void) { + static const union { + struct sockaddr sa; + struct sockaddr_alg alg; + } sa = { + .alg.salg_family = AF_ALG, + .alg.salg_type = "hash", + .alg.salg_name = "sha256", /* a very common algorithm */ + }; + + static int cached = -1; + + if (cached < 0) { + _cleanup_close_ int fd1 = -1, fd2 = -1; + uint8_t buf[LONGEST_DIGEST+1]; + + fd1 = socket(AF_ALG, SOCK_SEQPACKET|SOCK_CLOEXEC, 0); + if (fd1 < 0) { + /* The kernel returns EAFNOSUPPORT if AF_ALG is not supported at all */ + if (IN_SET(errno, EAFNOSUPPORT, EOPNOTSUPP)) + return (cached = false); + + return -errno; + } + + if (bind(fd1, &sa.sa, sizeof(sa)) < 0) { + /* The kernel returns ENOENT if the selected algorithm is not supported at all. We use a check + * for SHA256 as a proxy for whether the whole API is supported at all. After all it's one of + * the most common hash functions, and if it isn't supported, that's ample indication that + * something is really off. */ + + if (IN_SET(errno, ENOENT, EOPNOTSUPP)) + return (cached = false); + + return -errno; + } + + fd2 = accept4(fd1, NULL, 0, SOCK_CLOEXEC); + if (fd2 < 0) { + if (errno == EOPNOTSUPP) + return (cached = false); + + return -errno; + } + + if (recv(fd2, buf, sizeof(buf), 0) < 0) { + /* On some kernels we get ENOKEY for non-keyed hash functions (such as sha256), let's refuse + * using the API in those cases, since the kernel is + * broken. https://github.com/systemd/systemd/issues/8278 */ + + if (IN_SET(errno, ENOKEY, EOPNOTSUPP)) + return (cached = false); + } + + cached = true; + } + + return cached; +} + int khash_new_with_key(khash **ret, const char *algorithm, const void *key, size_t key_size) { union { struct sockaddr sa; @@ -54,6 +114,7 @@ int khash_new_with_key(khash **ret, const char *algorithm, const void *key, size _cleanup_(khash_unrefp) khash *h = NULL; _cleanup_close_ int fd = -1; + int supported; ssize_t n; assert(ret); @@ -67,6 +128,12 @@ int khash_new_with_key(khash **ret, const char *algorithm, const void *key, size if (strlen(algorithm) >= sizeof(sa.alg.salg_name)) return -EOPNOTSUPP; + supported = khash_supported(); + if (supported < 0) + return supported; + if (supported == 0) + return -EOPNOTSUPP; + fd = socket(AF_ALG, SOCK_SEQPACKET|SOCK_CLOEXEC, 0); if (fd < 0) return -errno; diff --git a/src/basic/khash.h b/src/basic/khash.h index 7041d39993..e9c41a3f20 100644 --- a/src/basic/khash.h +++ b/src/basic/khash.h @@ -28,6 +28,8 @@ typedef struct khash khash; +int khash_supported(void); + /* For plain hash functions. Hash functions commonly supported on today's kernels are: crc32c, crct10dif, crc32, * sha224, sha256, sha512, sha384, sha1, md5, md4, sha3-224, sha3-256, sha3-384, sha3-512, and more. */ int khash_new(khash **ret, const char *algorithm); diff --git a/src/basic/log.c b/src/basic/log.c index 12ee65a5c3..7a7f2cbec1 100644 --- a/src/basic/log.c +++ b/src/basic/log.c @@ -83,15 +83,18 @@ static bool prohibit_ipc = false; * use here. */ static char *log_abort_msg = NULL; -static void log_close_console(void) { - - if (console_fd < 0) - return; - - if (console_fd >= 3) - safe_close(console_fd); +/* An assert to use in logging functions that does not call recursively + * into our logging functions (since that might lead to a loop). */ +#define assert_raw(expr) \ + do { \ + if (_unlikely_(!(expr))) { \ + fputs(#expr "\n", stderr); \ + abort(); \ + } \ + } while (false) - console_fd = -1; +static void log_close_console(void) { + console_fd = safe_close_above_stdio(console_fd); } static int log_open_console(void) { @@ -105,6 +108,8 @@ static int log_open_console(void) { console_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC); if (console_fd < 0) return console_fd; + + console_fd = fd_move_above_stdio(console_fd); } return 0; @@ -123,6 +128,7 @@ static int log_open_kmsg(void) { if (kmsg_fd < 0) return -errno; + kmsg_fd = fd_move_above_stdio(kmsg_fd); return 0; } @@ -138,11 +144,11 @@ static int create_log_socket(int type) { if (fd < 0) return -errno; + fd = fd_move_above_stdio(fd); (void) fd_inc_sndbuf(fd, SNDBUF_SIZE); - /* We need a blocking fd here since we'd otherwise lose - messages way too early. However, let's not hang forever in the - unlikely case of a deadlock. */ + /* We need a blocking fd here since we'd otherwise lose messages way too early. However, let's not hang forever + * in the unlikely case of a deadlock. */ if (getpid_cached() == 1) timeval_store(&tv, 10 * USEC_PER_MSEC); else @@ -362,7 +368,7 @@ static int write_to_console( highlight = LOG_PRI(level) <= LOG_ERR && show_color; if (show_location) { - xsprintf(location, "(%s:%i) ", file, line); + (void) snprintf(location, sizeof location, "(%s:%i) ", file, line); iovec[n++] = IOVEC_MAKE_STRING(location); } @@ -495,38 +501,40 @@ static int log_do_header( const char *file, int line, const char *func, const char *object_field, const char *object, const char *extra_field, const char *extra) { + int r; - snprintf(header, size, - "PRIORITY=%i\n" - "SYSLOG_FACILITY=%i\n" - "%s%s%s" - "%s%.*i%s" - "%s%s%s" - "%s%.*i%s" - "%s%s%s" - "%s%s%s" - "SYSLOG_IDENTIFIER=%s\n", - LOG_PRI(level), - LOG_FAC(level), - isempty(file) ? "" : "CODE_FILE=", - isempty(file) ? "" : file, - isempty(file) ? "" : "\n", - line ? "CODE_LINE=" : "", - line ? 1 : 0, line, /* %.0d means no output too, special case for 0 */ - line ? "\n" : "", - isempty(func) ? "" : "CODE_FUNC=", - isempty(func) ? "" : func, - isempty(func) ? "" : "\n", - error ? "ERRNO=" : "", - error ? 1 : 0, error, - error ? "\n" : "", - isempty(object) ? "" : object_field, - isempty(object) ? "" : object, - isempty(object) ? "" : "\n", - isempty(extra) ? "" : extra_field, - isempty(extra) ? "" : extra, - isempty(extra) ? "" : "\n", - program_invocation_short_name); + r = snprintf(header, size, + "PRIORITY=%i\n" + "SYSLOG_FACILITY=%i\n" + "%s%.256s%s" /* CODE_FILE */ + "%s%.*i%s" /* CODE_LINE */ + "%s%.256s%s" /* CODE_FUNC */ + "%s%.*i%s" /* ERRNO */ + "%s%.256s%s" /* object */ + "%s%.256s%s" /* extra */ + "SYSLOG_IDENTIFIER=%.256s\n", + LOG_PRI(level), + LOG_FAC(level), + isempty(file) ? "" : "CODE_FILE=", + isempty(file) ? "" : file, + isempty(file) ? "" : "\n", + line ? "CODE_LINE=" : "", + line ? 1 : 0, line, /* %.0d means no output too, special case for 0 */ + line ? "\n" : "", + isempty(func) ? "" : "CODE_FUNC=", + isempty(func) ? "" : func, + isempty(func) ? "" : "\n", + error ? "ERRNO=" : "", + error ? 1 : 0, error, + error ? "\n" : "", + isempty(object) ? "" : object_field, + isempty(object) ? "" : object, + isempty(object) ? "" : "\n", + isempty(extra) ? "" : extra_field, + isempty(extra) ? "" : extra, + isempty(extra) ? "" : "\n", + program_invocation_short_name); + assert_raw((size_t) r < size); return 0; } @@ -574,11 +582,11 @@ int log_dispatch_internal( const char *func, const char *object_field, const char *object, - const char *extra, const char *extra_field, + const char *extra, char *buffer) { - assert(buffer); + assert_raw(buffer); if (error < 0) error = -error; @@ -610,22 +618,16 @@ int log_dispatch_internal( LOG_TARGET_JOURNAL)) { k = write_to_journal(level, error, file, line, func, object_field, object, extra_field, extra, buffer); - if (k < 0) { - if (k != -EAGAIN) - log_close_journal(); - log_open_kmsg(); - } + if (k < 0 && k != -EAGAIN) + log_close_journal(); } if (IN_SET(log_target, LOG_TARGET_SYSLOG_OR_KMSG, LOG_TARGET_SYSLOG)) { k = write_to_syslog(level, error, file, line, func, buffer); - if (k < 0) { - if (k != -EAGAIN) - log_close_syslog(); - log_open_kmsg(); - } + if (k < 0 && k != -EAGAIN) + log_close_syslog(); } if (k <= 0 && @@ -634,6 +636,9 @@ int log_dispatch_internal( LOG_TARGET_JOURNAL_OR_KMSG, LOG_TARGET_KMSG)) { + if (k < 0) + log_open_kmsg(); + k = write_to_kmsg(level, error, file, line, func, buffer); if (k < 0) { log_close_kmsg(); @@ -698,7 +703,7 @@ int log_internalv_realm( if (error != 0) errno = error; - vsnprintf(buffer, sizeof(buffer), format, ap); + (void) vsnprintf(buffer, sizeof buffer, format, ap); return log_dispatch_internal(level, error, file, line, func, NULL, NULL, NULL, NULL, buffer); } @@ -721,7 +726,8 @@ int log_internal_realm( return r; } -int log_object_internalv( +_printf_(10,0) +static int log_object_internalv( int level, int error, const char *file, @@ -757,7 +763,7 @@ int log_object_internalv( } else b = buffer = newa(char, LINE_MAX); - vsnprintf(b, LINE_MAX, format, ap); + (void) vsnprintf(b, LINE_MAX, format, ap); return log_dispatch_internal(level, error, file, line, func, object_field, object, extra_field, extra, buffer); @@ -800,7 +806,7 @@ static void log_assert( return; DISABLE_WARNING_FORMAT_NONLITERAL; - xsprintf(buffer, format, text, file, line, func); + (void) snprintf(buffer, sizeof buffer, format, text, file, line, func); REENABLE_WARNING; log_abort_msg = buffer; @@ -974,7 +980,7 @@ int log_struct_internal( errno = error; va_copy(aq, ap); - vsnprintf(buf, sizeof(buf), format, aq); + (void) vsnprintf(buf, sizeof buf, format, aq); va_end(aq); if (startswith(buf, "MESSAGE=")) { @@ -1273,7 +1279,7 @@ int log_syntax_internal( errno = error; va_start(ap, format); - vsnprintf(buffer, sizeof(buffer), format, ap); + (void) vsnprintf(buffer, sizeof buffer, format, ap); va_end(ap); if (unit) diff --git a/src/basic/log.h b/src/basic/log.h index 5b5a25bd6d..efcf0f1bfc 100644 --- a/src/basic/log.h +++ b/src/basic/log.h @@ -144,19 +144,6 @@ int log_object_internal( const char *extra, const char *format, ...) _printf_(10,11); -int log_object_internalv( - int level, - int error, - const char *file, - int line, - const char *func, - const char *object_field, - const char *object, - const char *extra_field, - const char *extra, - const char *format, - va_list ap) _printf_(10,0); - int log_struct_internal( int level, int error, diff --git a/src/basic/meson.build b/src/basic/meson.build index 44cd31ecbe..c71599db7b 100644 --- a/src/basic/meson.build +++ b/src/basic/meson.build @@ -157,6 +157,9 @@ basic_sources = files(''' ratelimit.c ratelimit.h raw-clone.h + raw-reboot.h + reboot-util.c + reboot-util.h refcnt.h replace-var.c replace-var.h @@ -317,6 +320,7 @@ libbasic = static_library( dependencies : [threads, libcap, libblkid, + libmount, libselinux], c_args : ['-fvisibility=default'], install : false) diff --git a/src/basic/missing.h b/src/basic/missing.h index 1280e6c410..1cc3f08e48 100644 --- a/src/basic/missing.h +++ b/src/basic/missing.h @@ -27,16 +27,19 @@ #include <inttypes.h> #include <linux/audit.h> #include <linux/capability.h> +#include <linux/falloc.h> #include <linux/if_link.h> #include <linux/input.h> #include <linux/loop.h> #include <linux/neighbour.h> #include <linux/oom.h> #include <linux/rtnetlink.h> +#include <linux/stat.h> #include <net/ethernet.h> #include <stdlib.h> #include <sys/resource.h> #include <sys/socket.h> +#include <sys/stat.h> #include <sys/syscall.h> #include <uchar.h> #include <unistd.h> @@ -517,6 +520,10 @@ struct btrfs_ioctl_quota_ctl_args { #define BPF_FS_MAGIC 0xcafe4a11 #endif +#ifndef OCFS2_SUPER_MAGIC +#define OCFS2_SUPER_MAGIC 0x7461636f +#endif + #ifndef MS_MOVE #define MS_MOVE 8192 #endif @@ -1047,6 +1054,10 @@ struct input_mask { #define RTA_PREF 20 #endif +#ifndef RTAX_QUICKACK +#define RTAX_QUICKACK 15 +#endif + #ifndef IPV6_UNICAST_IF #define IPV6_UNICAST_IF 76 #endif @@ -1351,4 +1362,55 @@ struct fib_rule_uid_range { #define NS_GET_NSTYPE _IO(0xb7, 0x3) #endif +#ifndef FALLOC_FL_KEEP_SIZE +#define FALLOC_FL_KEEP_SIZE 0x01 +#endif + +#ifndef FALLOC_FL_PUNCH_HOLE +#define FALLOC_FL_PUNCH_HOLE 0x02 +#endif + +#ifndef PF_KTHREAD +#define PF_KTHREAD 0x00200000 +#endif + +#if ! HAVE_STRUCT_STATX +struct statx_timestamp { + int64_t tv_sec; + uint32_t tv_nsec; + uint32_t __reserved; +}; +struct statx { + uint32_t stx_mask; + uint32_t stx_blksize; + uint64_t stx_attributes; + uint32_t stx_nlink; + uint32_t stx_uid; + uint32_t stx_gid; + uint16_t stx_mode; + uint16_t __spare0[1]; + uint64_t stx_ino; + uint64_t stx_size; + uint64_t stx_blocks; + uint64_t stx_attributes_mask; + struct statx_timestamp stx_atime; + struct statx_timestamp stx_btime; + struct statx_timestamp stx_ctime; + struct statx_timestamp stx_mtime; + uint32_t stx_rdev_major; + uint32_t stx_rdev_minor; + uint32_t stx_dev_major; + uint32_t stx_dev_minor; + uint64_t __spare2[14]; +}; +#endif + +#ifndef STATX_BTIME +#define STATX_BTIME 0x00000800U +#endif + +#ifndef AT_STATX_DONT_SYNC +#define AT_STATX_DONT_SYNC 0x4000 +#endif + #include "missing_syscall.h" diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h index c938d0d976..34b8956a12 100644 --- a/src/basic/missing_syscall.h +++ b/src/basic/missing_syscall.h @@ -26,9 +26,11 @@ #include <sys/types.h> #if !HAVE_PIVOT_ROOT -static inline int pivot_root(const char *new_root, const char *put_old) { - return syscall(SYS_pivot_root, new_root, put_old); +static inline int missing_pivot_root(const char *new_root, const char *put_old) { + return syscall(__NR_pivot_root, new_root, put_old); } + +# define pivot_root missing_pivot_root #endif /* ======================================================================= */ @@ -62,7 +64,7 @@ static inline int pivot_root(const char *new_root, const char *put_old) { # endif # endif -static inline int memfd_create(const char *name, unsigned int flags) { +static inline int missing_memfd_create(const char *name, unsigned int flags) { # ifdef __NR_memfd_create return syscall(__NR_memfd_create, name, flags); # else @@ -70,6 +72,8 @@ static inline int memfd_create(const char *name, unsigned int flags) { return -1; # endif } + +# define memfd_create missing_memfd_create #endif /* ======================================================================= */ @@ -109,7 +113,7 @@ static inline int memfd_create(const char *name, unsigned int flags) { # endif # endif -static inline int getrandom(void *buffer, size_t count, unsigned flags) { +static inline int missing_getrandom(void *buffer, size_t count, unsigned flags) { # ifdef __NR_getrandom return syscall(__NR_getrandom, buffer, count, flags); # else @@ -117,14 +121,18 @@ static inline int getrandom(void *buffer, size_t count, unsigned flags) { return -1; # endif } + +# define getrandom missing_getrandom #endif /* ======================================================================= */ #if !HAVE_GETTID -static inline pid_t gettid(void) { - return (pid_t) syscall(SYS_gettid); +static inline pid_t missing_gettid(void) { + return (pid_t) syscall(__NR_gettid); } + +# define gettid missing_gettid #endif /* ======================================================================= */ @@ -152,7 +160,7 @@ struct file_handle { unsigned char f_handle[0]; }; -static inline int name_to_handle_at(int fd, const char *name, struct file_handle *handle, int *mnt_id, int flags) { +static inline int missing_name_to_handle_at(int fd, const char *name, struct file_handle *handle, int *mnt_id, int flags) { # ifdef __NR_name_to_handle_at return syscall(__NR_name_to_handle_at, fd, name, handle, mnt_id, flags); # else @@ -160,6 +168,8 @@ static inline int name_to_handle_at(int fd, const char *name, struct file_handle return -1; # endif } + +# define name_to_handle_at missing_name_to_handle_at #endif /* ======================================================================= */ @@ -177,7 +187,7 @@ static inline int name_to_handle_at(int fd, const char *name, struct file_handle # endif # endif -static inline int setns(int fd, int nstype) { +static inline int missing_setns(int fd, int nstype) { # ifdef __NR_setns return syscall(__NR_setns, fd, nstype); # else @@ -185,6 +195,8 @@ static inline int setns(int fd, int nstype) { return -1; # endif } + +# define setns missing_setns #endif /* ======================================================================= */ @@ -230,7 +242,7 @@ static inline pid_t raw_getpid(void) { # endif # endif -static inline int renameat2(int oldfd, const char *oldname, int newfd, const char *newname, unsigned flags) { +static inline int missing_renameat2(int oldfd, const char *oldname, int newfd, const char *newname, unsigned flags) { # ifdef __NR_renameat2 return syscall(__NR_renameat2, oldfd, oldname, newfd, newname, flags); # else @@ -238,12 +250,14 @@ static inline int renameat2(int oldfd, const char *oldname, int newfd, const cha return -1; # endif } + +# define renameat2 missing_renameat2 #endif /* ======================================================================= */ #if !HAVE_KCMP -static inline int kcmp(pid_t pid1, pid_t pid2, int type, unsigned long idx1, unsigned long idx2) { +static inline int missing_kcmp(pid_t pid1, pid_t pid2, int type, unsigned long idx1, unsigned long idx2) { # ifdef __NR_kcmp return syscall(__NR_kcmp, pid1, pid2, type, idx1, idx2); # else @@ -251,36 +265,45 @@ static inline int kcmp(pid_t pid1, pid_t pid2, int type, unsigned long idx1, uns return -1; # endif } + +# define kcmp missing_kcmp #endif + /* ======================================================================= */ #if !HAVE_KEYCTL -static inline long keyctl(int cmd, unsigned long arg2, unsigned long arg3, unsigned long arg4,unsigned long arg5) { +static inline long missing_keyctl(int cmd, unsigned long arg2, unsigned long arg3, unsigned long arg4,unsigned long arg5) { # ifdef __NR_keyctl return syscall(__NR_keyctl, cmd, arg2, arg3, arg4, arg5); # else errno = ENOSYS; return -1; # endif + +# define keyctl missing_keyctl } -static inline key_serial_t add_key(const char *type, const char *description, const void *payload, size_t plen, key_serial_t ringid) { +static inline key_serial_t missing_add_key(const char *type, const char *description, const void *payload, size_t plen, key_serial_t ringid) { # ifdef __NR_add_key return syscall(__NR_add_key, type, description, payload, plen, ringid); # else errno = ENOSYS; return -1; # endif + +# define add_key missing_add_key } -static inline key_serial_t request_key(const char *type, const char *description, const char * callout_info, key_serial_t destringid) { +static inline key_serial_t missing_request_key(const char *type, const char *description, const char * callout_info, key_serial_t destringid) { # ifdef __NR_request_key return syscall(__NR_request_key, type, description, callout_info, destringid); # else errno = ENOSYS; return -1; # endif + +# define request_key missing_request_key } #endif @@ -307,10 +330,10 @@ static inline key_serial_t request_key(const char *type, const char *description # endif # endif -static inline ssize_t copy_file_range(int fd_in, loff_t *off_in, - int fd_out, loff_t *off_out, - size_t len, - unsigned int flags) { +static inline ssize_t missing_copy_file_range(int fd_in, loff_t *off_in, + int fd_out, loff_t *off_out, + size_t len, + unsigned int flags) { # ifdef __NR_copy_file_range return syscall(__NR_copy_file_range, fd_in, off_in, fd_out, off_out, len, flags); # else @@ -318,6 +341,8 @@ static inline ssize_t copy_file_range(int fd_in, loff_t *off_in, return -1; # endif } + +# define copy_file_range missing_copy_file_range #endif /* ======================================================================= */ @@ -345,7 +370,7 @@ static inline ssize_t copy_file_range(int fd_in, loff_t *off_in, union bpf_attr; -static inline int bpf(int cmd, union bpf_attr *attr, size_t size) { +static inline int missing_bpf(int cmd, union bpf_attr *attr, size_t size) { #ifdef __NR_bpf return (int) syscall(__NR_bpf, cmd, attr, size); #else @@ -354,6 +379,7 @@ static inline int bpf(int cmd, union bpf_attr *attr, size_t size) { #endif } +# define bpf missing_bpf #endif /* ======================================================================= */ @@ -368,6 +394,8 @@ static inline int bpf(int cmd, union bpf_attr *attr, size_t size) { # define __NR_pkey_mprotect 394 # elif defined __aarch64__ # define __NR_pkey_mprotect 394 +# elif defined __powerpc__ +# define __NR_pkey_mprotect 386 # elif defined _MIPS_SIM # if _MIPS_SIM == _MIPS_SIM_ABI32 # define __NR_pkey_mprotect 4363 @@ -383,3 +411,35 @@ static inline int bpf(int cmd, union bpf_attr *attr, size_t size) { # endif # endif #endif + +/* ======================================================================= */ + +#if !HAVE_STATX +# ifndef __NR_statx +# if defined __i386__ +# define __NR_statx 383 +# elif defined __x86_64__ +# define __NR_statx 332 +# else +# warning "__NR_statx not defined for your architecture" +# endif +# endif + +struct statx; +#endif + +/* This typedef is supposed to be always defined. */ +typedef struct statx struct_statx; + +#if !HAVE_STATX +static inline ssize_t missing_statx(int dfd, const char *filename, unsigned flags, unsigned int mask, struct statx *buffer) { +# ifdef __NR_statx + return syscall(__NR_statx, dfd, filename, flags, mask, buffer); +# else + errno = ENOSYS; + return -1; +# endif +} + +# define statx missing_statx +#endif diff --git a/src/basic/mount-util.c b/src/basic/mount-util.c index a8947cefc2..8151b3a4e4 100644 --- a/src/basic/mount-util.c +++ b/src/basic/mount-util.c @@ -27,8 +27,12 @@ #include <sys/statvfs.h> #include <unistd.h> +/* Include later */ +#include <libmount.h> + #include "alloc-util.h" #include "escape.h" +#include "extract-word.h" #include "fd-util.h" #include "fileio.h" #include "fs-util.h" @@ -426,7 +430,7 @@ int bind_remount_recursive_with_mountinfo(const char *prefix, bool ro, char **bl path_kill_slashes(cleaned); - done = set_new(&string_hash_ops); + done = set_new(&path_hash_ops); if (!done) return -ENOMEM; @@ -436,7 +440,7 @@ int bind_remount_recursive_with_mountinfo(const char *prefix, bool ro, char **bl char *x; unsigned long orig_flags; - todo = set_new(&string_hash_ops); + todo = set_new(&path_hash_ops); if (!todo) return -ENOMEM; @@ -810,29 +814,37 @@ int mount_verbose( unsigned long flags, const char *options) { - _cleanup_free_ char *fl = NULL; + _cleanup_free_ char *fl = NULL, *o = NULL; + unsigned long f; + int r; + + r = mount_option_mangle(options, flags, &f, &o); + if (r < 0) + return log_full_errno(error_log_level, r, + "Failed to mangle mount options %s: %m", + strempty(options)); - fl = mount_flags_to_string(flags); + fl = mount_flags_to_string(f); - if ((flags & MS_REMOUNT) && !what && !type) + if ((f & MS_REMOUNT) && !what && !type) log_debug("Remounting %s (%s \"%s\")...", - where, strnull(fl), strempty(options)); + where, strnull(fl), strempty(o)); else if (!what && !type) log_debug("Mounting %s (%s \"%s\")...", - where, strnull(fl), strempty(options)); - else if ((flags & MS_BIND) && !type) + where, strnull(fl), strempty(o)); + else if ((f & MS_BIND) && !type) log_debug("Bind-mounting %s on %s (%s \"%s\")...", - what, where, strnull(fl), strempty(options)); - else if (flags & MS_MOVE) + what, where, strnull(fl), strempty(o)); + else if (f & MS_MOVE) log_debug("Moving mount %s → %s (%s \"%s\")...", - what, where, strnull(fl), strempty(options)); + what, where, strnull(fl), strempty(o)); else log_debug("Mounting %s on %s (%s \"%s\")...", - strna(type), where, strnull(fl), strempty(options)); - if (mount(what, where, type, flags, options) < 0) + strna(type), where, strnull(fl), strempty(o)); + if (mount(what, where, type, f, o) < 0) return log_full_errno(error_log_level, errno, "Failed to mount %s on %s (%s \"%s\"): %m", - strna(type), where, strnull(fl), strempty(options)); + strna(type), where, strnull(fl), strempty(o)); return 0; } @@ -874,3 +886,73 @@ int mount_propagation_flags_from_string(const char *name, unsigned long *ret) { return -EINVAL; return 0; } + +int mount_option_mangle( + const char *options, + unsigned long mount_flags, + unsigned long *ret_mount_flags, + char **ret_remaining_options) { + + const struct libmnt_optmap *map; + _cleanup_free_ char *ret = NULL; + const char *p; + int r; + + /* This extracts mount flags from the mount options, and store + * non-mount-flag options to '*ret_remaining_options'. + * E.g., + * "rw,nosuid,nodev,relatime,size=1630748k,mode=700,uid=1000,gid=1000" + * is split to MS_NOSUID|MS_NODEV|MS_RELATIME and + * "size=1630748k,mode=700,uid=1000,gid=1000". + * See more examples in test-mount-utils.c. + * + * Note that if 'options' does not contain any non-mount-flag options, + * then '*ret_remaining_options' is set to NULL instread of empty string. + * Note that this does not check validity of options stored in + * '*ret_remaining_options'. + * Note that if 'options' is NULL, then this just copies 'mount_flags' + * to '*ret_mount_flags'. */ + + assert(ret_mount_flags); + assert(ret_remaining_options); + + map = mnt_get_builtin_optmap(MNT_LINUX_MAP); + if (!map) + return -EINVAL; + + p = options; + for (;;) { + _cleanup_free_ char *word = NULL; + const struct libmnt_optmap *ent; + + r = extract_first_word(&p, &word, ",", EXTRACT_QUOTES); + if (r < 0) + return r; + if (r == 0) + break; + + for (ent = map; ent->name; ent++) { + /* All entries in MNT_LINUX_MAP do not take any argument. + * Thus, ent->name does not contain "=" or "[=]". */ + if (!streq(word, ent->name)) + continue; + + if (!(ent->mask & MNT_INVERT)) + mount_flags |= ent->id; + else if (mount_flags & ent->id) + mount_flags ^= ent->id; + + break; + } + + /* If 'word' is not a mount flag, then store it in '*ret_remaining_options'. */ + if (!ent->name && !strextend_with_separator(&ret, ",", word, NULL)) + return -ENOMEM; + } + + *ret_mount_flags = mount_flags; + *ret_remaining_options = ret; + ret = NULL; + + return 0; +} diff --git a/src/basic/mount-util.h b/src/basic/mount-util.h index a81d019277..fea3e938a8 100644 --- a/src/basic/mount-util.h +++ b/src/basic/mount-util.h @@ -67,3 +67,9 @@ int umount_verbose(const char *where); const char *mount_propagation_flags_to_string(unsigned long flags); int mount_propagation_flags_from_string(const char *name, unsigned long *ret); + +int mount_option_mangle( + const char *options, + unsigned long mount_flags, + unsigned long *ret_mount_flags, + char **ret_remaining_options); diff --git a/src/basic/parse-util.c b/src/basic/parse-util.c index 2c22753dea..fa5b4a353a 100644 --- a/src/basic/parse-util.c +++ b/src/basic/parse-util.c @@ -531,6 +531,30 @@ int safe_atoi16(const char *s, int16_t *ret) { return 0; } +int safe_atoux16(const char *s, uint16_t *ret) { + char *x = NULL; + unsigned long l; + + assert(s); + assert(ret); + + s += strspn(s, WHITESPACE); + + errno = 0; + l = strtoul(s, &x, 16); + if (errno > 0) + return -errno; + if (!x || x == s || *x != 0) + return -EINVAL; + if (s[0] == '-') + return -ERANGE; + if ((unsigned long) (uint16_t) l != l) + return -ERANGE; + + *ret = (uint16_t) l; + return 0; +} + int safe_atod(const char *s, double *ret_d) { _cleanup_(freelocalep) locale_t loc = (locale_t) 0; char *x = NULL; diff --git a/src/basic/parse-util.h b/src/basic/parse-util.h index 1eda1d7f9f..727422056a 100644 --- a/src/basic/parse-util.h +++ b/src/basic/parse-util.h @@ -54,6 +54,8 @@ int safe_atou8(const char *s, uint8_t *ret); int safe_atou16(const char *s, uint16_t *ret); int safe_atoi16(const char *s, int16_t *ret); +int safe_atoux16(const char *s, uint16_t *ret); + static inline int safe_atou32(const char *s, uint32_t *ret_u) { assert_cc(sizeof(uint32_t) == sizeof(unsigned)); return safe_atou(s, (unsigned*) ret_u); diff --git a/src/basic/path-util.h b/src/basic/path-util.h index 89c285e076..73f1769fd9 100644 --- a/src/basic/path-util.h +++ b/src/basic/path-util.h @@ -28,8 +28,14 @@ #include "string-util.h" #include "time-util.h" -#define DEFAULT_PATH_NORMAL "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin" -#define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":/sbin:/bin" +#if HAVE_SPLIT_BIN +# define PATH_SBIN_BIN(x) x "sbin:" x "bin" +#else +# define PATH_SBIN_BIN(x) x "bin" +#endif + +#define DEFAULT_PATH_NORMAL PATH_SBIN_BIN("/usr/local/") ":" PATH_SBIN_BIN("/usr/") +#define DEFAULT_PATH_SPLIT_USR DEFAULT_PATH_NORMAL ":" PATH_SBIN_BIN("/") #if HAVE_SPLIT_USR # define DEFAULT_PATH DEFAULT_PATH_SPLIT_USR diff --git a/src/basic/prioq.c b/src/basic/prioq.c index 407b17e9bf..2a1f1af878 100644 --- a/src/basic/prioq.c +++ b/src/basic/prioq.c @@ -173,7 +173,7 @@ int prioq_put(Prioq *q, void *data, unsigned *idx) { struct prioq_item *j; n = MAX((q->n_items+1) * 2, 16u); - j = realloc(q->items, sizeof(struct prioq_item) * n); + j = reallocarray(q->items, n, sizeof(struct prioq_item)); if (!j) return -ENOMEM; diff --git a/src/basic/process-util.c b/src/basic/process-util.c index dc7c9ef9ef..aa9846db5d 100644 --- a/src/basic/process-util.c +++ b/src/basic/process-util.c @@ -398,37 +398,61 @@ use_saved_argv: } int is_kernel_thread(pid_t pid) { + _cleanup_free_ char *line = NULL; + unsigned long long flags; + size_t l, i; const char *p; - size_t count; - char c; - bool eof; - FILE *f; + char *q; + int r; if (IN_SET(pid, 0, 1) || pid == getpid_cached()) /* pid 1, and we ourselves certainly aren't a kernel thread */ return 0; + if (!pid_is_valid(pid)) + return -EINVAL; - assert(pid > 1); + p = procfs_file_alloca(pid, "stat"); + r = read_one_line_file(p, &line); + if (r == -ENOENT) + return -ESRCH; + if (r < 0) + return r; - p = procfs_file_alloca(pid, "cmdline"); - f = fopen(p, "re"); - if (!f) { - if (errno == ENOENT) - return -ESRCH; - return -errno; + /* Skip past the comm field */ + q = strrchr(line, ')'); + if (!q) + return -EINVAL; + q++; + + /* Skip 6 fields to reach the flags field */ + for (i = 0; i < 6; i++) { + l = strspn(q, WHITESPACE); + if (l < 1) + return -EINVAL; + q += l; + + l = strcspn(q, WHITESPACE); + if (l < 1) + return -EINVAL; + q += l; } - (void) __fsetlocking(f, FSETLOCKING_BYCALLER); - - count = fread(&c, 1, 1, f); - eof = feof(f); - fclose(f); + /* Skip preceeding whitespace */ + l = strspn(q, WHITESPACE); + if (l < 1) + return -EINVAL; + q += l; - /* Kernel threads have an empty cmdline */ + /* Truncate the rest */ + l = strcspn(q, WHITESPACE); + if (l < 1) + return -EINVAL; + q[l] = 0; - if (count <= 0) - return eof ? 1 : -errno; + r = safe_atollu(q, &flags); + if (r < 0) + return r; - return 0; + return !!(flags & PF_KTHREAD); } int get_process_capeff(pid_t pid, char **capeff) { @@ -806,6 +830,13 @@ void sigkill_waitp(pid_t *pid) { sigkill_wait(*pid); } +void sigterm_wait(pid_t pid) { + assert(pid > 1); + + if (kill_and_sigcont(pid, SIGTERM) > 0) + (void) wait_for_terminate(pid, NULL); +} + int kill_and_sigcont(pid_t pid, int sig) { int r; @@ -819,17 +850,33 @@ int kill_and_sigcont(pid_t pid, int sig) { return r; } -int getenv_for_pid(pid_t pid, const char *field, char **_value) { +int getenv_for_pid(pid_t pid, const char *field, char **ret) { _cleanup_fclose_ FILE *f = NULL; char *value = NULL; - int r; bool done = false; - size_t l; const char *path; + size_t l; assert(pid >= 0); assert(field); - assert(_value); + assert(ret); + + if (pid == 0 || pid == getpid_cached()) { + const char *e; + + e = getenv(field); + if (!e) { + *ret = NULL; + return 0; + } + + value = strdup(e); + if (!value) + return -ENOMEM; + + *ret = value; + return 1; + } path = procfs_file_alloca(pid, "environ"); @@ -837,13 +884,13 @@ int getenv_for_pid(pid_t pid, const char *field, char **_value) { if (!f) { if (errno == ENOENT) return -ESRCH; + return -errno; } (void) __fsetlocking(f, FSETLOCKING_BYCALLER); l = strlen(field); - r = 0; do { char line[LINE_MAX]; @@ -868,14 +915,14 @@ int getenv_for_pid(pid_t pid, const char *field, char **_value) { if (!value) return -ENOMEM; - r = 1; - break; + *ret = value; + return 1; } } while (!done); - *_value = value; - return r; + *ret = NULL; + return 0; } bool pid_is_unwaited(pid_t pid) { @@ -1119,6 +1166,7 @@ extern int __register_atfork(void (*prepare) (void), void (*parent) (void), void extern void* __dso_handle __attribute__ ((__weak__)); pid_t getpid_cached(void) { + static bool installed = false; pid_t current_value; /* getpid_cached() is much like getpid(), but caches the value in local memory, to avoid having to invoke a @@ -1137,12 +1185,20 @@ pid_t getpid_cached(void) { case CACHED_PID_UNSET: { /* Not initialized yet, then do so now */ pid_t new_pid; - new_pid = getpid(); + new_pid = raw_getpid(); + + if (!installed) { + /* __register_atfork() either returns 0 or -ENOMEM, in its glibc implementation. Since it's + * only half-documented (glibc doesn't document it but LSB does — though only superficially) + * we'll check for errors only in the most generic fashion possible. */ + + if (__register_atfork(NULL, NULL, reset_cached_pid, __dso_handle) != 0) { + /* OOM? Let's try again later */ + cached_pid = CACHED_PID_UNSET; + return new_pid; + } - if (__register_atfork(NULL, NULL, reset_cached_pid, __dso_handle) != 0) { - /* OOM? Let's try again later */ - cached_pid = CACHED_PID_UNSET; - return new_pid; + installed = true; } cached_pid = new_pid; @@ -1150,7 +1206,7 @@ pid_t getpid_cached(void) { } case CACHED_PID_BUSY: /* Somebody else is currently initializing */ - return getpid(); + return raw_getpid(); default: /* Properly initialized */ return current_value; @@ -1381,8 +1437,7 @@ int fork_agent(const char *name, const int except[], unsigned n_except, pid_t *r _exit(EXIT_FAILURE); } - if (fd > STDERR_FILENO) - close(fd); + safe_close_above_stdio(fd); } /* Count arguments */ diff --git a/src/basic/process-util.h b/src/basic/process-util.h index 9fabe4a5be..93029e36e5 100644 --- a/src/basic/process-util.h +++ b/src/basic/process-util.h @@ -76,6 +76,7 @@ int wait_for_terminate_with_timeout(pid_t pid, usec_t timeout); void sigkill_wait(pid_t pid); void sigkill_waitp(pid_t *pid); +void sigterm_wait(pid_t pid); int kill_and_sigcont(pid_t pid, int sig); diff --git a/src/basic/procfs-util.c b/src/basic/procfs-util.c index 9bb42cc7ba..a159e344b3 100644 --- a/src/basic/procfs-util.c +++ b/src/basic/procfs-util.c @@ -3,6 +3,8 @@ #include <errno.h> #include "alloc-util.h" +#include "def.h" +#include "fd-util.h" #include "fileio.h" #include "parse-util.h" #include "process-util.h" @@ -136,3 +138,130 @@ int procfs_tasks_get_current(uint64_t *ret) { return safe_atou64(nr, ret); } + +static uint64_t calc_gcd64(uint64_t a, uint64_t b) { + + while (b > 0) { + uint64_t t; + + t = a % b; + + a = b; + b = t; + } + + return a; +} + +int procfs_cpu_get_usage(nsec_t *ret) { + _cleanup_free_ char *first_line = NULL; + unsigned long user_ticks, nice_ticks, system_ticks, irq_ticks, softirq_ticks, + guest_ticks = 0, guest_nice_ticks = 0; + long ticks_per_second; + uint64_t sum, gcd, a, b; + const char *p; + int r; + + assert(ret); + + r = read_one_line_file("/proc/stat", &first_line); + if (r < 0) + return r; + + p = first_word(first_line, "cpu"); + if (!p) + return -EINVAL; + + if (sscanf(p, "%lu %lu %lu %*u %*u %lu %lu %*u %lu %lu", + &user_ticks, + &nice_ticks, + &system_ticks, + &irq_ticks, + &softirq_ticks, + &guest_ticks, + &guest_nice_ticks) < 5) /* we only insist on the first five fields */ + return -EINVAL; + + ticks_per_second = sysconf(_SC_CLK_TCK); + if (ticks_per_second < 0) + return -errno; + assert(ticks_per_second > 0); + + sum = (uint64_t) user_ticks + (uint64_t) nice_ticks + (uint64_t) system_ticks + + (uint64_t) irq_ticks + (uint64_t) softirq_ticks + + (uint64_t) guest_ticks + (uint64_t) guest_nice_ticks; + + /* Let's reduce this fraction before we apply it to avoid overflows when converting this to µsec */ + gcd = calc_gcd64(NSEC_PER_SEC, ticks_per_second); + + a = (uint64_t) NSEC_PER_SEC / gcd; + b = (uint64_t) ticks_per_second / gcd; + + *ret = DIV_ROUND_UP((nsec_t) sum * (nsec_t) a, (nsec_t) b); + return 0; +} + +int procfs_memory_get_current(uint64_t *ret) { + uint64_t mem_total = UINT64_MAX, mem_free = UINT64_MAX; + _cleanup_fclose_ FILE *f = NULL; + int r; + + assert(ret); + + f = fopen("/proc/meminfo", "re"); + if (!f) + return -errno; + + for (;;) { + _cleanup_free_ char *line = NULL; + uint64_t *v; + char *p, *e; + size_t n; + + r = read_line(f, LONG_LINE_MAX, &line); + if (r < 0) + return r; + if (r == 0) + return -EINVAL; /* EOF: Couldn't find one or both fields? */ + + p = first_word(line, "MemTotal:"); + if (p) + v = &mem_total; + else { + p = first_word(line, "MemFree:"); + if (p) + v = &mem_free; + else + continue; + } + + /* Determine length of numeric value */ + n = strspn(p, DIGITS); + if (n == 0) + return -EINVAL; + e = p + n; + + /* Ensure the line ends in " kB" */ + n = strspn(e, WHITESPACE); + if (n == 0) + return -EINVAL; + if (!streq(e + n, "kB")) + return -EINVAL; + + *e = 0; + r = safe_atou64(p, v); + if (r < 0) + return r; + if (*v == UINT64_MAX) + return -EINVAL; + + if (mem_total != UINT64_MAX && mem_free != UINT64_MAX) + break; + } + + if (mem_free > mem_total) + return -EINVAL; + + *ret = (mem_total - mem_free) * 1024U; + return 0; +} diff --git a/src/basic/procfs-util.h b/src/basic/procfs-util.h index 7466acd7f3..f697ed92bc 100644 --- a/src/basic/procfs-util.h +++ b/src/basic/procfs-util.h @@ -3,6 +3,12 @@ #include <inttypes.h> +#include "time-util.h" + int procfs_tasks_get_limit(uint64_t *ret); int procfs_tasks_set_limit(uint64_t limit); int procfs_tasks_get_current(uint64_t *ret); + +int procfs_cpu_get_usage(nsec_t *ret); + +int procfs_memory_get_current(uint64_t *ret); diff --git a/src/basic/raw-reboot.h b/src/basic/raw-reboot.h new file mode 100644 index 0000000000..8ecefe9e21 --- /dev/null +++ b/src/basic/raw-reboot.h @@ -0,0 +1,14 @@ +/* SPDX-License-Identifier: LGPL-2.1+ */ +#pragma once + +#include <linux/reboot.h> +#include <sys/reboot.h> +#include <sys/syscall.h> + +/* glibc defines the reboot() API call, which is a wrapper around the system call of the same name, but without the + * extra "arg" parameter. Since we need that parameter for some calls, let's add a "raw" wrapper that is defined the + * same way, except it takes the additional argument. */ + +static inline int raw_reboot(int cmd, const void *arg) { + return (int) syscall(SYS_reboot, LINUX_REBOOT_MAGIC1, LINUX_REBOOT_MAGIC2, cmd, arg); +} diff --git a/src/basic/reboot-util.c b/src/basic/reboot-util.c new file mode 100644 index 0000000000..ca40159b96 --- /dev/null +++ b/src/basic/reboot-util.c @@ -0,0 +1,83 @@ +/* SPDX-License-Identifier: LGPL-2.1+ */ + +#include <errno.h> +#include <unistd.h> + +#include "alloc-util.h" +#include "fileio.h" +#include "log.h" +#include "raw-reboot.h" +#include "reboot-util.h" +#include "string-util.h" +#include "umask-util.h" +#include "virt.h" + +int update_reboot_parameter_and_warn(const char *parameter) { + int r; + + if (isempty(parameter)) { + if (unlink("/run/systemd/reboot-param") < 0) { + if (errno == ENOENT) + return 0; + + return log_warning_errno(errno, "Failed to unlink reboot parameter file: %m"); + } + + return 0; + } + + RUN_WITH_UMASK(0022) { + r = write_string_file("/run/systemd/reboot-param", parameter, + WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC); + if (r < 0) + return log_warning_errno(r, "Failed to write reboot parameter file: %m"); + } + + return 0; +} + +int reboot_with_parameter(RebootFlags flags) { + int r; + + /* Reboots the system with a parameter that is read from /run/systemd/reboot-param. Returns 0 if REBOOT_DRY_RUN + * was set and the actual reboot operation was hence skipped. If REBOOT_FALLBACK is set and the reboot with + * parameter doesn't work out a fallback to classic reboot() is attempted. If REBOOT_FALLBACK is not set, 0 is + * returned instead, which should be considered indication for the caller to fall back to reboot() on its own, + * or somehow else deal with this. If REBOOT_LOG is specified will log about what it is going to do, as well as + * all errors. */ + + if (detect_container() == 0) { + _cleanup_free_ char *parameter = NULL; + + r = read_one_line_file("/run/systemd/reboot-param", ¶meter); + if (r < 0 && r != -ENOENT) + log_full_errno(flags & REBOOT_LOG ? LOG_WARNING : LOG_DEBUG, r, + "Failed to read reboot parameter file, ignoring: %m"); + + if (!isempty(parameter)) { + + log_full(flags & REBOOT_LOG ? LOG_INFO : LOG_DEBUG, + "Rebooting with argument '%s'.", parameter); + + if (flags & REBOOT_DRY_RUN) + return 0; + + (void) raw_reboot(LINUX_REBOOT_CMD_RESTART2, parameter); + + log_full_errno(flags & REBOOT_LOG ? LOG_WARNING : LOG_DEBUG, errno, + "Failed to reboot with parameter, retrying without: %m"); + } + } + + if (!(flags & REBOOT_FALLBACK)) + return 0; + + log_full(flags & REBOOT_LOG ? LOG_INFO : LOG_DEBUG, "Rebooting."); + + if (flags & REBOOT_DRY_RUN) + return 0; + + (void) reboot(RB_AUTOBOOT); + + return log_full_errno(flags & REBOOT_LOG ? LOG_ERR : LOG_DEBUG, errno, "Failed to reboot: %m"); +} diff --git a/src/basic/reboot-util.h b/src/basic/reboot-util.h new file mode 100644 index 0000000000..d4aa441290 --- /dev/null +++ b/src/basic/reboot-util.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: LGPL-2.1+ */ +#pragma once + +int update_reboot_parameter_and_warn(const char *parameter); + +typedef enum RebootFlags { + REBOOT_LOG = 1U << 0, /* log about what we are going to do and all errors */ + REBOOT_DRY_RUN = 1U << 1, /* return 0 right before actually doing the reboot */ + REBOOT_FALLBACK = 1U << 2, /* fallback to plain reboot() if argument-based reboot doesn't work, isn't configured or doesn't apply otherwise */ +} RebootFlags; + +int reboot_with_parameter(RebootFlags flags); diff --git a/src/basic/rm-rf.h b/src/basic/rm-rf.h index ad63e9be40..6e63d3feab 100644 --- a/src/basic/rm-rf.h +++ b/src/basic/rm-rf.h @@ -25,10 +25,10 @@ #include "util.h" typedef enum RemoveFlags { - REMOVE_ONLY_DIRECTORIES = 1, - REMOVE_ROOT = 2, - REMOVE_PHYSICAL = 4, /* if not set, only removes files on tmpfs, never physical file systems */ - REMOVE_SUBVOLUME = 8, + REMOVE_ONLY_DIRECTORIES = 1 << 0, + REMOVE_ROOT = 1 << 1, + REMOVE_PHYSICAL = 1 << 2, /* if not set, only removes files on tmpfs, never physical file systems */ + REMOVE_SUBVOLUME = 1 << 3, } RemoveFlags; int rm_rf_children(int fd, RemoveFlags flags, struct stat *root_dev); diff --git a/src/basic/socket-util.c b/src/basic/socket-util.c index 2c70cade14..b91b093132 100644 --- a/src/basic/socket-util.c +++ b/src/basic/socket-util.c @@ -51,7 +51,7 @@ #include "util.h" #if ENABLE_IDN -# define IDN_FLAGS (NI_IDN|NI_IDN_USE_STD3_ASCII_RULES) +# define IDN_FLAGS NI_IDN #else # define IDN_FLAGS 0 #endif @@ -758,19 +758,6 @@ int socknameinfo_pretty(union sockaddr_union *sa, socklen_t salen, char **_ret) return 0; } -int getnameinfo_pretty(int fd, char **ret) { - union sockaddr_union sa; - socklen_t salen = sizeof(sa); - - assert(fd >= 0); - assert(ret); - - if (getsockname(fd, &sa.sa, &salen) < 0) - return -errno; - - return socknameinfo_pretty(&sa, salen, ret); -} - int socket_address_unlink(SocketAddress *a) { assert(a); @@ -1008,7 +995,7 @@ int getpeergroups(int fd, gid_t **ret) { socklen_t n = sizeof(gid_t) * 64; _cleanup_free_ gid_t *d = NULL; - assert(fd); + assert(fd >= 0); assert(ret); for (;;) { diff --git a/src/basic/socket-util.h b/src/basic/socket-util.h index 49c937aef5..2e5694b126 100644 --- a/src/basic/socket-util.h +++ b/src/basic/socket-util.h @@ -126,7 +126,6 @@ int getpeername_pretty(int fd, bool include_port, char **ret); int getsockname_pretty(int fd, char **ret); int socknameinfo_pretty(union sockaddr_union *sa, socklen_t salen, char **_ret); -int getnameinfo_pretty(int fd, char **ret); const char* socket_address_bind_ipv6_only_to_string(SocketAddressBindIPv6Only b) _const_; SocketAddressBindIPv6Only socket_address_bind_ipv6_only_from_string(const char *s) _pure_; diff --git a/src/basic/stat-util.c b/src/basic/stat-util.c index 3a54103f1b..3689f6e983 100644 --- a/src/basic/stat-util.c +++ b/src/basic/stat-util.c @@ -214,8 +214,19 @@ int path_is_fs_type(const char *path, statfs_f_type_t magic_value) { } bool is_temporary_fs(const struct statfs *s) { - return is_fs_type(s, TMPFS_MAGIC) || - is_fs_type(s, RAMFS_MAGIC); + return is_fs_type(s, TMPFS_MAGIC) || + is_fs_type(s, RAMFS_MAGIC); +} + +bool is_network_fs(const struct statfs *s) { + return is_fs_type(s, CIFS_MAGIC_NUMBER) || + is_fs_type(s, CODA_SUPER_MAGIC) || + is_fs_type(s, NCP_SUPER_MAGIC) || + is_fs_type(s, NFS_SUPER_MAGIC) || + is_fs_type(s, SMB_SUPER_MAGIC) || + is_fs_type(s, V9FS_MAGIC) || + is_fs_type(s, AFS_SUPER_MAGIC) || + is_fs_type(s, OCFS2_SUPER_MAGIC); } int fd_is_temporary_fs(int fd) { @@ -227,15 +238,25 @@ int fd_is_temporary_fs(int fd) { return is_temporary_fs(&s); } +int fd_is_network_fs(int fd) { + struct statfs s; + + if (fstatfs(fd, &s) < 0) + return -errno; + + return is_network_fs(&s); +} + int fd_is_network_ns(int fd) { int r; r = fd_is_fs_type(fd, NSFS_MAGIC); if (r <= 0) return r; - r = ioctl(fd, NS_GET_NSTYPE); - if (r < 0) + + if (ioctl(fd, NS_GET_NSTYPE) < 0) return -errno; + return r == CLONE_NEWNET; } @@ -248,3 +269,32 @@ int path_is_temporary_fs(const char *path) { return fd_is_temporary_fs(fd); } + +int stat_verify_regular(const struct stat *st) { + assert(st); + + /* Checks whether the specified stat() structure refers to a regular file. If not returns an appropriate error + * code. */ + + if (S_ISDIR(st->st_mode)) + return -EISDIR; + + if (S_ISLNK(st->st_mode)) + return -ELOOP; + + if (!S_ISREG(st->st_mode)) + return -EBADFD; + + return 0; +} + +int fd_verify_regular(int fd) { + struct stat st; + + assert(fd >= 0); + + if (fstat(fd, &st) < 0) + return -errno; + + return stat_verify_regular(&st); +} diff --git a/src/basic/stat-util.h b/src/basic/stat-util.h index d8d3c20496..4b941f6104 100644 --- a/src/basic/stat-util.h +++ b/src/basic/stat-util.h @@ -61,8 +61,13 @@ int fd_is_fs_type(int fd, statfs_f_type_t magic_value); int path_is_fs_type(const char *path, statfs_f_type_t magic_value); bool is_temporary_fs(const struct statfs *s) _pure_; +bool is_network_fs(const struct statfs *s) _pure_; + int fd_is_temporary_fs(int fd); +int fd_is_network_fs(int fd); + int fd_is_network_ns(int fd); + int path_is_temporary_fs(const char *path); /* Because statfs.t_type can be int on some architectures, we have to cast @@ -70,3 +75,6 @@ int path_is_temporary_fs(const char *path); * signed/unsigned comparison, because the magic can be 32 bit unsigned. */ #define F_TYPE_EQUAL(a, b) (a == (typeof(a)) b) + +int stat_verify_regular(const struct stat *st); +int fd_verify_regular(int fd); diff --git a/src/basic/stdio-util.h b/src/basic/stdio-util.h index dbfafba269..d3fed365d8 100644 --- a/src/basic/stdio-util.h +++ b/src/basic/stdio-util.h @@ -27,9 +27,11 @@ #include "macro.h" -#define xsprintf(buf, fmt, ...) \ - assert_message_se((size_t) snprintf(buf, ELEMENTSOF(buf), fmt, __VA_ARGS__) < ELEMENTSOF(buf), "xsprintf: " #buf "[] must be big enough") +#define snprintf_ok(buf, len, fmt, ...) \ + ((size_t) snprintf(buf, len, fmt, __VA_ARGS__) < (len)) +#define xsprintf(buf, fmt, ...) \ + assert_message_se(snprintf_ok(buf, ELEMENTSOF(buf), fmt, __VA_ARGS__), "xsprintf: " #buf "[] must be big enough") #define VA_FORMAT_ADVANCE(format, ap) \ do { \ diff --git a/src/basic/strbuf.c b/src/basic/strbuf.c index 8befffa66f..bc3e56cf71 100644 --- a/src/basic/strbuf.c +++ b/src/basic/strbuf.c @@ -190,7 +190,7 @@ ssize_t strbuf_add_string(struct strbuf *str, const char *s, size_t len) { node_child->value_len = len; /* extend array, add new entry, sort for bisection */ - child = realloc(node->children, (node->children_count + 1) * sizeof(struct strbuf_child_entry)); + child = reallocarray(node->children, node->children_count + 1, sizeof(struct strbuf_child_entry)); if (!child) { free(node_child); return -ENOMEM; diff --git a/src/basic/strv.c b/src/basic/strv.c index 54c701aee2..e80ff4a62c 100644 --- a/src/basic/strv.c +++ b/src/basic/strv.c @@ -214,7 +214,7 @@ int strv_extend_strv(char ***a, char **b, bool filter_duplicates) { p = strv_length(*a); q = strv_length(b); - t = realloc(*a, sizeof(char*) * (p + q + 1)); + t = reallocarray(*a, p + q + 1, sizeof(char *)); if (!t) return -ENOMEM; @@ -393,42 +393,6 @@ char *strv_join(char **l, const char *separator) { return r; } -char *strv_join_quoted(char **l) { - char *buf = NULL; - char **s; - size_t allocated = 0, len = 0; - - STRV_FOREACH(s, l) { - /* assuming here that escaped string cannot be more - * than twice as long, and reserving space for the - * separator and quotes. - */ - _cleanup_free_ char *esc = NULL; - size_t needed; - - if (!GREEDY_REALLOC(buf, allocated, - len + strlen(*s) * 2 + 3)) - goto oom; - - esc = cescape(*s); - if (!esc) - goto oom; - - needed = snprintf(buf + len, allocated - len, "%s\"%s\"", - len > 0 ? " " : "", esc); - assert(needed < allocated - len); - len += needed; - } - - if (!buf) - buf = malloc0(1); - - return buf; - - oom: - return mfree(buf); -} - int strv_push(char ***l, char *value) { char **c; unsigned n, m; @@ -443,7 +407,7 @@ int strv_push(char ***l, char *value) { if (m < n) return -ENOMEM; - c = realloc_multiply(*l, sizeof(char*), m); + c = reallocarray(*l, m, sizeof(char*)); if (!c) return -ENOMEM; @@ -468,7 +432,7 @@ int strv_push_pair(char ***l, char *a, char *b) { if (m < n) return -ENOMEM; - c = realloc_multiply(*l, sizeof(char*), m); + c = reallocarray(*l, m, sizeof(char*)); if (!c) return -ENOMEM; @@ -482,7 +446,7 @@ int strv_push_pair(char ***l, char *a, char *b) { return 0; } -int strv_push_prepend(char ***l, char *value) { +int strv_insert(char ***l, unsigned position, char *value) { char **c; unsigned n, m, i; @@ -490,6 +454,7 @@ int strv_push_prepend(char ***l, char *value) { return 0; n = strv_length(*l); + position = MIN(position, n); /* increase and check for overflow */ m = n + 2; @@ -500,10 +465,12 @@ int strv_push_prepend(char ***l, char *value) { if (!c) return -ENOMEM; - for (i = 0; i < n; i++) + for (i = 0; i < position; i++) + c[i] = (*l)[i]; + c[position] = value; + for (i = position; i < n; i++) c[i+1] = (*l)[i]; - c[0] = value; c[n+1] = NULL; free(*l); @@ -579,7 +546,7 @@ int strv_extend_front(char ***l, const char *value) { if (!v) return -ENOMEM; - c = realloc_multiply(*l, sizeof(char*), m); + c = reallocarray(*l, m, sizeof(char*)); if (!c) { free(v); return -ENOMEM; @@ -894,7 +861,7 @@ int strv_extend_n(char ***l, const char *value, size_t n) { k = strv_length(*l); - nl = realloc(*l, sizeof(char*) * (k + n + 1)); + nl = reallocarray(*l, k + n + 1, sizeof(char *)); if (!nl) return -ENOMEM; diff --git a/src/basic/strv.h b/src/basic/strv.h index 0ed6b74330..f169ac5d4f 100644 --- a/src/basic/strv.h +++ b/src/basic/strv.h @@ -54,7 +54,12 @@ int strv_extendf(char ***l, const char *format, ...) _printf_(2,0); int strv_extend_front(char ***l, const char *value); int strv_push(char ***l, char *value); int strv_push_pair(char ***l, char *a, char *b); -int strv_push_prepend(char ***l, char *value); +int strv_insert(char ***l, unsigned position, char *value); + +static inline int strv_push_prepend(char ***l, char *value) { + return strv_insert(l, 0, value); +} + int strv_consume(char ***l, char *value); int strv_consume_pair(char ***l, char *a, char *b); int strv_consume_prepend(char ***l, char *value); @@ -86,7 +91,6 @@ char **strv_split_newlines(const char *s); int strv_split_extract(char ***t, const char *s, const char *separators, ExtractFlags flags); char *strv_join(char **l, const char *separator); -char *strv_join_quoted(char **l); char **strv_parse_nulstr(const char *s, size_t l); char **strv_split_nulstr(const char *s); @@ -175,6 +179,7 @@ static inline bool strv_fnmatch_or_empty(char* const* patterns, const char *s, i } char ***strv_free_free(char ***l); +DEFINE_TRIVIAL_CLEANUP_FUNC(char***, strv_free_free); char **strv_skip(char **l, size_t n); diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c index 42336e8fdf..eacfd14677 100644 --- a/src/basic/terminal-util.c +++ b/src/basic/terminal-util.c @@ -48,6 +48,8 @@ #include "log.h" #include "macro.h" #include "parse-util.h" +#include "path-util.h" +#include "proc-cmdline.h" #include "process-util.h" #include "socket-util.h" #include "stat-util.h" @@ -56,14 +58,20 @@ #include "terminal-util.h" #include "time-util.h" #include "util.h" -#include "path-util.h" static volatile unsigned cached_columns = 0; static volatile unsigned cached_lines = 0; +static volatile int cached_on_tty = -1; +static volatile int cached_colors_enabled = -1; +static volatile int cached_underline_enabled = -1; + int chvt(int vt) { _cleanup_close_ int fd; + /* Switch to the specified vt number. If the VT is specified <= 0 switch to the VT the kernel log messages go, + * if that's configured. */ + fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK); if (fd < 0) return -errno; @@ -323,8 +331,8 @@ int reset_terminal(const char *name) { } int open_terminal(const char *name, int mode) { - int fd, r; unsigned c = 0; + int fd; /* * If a TTY is in the process of being closed opening it might @@ -354,8 +362,7 @@ int open_terminal(const char *name, int mode) { c++; } - r = isatty(fd); - if (r == 0) { + if (isatty(fd) <= 0) { safe_close(fd); return -ENOTTY; } @@ -365,44 +372,36 @@ int open_terminal(const char *name, int mode) { int acquire_terminal( const char *name, - bool fail, - bool force, - bool ignore_tiocstty_eperm, + AcquireTerminalFlags flags, usec_t timeout) { - int fd = -1, notify = -1, r = 0, wd = -1; - usec_t ts = 0; + _cleanup_close_ int notify = -1, fd = -1; + usec_t ts = USEC_INFINITY; + int r, wd = -1; assert(name); + assert(IN_SET(flags & ~ACQUIRE_TERMINAL_PERMISSIVE, ACQUIRE_TERMINAL_TRY, ACQUIRE_TERMINAL_FORCE, ACQUIRE_TERMINAL_WAIT)); - /* We use inotify to be notified when the tty is closed. We - * create the watch before checking if we can actually acquire - * it, so that we don't lose any event. + /* We use inotify to be notified when the tty is closed. We create the watch before checking if we can actually + * acquire it, so that we don't lose any event. * - * Note: strictly speaking this actually watches for the - * device being closed, it does *not* really watch whether a - * tty loses its controlling process. However, unless some - * rogue process uses TIOCNOTTY on /dev/tty *after* closing - * its tty otherwise this will not become a problem. As long - * as the administrator makes sure not configure any service - * on the same tty as an untrusted user this should not be a - * problem. (Which he probably should not do anyway.) */ - - if (timeout != USEC_INFINITY) - ts = now(CLOCK_MONOTONIC); - - if (!fail && !force) { + * Note: strictly speaking this actually watches for the device being closed, it does *not* really watch + * whether a tty loses its controlling process. However, unless some rogue process uses TIOCNOTTY on /dev/tty + * *after* closing its tty otherwise this will not become a problem. As long as the administrator makes sure to + * not configure any service on the same tty as an untrusted user this should not be a problem. (Which they + * probably should not do anyway.) */ + + if ((flags & ~ACQUIRE_TERMINAL_PERMISSIVE) == ACQUIRE_TERMINAL_WAIT) { notify = inotify_init1(IN_CLOEXEC | (timeout != USEC_INFINITY ? IN_NONBLOCK : 0)); - if (notify < 0) { - r = -errno; - goto fail; - } + if (notify < 0) + return -errno; wd = inotify_add_watch(notify, name, IN_CLOSE); - if (wd < 0) { - r = -errno; - goto fail; - } + if (wd < 0) + return -errno; + + if (timeout != USEC_INFINITY) + ts = now(CLOCK_MONOTONIC); } for (;;) { @@ -414,41 +413,43 @@ int acquire_terminal( if (notify >= 0) { r = flush_fd(notify); if (r < 0) - goto fail; + return r; } - /* We pass here O_NOCTTY only so that we can check the return - * value TIOCSCTTY and have a reliable way to figure out if we - * successfully became the controlling process of the tty */ + /* We pass here O_NOCTTY only so that we can check the return value TIOCSCTTY and have a reliable way + * to figure out if we successfully became the controlling process of the tty */ fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC); if (fd < 0) return fd; - /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed - * if we already own the tty. */ + /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed if we already own the tty. */ assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0); /* First, try to get the tty */ - if (ioctl(fd, TIOCSCTTY, force) < 0) - r = -errno; + r = ioctl(fd, TIOCSCTTY, + (flags & ~ACQUIRE_TERMINAL_PERMISSIVE) == ACQUIRE_TERMINAL_FORCE) < 0 ? -errno : 0; + /* Reset signal handler to old value */ assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0); - /* Sometimes, it makes sense to ignore TIOCSCTTY - * returning EPERM, i.e. when very likely we already - * are have this controlling terminal. */ - if (r < 0 && r == -EPERM && ignore_tiocstty_eperm) - r = 0; + /* Success? Exit the loop now! */ + if (r >= 0) + break; - if (r < 0 && (force || fail || r != -EPERM)) - goto fail; + /* Any failure besides -EPERM? Fail, regardless of the mode. */ + if (r != -EPERM) + return r; - if (r >= 0) + if (flags & ACQUIRE_TERMINAL_PERMISSIVE) /* If we are in permissive mode, then EPERM is fine, turn this + * into a success. Note that EPERM is also returned if we + * already are the owner of the TTY. */ break; - assert(!fail); - assert(!force); + if (flags != ACQUIRE_TERMINAL_WAIT) /* If we are in TRY or FORCE mode, then propagate EPERM as EPERM */ + return r; + assert(notify >= 0); + assert(wd >= 0); for (;;) { union inotify_event_buffer buffer; @@ -458,20 +459,17 @@ int acquire_terminal( if (timeout != USEC_INFINITY) { usec_t n; + assert(ts != USEC_INFINITY); + n = now(CLOCK_MONOTONIC); - if (ts + timeout < n) { - r = -ETIMEDOUT; - goto fail; - } + if (ts + timeout < n) + return -ETIMEDOUT; r = fd_wait_for_event(notify, POLLIN, ts + timeout - n); if (r < 0) - goto fail; - - if (r == 0) { - r = -ETIMEDOUT; - goto fail; - } + return r; + if (r == 0) + return -ETIMEDOUT; } l = read(notify, &buffer, sizeof(buffer)); @@ -479,34 +477,27 @@ int acquire_terminal( if (IN_SET(errno, EINTR, EAGAIN)) continue; - r = -errno; - goto fail; + return -errno; } FOREACH_INOTIFY_EVENT(e, buffer, l) { - if (e->wd != wd || !(e->mask & IN_CLOSE)) { - r = -EIO; - goto fail; - } + if (e->mask & IN_Q_OVERFLOW) /* If we hit an inotify queue overflow, simply check if the terminal is up for grabs now. */ + break; + + if (e->wd != wd || !(e->mask & IN_CLOSE)) /* Safety checks */ + return -EIO; } break; } - /* We close the tty fd here since if the old session - * ended our handle will be dead. It's important that - * we do this after sleeping, so that we don't enter - * an endless loop. */ + /* We close the tty fd here since if the old session ended our handle will be dead. It's important that + * we do this after sleeping, so that we don't enter an endless loop. */ fd = safe_close(fd); } - safe_close(notify); - - return fd; - -fail: - safe_close(fd); - safe_close(notify); + r = fd; + fd = -1; return r; } @@ -519,7 +510,7 @@ int release_terminal(void) { _cleanup_close_ int fd = -1; struct sigaction sa_old; - int r = 0; + int r; fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK); if (fd < 0) @@ -529,8 +520,7 @@ int release_terminal(void) { * by our own TIOCNOTTY */ assert_se(sigaction(SIGHUP, &sa_new, &sa_old) == 0); - if (ioctl(fd, TIOCNOTTY) < 0) - r = -errno; + r = ioctl(fd, TIOCNOTTY) < 0 ? -errno : 0; assert_se(sigaction(SIGHUP, &sa_old, NULL) == 0); @@ -630,7 +620,7 @@ int make_console_stdio(void) { /* Make /dev/console the controlling terminal and stdin/stdout/stderr */ - fd = acquire_terminal("/dev/console", false, true, true, USEC_INFINITY); + fd = acquire_terminal("/dev/console", ACQUIRE_TERMINAL_FORCE|ACQUIRE_TERMINAL_PERMISSIVE, USEC_INFINITY); if (fd < 0) return log_error_errno(fd, "Failed to acquire terminal: %m"); @@ -638,9 +628,11 @@ int make_console_stdio(void) { if (r < 0) log_warning_errno(r, "Failed to reset terminal, ignoring: %m"); - r = make_stdio(fd); + r = rearrange_stdio(fd, fd, fd); /* This invalidates 'fd' both on success and on failure. */ if (r < 0) - return log_error_errno(r, "Failed to duplicate terminal fd: %m"); + return log_error_errno(r, "Failed to make terminal stdin/stdout/stderr: %m"); + + reset_terminal_feature_caches(); return 0; } @@ -680,57 +672,80 @@ int vtnr_from_tty(const char *tty) { return i; } -char *resolve_dev_console(char **active) { + int resolve_dev_console(char **ret) { + _cleanup_free_ char *active = NULL; char *tty; + int r; - /* Resolve where /dev/console is pointing to, if /sys is actually ours - * (i.e. not read-only-mounted which is a sign for container setups) */ + assert(ret); + + /* Resolve where /dev/console is pointing to, if /sys is actually ours (i.e. not read-only-mounted which is a + * sign for container setups) */ if (path_is_read_only_fs("/sys") > 0) - return NULL; + return -ENOMEDIUM; - if (read_one_line_file("/sys/class/tty/console/active", active) < 0) - return NULL; + r = read_one_line_file("/sys/class/tty/console/active", &active); + if (r < 0) + return r; - /* If multiple log outputs are configured the last one is what - * /dev/console points to */ - tty = strrchr(*active, ' '); + /* If multiple log outputs are configured the last one is what /dev/console points to */ + tty = strrchr(active, ' '); if (tty) tty++; else - tty = *active; + tty = active; if (streq(tty, "tty0")) { - char *tmp; + active = mfree(active); /* Get the active VC (e.g. tty1) */ - if (read_one_line_file("/sys/class/tty/tty0/active", &tmp) >= 0) { - free(*active); - tty = *active = tmp; - } + r = read_one_line_file("/sys/class/tty/tty0/active", &active); + if (r < 0) + return r; + + tty = active; + } + + if (tty == active) { + *ret = active; + active = NULL; + } else { + char *tmp; + + tmp = strdup(tty); + if (!tmp) + return -ENOMEM; + + *ret = tmp; } - return tty; + return 0; } -int get_kernel_consoles(char ***consoles) { - _cleanup_strv_free_ char **con = NULL; +int get_kernel_consoles(char ***ret) { + _cleanup_strv_free_ char **l = NULL; _cleanup_free_ char *line = NULL; - const char *active; + const char *p; int r; - assert(consoles); + assert(ret); + + /* If /sys is mounted read-only this means we are running in some kind of container environment. In that + * case /sys would reflect the host system, not us, hence ignore the data we can read from it. */ + if (path_is_read_only_fs("/sys") > 0) + goto fallback; r = read_one_line_file("/sys/class/tty/console/active", &line); if (r < 0) return r; - active = line; + p = line; for (;;) { _cleanup_free_ char *tty = NULL; char *path; - r = extract_first_word(&active, &tty, NULL, 0); + r = extract_first_word(&p, &tty, NULL, 0); if (r < 0) return r; if (r == 0) @@ -753,35 +768,44 @@ int get_kernel_consoles(char ***consoles) { continue; } - r = strv_consume(&con, path); + r = strv_consume(&l, path); if (r < 0) return r; } - if (strv_isempty(con)) { + if (strv_isempty(l)) { log_debug("No devices found for system console"); - - r = strv_extend(&con, "/dev/console"); - if (r < 0) - return r; + goto fallback; } - *consoles = con; - con = NULL; + *ret = l; + l = NULL; + + return 0; + +fallback: + r = strv_extend(&l, "/dev/console"); + if (r < 0) + return r; + + *ret = l; + l = NULL; + return 0; } bool tty_is_vc_resolve(const char *tty) { - _cleanup_free_ char *active = NULL; + _cleanup_free_ char *resolved = NULL; assert(tty); tty = skip_dev_prefix(tty); if (streq(tty, "console")) { - tty = resolve_dev_console(&active); - if (!tty) + if (resolve_dev_console(&resolved) < 0) return false; + + tty = resolved; } return tty_is_vc(tty); @@ -807,7 +831,7 @@ unsigned columns(void) { const char *e; int c; - if (_likely_(cached_columns > 0)) + if (cached_columns > 0) return cached_columns; c = 0; @@ -841,7 +865,7 @@ unsigned lines(void) { const char *e; int l; - if (_likely_(cached_lines > 0)) + if (cached_lines > 0) return cached_lines; l = 0; @@ -865,44 +889,20 @@ void columns_lines_cache_reset(int signum) { cached_lines = 0; } -bool on_tty(void) { - static int cached_on_tty = -1; - - if (_unlikely_(cached_on_tty < 0)) - cached_on_tty = isatty(STDOUT_FILENO) > 0; - - return cached_on_tty; -} - -int make_stdio(int fd) { - int r = 0; - - assert(fd >= 0); - - if (dup2(fd, STDIN_FILENO) < 0 && r >= 0) - r = -errno; - if (dup2(fd, STDOUT_FILENO) < 0 && r >= 0) - r = -errno; - if (dup2(fd, STDERR_FILENO) < 0 && r >= 0) - r = -errno; - - if (fd >= 3) - safe_close(fd); - - /* Explicitly unset O_CLOEXEC, since if fd was < 3, then dup2() was a NOP and the bit hence possibly set. */ - stdio_unset_cloexec(); +void reset_terminal_feature_caches(void) { + cached_columns = 0; + cached_lines = 0; - return r; + cached_colors_enabled = -1; + cached_underline_enabled = -1; + cached_on_tty = -1; } -int make_null_stdio(void) { - int null_fd; - - null_fd = open("/dev/null", O_RDWR|O_NOCTTY|O_CLOEXEC); - if (null_fd < 0) - return -errno; +bool on_tty(void) { + if (cached_on_tty < 0) + cached_on_tty = isatty(STDOUT_FILENO) > 0; - return make_stdio(null_fd); + return cached_on_tty; } int getttyname_malloc(int fd, char **ret) { @@ -1205,38 +1205,63 @@ bool terminal_is_dumb(void) { } bool colors_enabled(void) { - static int enabled = -1; - if (_unlikely_(enabled < 0)) { + /* Returns true if colors are considered supported on our stdout. For that we check $SYSTEMD_COLORS first + * (which is the explicit way to turn colors on/off). If that didn't work we turn colors off unless we are on a + * TTY. And if we are on a TTY we turn it off if $TERM is set to "dumb". There's one special tweak though: if + * we are PID 1 then we do not check whether we are connected to a TTY, because we don't keep /dev/console open + * continously due to fear of SAK, and hence things are a bit weird. */ + + if (cached_colors_enabled < 0) { int val; val = getenv_bool("SYSTEMD_COLORS"); if (val >= 0) - enabled = val; + cached_colors_enabled = val; else if (getpid_cached() == 1) /* PID1 outputs to the console without holding it open all the time */ - enabled = !getenv_terminal_is_dumb(); + cached_colors_enabled = !getenv_terminal_is_dumb(); else - enabled = !terminal_is_dumb(); + cached_colors_enabled = !terminal_is_dumb(); } - return enabled; + return cached_colors_enabled; +} + +bool dev_console_colors_enabled(void) { + _cleanup_free_ char *s = NULL; + int b; + + /* Returns true if we assume that color is supported on /dev/console. + * + * For that we first check if we explicitly got told to use colors or not, by checking $SYSTEMD_COLORS. If that + * isn't set we check whether PID 1 has $TERM set, and if not, whether TERM is set on the kernel command + * line. If we find $TERM set we assume color if it's not set to "dumb", similarly to how regular + * colors_enabled() operates. */ + + b = getenv_bool("SYSTEMD_COLORS"); + if (b >= 0) + return b; + + if (getenv_for_pid(1, "TERM", &s) <= 0) + (void) proc_cmdline_get_key("TERM", 0, &s); + + return !streq_ptr(s, "dumb"); } bool underline_enabled(void) { - static int enabled = -1; - if (enabled < 0) { + if (cached_underline_enabled < 0) { /* The Linux console doesn't support underlining, turn it off, but only there. */ - if (!colors_enabled()) - enabled = false; + if (colors_enabled()) + cached_underline_enabled = !streq_ptr(getenv("TERM"), "linux"); else - enabled = !streq_ptr(getenv("TERM"), "linux"); + cached_underline_enabled = false; } - return enabled; + return cached_underline_enabled; } int vt_default_utf8(void) { diff --git a/src/basic/terminal-util.h b/src/basic/terminal-util.h index e82719b11b..b57157e3bb 100644 --- a/src/basic/terminal-util.h +++ b/src/basic/terminal-util.h @@ -28,21 +28,45 @@ #include "macro.h" #include "time-util.h" -#define ANSI_RED "\x1B[0;31m" -#define ANSI_GREEN "\x1B[0;32m" +/* Regular colors */ +#define ANSI_BLACK "\x1B[0;30m" +#define ANSI_RED "\x1B[0;31m" +#define ANSI_GREEN "\x1B[0;32m" +#define ANSI_YELLOW "\x1B[0;33m" +#define ANSI_BLUE "\x1B[0;34m" +#define ANSI_MAGENTA "\x1B[0;35m" +#define ANSI_CYAN "\x1B[0;36m" +#define ANSI_WHITE "\x1B[0;37m" + +/* Bold/highlighted */ +#define ANSI_HIGHLIGHT_BLACK "\x1B[0;1;30m" +#define ANSI_HIGHLIGHT_RED "\x1B[0;1;31m" +#define ANSI_HIGHLIGHT_GREEN "\x1B[0;1;32m" +#define ANSI_HIGHLIGHT_YELLOW "\x1B[0;1;33m" +#define ANSI_HIGHLIGHT_BLUE "\x1B[0;1;34m" +#define ANSI_HIGHLIGHT_MAGENTA "\x1B[0;1;35m" +#define ANSI_HIGHLIGHT_CYAN "\x1B[0;1;36m" +#define ANSI_HIGHLIGHT_WHITE "\x1B[0;1;37m" + +/* Underlined */ +#define ANSI_HIGHLIGHT_BLACK_UNDERLINE "\x1B[0;1;4;30m" +#define ANSI_HIGHLIGHT_RED_UNDERLINE "\x1B[0;1;4;31m" +#define ANSI_HIGHLIGHT_GREEN_UNDERLINE "\x1B[0;1;4;32m" +#define ANSI_HIGHLIGHT_YELLOW_UNDERLINE "\x1B[0;1;4;33m" +#define ANSI_HIGHLIGHT_BLUE_UNDERLINE "\x1B[0;1;4;34m" +#define ANSI_HIGHLIGHT_MAGENTA_UNDERLINE "\x1B[0;1;4;35m" +#define ANSI_HIGHLIGHT_CYAN_UNDERLINE "\x1B[0;1;4;36m" +#define ANSI_HIGHLIGHT_WHITE_UNDERLINE "\x1B[0;1;4;37m" + +/* Other ANSI codes */ #define ANSI_UNDERLINE "\x1B[0;4m" #define ANSI_HIGHLIGHT "\x1B[0;1;39m" -#define ANSI_HIGHLIGHT_RED "\x1B[0;1;31m" -#define ANSI_HIGHLIGHT_GREEN "\x1B[0;1;32m" -#define ANSI_HIGHLIGHT_YELLOW "\x1B[0;1;33m" -#define ANSI_HIGHLIGHT_BLUE "\x1B[0;1;34m" #define ANSI_HIGHLIGHT_UNDERLINE "\x1B[0;1;4m" -#define ANSI_HIGHLIGHT_RED_UNDERLINE "\x1B[0;1;4;31m" -#define ANSI_HIGHLIGHT_GREEN_UNDERLINE "\x1B[0;1;4;32m" -#define ANSI_HIGHLIGHT_YELLOW_UNDERLINE "\x1B[0;1;4;33m" -#define ANSI_HIGHLIGHT_BLUE_UNDERLINE "\x1B[0;1;4;34m" + +/* Reset/clear ANSI styles */ #define ANSI_NORMAL "\x1B[0m" +/* Erase characters until the end of the line */ #define ANSI_ERASE_TO_END_OF_LINE "\x1B[K" /* Set cursor to top left corner and clear screen */ @@ -52,7 +76,23 @@ int reset_terminal_fd(int fd, bool switch_to_text); int reset_terminal(const char *name); int open_terminal(const char *name, int mode); -int acquire_terminal(const char *name, bool fail, bool force, bool ignore_tiocstty_eperm, usec_t timeout); + +/* Flags for tweaking the way we become the controlling process of a terminal. */ +typedef enum AcquireTerminalFlags { + /* Try to become the controlling process of the TTY. If we can't return -EPERM. */ + ACQUIRE_TERMINAL_TRY = 0, + + /* Tell the kernel to forcibly make us the controlling process of the TTY. Returns -EPERM if the kernel doesn't allow that. */ + ACQUIRE_TERMINAL_FORCE = 1, + + /* If we can't become the controlling process of the TTY right-away, then wait until we can. */ + ACQUIRE_TERMINAL_WAIT = 2, + + /* Pick one of the above, and then OR this flag in, in order to request permissive behaviour, if we can't become controlling process then don't mind */ + ACQUIRE_TERMINAL_PERMISSIVE = 4, +} AcquireTerminalFlags; + +int acquire_terminal(const char *name, AcquireTerminalFlags flags, usec_t timeout); int release_terminal(void); int terminal_vhangup_fd(int fd); @@ -66,28 +106,29 @@ int ask_string(char **ret, const char *text, ...) _printf_(2, 3); int vt_disallocate(const char *name); -char *resolve_dev_console(char **active); -int get_kernel_consoles(char ***consoles); +int resolve_dev_console(char **ret); +int get_kernel_consoles(char ***ret); bool tty_is_vc(const char *tty); bool tty_is_vc_resolve(const char *tty); bool tty_is_console(const char *tty) _pure_; int vtnr_from_tty(const char *tty); const char *default_term_for_tty(const char *tty); -int make_stdio(int fd); -int make_null_stdio(void); int make_console_stdio(void); int fd_columns(int fd); unsigned columns(void); int fd_lines(int fd); unsigned lines(void); + void columns_lines_cache_reset(int _unused_ signum); +void reset_terminal_feature_caches(void); bool on_tty(void); bool terminal_is_dumb(void); bool colors_enabled(void); bool underline_enabled(void); +bool dev_console_colors_enabled(void); #define DEFINE_ANSI_FUNC(name, NAME) \ static inline const char *ansi_##name(void) { \ diff --git a/src/basic/time-util.h b/src/basic/time-util.h index dc4a159310..a8c5a8375b 100644 --- a/src/basic/time-util.h +++ b/src/basic/time-util.h @@ -100,12 +100,12 @@ triple_timestamp* triple_timestamp_from_realtime(triple_timestamp *ts, usec_t u) #define TRIPLE_TIMESTAMP_HAS_CLOCK(clock) \ IN_SET(clock, CLOCK_REALTIME, CLOCK_REALTIME_ALARM, CLOCK_MONOTONIC, CLOCK_BOOTTIME, CLOCK_BOOTTIME_ALARM) -static inline bool dual_timestamp_is_set(dual_timestamp *ts) { +static inline bool dual_timestamp_is_set(const dual_timestamp *ts) { return ((ts->realtime > 0 && ts->realtime != USEC_INFINITY) || (ts->monotonic > 0 && ts->monotonic != USEC_INFINITY)); } -static inline bool triple_timestamp_is_set(triple_timestamp *ts) { +static inline bool triple_timestamp_is_set(const triple_timestamp *ts) { return ((ts->realtime > 0 && ts->realtime != USEC_INFINITY) || (ts->monotonic > 0 && ts->monotonic != USEC_INFINITY) || (ts->boottime > 0 && ts->boottime != USEC_INFINITY)); diff --git a/src/basic/user-util.c b/src/basic/user-util.c index 17a9b5a8f1..ceb71b61e8 100644 --- a/src/basic/user-util.c +++ b/src/basic/user-util.c @@ -197,6 +197,25 @@ int get_user_creds( return 0; } +static inline bool is_nologin_shell(const char *shell) { + + return PATH_IN_SET(shell, + /* 'nologin' is the friendliest way to disable logins for a user account. It prints a nice + * message and exits. Different distributions place the binary at different places though, + * hence let's list them all. */ + "/bin/nologin", + "/sbin/nologin", + "/usr/bin/nologin", + "/usr/sbin/nologin", + /* 'true' and 'false' work too for the same purpose, but are less friendly as they don't do + * any message printing. Different distributions place the binary at various places but at + * least not in the 'sbin' directory. */ + "/bin/false", + "/usr/bin/false", + "/bin/true", + "/usr/bin/true"); +} + int get_user_creds_clean( const char **username, uid_t *uid, gid_t *gid, @@ -212,11 +231,7 @@ int get_user_creds_clean( return r; if (shell && - (isempty(*shell) || PATH_IN_SET(*shell, - "/bin/nologin", - "/sbin/nologin", - "/usr/bin/nologin", - "/usr/sbin/nologin"))) + (isempty(*shell) || is_nologin_shell(*shell))) *shell = NULL; if (home && @@ -553,18 +568,18 @@ int take_etc_passwd_lock(const char *root) { * awfully racy, and thus we just won't do them. */ if (root) - path = prefix_roota(root, "/etc/.pwd.lock"); + path = prefix_roota(root, ETC_PASSWD_LOCK_PATH); else - path = "/etc/.pwd.lock"; + path = ETC_PASSWD_LOCK_PATH; fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600); if (fd < 0) - return -errno; + return log_debug_errno(errno, "Cannot open %s: %m", path); r = fcntl(fd, F_SETLKW, &flock); if (r < 0) { safe_close(fd); - return -errno; + return log_debug_errno(errno, "Locking %s failed: %m", path); } return fd; @@ -645,6 +660,8 @@ bool valid_gecos(const char *d) { } bool valid_home(const char *p) { + /* Note that this function is also called by valid_shell(), any + * changes must account for that. */ if (isempty(p)) return false; diff --git a/src/basic/user-util.h b/src/basic/user-util.h index 5f0391f2b8..e1259a1582 100644 --- a/src/basic/user-util.h +++ b/src/basic/user-util.h @@ -63,6 +63,8 @@ int take_etc_passwd_lock(const char *root); #define UID_NOBODY ((uid_t) 65534U) #define GID_NOBODY ((gid_t) 65534U) +#define ETC_PASSWD_LOCK_PATH "/etc/.pwd.lock" + static inline bool uid_is_dynamic(uid_t uid) { return DYNAMIC_UID_MIN <= uid && uid <= DYNAMIC_UID_MAX; } @@ -96,6 +98,15 @@ bool valid_user_group_name_or_id(const char *u); bool valid_gecos(const char *d); bool valid_home(const char *p); +static inline bool valid_shell(const char *p) { + /* We have the same requirements, so just piggy-back on the home check. + * + * Let's ignore /etc/shells because this is only applicable to real and + * not system users. It is also incompatible with the idea of empty /etc. + */ + return valid_home(p); +} + int maybe_setgroups(size_t size, const gid_t *list); bool synthesize_nobody(void); diff --git a/src/basic/utf8.c b/src/basic/utf8.c index 4da9a405cb..b17f420264 100644 --- a/src/basic/utf8.c +++ b/src/basic/utf8.c @@ -408,3 +408,22 @@ int utf8_encoded_valid_unichar(const char *str) { return len; } + +size_t utf8_n_codepoints(const char *str) { + size_t n = 0; + + /* Returns the number of UTF-8 codepoints in this string, or (size_t) -1 if the string is not valid UTF-8. */ + + while (*str != 0) { + int k; + + k = utf8_encoded_valid_unichar(str); + if (k < 0) + return (size_t) -1; + + str += k; + n++; + } + + return n; +} diff --git a/src/basic/utf8.h b/src/basic/utf8.h index b0a7485aed..7128615181 100644 --- a/src/basic/utf8.h +++ b/src/basic/utf8.h @@ -59,3 +59,5 @@ static inline bool utf16_is_trailing_surrogate(char16_t c) { static inline char32_t utf16_surrogate_pair_to_unichar(char16_t lead, char16_t trail) { return ((lead - 0xd800) << 10) + (trail - 0xdc00) + 0x10000; } + +size_t utf8_n_codepoints(const char *str); diff --git a/src/basic/util.c b/src/basic/util.c index c7f1513f3e..7863a14fb2 100644 --- a/src/basic/util.c +++ b/src/basic/util.c @@ -518,29 +518,6 @@ uint64_t system_tasks_max_scale(uint64_t v, uint64_t max) { return m / max; } -int update_reboot_parameter_and_warn(const char *param) { - int r; - - if (isempty(param)) { - if (unlink("/run/systemd/reboot-param") < 0) { - if (errno == ENOENT) - return 0; - - return log_warning_errno(errno, "Failed to unlink reboot parameter file: %m"); - } - - return 0; - } - - RUN_WITH_UMASK(0022) { - r = write_string_file("/run/systemd/reboot-param", param, WRITE_STRING_FILE_CREATE); - if (r < 0) - return log_warning_errno(r, "Failed to write reboot parameter file: %m"); - } - - return 0; -} - int version(void) { puts(PACKAGE_STRING "\n" SYSTEMD_FEATURES); diff --git a/src/basic/util.h b/src/basic/util.h index 9d1b10756b..6f8d8bef34 100644 --- a/src/basic/util.h +++ b/src/basic/util.h @@ -186,8 +186,6 @@ uint64_t physical_memory_scale(uint64_t v, uint64_t max); uint64_t system_tasks_max(void); uint64_t system_tasks_max_scale(uint64_t v, uint64_t max); -int update_reboot_parameter_and_warn(const char *param); - int version(void); int str_verscmp(const char *s1, const char *s2); diff --git a/src/basic/verbs.c b/src/basic/verbs.c index 47644670da..4f3cd91465 100644 --- a/src/basic/verbs.c +++ b/src/basic/verbs.c @@ -41,7 +41,7 @@ bool running_in_chroot_or_offline(void) { /* Added to support use cases like rpm-ostree, where from %post scripts we only want to execute "preset", but * not "start"/"restart" for example. * - * See ENVIRONMENT.md for docs. + * See doc/ENVIRONMENT.md for docs. */ r = getenv_bool("SYSTEMD_OFFLINE"); if (r < 0 && r != -ENXIO) diff --git a/src/basic/virt.c b/src/basic/virt.c index f4796b53bc..39b4a98d89 100644 --- a/src/basic/virt.c +++ b/src/basic/virt.c @@ -57,6 +57,7 @@ static int detect_vm_cpuid(void) { { "Microsoft Hv", VIRTUALIZATION_MICROSOFT }, /* https://wiki.freebsd.org/bhyve */ { "bhyve bhyve ", VIRTUALIZATION_BHYVE }, + { "QNXQVMBSQG", VIRTUALIZATION_QNX }, }; uint32_t eax, ebx, ecx, edx; @@ -281,6 +282,10 @@ static int detect_vm_uml(void) { /* Detect User-Mode Linux by reading /proc/cpuinfo */ r = read_full_file("/proc/cpuinfo", &cpuinfo_contents, NULL); + if (r == -ENOENT) { + log_debug("/proc/cpuinfo not found, assuming no UML virtualization."); + return VIRTUALIZATION_NONE; + } if (r < 0) return r; @@ -289,7 +294,7 @@ static int detect_vm_uml(void) { return VIRTUALIZATION_UML; } - log_debug("No virtualization found in /proc/cpuinfo."); + log_debug("UML virtualization not found in /proc/cpuinfo."); return VIRTUALIZATION_NONE; } @@ -603,16 +608,16 @@ int running_in_userns(void) { } int running_in_chroot(void) { - int ret; + int r; if (getenv_bool("SYSTEMD_IGNORE_CHROOT") > 0) return 0; - ret = files_same("/proc/1/root", "/", 0); - if (ret < 0) - return ret; + r = files_same("/proc/1/root", "/", 0); + if (r < 0) + return r; - return ret == 0; + return r == 0; } static const char *const virtualization_table[_VIRTUALIZATION_MAX] = { @@ -628,6 +633,7 @@ static const char *const virtualization_table[_VIRTUALIZATION_MAX] = { [VIRTUALIZATION_ZVM] = "zvm", [VIRTUALIZATION_PARALLELS] = "parallels", [VIRTUALIZATION_BHYVE] = "bhyve", + [VIRTUALIZATION_QNX] = "qnx", [VIRTUALIZATION_VM_OTHER] = "vm-other", [VIRTUALIZATION_SYSTEMD_NSPAWN] = "systemd-nspawn", diff --git a/src/basic/virt.h b/src/basic/virt.h index d9badd8efe..1216bc7456 100644 --- a/src/basic/virt.h +++ b/src/basic/virt.h @@ -39,6 +39,7 @@ enum { VIRTUALIZATION_ZVM, VIRTUALIZATION_PARALLELS, VIRTUALIZATION_BHYVE, + VIRTUALIZATION_QNX, VIRTUALIZATION_VM_OTHER, VIRTUALIZATION_VM_LAST = VIRTUALIZATION_VM_OTHER, diff --git a/src/basic/xattr-util.c b/src/basic/xattr-util.c index 12d04eeffb..a37ee4b7ef 100644 --- a/src/basic/xattr-util.c +++ b/src/basic/xattr-util.c @@ -20,6 +20,7 @@ #include <errno.h> #include <fcntl.h> +#include <linux/stat.h> #include <stdint.h> #include <stdlib.h> #include <string.h> @@ -29,8 +30,10 @@ #include "alloc-util.h" #include "fd-util.h" #include "macro.h" +#include "missing.h" #include "sparse-endian.h" #include "stdio-util.h" +#include "string-util.h" #include "time-util.h" #include "xattr-util.h" @@ -104,24 +107,42 @@ int fgetxattr_malloc(int fd, const char *name, char **value) { } } -ssize_t fgetxattrat_fake(int dirfd, const char *filename, const char *attribute, void *value, size_t size, int flags) { +int fgetxattrat_fake( + int dirfd, + const char *filename, + const char *attribute, + void *value, size_t size, + int flags, + size_t *ret_size) { + char fn[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int) + 1]; _cleanup_close_ int fd = -1; ssize_t l; /* The kernel doesn't have a fgetxattrat() command, hence let's emulate one */ - fd = openat(dirfd, filename, O_CLOEXEC|O_PATH|(flags & AT_SYMLINK_NOFOLLOW ? O_NOFOLLOW : 0)); - if (fd < 0) - return -errno; + if (flags & ~(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH)) + return -EINVAL; + + if (isempty(filename)) { + if (!(flags & AT_EMPTY_PATH)) + return -EINVAL; + + xsprintf(fn, "/proc/self/fd/%i", dirfd); + } else { + fd = openat(dirfd, filename, O_CLOEXEC|O_PATH|(flags & AT_SYMLINK_NOFOLLOW ? O_NOFOLLOW : 0)); + if (fd < 0) + return -errno; - xsprintf(fn, "/proc/self/fd/%i", fd); + xsprintf(fn, "/proc/self/fd/%i", fd); + } l = getxattr(fn, attribute, value, size); if (l < 0) return -errno; - return l; + *ret_size = l; + return 0; } static int parse_crtime(le64_t le, usec_t *usec) { @@ -137,52 +158,66 @@ static int parse_crtime(le64_t le, usec_t *usec) { return 0; } -int fd_getcrtime(int fd, usec_t *usec) { +int fd_getcrtime_at(int dirfd, const char *name, usec_t *ret, int flags) { + struct_statx sx; + usec_t a, b; le64_t le; - ssize_t n; - - assert(fd >= 0); - assert(usec); + size_t n; + int r; + + assert(ret); + + if (flags & ~(AT_EMPTY_PATH|AT_SYMLINK_NOFOLLOW)) + return -EINVAL; + + /* So here's the deal: the creation/birth time (crtime/btime) of a file is a relatively newly supported concept + * on Linux (or more strictly speaking: a concept that only recently got supported in the API, it was + * implemented on various file systems on the lower level since a while, but never was accessible). However, we + * needed a concept like that for vaccuuming algorithms and such, hence we emulated it via a user xattr for a + * long time. Starting with Linux 4.11 there's statx() which exposes the timestamp to userspace for the first + * time, where it is available. Thius function will read it, but it tries to keep some compatibility with older + * systems: we try to read both the crtime/btime and the xattr, and then use whatever is older. After all the + * concept is useful for determining how "old" a file really is, and hence using the older of the two makes + * most sense. */ + + if (statx(dirfd, strempty(name), flags|AT_STATX_DONT_SYNC, STATX_BTIME, &sx) >= 0 && + (sx.stx_mask & STATX_BTIME) && + sx.stx_btime.tv_sec != 0) + a = (usec_t) sx.stx_btime.tv_sec * USEC_PER_SEC + + (usec_t) sx.stx_btime.tv_nsec / NSEC_PER_USEC; + else + a = USEC_INFINITY; + + r = fgetxattrat_fake(dirfd, name, "user.crtime_usec", &le, sizeof(le), flags, &n); + if (r >= 0) { + if (n != sizeof(le)) + r = -EIO; + else + r = parse_crtime(le, &b); + } + if (r < 0) { + if (a != USEC_INFINITY) { + *ret = a; + return 0; + } - /* Until Linux gets a real concept of birthtime/creation time, - * let's fake one with xattrs */ + return r; + } - n = fgetxattr(fd, "user.crtime_usec", &le, sizeof(le)); - if (n < 0) - return -errno; - if (n != sizeof(le)) - return -EIO; + if (a != USEC_INFINITY) + *ret = MIN(a, b); + else + *ret = b; - return parse_crtime(le, usec); + return 0; } -int fd_getcrtime_at(int dirfd, const char *name, usec_t *usec, int flags) { - le64_t le; - ssize_t n; - - n = fgetxattrat_fake(dirfd, name, "user.crtime_usec", &le, sizeof(le), flags); - if (n < 0) - return -errno; - if (n != sizeof(le)) - return -EIO; - - return parse_crtime(le, usec); +int fd_getcrtime(int fd, usec_t *ret) { + return fd_getcrtime_at(fd, NULL, ret, AT_EMPTY_PATH); } -int path_getcrtime(const char *p, usec_t *usec) { - le64_t le; - ssize_t n; - - assert(p); - assert(usec); - - n = getxattr(p, "user.crtime_usec", &le, sizeof(le)); - if (n < 0) - return -errno; - if (n != sizeof(le)) - return -EIO; - - return parse_crtime(le, usec); +int path_getcrtime(const char *p, usec_t *ret) { + return fd_getcrtime_at(AT_FDCWD, p, ret, 0); } int fd_setcrtime(int fd, usec_t usec) { @@ -190,7 +225,7 @@ int fd_setcrtime(int fd, usec_t usec) { assert(fd >= 0); - if (usec <= 0) + if (IN_SET(usec, 0, USEC_INFINITY)) usec = now(CLOCK_REALTIME); le = htole64((uint64_t) usec); diff --git a/src/basic/xattr-util.h b/src/basic/xattr-util.h index 1a78027aaa..e25970ee6d 100644 --- a/src/basic/xattr-util.h +++ b/src/basic/xattr-util.h @@ -29,7 +29,13 @@ int getxattr_malloc(const char *path, const char *name, char **value, bool allow_symlink); int fgetxattr_malloc(int fd, const char *name, char **value); -ssize_t fgetxattrat_fake(int dirfd, const char *filename, const char *attribute, void *value, size_t size, int flags); +int fgetxattrat_fake( + int dirfd, + const char *filename, + const char *attribute, + void *value, size_t size, + int flags, + size_t *ret_size); int fd_setcrtime(int fd, usec_t usec); diff --git a/src/boot/bootctl.c b/src/boot/bootctl.c index 197966d7b5..fe72a7d46e 100644 --- a/src/boot/bootctl.c +++ b/src/boot/bootctl.c @@ -410,7 +410,7 @@ static int copy_file_with_version_check(const char *from, const char *to, bool f return r; if (lseek(fd_from, 0, SEEK_SET) == (off_t) -1) - return log_error_errno(errno, "Failed to seek in \%s\": %m", from); + return log_error_errno(errno, "Failed to seek in \"%s\": %m", from); fd_to = safe_close(fd_to); } @@ -434,12 +434,13 @@ static int copy_file_with_version_check(const char *from, const char *to, bool f (void) copy_times(fd_from, fd_to); - r = fsync(fd_to); - if (r < 0) { + if (fsync(fd_to) < 0) { (void) unlink_noerrno(t); return log_error_errno(errno, "Failed to copy data from \"%s\" to \"%s\": %m", from, t); } + (void) fsync_directory_of_file(fd_to); + r = renameat(AT_FDCWD, t, AT_FDCWD, to); if (r < 0) { (void) unlink_noerrno(t); diff --git a/src/cgtop/cgtop.c b/src/cgtop/cgtop.c index 1a73fb099d..4cab5a253c 100644 --- a/src/cgtop/cgtop.c +++ b/src/cgtop/cgtop.c @@ -46,6 +46,7 @@ #include "terminal-util.h" #include "unit-name.h" #include "util.h" +#include "virt.h" typedef struct Group { char *path; @@ -125,6 +126,30 @@ static const char *maybe_format_bytes(char *buf, size_t l, bool is_valid, uint64 return format_bytes(buf, l, t); } +static bool is_root_cgroup(const char *path) { + + /* Returns true if the specified path belongs to the root cgroup. The root cgroup is special on cgroupsv2 as it + * carries only very few attributes in order not to export multiple truth about system state as most + * information is available elsewhere in /proc anyway. We need to be able to deal with that, and need to get + * our data from different sources in that case. + * + * There's one extra complication in all of this, though 😣: if the path to the cgroup indicates we are in the + * root cgroup this might actually not be the case, because cgroup namespacing might be in effect + * (CLONE_NEWCGROUP). Since there's no nice way to distuingish a real cgroup root from a fake namespaced one we + * do an explicit container check here, under the assumption that CLONE_NEWCGROUP is generally used when + * container managers are used too. + * + * Note that checking for a container environment is kinda ugly, since in theory people could use cgtop from + * inside a container where cgroup namespacing is turned off to watch the host system. However, that's mostly a + * theoretic usecase, and if people actually try all they'll lose is accounting for the top-level cgroup. Which + * isn't too bad. */ + + if (detect_container() > 0) + return false; + + return isempty(path) || path_equal(path, "/"); +} + static int process( const char *controller, const char *path, @@ -172,7 +197,8 @@ static int process( } } - if (streq(controller, SYSTEMD_CGROUP_CONTROLLER) && IN_SET(arg_count, COUNT_ALL_PROCESSES, COUNT_USERSPACE_PROCESSES)) { + if (streq(controller, SYSTEMD_CGROUP_CONTROLLER) && + IN_SET(arg_count, COUNT_ALL_PROCESSES, COUNT_USERSPACE_PROCESSES)) { _cleanup_fclose_ FILE *f = NULL; pid_t pid; @@ -196,7 +222,7 @@ static int process( } else if (streq(controller, "pids") && arg_count == COUNT_PIDS) { - if (isempty(path) || path_equal(path, "/")) { + if (is_root_cgroup(path)) { r = procfs_tasks_get_current(&g->n_tasks); if (r < 0) return r; @@ -226,15 +252,18 @@ static int process( uint64_t new_usage; nsec_t timestamp; - if (all_unified) { - const char *keys[] = { "usage_usec", NULL }; + if (is_root_cgroup(path)) { + r = procfs_cpu_get_usage(&new_usage); + if (r < 0) + return r; + } else if (all_unified) { _cleanup_free_ char *val = NULL; if (!streq(controller, "cpu")) return 0; - r = cg_get_keyed_attribute("cpu", path, "cpu.stat", keys, &val); - if (r == -ENOENT) + r = cg_get_keyed_attribute("cpu", path, "cpu.stat", STRV_MAKE("usage_usec"), &val); + if (IN_SET(r, -ENOENT, -ENXIO)) return 0; if (r < 0) return r; @@ -284,24 +313,31 @@ static int process( g->cpu_iteration = iteration; } else if (streq(controller, "memory")) { - _cleanup_free_ char *p = NULL, *v = NULL; - if (all_unified) - r = cg_get_path(controller, path, "memory.current", &p); - else - r = cg_get_path(controller, path, "memory.usage_in_bytes", &p); - if (r < 0) - return r; + if (is_root_cgroup(path)) { + r = procfs_memory_get_current(&g->memory); + if (r < 0) + return r; + } else { + _cleanup_free_ char *p = NULL, *v = NULL; - r = read_one_line_file(p, &v); - if (r == -ENOENT) - return 0; - if (r < 0) - return r; + if (all_unified) + r = cg_get_path(controller, path, "memory.current", &p); + else + r = cg_get_path(controller, path, "memory.usage_in_bytes", &p); + if (r < 0) + return r; - r = safe_atou64(v, &g->memory); - if (r < 0) - return r; + r = read_one_line_file(p, &v); + if (r == -ENOENT) + return 0; + if (r < 0) + return r; + + r = safe_atou64(v, &g->memory); + if (r < 0) + return r; + } if (g->memory > 0) g->memory_valid = true; @@ -506,6 +542,10 @@ static int refresh(const char *root, Hashmap *a, Hashmap *b, unsigned iteration) return 0; } +static const char *empty_to_slash(const char *p) { + return isempty(p) ? "/" : p; +} + static int group_compare(const void*a, const void *b) { const Group *x = *(Group**)a, *y = *(Group**)b; @@ -515,9 +555,9 @@ static int group_compare(const void*a, const void *b) { * recursive summing is off, since that is actually * not accumulative for all children. */ - if (path_startswith(y->path, x->path)) + if (path_startswith(empty_to_slash(y->path), empty_to_slash(x->path))) return -1; - if (path_startswith(x->path, y->path)) + if (path_startswith(empty_to_slash(x->path), empty_to_slash(y->path))) return 1; } @@ -666,7 +706,7 @@ static void display(Hashmap *a) { g = array[j]; - path = isempty(g->path) ? "/" : g->path; + path = empty_to_slash(g->path); ellipsized = ellipsize(path, path_columns, 33); printf("%-*s", path_columns, ellipsized ?: path); @@ -709,6 +749,7 @@ static void help(void) { " --recursive=BOOL Sum up process count recursively\n" " -d --delay=DELAY Delay between updates\n" " -n --iterations=N Run for N iterations before exiting\n" + " -1 Shortcut for --iterations=1\n" " -b --batch Run in batch mode, accepting no input\n" " --depth=DEPTH Maximum traversal depth (default: %u)\n" " -M --machine= Show container\n" @@ -745,7 +786,7 @@ static int parse_argv(int argc, char *argv[]) { assert(argc >= 1); assert(argv); - while ((c = getopt_long(argc, argv, "hptcmin:brd:kPM:", options, NULL)) >= 0) + while ((c = getopt_long(argc, argv, "hptcmin:brd:kPM:1", options, NULL)) >= 0) switch (c) { @@ -773,17 +814,15 @@ static int parse_argv(int argc, char *argv[]) { case ARG_DEPTH: r = safe_atou(optarg, &arg_depth); - if (r < 0) { - log_error("Failed to parse depth parameter."); - return -EINVAL; - } + if (r < 0) + return log_error_errno(r, "Failed to parse depth parameter: %s", optarg); break; case 'd': r = parse_sec(optarg, &arg_delay); if (r < 0 || arg_delay <= 0) { - log_error("Failed to parse delay parameter."); + log_error("Failed to parse delay parameter: %s", optarg); return -EINVAL; } @@ -791,13 +830,15 @@ static int parse_argv(int argc, char *argv[]) { case 'n': r = safe_atou(optarg, &arg_iterations); - if (r < 0) { - log_error("Failed to parse iterations parameter."); - return -EINVAL; - } + if (r < 0) + return log_error_errno(r, "Failed to parse iterations parameter: %s", optarg); break; + case '1': + arg_iterations = 1; + break; + case 'b': arg_batch = true; break; @@ -853,10 +894,8 @@ static int parse_argv(int argc, char *argv[]) { case ARG_RECURSIVE: r = parse_boolean(optarg); - if (r < 0) { - log_error("Failed to parse --recursive= argument: %s", optarg); - return r; - } + if (r < 0) + return log_error_errno(r, "Failed to parse --recursive= argument: %s", optarg); arg_recursive = r; arg_recursive_unset = r == 0; @@ -928,8 +967,8 @@ int main(int argc, char *argv[]) { } else log_debug("Cgroup path: %s", root); - a = hashmap_new(&string_hash_ops); - b = hashmap_new(&string_hash_ops); + a = hashmap_new(&path_hash_ops); + b = hashmap_new(&path_hash_ops); if (!a || !b) { r = log_oom(); goto finish; diff --git a/src/core/automount.c b/src/core/automount.c index c191336c0e..01a6ff806e 100644 --- a/src/core/automount.c +++ b/src/core/automount.c @@ -965,13 +965,16 @@ static const char *automount_sub_state_to_string(Unit *u) { return automount_state_to_string(AUTOMOUNT(u)->state); } -static bool automount_check_gc(Unit *u) { +static bool automount_may_gc(Unit *u) { + Unit *t; + assert(u); - if (!UNIT_TRIGGER(u)) - return false; + t = UNIT_TRIGGER(u); + if (!t) + return true; - return UNIT_VTABLE(UNIT_TRIGGER(u))->check_gc(UNIT_TRIGGER(u)); + return UNIT_VTABLE(t)->may_gc(t); } static int automount_dispatch_io(sd_event_source *s, int fd, uint32_t events, void *userdata) { @@ -1124,7 +1127,7 @@ const UnitVTable automount_vtable = { .active_state = automount_active_state, .sub_state_to_string = automount_sub_state_to_string, - .check_gc = automount_check_gc, + .may_gc = automount_may_gc, .trigger_notify = automount_trigger_notify, diff --git a/src/core/bpf-firewall.c b/src/core/bpf-firewall.c index f3f40fb0e8..48666f64a2 100644 --- a/src/core/bpf-firewall.c +++ b/src/core/bpf-firewall.c @@ -453,9 +453,10 @@ static int bpf_firewall_prepare_access_maps( return 0; } -static int bpf_firewall_prepare_accounting_maps(bool enabled, int *fd_ingress, int *fd_egress) { +static int bpf_firewall_prepare_accounting_maps(Unit *u, bool enabled, int *fd_ingress, int *fd_egress) { int r; + assert(u); assert(fd_ingress); assert(fd_egress); @@ -476,9 +477,12 @@ static int bpf_firewall_prepare_accounting_maps(bool enabled, int *fd_ingress, i *fd_egress = r; } + } else { *fd_ingress = safe_close(*fd_ingress); *fd_egress = safe_close(*fd_egress); + + zero(u->ip_accounting_extra); } return 0; @@ -486,15 +490,28 @@ static int bpf_firewall_prepare_accounting_maps(bool enabled, int *fd_ingress, i int bpf_firewall_compile(Unit *u) { CGroupContext *cc; - int r; + int r, supported; assert(u); - r = bpf_firewall_supported(); - if (r < 0) - return r; - if (r == 0) { - log_debug("BPF firewalling not supported on this systemd, proceeding without."); + cc = unit_get_cgroup_context(u); + if (!cc) + return -EINVAL; + + supported = bpf_firewall_supported(); + if (supported < 0) + return supported; + if (supported == BPF_FIREWALL_UNSUPPORTED) { + log_debug("BPF firewalling not supported on this manager, proceeding without."); + return -EOPNOTSUPP; + } + if (supported != BPF_FIREWALL_SUPPORTED_WITH_MULTI && u->type == UNIT_SLICE) { + /* If BPF_F_ALLOW_MULTI is not supported we don't support any BPF magic on inner nodes (i.e. on slice + * units), since that would mean leaf nodes couldn't do any BPF anymore at all. Under the assumption + * that BPF is more interesting on leaf nodes we hence avoid it on inner nodes in that case. This is + * consistent with old systemd behaviour from before v238, where BPF wasn't supported in inner nodes at + * all, either. */ + log_debug("BPF_F_ALLOW_MULTI is not supported on this manager, not doing BPF firewall on slice units."); return -EOPNOTSUPP; } @@ -511,19 +528,23 @@ int bpf_firewall_compile(Unit *u) { u->ipv6_allow_map_fd = safe_close(u->ipv6_allow_map_fd); u->ipv6_deny_map_fd = safe_close(u->ipv6_deny_map_fd); - cc = unit_get_cgroup_context(u); - if (!cc) - return -EINVAL; + if (u->type != UNIT_SLICE) { + /* In inner nodes we only do accounting, we do not actually bother with access control. However, leaf + * nodes will incorporate all IP access rules set on all their parent nodes. This has the benefit that + * they can optionally cancel out system-wide rules. Since inner nodes can't contain processes this + * means that all configure IP access rules *will* take effect on processes, even though we never + * compile them for inner nodes. */ - r = bpf_firewall_prepare_access_maps(u, ACCESS_ALLOWED, &u->ipv4_allow_map_fd, &u->ipv6_allow_map_fd); - if (r < 0) - return log_error_errno(r, "Preparation of eBPF allow maps failed: %m"); + r = bpf_firewall_prepare_access_maps(u, ACCESS_ALLOWED, &u->ipv4_allow_map_fd, &u->ipv6_allow_map_fd); + if (r < 0) + return log_error_errno(r, "Preparation of eBPF allow maps failed: %m"); - r = bpf_firewall_prepare_access_maps(u, ACCESS_DENIED, &u->ipv4_deny_map_fd, &u->ipv6_deny_map_fd); - if (r < 0) - return log_error_errno(r, "Preparation of eBPF deny maps failed: %m"); + r = bpf_firewall_prepare_access_maps(u, ACCESS_DENIED, &u->ipv4_deny_map_fd, &u->ipv6_deny_map_fd); + if (r < 0) + return log_error_errno(r, "Preparation of eBPF deny maps failed: %m"); + } - r = bpf_firewall_prepare_accounting_maps(cc->ip_accounting, &u->ip_accounting_ingress_map_fd, &u->ip_accounting_egress_map_fd); + r = bpf_firewall_prepare_accounting_maps(u, cc->ip_accounting, &u->ip_accounting_ingress_map_fd, &u->ip_accounting_egress_map_fd); if (r < 0) return log_error_errno(r, "Preparation of eBPF accounting maps failed: %m"); @@ -541,22 +562,28 @@ int bpf_firewall_compile(Unit *u) { int bpf_firewall_install(Unit *u) { _cleanup_free_ char *path = NULL; CGroupContext *cc; - int r; + int r, supported; + uint32_t flags; assert(u); - if (!u->cgroup_path) - return -EINVAL; - cc = unit_get_cgroup_context(u); if (!cc) return -EINVAL; + if (!u->cgroup_path) + return -EINVAL; + if (!u->cgroup_realized) + return -EINVAL; - r = bpf_firewall_supported(); - if (r < 0) - return r; - if (r == 0) { - log_debug("BPF firewalling not supported on this systemd, proceeding without."); + supported = bpf_firewall_supported(); + if (supported < 0) + return supported; + if (supported == BPF_FIREWALL_UNSUPPORTED) { + log_debug("BPF firewalling not supported on this manager, proceeding without."); + return -EOPNOTSUPP; + } + if (supported != BPF_FIREWALL_SUPPORTED_WITH_MULTI && u->type == UNIT_SLICE) { + log_debug("BPF_F_ALLOW_MULTI is not supported on this manager, not doing BPF firewall on slice units."); return -EOPNOTSUPP; } @@ -564,34 +591,29 @@ int bpf_firewall_install(Unit *u) { if (r < 0) return log_error_errno(r, "Failed to determine cgroup path: %m"); - if (u->ip_bpf_egress) { - r = bpf_program_load_kernel(u->ip_bpf_egress, NULL, 0); - if (r < 0) - return log_error_errno(r, "Kernel upload of egress BPF program failed: %m"); + flags = (supported == BPF_FIREWALL_SUPPORTED_WITH_MULTI && + (u->type == UNIT_SLICE || unit_cgroup_delegate(u))) ? BPF_F_ALLOW_MULTI : 0; - r = bpf_program_cgroup_attach(u->ip_bpf_egress, BPF_CGROUP_INET_EGRESS, path, cc->delegate ? BPF_F_ALLOW_OVERRIDE : 0); + /* Unref the old BPF program (which will implicitly detach it) right before attaching the new program, to + * minimize the time window when we don't account for IP traffic. */ + u->ip_bpf_egress_installed = bpf_program_unref(u->ip_bpf_egress_installed); + u->ip_bpf_ingress_installed = bpf_program_unref(u->ip_bpf_ingress_installed); + + if (u->ip_bpf_egress) { + r = bpf_program_cgroup_attach(u->ip_bpf_egress, BPF_CGROUP_INET_EGRESS, path, flags); if (r < 0) return log_error_errno(r, "Attaching egress BPF program to cgroup %s failed: %m", path); - } else { - r = bpf_program_cgroup_detach(BPF_CGROUP_INET_EGRESS, path); - if (r < 0) - return log_full_errno(r == -ENOENT ? LOG_DEBUG : LOG_ERR, r, - "Detaching egress BPF program from cgroup failed: %m"); + + /* Remember that this BPF program is installed now. */ + u->ip_bpf_egress_installed = bpf_program_ref(u->ip_bpf_egress); } if (u->ip_bpf_ingress) { - r = bpf_program_load_kernel(u->ip_bpf_ingress, NULL, 0); - if (r < 0) - return log_error_errno(r, "Kernel upload of ingress BPF program failed: %m"); - - r = bpf_program_cgroup_attach(u->ip_bpf_ingress, BPF_CGROUP_INET_INGRESS, path, cc->delegate ? BPF_F_ALLOW_OVERRIDE : 0); + r = bpf_program_cgroup_attach(u->ip_bpf_ingress, BPF_CGROUP_INET_INGRESS, path, flags); if (r < 0) return log_error_errno(r, "Attaching ingress BPF program to cgroup %s failed: %m", path); - } else { - r = bpf_program_cgroup_detach(BPF_CGROUP_INET_INGRESS, path); - if (r < 0) - return log_full_errno(r == -ENOENT ? LOG_DEBUG : LOG_ERR, r, - "Detaching ingress BPF program from cgroup failed: %m"); + + u->ip_bpf_ingress_installed = bpf_program_ref(u->ip_bpf_ingress); } return 0; @@ -640,7 +662,6 @@ int bpf_firewall_reset_accounting(int map_fd) { return bpf_map_update_element(map_fd, &key, &value); } - int bpf_firewall_supported(void) { struct bpf_insn trivial[] = { BPF_MOV64_IMM(BPF_REG_0, 1), @@ -667,7 +688,7 @@ int bpf_firewall_supported(void) { if (geteuid() != 0) { log_debug("Not enough privileges, BPF firewalling is not supported."); - return supported = false; + return supported = BPF_FIREWALL_UNSUPPORTED; } r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER); @@ -675,7 +696,7 @@ int bpf_firewall_supported(void) { return log_error_errno(r, "Can't determine whether the unified hierarchy is used: %m"); if (r == 0) { log_debug("Not running with unified cgroups, BPF firewalling is not supported."); - return supported = false; + return supported = BPF_FIREWALL_UNSUPPORTED; } fd = bpf_map_new(BPF_MAP_TYPE_LPM_TRIE, @@ -685,26 +706,26 @@ int bpf_firewall_supported(void) { BPF_F_NO_PREALLOC); if (fd < 0) { log_debug_errno(r, "Can't allocate BPF LPM TRIE map, BPF firewalling is not supported: %m"); - return supported = false; + return supported = BPF_FIREWALL_UNSUPPORTED; } safe_close(fd); if (bpf_program_new(BPF_PROG_TYPE_CGROUP_SKB, &program) < 0) { log_debug_errno(r, "Can't allocate CGROUP SKB BPF program, BPF firewalling is not supported: %m"); - return supported = false; + return supported = BPF_FIREWALL_UNSUPPORTED; } r = bpf_program_add_instructions(program, trivial, ELEMENTSOF(trivial)); if (r < 0) { log_debug_errno(r, "Can't add trivial instructions to CGROUP SKB BPF program, BPF firewalling is not supported: %m"); - return supported = false; + return supported = BPF_FIREWALL_UNSUPPORTED; } r = bpf_program_load_kernel(program, NULL, 0); if (r < 0) { log_debug_errno(r, "Can't load kernel CGROUP SKB BPF program, BPF firewalling is not supported: %m"); - return supported = false; + return supported = BPF_FIREWALL_UNSUPPORTED; } /* Unfortunately the kernel allows us to create BPF_PROG_TYPE_CGROUP_SKB programs even when CONFIG_CGROUP_BPF @@ -723,12 +744,44 @@ int bpf_firewall_supported(void) { r = bpf(BPF_PROG_ATTACH, &attr, sizeof(attr)); if (r < 0) { - if (errno == EBADF) /* YAY! */ - return supported = true; + if (errno != EBADF) { + log_debug_errno(errno, "Didn't get EBADF from BPF_PROG_ATTACH, BPF firewalling is not supported: %m"); + return supported = BPF_FIREWALL_UNSUPPORTED; + } + + /* YAY! */ + } else { + log_debug("Wut? Kernel accepted our invalid BPF_PROG_ATTACH call? Something is weird, assuming BPF firewalling is broken and hence not supported."); + return supported = BPF_FIREWALL_UNSUPPORTED; + } + + /* So now we know that the BPF program is generally available, let's see if BPF_F_ALLOW_MULTI is also supported + * (which was added in kernel 4.15). We use a similar logic as before, but this time we use + * BPF_F_ALLOW_MULTI. Since the flags are checked early in the system call we'll get EINVAL if it's not + * supported, and EBADF as before if it is available. */ + + attr = (union bpf_attr) { + .attach_type = BPF_CGROUP_INET_EGRESS, + .target_fd = -1, + .attach_bpf_fd = -1, + .attach_flags = BPF_F_ALLOW_MULTI, + }; + + r = bpf(BPF_PROG_ATTACH, &attr, sizeof(attr)); + if (r < 0) { + if (errno == EBADF) { + log_debug_errno(errno, "Got EBADF when using BPF_F_ALLOW_MULTI, which indicates it is supported. Yay!"); + return supported = BPF_FIREWALL_SUPPORTED_WITH_MULTI; + } - log_debug_errno(errno, "Didn't get EBADF from BPF_PROG_ATTACH, BPF firewalling is not supported: %m"); - } else - log_debug("Wut? kernel accepted our invalid BPF_PROG_ATTACH call? Something is weird, assuming BPF firewalling is broken and hence not supported."); + if (errno == EINVAL) + log_debug_errno(errno, "Got EINVAL error when using BPF_F_ALLOW_MULTI, which indicates it's not supported."); + else + log_debug_errno(errno, "Got unexpected error when using BPF_F_ALLOW_MULTI, assuming it's not supported: %m"); - return supported = false; + return supported = BPF_FIREWALL_SUPPORTED; + } else { + log_debug("Wut? Kernel accepted our invalid BPF_PROG_ATTACH+BPF_F_ALLOW_MULTI call? Something is weird, assuming BPF firewalling is broken and hence not supported."); + return supported = BPF_FIREWALL_UNSUPPORTED; + } } diff --git a/src/core/bpf-firewall.h b/src/core/bpf-firewall.h index 37a1f2e003..a0658e3b86 100644 --- a/src/core/bpf-firewall.h +++ b/src/core/bpf-firewall.h @@ -24,6 +24,12 @@ #include "unit.h" +enum { + BPF_FIREWALL_UNSUPPORTED = 0, + BPF_FIREWALL_SUPPORTED = 1, + BPF_FIREWALL_SUPPORTED_WITH_MULTI = 2, +}; + int bpf_firewall_supported(void); int bpf_firewall_compile(Unit *u); diff --git a/src/core/cgroup.c b/src/core/cgroup.c index 97b3756567..3c0ff09639 100644 --- a/src/core/cgroup.c +++ b/src/core/cgroup.c @@ -24,6 +24,7 @@ #include "alloc-util.h" #include "blockdev-util.h" #include "bpf-firewall.h" +#include "bus-error.h" #include "cgroup-util.h" #include "cgroup.h" #include "fd-util.h" @@ -37,19 +38,34 @@ #include "stdio-util.h" #include "string-table.h" #include "string-util.h" +#include "virt.h" #define CGROUP_CPU_QUOTA_PERIOD_USEC ((usec_t) 100 * USEC_PER_MSEC) +bool manager_owns_root_cgroup(Manager *m) { + assert(m); + + /* Returns true if we are managing the root cgroup. Note that it isn't sufficient to just check whether the + * group root path equals "/" since that will also be the case if CLONE_NEWCGROUP is in the mix. Since there's + * appears to be no nice way to detect whether we are in a CLONE_NEWCGROUP namespace we instead just check if + * we run in any kind of container virtualization. */ + + if (detect_container() > 0) + return false; + + return isempty(m->cgroup_root) || path_equal(m->cgroup_root, "/"); +} + bool unit_has_root_cgroup(Unit *u) { assert(u); - /* Returns whether this unit manages the root cgroup. Note that this is different from being named "-.slice", - * as inside of containers the root slice won't be identical to the root cgroup. */ + /* Returns whether this unit manages the root cgroup. This will return true if this unit is the root slice and + * the manager manages the root cgroup. */ - if (!u->cgroup_path) + if (!manager_owns_root_cgroup(u->manager)) return false; - return isempty(u->cgroup_path) || path_equal(u->cgroup_path, "/"); + return unit_has_name(u, SPECIAL_ROOT_SLICE); } static void cgroup_compat_warn(void) { @@ -58,7 +74,9 @@ static void cgroup_compat_warn(void) { if (cgroup_compat_warned) return; - log_warning("cgroup compatibility translation between legacy and unified hierarchy settings activated. See cgroup-compat debug messages for details."); + log_warning("cgroup compatibility translation between legacy and unified hierarchy settings activated. " + "See cgroup-compat debug messages for details."); + cgroup_compat_warned = true; } @@ -692,20 +710,14 @@ static void cgroup_apply_unified_memory_limit(Unit *u, const char *file, uint64_ } static void cgroup_apply_firewall(Unit *u) { - int r; - assert(u); - if (u->type == UNIT_SLICE) /* Skip this for slice units, they are inner cgroup nodes, and since bpf/cgroup is - * not recursive we don't ever touch the bpf on them */ - return; + /* Best-effort: let's apply IP firewalling and/or accounting if that's enabled */ - r = bpf_firewall_compile(u); - if (r < 0) + if (bpf_firewall_compile(u) < 0) return; (void) bpf_firewall_install(u); - return; } static void cgroup_context_apply( @@ -1124,14 +1136,7 @@ CGroupMask unit_get_delegate_mask(Unit *u) { * * Note that on the unified hierarchy it is safe to delegate controllers to unprivileged services. */ - if (u->type == UNIT_SLICE) - return 0; - - c = unit_get_cgroup_context(u); - if (!c) - return 0; - - if (!c->delegate) + if (!unit_cgroup_delegate(u)) return 0; if (cg_all_unified() <= 0) { @@ -1142,6 +1147,7 @@ CGroupMask unit_get_delegate_mask(Unit *u) { return 0; } + assert_se(c = unit_get_cgroup_context(u)); return c->delegate_controllers; } @@ -1232,11 +1238,6 @@ bool unit_get_needs_bpf(Unit *u) { Unit *p; assert(u); - /* We never attach BPF to slice units, as they are inner cgroup nodes and cgroup/BPF is not recursive at the - * moment. */ - if (u->type == UNIT_SLICE) - return false; - c = unit_get_cgroup_context(u); if (!c) return false; @@ -1309,13 +1310,12 @@ void unit_update_cgroup_members_masks(Unit *u) { } } -static const char *migrate_callback(CGroupMask mask, void *userdata) { - Unit *u = userdata; +const char *unit_get_realized_cgroup_path(Unit *u, CGroupMask mask) { - assert(mask != 0); - assert(u); + /* Returns the realized cgroup path of the specified unit where all specified controllers are available. */ while (u) { + if (u->cgroup_path && u->cgroup_realized && (u->cgroup_realized_mask & mask) == mask) @@ -1327,6 +1327,10 @@ static const char *migrate_callback(CGroupMask mask, void *userdata) { return NULL; } +static const char *migrate_callback(CGroupMask mask, void *userdata) { + return unit_get_realized_cgroup_path(userdata, mask); +} + char *unit_default_cgroup_path(Unit *u) { _cleanup_free_ char *escaped = NULL, *slice = NULL; int r; @@ -1496,7 +1500,7 @@ static int unit_create_cgroup( u->cgroup_enabled_mask = enable_mask; u->cgroup_bpf_state = needs_bpf ? UNIT_CGROUP_BPF_ON : UNIT_CGROUP_BPF_OFF; - if (u->type != UNIT_SLICE && !c->delegate) { + if (u->type != UNIT_SLICE && !unit_cgroup_delegate(u)) { /* Then, possibly move things over, but not if * subgroups may contain processes, which is the case @@ -1509,19 +1513,142 @@ static int unit_create_cgroup( return 0; } -int unit_attach_pids_to_cgroup(Unit *u) { +static int unit_attach_pid_to_cgroup_via_bus(Unit *u, pid_t pid, const char *suffix_path) { + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; + char *pp; int r; + assert(u); - r = unit_realize_cgroup(u); + if (MANAGER_IS_SYSTEM(u->manager)) + return -EINVAL; + + if (!u->manager->system_bus) + return -EIO; + + if (!u->cgroup_path) + return -EINVAL; + + /* Determine this unit's cgroup path relative to our cgroup root */ + pp = path_startswith(u->cgroup_path, u->manager->cgroup_root); + if (!pp) + return -EINVAL; + + pp = strjoina("/", pp, suffix_path); + path_kill_slashes(pp); + + r = sd_bus_call_method(u->manager->system_bus, + "org.freedesktop.systemd1", + "/org/freedesktop/systemd1", + "org.freedesktop.systemd1.Manager", + "AttachProcessesToUnit", + &error, NULL, + "ssau", + NULL /* empty unit name means client's unit, i.e. us */, pp, 1, (uint32_t) pid); if (r < 0) - return r; + return log_unit_debug_errno(u, r, "Failed to attach unit process " PID_FMT " via the bus: %s", pid, bus_error_message(&error, r)); + + return 0; +} + +int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) { + CGroupMask delegated_mask; + const char *p; + Iterator i; + void *pidp; + int r, q; - r = cg_attach_many_everywhere(u->manager->cgroup_supported, u->cgroup_path, u->pids, migrate_callback, u); + assert(u); + + if (!UNIT_HAS_CGROUP_CONTEXT(u)) + return -EINVAL; + + if (set_isempty(pids)) + return 0; + + r = unit_realize_cgroup(u); if (r < 0) return r; - return 0; + if (isempty(suffix_path)) + p = u->cgroup_path; + else + p = strjoina(u->cgroup_path, "/", suffix_path); + + delegated_mask = unit_get_delegate_mask(u); + + r = 0; + SET_FOREACH(pidp, pids, i) { + pid_t pid = PTR_TO_PID(pidp); + CGroupController c; + + /* First, attach the PID to the main cgroup hierarchy */ + q = cg_attach(SYSTEMD_CGROUP_CONTROLLER, p, pid); + if (q < 0) { + log_unit_debug_errno(u, q, "Couldn't move process " PID_FMT " to requested cgroup '%s': %m", pid, p); + + if (MANAGER_IS_USER(u->manager) && IN_SET(q, -EPERM, -EACCES)) { + int z; + + /* If we are in a user instance, and we can't move the process ourselves due to + * permission problems, let's ask the system instance about it instead. Since it's more + * privileged it might be able to move the process across the leaves of a subtree who's + * top node is not owned by us. */ + + z = unit_attach_pid_to_cgroup_via_bus(u, pid, suffix_path); + if (z < 0) + log_unit_debug_errno(u, z, "Couldn't move process " PID_FMT " to requested cgroup '%s' via the system bus either: %m", pid, p); + else + continue; /* When the bus thing worked via the bus we are fully done for this PID. */ + } + + if (r >= 0) + r = q; /* Remember first error */ + + continue; + } + + q = cg_all_unified(); + if (q < 0) + return q; + if (q > 0) + continue; + + /* In the legacy hierarchy, attach the process to the request cgroup if possible, and if not to the + * innermost realized one */ + + for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++) { + CGroupMask bit = CGROUP_CONTROLLER_TO_MASK(c); + const char *realized; + + if (!(u->manager->cgroup_supported & bit)) + continue; + + /* If this controller is delegated and realized, honour the caller's request for the cgroup suffix. */ + if (delegated_mask & u->cgroup_realized_mask & bit) { + q = cg_attach(cgroup_controller_to_string(c), p, pid); + if (q >= 0) + continue; /* Success! */ + + log_unit_debug_errno(u, q, "Failed to attach PID " PID_FMT " to requested cgroup %s in controller %s, falling back to unit's cgroup: %m", + pid, p, cgroup_controller_to_string(c)); + } + + /* So this controller is either not delegate or realized, or something else weird happened. In + * that case let's attach the PID at least to the closest cgroup up the tree that is + * realized. */ + realized = unit_get_realized_cgroup_path(u, bit); + if (!realized) + continue; /* Not even realized in the root slice? Then let's not bother */ + + q = cg_attach(cgroup_controller_to_string(c), realized, pid); + if (q < 0) + log_unit_debug_errno(u, q, "Failed to attach PID " PID_FMT " to realized cgroup %s in controller %s, ignoring: %m", + pid, realized, cgroup_controller_to_string(c)); + } + } + + return r; } static void cgroup_xattr_apply(Unit *u) { @@ -2296,6 +2423,10 @@ int unit_get_memory_current(Unit *u, uint64_t *ret) { if (!u->cgroup_path) return -ENODATA; + /* The root cgroup doesn't expose this information, let's get it from /proc instead */ + if (unit_has_root_cgroup(u)) + return procfs_memory_get_current(ret); + if ((u->cgroup_realized_mask & CGROUP_MASK_MEMORY) == 0) return -ENODATA; @@ -2327,13 +2458,13 @@ int unit_get_tasks_current(Unit *u, uint64_t *ret) { if (!u->cgroup_path) return -ENODATA; - if ((u->cgroup_realized_mask & CGROUP_MASK_PIDS) == 0) - return -ENODATA; - /* The root cgroup doesn't expose this information, let's get it from /proc instead */ if (unit_has_root_cgroup(u)) return procfs_tasks_get_current(ret); + if ((u->cgroup_realized_mask & CGROUP_MASK_PIDS) == 0) + return -ENODATA; + r = cg_get_attribute("pids", u->cgroup_path, "pids.current", &v); if (r == -ENOENT) return -ENODATA; @@ -2354,20 +2485,25 @@ static int unit_get_cpu_usage_raw(Unit *u, nsec_t *ret) { if (!u->cgroup_path) return -ENODATA; + /* The root cgroup doesn't expose this information, let's get it from /proc instead */ + if (unit_has_root_cgroup(u)) + return procfs_cpu_get_usage(ret); + r = cg_all_unified(); if (r < 0) return r; if (r > 0) { - const char *keys[] = { "usage_usec", NULL }; _cleanup_free_ char *val = NULL; uint64_t us; if ((u->cgroup_realized_mask & CGROUP_MASK_CPU) == 0) return -ENODATA; - r = cg_get_keyed_attribute("cpu", u->cgroup_path, "cpu.stat", keys, &val); + r = cg_get_keyed_attribute("cpu", u->cgroup_path, "cpu.stat", STRV_MAKE("usage_usec"), &val); if (r < 0) return r; + if (IN_SET(r, -ENOENT, -ENXIO)) + return -ENODATA; r = safe_atou64(val, &us); if (r < 0) @@ -2443,13 +2579,6 @@ int unit_get_ip_accounting( assert(metric < _CGROUP_IP_ACCOUNTING_METRIC_MAX); assert(ret); - /* IP accounting is currently not recursive, and hence we refuse to return any data for slice nodes. Slices are - * inner cgroup nodes and hence have no processes directly attached, hence their counters would be zero - * anyway. And if we block this now we can later open this up, if the kernel learns recursive BPF cgroup - * filters. */ - if (u->type == UNIT_SLICE) - return -ENODATA; - if (!UNIT_CGROUP_BOOL(u, ip_accounting)) return -ENODATA; @@ -2563,6 +2692,21 @@ void unit_invalidate_cgroup_bpf(Unit *u) { } } +bool unit_cgroup_delegate(Unit *u) { + CGroupContext *c; + + assert(u); + + if (!UNIT_VTABLE(u)->can_delegate) + return false; + + c = unit_get_cgroup_context(u); + if (!c) + return false; + + return c->delegate; +} + void manager_invalidate_startup_units(Manager *m) { Iterator i; Unit *u; diff --git a/src/core/cgroup.h b/src/core/cgroup.h index 1f50441412..ae5f1c7647 100644 --- a/src/core/cgroup.h +++ b/src/core/cgroup.h @@ -167,6 +167,7 @@ bool unit_get_needs_bpf(Unit *u); void unit_update_cgroup_members_masks(Unit *u); +const char *unit_get_realized_cgroup_path(Unit *u, CGroupMask mask); char *unit_default_cgroup_path(Unit *u); int unit_set_cgroup_path(Unit *u, const char *path); int unit_pick_cgroup_path(Unit *u); @@ -178,7 +179,7 @@ int unit_watch_cgroup(Unit *u); void unit_add_to_cgroup_empty_queue(Unit *u); -int unit_attach_pids_to_cgroup(Unit *u); +int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path); int manager_setup_cgroup(Manager *m); void manager_shutdown_cgroup(Manager *m, bool delete); @@ -208,6 +209,7 @@ int unit_reset_ip_accounting(Unit *u); cc ? cc->name : false; \ }) +bool manager_owns_root_cgroup(Manager *m); bool unit_has_root_cgroup(Unit *u); int manager_notify_cgroup_empty(Manager *m, const char *group); @@ -219,3 +221,5 @@ void manager_invalidate_startup_units(Manager *m); const char* cgroup_device_policy_to_string(CGroupDevicePolicy i) _const_; CGroupDevicePolicy cgroup_device_policy_from_string(const char *s) _pure_; + +bool unit_cgroup_delegate(Unit *u); diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c index f8d90d4b3a..f480664613 100644 --- a/src/core/dbus-cgroup.c +++ b/src/core/dbus-cgroup.c @@ -351,6 +351,9 @@ static int bus_cgroup_set_transient_property( if (streq(name, "Delegate")) { int b; + if (!UNIT_VTABLE(u)->can_delegate) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Delegation not available for unit type"); + r = sd_bus_message_read(message, "b", &b); if (r < 0) return r; @@ -367,6 +370,9 @@ static int bus_cgroup_set_transient_property( } else if (streq(name, "DelegateControllers")) { CGroupMask mask = 0; + if (!UNIT_VTABLE(u)->can_delegate) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Delegation not available for unit type"); + r = sd_bus_message_enter_container(message, 'a', "s"); if (r < 0) return r; @@ -1161,7 +1167,7 @@ int bus_cgroup_set_property( r = bpf_firewall_supported(); if (r < 0) return r; - if (r == 0) { + if (r == BPF_FIREWALL_UNSUPPORTED) { static bool warned = false; log_full(warned ? LOG_DEBUG : LOG_WARNING, diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index 628fdcd1e5..635213a866 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -781,6 +781,42 @@ static int property_get_bind_paths( return sd_bus_message_close_container(reply); } +static int property_get_temporary_filesystems( + sd_bus *bus, + const char *path, + const char *interface, + const char *property, + sd_bus_message *reply, + void *userdata, + sd_bus_error *error) { + + ExecContext *c = userdata; + unsigned i; + int r; + + assert(bus); + assert(c); + assert(property); + assert(reply); + + r = sd_bus_message_open_container(reply, 'a', "(ss)"); + if (r < 0) + return r; + + for (i = 0; i < c->n_temporary_filesystems; i++) { + TemporaryFileSystem *t = c->temporary_filesystems + i; + + r = sd_bus_message_append( + reply, "(ss)", + t->path, + t->options); + if (r < 0) + return r; + } + + return sd_bus_message_close_container(reply); +} + static int property_get_log_extra_fields( sd_bus *bus, const char *path, @@ -934,6 +970,7 @@ const sd_bus_vtable bus_exec_vtable[] = { SD_BUS_PROPERTY("RestrictNamespaces", "t", bus_property_get_ulong, offsetof(ExecContext, restrict_namespaces), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("BindPaths", "a(ssbt)", property_get_bind_paths, 0, SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("BindReadOnlyPaths", "a(ssbt)", property_get_bind_paths, 0, SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("TemporaryFileSystem", "a(ss)", property_get_temporary_filesystems, 0, SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("MountAPIVFS", "b", bus_property_get_bool, offsetof(ExecContext, mount_apivfs), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("KeyringMode", "s", property_get_exec_keyring_mode, offsetof(ExecContext, keyring_mode), SD_BUS_VTABLE_PROPERTY_CONST), @@ -1481,7 +1518,7 @@ int bus_exec_context_set_transient_property( return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Journal field invalid"); if (!UNIT_WRITE_FLAGS_NOOP(flags)) { - t = realloc_multiply(c->log_extra_fields, sizeof(struct iovec), c->n_log_extra_fields+1); + t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec)); if (!t) return -ENOMEM; c->log_extra_fields = t; @@ -1565,7 +1602,7 @@ int bus_exec_context_set_transient_property( c->syscall_whitelist = whitelist; if (c->syscall_whitelist) { - r = seccomp_parse_syscall_filter(invert, "@default", -1, c->syscall_filter, true); + r = seccomp_parse_syscall_filter("@default", -1, c->syscall_filter, SECCOMP_PARSE_WHITELIST | (invert ? SECCOMP_PARSE_INVERT : 0)); if (r < 0) return r; } @@ -1579,7 +1616,7 @@ int bus_exec_context_set_transient_property( if (r < 0) return r; - r = seccomp_parse_syscall_filter(invert, n, e, c->syscall_filter, c->syscall_whitelist); + r = seccomp_parse_syscall_filter(n, e, c->syscall_filter, (invert ? SECCOMP_PARSE_INVERT : 0) | (c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0)); if (r < 0) return r; } @@ -2293,11 +2330,7 @@ int bus_exec_context_set_transient_property( int ignore; const char *s; - r = sd_bus_message_enter_container(message, 'r', "bs"); - if (r < 0) - return r; - - r = sd_bus_message_read(message, "bs", &ignore, &s); + r = sd_bus_message_read(message, "(bs)", &ignore, &s); if (r < 0) return r; @@ -2328,24 +2361,16 @@ int bus_exec_context_set_transient_property( return 1; } else if (STR_IN_SET(name, "BindPaths", "BindReadOnlyPaths")) { - unsigned empty = true; + const char *source, *destination; + int ignore_enoent; + uint64_t mount_flags; + bool empty = true; r = sd_bus_message_enter_container(message, 'a', "(ssbt)"); if (r < 0) return r; - while ((r = sd_bus_message_enter_container(message, 'r', "ssbt")) > 0) { - const char *source, *destination; - int ignore_enoent; - uint64_t mount_flags; - - r = sd_bus_message_read(message, "ssbt", &source, &destination, &ignore_enoent, &mount_flags); - if (r < 0) - return r; - - r = sd_bus_message_exit_container(message); - if (r < 0) - return r; + while ((r = sd_bus_message_read(message, "(ssbt)", &source, &destination, &ignore_enoent, &mount_flags)) > 0) { if (!path_is_absolute(source)) return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Source path %s is not absolute.", source); @@ -2394,6 +2419,51 @@ int bus_exec_context_set_transient_property( } return 1; + + } else if (streq(name, "TemporaryFileSystem")) { + const char *path, *options; + bool empty = true; + + r = sd_bus_message_enter_container(message, 'a', "(ss)"); + if (r < 0) + return r; + + while ((r = sd_bus_message_read(message, "(ss)", &path, &options)) > 0) { + + if (!path_is_absolute(path)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Mount point %s is not absolute.", path); + + if (!UNIT_WRITE_FLAGS_NOOP(flags)) { + r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, path, options); + if (r < 0) + return r; + + unit_write_settingf( + u, flags|UNIT_ESCAPE_SPECIFIERS, name, + "%s=%s:%s", + name, + path, + options); + } + + empty = false; + } + if (r < 0) + return r; + + r = sd_bus_message_exit_container(message); + if (r < 0) + return r; + + if (empty) { + temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems); + c->temporary_filesystems = NULL; + c->n_temporary_filesystems = 0; + + unit_write_settingf(u, flags, name, "%s=", name); + } + + return 1; } ri = rlimit_from_string(name); diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c index 4fe374867c..889779d548 100644 --- a/src/core/dbus-manager.c +++ b/src/core/dbus-manager.c @@ -372,21 +372,16 @@ static int property_get_timer_slack_nsec( return sd_bus_message_append(reply, "t", (uint64_t) prctl(PR_GET_TIMERSLACK)); } -static int method_get_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) { - _cleanup_free_ char *path = NULL; - Manager *m = userdata; - const char *name; +static int bus_get_unit_by_name(Manager *m, sd_bus_message *message, const char *name, Unit **ret_unit, sd_bus_error *error) { Unit *u; int r; - assert(message); assert(m); + assert(message); + assert(ret_unit); - /* Anyone can call this method */ - - r = sd_bus_message_read(message, "s", &name); - if (r < 0) - return r; + /* More or less a wrapper around manager_get_unit() that generates nice errors and has one trick up its sleeve: + * if the name is specified empty we use the client's unit. */ if (isempty(name)) { _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL; @@ -409,6 +404,43 @@ static int method_get_unit(sd_bus_message *message, void *userdata, sd_bus_error return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", name); } + *ret_unit = u; + return 0; +} + +static int bus_load_unit_by_name(Manager *m, sd_bus_message *message, const char *name, Unit **ret_unit, sd_bus_error *error) { + assert(m); + assert(message); + assert(ret_unit); + + /* Pretty much the same as bus_get_unit_by_name(), but we also load the unit if necessary. */ + + if (isempty(name)) + return bus_get_unit_by_name(m, message, name, ret_unit, error); + + return manager_load_unit(m, name, NULL, error, ret_unit); +} + +static int method_get_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) { + _cleanup_free_ char *path = NULL; + Manager *m = userdata; + const char *name; + Unit *u; + int r; + + assert(message); + assert(m); + + /* Anyone can call this method */ + + r = sd_bus_message_read(message, "s", &name); + if (r < 0) + return r; + + r = bus_get_unit_by_name(m, message, name, &u, error); + if (r < 0) + return r; + r = mac_selinux_unit_access_check(u, message, "status", error); if (r < 0) return r; @@ -541,26 +573,9 @@ static int method_load_unit(sd_bus_message *message, void *userdata, sd_bus_erro if (r < 0) return r; - if (isempty(name)) { - _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL; - pid_t pid; - - r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds); - if (r < 0) - return r; - - r = sd_bus_creds_get_pid(creds, &pid); - if (r < 0) - return r; - - u = manager_get_unit_by_pid(m, pid); - if (!u) - return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Client not member of any unit."); - } else { - r = manager_load_unit(m, name, NULL, error, &u); - if (r < 0) - return r; - } + r = bus_load_unit_by_name(m, message, name, &u, error); + if (r < 0) + return r; r = mac_selinux_unit_access_check(u, message, "status", error); if (r < 0) @@ -633,8 +648,10 @@ static int method_start_unit_replace(sd_bus_message *message, void *userdata, sd if (r < 0) return r; - u = manager_get_unit(m, old_name); - if (!u || !u->job || u->job->type != JOB_START) + r = bus_get_unit_by_name(m, message, old_name, &u, error); + if (r < 0) + return r; + if (!u->job || u->job->type != JOB_START) return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_JOB, "No job queued for unit %s", old_name); return method_start_unit_generic(message, m, JOB_START, false, error); @@ -653,9 +670,9 @@ static int method_kill_unit(sd_bus_message *message, void *userdata, sd_bus_erro if (r < 0) return r; - u = manager_get_unit(m, name); - if (!u) - return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name); + r = bus_get_unit_by_name(m, message, name, &u, error); + if (r < 0) + return r; return bus_unit_method_kill(message, u, error); } @@ -673,9 +690,9 @@ static int method_reset_failed_unit(sd_bus_message *message, void *userdata, sd_ if (r < 0) return r; - u = manager_get_unit(m, name); - if (!u) - return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name); + r = bus_get_unit_by_name(m, message, name, &u, error); + if (r < 0) + return r; return bus_unit_method_reset_failed(message, u, error); } @@ -693,7 +710,7 @@ static int method_set_unit_properties(sd_bus_message *message, void *userdata, s if (r < 0) return r; - r = manager_load_unit(m, name, NULL, error, &u); + r = bus_load_unit_by_name(m, message, name, &u, error); if (r < 0) return r; @@ -717,7 +734,7 @@ static int method_ref_unit(sd_bus_message *message, void *userdata, sd_bus_error if (r < 0) return r; - r = manager_load_unit(m, name, NULL, error, &u); + r = bus_load_unit_by_name(m, message, name, &u, error); if (r < 0) return r; @@ -741,7 +758,7 @@ static int method_unref_unit(sd_bus_message *message, void *userdata, sd_bus_err if (r < 0) return r; - r = manager_load_unit(m, name, NULL, error, &u); + r = bus_load_unit_by_name(m, message, name, &u, error); if (r < 0) return r; @@ -810,7 +827,7 @@ static int method_list_units_by_names(sd_bus_message *message, void *userdata, s if (!unit_name_is_valid(*unit, UNIT_NAME_ANY)) continue; - r = manager_load_unit(m, *unit, NULL, error, &u); + r = bus_load_unit_by_name(m, message, *unit, &u, error); if (r < 0) return r; @@ -839,13 +856,33 @@ static int method_get_unit_processes(sd_bus_message *message, void *userdata, sd if (r < 0) return r; - u = manager_get_unit(m, name); - if (!u) - return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", name); + r = bus_get_unit_by_name(m, message, name, &u, error); + if (r < 0) + return r; return bus_unit_method_get_processes(message, u, error); } +static int method_attach_processes_to_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) { + Manager *m = userdata; + const char *name; + Unit *u; + int r; + + assert(message); + assert(m); + + r = sd_bus_message_read(message, "s", &name); + if (r < 0) + return r; + + r = bus_get_unit_by_name(m, message, name, &u, error); + if (r < 0) + return r; + + return bus_unit_method_attach_processes(message, u, error); +} + static int transient_unit_from_message( Manager *m, sd_bus_message *message, @@ -2487,6 +2524,7 @@ const sd_bus_vtable bus_manager_vtable[] = { SD_BUS_METHOD("UnrefUnit", "s", NULL, method_unref_unit, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("StartTransientUnit", "ssa(sv)a(sa(sv))", "o", method_start_transient_unit, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("GetUnitProcesses", "s", "a(sus)", method_get_unit_processes, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("AttachProcessesToUnit", "ssau", NULL, method_attach_processes_to_unit, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("GetJob", "u", "o", method_get_job, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("GetJobAfter", "u", "a(usssoo)", method_get_job_waiting, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("GetJobBefore", "u", "a(usssoo)", method_get_job_waiting, SD_BUS_VTABLE_UNPRIVILEGED), diff --git a/src/core/dbus-scope.c b/src/core/dbus-scope.c index a0c4a65b33..4d9ced81de 100644 --- a/src/core/dbus-scope.c +++ b/src/core/dbus-scope.c @@ -89,17 +89,39 @@ static int bus_scope_set_transient_property( return bus_set_transient_usec(UNIT(s), name, &s->timeout_stop_usec, message, flags, error); if (streq(name, "PIDs")) { + _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL; unsigned n = 0; - uint32_t pid; r = sd_bus_message_enter_container(message, 'a', "u"); if (r < 0) return r; - while ((r = sd_bus_message_read(message, "u", &pid)) > 0) { + for (;;) { + uint32_t upid; + pid_t pid; - if (pid <= 1) - return -EINVAL; + r = sd_bus_message_read(message, "u", &upid); + if (r < 0) + return r; + if (r == 0) + break; + + if (upid == 0) { + if (!creds) { + r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds); + if (r < 0) + return r; + } + + r = sd_bus_creds_get_pid(creds, &pid); + if (r < 0) + return r; + } else + pid = (uid_t) upid; + + r = unit_pid_attachable(UNIT(s), pid, error); + if (r < 0) + return r; if (!UNIT_WRITE_FLAGS_NOOP(flags)) { r = unit_watch_pid(UNIT(s), pid); @@ -109,8 +131,6 @@ static int bus_scope_set_transient_property( n++; } - if (r < 0) - return r; r = sd_bus_message_exit_container(message); if (r < 0) diff --git a/src/core/dbus-unit.c b/src/core/dbus-unit.c index 7085eee930..50a5ab9819 100644 --- a/src/core/dbus-unit.c +++ b/src/core/dbus-unit.c @@ -1127,6 +1127,118 @@ static int property_get_ip_counter( return sd_bus_message_append(reply, "t", value); } +int bus_unit_method_attach_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) { + + _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL; + _cleanup_(set_freep) Set *pids = NULL; + Unit *u = userdata; + const char *path; + int r; + + assert(message); + + /* This migrates the processes with the specified PIDs into the cgroup of this unit, optionally below a + * specified cgroup path. Obviously this only works for units that actually maintain a cgroup + * representation. If a process is already in the cgroup no operation is executed – in this case the specified + * subcgroup path has no effect! */ + + r = mac_selinux_unit_access_check(u, message, "start", error); + if (r < 0) + return r; + + r = sd_bus_message_read(message, "s", &path); + if (r < 0) + return r; + + path = empty_to_null(path); + if (path) { + if (!path_is_absolute(path)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not absolute: %s", path); + + if (!path_is_normalized(path)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Control group path is not normalized: %s", path); + } + + if (!unit_cgroup_delegate(u)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process migration not available on non-delegated units."); + + if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u))) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unit is not active, refusing."); + + r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID|SD_BUS_CREDS_PID, &creds); + if (r < 0) + return r; + + r = sd_bus_message_enter_container(message, 'a', "u"); + if (r < 0) + return r; + for (;;) { + uid_t process_uid, sender_uid; + uint32_t upid; + pid_t pid; + + r = sd_bus_message_read(message, "u", &upid); + if (r < 0) + return r; + if (r == 0) + break; + + if (upid == 0) { + r = sd_bus_creds_get_pid(creds, &pid); + if (r < 0) + return r; + } else + pid = (uid_t) upid; + + /* Filter out duplicates */ + if (set_contains(pids, PID_TO_PTR(pid))) + continue; + + /* Check if this process is suitable for attaching to this unit */ + r = unit_pid_attachable(u, pid, error); + if (r < 0) + return r; + + /* Let's query the sender's UID, so that we can make our security decisions */ + r = sd_bus_creds_get_euid(creds, &sender_uid); + if (r < 0) + return r; + + /* Let's validate security: if the sender is root, then all is OK. If the sender is is any other unit, + * then the process' UID and the target unit's UID have to match the sender's UID */ + if (sender_uid != 0 && sender_uid != getuid()) { + r = get_process_uid(pid, &process_uid); + if (r < 0) + return sd_bus_error_set_errnof(error, r, "Failed to retrieve process UID: %m"); + + if (process_uid != sender_uid) + return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by client's UID. Refusing.", pid); + if (process_uid != u->ref_uid) + return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Process " PID_FMT " not owned by target unit's UID. Refusing.", pid); + } + + if (!pids) { + pids = set_new(NULL); + if (!pids) + return -ENOMEM; + } + + r = set_put(pids, PID_TO_PTR(pid)); + if (r < 0) + return r; + } + + r = sd_bus_message_exit_container(message); + if (r < 0) + return r; + + r = unit_attach_pids_to_cgroup(u, pids, path); + if (r < 0) + return sd_bus_error_set_errnof(error, r, "Failed to attach processes to control group: %m"); + + return sd_bus_reply_method_return(message, NULL); +} + const sd_bus_vtable bus_unit_cgroup_vtable[] = { SD_BUS_VTABLE_START(0), SD_BUS_PROPERTY("Slice", "s", property_get_slice, 0, 0), @@ -1139,6 +1251,7 @@ const sd_bus_vtable bus_unit_cgroup_vtable[] = { SD_BUS_PROPERTY("IPEgressBytes", "t", property_get_ip_counter, 0, 0), SD_BUS_PROPERTY("IPEgressPackets", "t", property_get_ip_counter, 0, 0), SD_BUS_METHOD("GetProcesses", NULL, "a(sus)", bus_unit_method_get_processes, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("AttachProcesses", "sau", NULL, bus_unit_method_attach_processes, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_VTABLE_END }; diff --git a/src/core/dbus-unit.h b/src/core/dbus-unit.h index d7066eefc8..bb4e43f5ca 100644 --- a/src/core/dbus-unit.h +++ b/src/core/dbus-unit.h @@ -37,6 +37,7 @@ int bus_unit_method_reset_failed(sd_bus_message *message, void *userdata, sd_bus int bus_unit_set_properties(Unit *u, sd_bus_message *message, UnitWriteFlags flags, bool commit, sd_bus_error *error); int bus_unit_method_set_properties(sd_bus_message *message, void *userdata, sd_bus_error *error); int bus_unit_method_get_processes(sd_bus_message *message, void *userdata, sd_bus_error *error); +int bus_unit_method_attach_processes(sd_bus_message *message, void *userdata, sd_bus_error *error); int bus_unit_method_ref(sd_bus_message *message, void *userdata, sd_bus_error *error); int bus_unit_method_unref(sd_bus_message *message, void *userdata, sd_bus_error *error); diff --git a/src/core/dbus.c b/src/core/dbus.c index 1c3fca353a..56b43adcda 100644 --- a/src/core/dbus.c +++ b/src/core/dbus.c @@ -139,9 +139,10 @@ static int signal_disconnected(sd_bus_message *message, void *userdata, sd_bus_e assert_se(bus = sd_bus_message_get_bus(message)); if (bus == m->api_bus) - destroy_bus(m, &m->api_bus); + bus_done_api(m); if (bus == m->system_bus) - destroy_bus(m, &m->system_bus); + bus_done_system(m); + if (set_remove(m->private_buses, bus)) { log_debug("Got disconnect on private connection."); destroy_bus(m, &bus); @@ -652,6 +653,8 @@ static int bus_on_connection(sd_event_source *s, int fd, uint32_t revents, void return 0; } + (void) sd_bus_set_description(bus, "private-bus-connection"); + r = sd_bus_set_fd(bus, nfd, nfd); if (r < 0) { log_warning_errno(r, "Failed to set fd on new connection bus: %m"); @@ -724,17 +727,29 @@ static int bus_on_connection(sd_event_source *s, int fd, uint32_t revents, void return 0; } -int manager_sync_bus_names(Manager *m, sd_bus *bus) { +static int manager_dispatch_sync_bus_names(sd_event_source *es, void *userdata) { _cleanup_strv_free_ char **names = NULL; + Manager *m = userdata; const char *name; Iterator i; Unit *u; int r; + assert(es); assert(m); - assert(bus); + assert(m->sync_bus_names_event_source == es); + + /* First things first, destroy the defer event so that we aren't triggered again */ + m->sync_bus_names_event_source = sd_event_source_unref(m->sync_bus_names_event_source); - r = sd_bus_list_names(bus, &names, NULL); + /* Let's see if there's anything to do still? */ + if (!m->api_bus) + return 0; + if (hashmap_isempty(m->watch_bus)) + return 0; + + /* OK, let's sync up the names. Let's see which names are currently on the bus. */ + r = sd_bus_list_names(m->api_bus, &names, NULL); if (r < 0) return log_error_errno(r, "Failed to get initial list of names: %m"); @@ -758,7 +773,7 @@ int manager_sync_bus_names(Manager *m, sd_bus *bus) { const char *unique; /* If it is, determine its current owner */ - r = sd_bus_get_name_creds(bus, name, SD_BUS_CREDS_UNIQUE_NAME, &creds); + r = sd_bus_get_name_creds(m->api_bus, name, SD_BUS_CREDS_UNIQUE_NAME, &creds); if (r < 0) { log_full_errno(r == -ENXIO ? LOG_DEBUG : LOG_ERR, r, "Failed to get bus name owner %s: %m", name); continue; @@ -792,6 +807,34 @@ int manager_sync_bus_names(Manager *m, sd_bus *bus) { return 0; } +int manager_enqueue_sync_bus_names(Manager *m) { + int r; + + assert(m); + + /* Enqueues a request to synchronize the bus names in a later event loop iteration. The callers generally don't + * want us to invoke ->bus_name_owner_change() unit calls from their stack frames as this might result in event + * dispatching on its own creating loops, hence we simply create a defer event for the event loop and exit. */ + + if (m->sync_bus_names_event_source) + return 0; + + r = sd_event_add_defer(m->event, &m->sync_bus_names_event_source, manager_dispatch_sync_bus_names, m); + if (r < 0) + return log_error_errno(r, "Failed to create bus name synchronization event: %m"); + + r = sd_event_source_set_priority(m->sync_bus_names_event_source, SD_EVENT_PRIORITY_IDLE); + if (r < 0) + return log_error_errno(r, "Failed to set event priority: %m"); + + r = sd_event_source_set_enabled(m->sync_bus_names_event_source, SD_EVENT_ONESHOT); + if (r < 0) + return log_error_errno(r, "Failed to set even to oneshot: %m"); + + (void) sd_event_source_set_description(m->sync_bus_names_event_source, "manager-sync-bus-names"); + return 0; +} + static int bus_setup_api(Manager *m, sd_bus *bus) { Iterator i; char *name; @@ -837,15 +880,12 @@ static int bus_setup_api(Manager *m, sd_bus *bus) { if (r < 0) return log_error_errno(r, "Failed to request name: %m"); - r = manager_sync_bus_names(m, bus); - if (r < 0) - return r; - log_debug("Successfully connected to API bus."); + return 0; } -static int bus_init_api(Manager *m) { +int bus_init_api(Manager *m) { _cleanup_(sd_bus_unrefp) sd_bus *bus = NULL; int r; @@ -879,6 +919,10 @@ static int bus_init_api(Manager *m) { m->api_bus = bus; bus = NULL; + r = manager_enqueue_sync_bus_names(m); + if (r < 0) + return r; + return 0; } @@ -906,7 +950,7 @@ static int bus_setup_system(Manager *m, sd_bus *bus) { return 0; } -static int bus_init_system(Manager *m) { +int bus_init_system(Manager *m) { _cleanup_(sd_bus_unrefp) sd_bus *bus = NULL; int r; @@ -914,22 +958,21 @@ static int bus_init_system(Manager *m) { return 0; /* The API and system bus is the same if we are running in system mode */ - if (MANAGER_IS_SYSTEM(m) && m->api_bus) { - m->system_bus = sd_bus_ref(m->api_bus); - return 0; - } - - r = sd_bus_open_system(&bus); - if (r < 0) - return log_error_errno(r, "Failed to connect to system bus: %m"); + if (MANAGER_IS_SYSTEM(m) && m->api_bus) + bus = sd_bus_ref(m->api_bus); + else { + r = sd_bus_open_system(&bus); + if (r < 0) + return log_error_errno(r, "Failed to connect to system bus: %m"); - r = bus_setup_disconnected_match(m, bus); - if (r < 0) - return r; + r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL); + if (r < 0) + return log_error_errno(r, "Failed to attach system bus to event loop: %m"); - r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL); - if (r < 0) - return log_error_errno(r, "Failed to attach system bus to event loop: %m"); + r = bus_setup_disconnected_match(m, bus); + if (r < 0) + return r; + } r = bus_setup_system(m, bus); if (r < 0) @@ -941,7 +984,7 @@ static int bus_init_system(Manager *m) { return 0; } -static int bus_init_private(Manager *m) { +int bus_init_private(Manager *m) { _cleanup_close_ int fd = -1; union sockaddr_union sa = { .un.sun_family = AF_UNIX @@ -1013,26 +1056,6 @@ static int bus_init_private(Manager *m) { return 0; } -int bus_init(Manager *m, bool try_bus_connect) { - int r; - - if (try_bus_connect) { - r = bus_init_system(m); - if (r < 0) - return log_error_errno(r, "Failed to initialize D-Bus connection: %m"); - - r = bus_init_api(m); - if (r < 0) - return log_error_errno(r, "Error occured during D-Bus APIs initialization: %m"); - } - - r = bus_init_private(m); - if (r < 0) - return log_error_errno(r, "Failed to create private D-Bus server: %m"); - - return 0; -} - static void destroy_bus(Manager *m, sd_bus **bus) { Iterator i; Unit *u; @@ -1063,6 +1086,10 @@ static void destroy_bus(Manager *m, sd_bus **bus) { if (j->bus_track && sd_bus_track_get_bus(j->bus_track) == *bus) j->bus_track = sd_bus_track_unref(j->bus_track); + HASHMAP_FOREACH(u, m->units, i) + if (u->bus_track && sd_bus_track_get_bus(u->bus_track) == *bus) + u->bus_track = sd_bus_track_unref(u->bus_track); + /* Get rid of queued message on this bus */ if (m->queued_message && sd_bus_message_get_bus(m->queued_message) == *bus) m->queued_message = sd_bus_message_unref(m->queued_message); @@ -1077,28 +1104,44 @@ static void destroy_bus(Manager *m, sd_bus **bus) { *bus = sd_bus_unref(*bus); } -void bus_done(Manager *m) { - sd_bus *b; - +void bus_done_api(Manager *m) { assert(m); if (m->api_bus) destroy_bus(m, &m->api_bus); +} + +void bus_done_system(Manager *m) { + assert(m); + if (m->system_bus) destroy_bus(m, &m->system_bus); +} + +void bus_done_private(Manager *m) { + sd_bus *b; + + assert(m); + while ((b = set_steal_first(m->private_buses))) destroy_bus(m, &b); m->private_buses = set_free(m->private_buses); - m->subscribed = sd_bus_track_unref(m->subscribed); - m->deserialized_subscribed = strv_free(m->deserialized_subscribed); + m->private_listen_event_source = sd_event_source_unref(m->private_listen_event_source); + m->private_listen_fd = safe_close(m->private_listen_fd); +} - if (m->private_listen_event_source) - m->private_listen_event_source = sd_event_source_unref(m->private_listen_event_source); +void bus_done(Manager *m) { + assert(m); - m->private_listen_fd = safe_close(m->private_listen_fd); + bus_done_api(m); + bus_done_system(m); + bus_done_private(m); + assert(!m->subscribed); + + m->deserialized_subscribed = strv_free(m->deserialized_subscribed); bus_verify_polkit_async_registry_free(m->polkit_registry); } @@ -1154,14 +1197,20 @@ int bus_foreach_bus( /* Send to all direct buses, unconditionally */ SET_FOREACH(b, m->private_buses, i) { + + /* Don't bother with enqueing these messages to clients that haven't started yet */ + if (sd_bus_is_ready(b) <= 0) + continue; + r = send_message(b, userdata); if (r < 0) ret = r; } /* Send to API bus, but only if somebody is subscribed */ - if (sd_bus_track_count(m->subscribed) > 0 || - sd_bus_track_count(subscribed2) > 0) { + if (m->api_bus && + (sd_bus_track_count(m->subscribed) > 0 || + sd_bus_track_count(subscribed2) > 0)) { r = send_message(m->api_bus, userdata); if (r < 0) ret = r; @@ -1230,3 +1279,34 @@ int bus_verify_reload_daemon_async(Manager *m, sd_bus_message *call, sd_bus_erro int bus_verify_set_environment_async(Manager *m, sd_bus_message *call, sd_bus_error *error) { return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.set-environment", NULL, false, UID_INVALID, &m->polkit_registry, error); } + +uint64_t manager_bus_n_queued_write(Manager *m) { + uint64_t c = 0; + Iterator i; + sd_bus *b; + int r; + + /* Returns the total number of messages queued for writing on all our direct and API busses. */ + + SET_FOREACH(b, m->private_buses, i) { + uint64_t k; + + r = sd_bus_get_n_queued_write(b, &k); + if (r < 0) + log_debug_errno(r, "Failed to query queued messages for private bus: %m"); + else + c += k; + } + + if (m->api_bus) { + uint64_t k; + + r = sd_bus_get_n_queued_write(m->api_bus, &k); + if (r < 0) + log_debug_errno(r, "Failed to query queued messages for API bus: %m"); + else + c += k; + } + + return c; +} diff --git a/src/core/dbus.h b/src/core/dbus.h index fe50fdd5f7..702bc48ae1 100644 --- a/src/core/dbus.h +++ b/src/core/dbus.h @@ -24,7 +24,13 @@ int bus_send_queued_message(Manager *m); -int bus_init(Manager *m, bool try_bus_connect); +int bus_init_private(Manager *m); +int bus_init_api(Manager *m); +int bus_init_system(Manager *m); + +void bus_done_private(Manager *m); +void bus_done_api(Manager *m); +void bus_done_system(Manager *m); void bus_done(Manager *m); int bus_fdset_add_all(Manager *m, FDSet *fds); @@ -32,7 +38,7 @@ int bus_fdset_add_all(Manager *m, FDSet *fds); void bus_track_serialize(sd_bus_track *t, FILE *f, const char *prefix); int bus_track_coldplug(Manager *m, sd_bus_track **t, bool recursive, char **l); -int manager_sync_bus_names(Manager *m, sd_bus *bus); +int manager_enqueue_sync_bus_names(Manager *m); int bus_foreach_bus(Manager *m, sd_bus_track *subscribed2, int (*send_message)(sd_bus *bus, void *userdata), void *userdata); @@ -42,3 +48,5 @@ int bus_verify_reload_daemon_async(Manager *m, sd_bus_message *call, sd_bus_erro int bus_verify_set_environment_async(Manager *m, sd_bus_message *call, sd_bus_error *error); int bus_forward_agent_released(Manager *m, const char *path); + +uint64_t manager_bus_n_queued_write(Manager *m); diff --git a/src/core/device.c b/src/core/device.c index a43664d3bd..b0dd469fd1 100644 --- a/src/core/device.c +++ b/src/core/device.c @@ -77,7 +77,7 @@ static int device_set_sysfs(Device *d, const char *sysfs) { if (streq_ptr(d->sysfs, sysfs)) return 0; - r = hashmap_ensure_allocated(&UNIT(d)->manager->devices_by_sysfs, &string_hash_ops); + r = hashmap_ensure_allocated(&UNIT(d)->manager->devices_by_sysfs, &path_hash_ops); if (r < 0) return r; diff --git a/src/core/emergency-action.c b/src/core/emergency-action.c index decfacd600..3d37a986bc 100644 --- a/src/core/emergency-action.c +++ b/src/core/emergency-action.c @@ -20,11 +20,12 @@ ***/ #include <sys/reboot.h> -#include <linux/reboot.h> #include "bus-error.h" #include "bus-util.h" #include "emergency-action.h" +#include "raw-reboot.h" +#include "reboot-util.h" #include "special.h" #include "string-table.h" #include "terminal-util.h" @@ -88,12 +89,12 @@ int emergency_action( if (!isempty(reboot_arg)) { log_info("Rebooting with argument '%s'.", reboot_arg); - syscall(SYS_reboot, LINUX_REBOOT_MAGIC1, LINUX_REBOOT_MAGIC2, LINUX_REBOOT_CMD_RESTART2, reboot_arg); + (void) raw_reboot(LINUX_REBOOT_CMD_RESTART2, reboot_arg); log_warning_errno(errno, "Failed to reboot with parameter, retrying without: %m"); } log_info("Rebooting."); - reboot(RB_AUTOBOOT); + (void) reboot(RB_AUTOBOOT); break; case EMERGENCY_ACTION_POWEROFF: @@ -112,7 +113,7 @@ int emergency_action( sync(); log_info("Powering off."); - reboot(RB_POWER_OFF); + (void) reboot(RB_POWER_OFF); break; default: diff --git a/src/core/execute.c b/src/core/execute.c index 0df3971df6..7292b815db 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -82,6 +82,7 @@ #include "label.h" #include "log.h" #include "macro.h" +#include "manager.h" #include "missing.h" #include "mkdir.h" #include "namespace.h" @@ -330,7 +331,7 @@ static int connect_journal_socket(int fd, uid_t uid, gid_t gid) { } static int connect_logger_as( - Unit *unit, + const Unit *unit, const ExecContext *context, const ExecParameters *params, ExecOutput output, @@ -508,9 +509,9 @@ static int setup_input( int fd; fd = acquire_terminal(exec_context_tty_path(context), - i == EXEC_INPUT_TTY_FAIL, - i == EXEC_INPUT_TTY_FORCE, - false, + i == EXEC_INPUT_TTY_FAIL ? ACQUIRE_TERMINAL_TRY : + i == EXEC_INPUT_TTY_FORCE ? ACQUIRE_TERMINAL_FORCE : + ACQUIRE_TERMINAL_WAIT, USEC_INFINITY); if (fd < 0) return fd; @@ -561,7 +562,7 @@ static int setup_input( } static int setup_output( - Unit *unit, + const Unit *unit, const ExecContext *context, const ExecParameters *params, int fileno, @@ -752,7 +753,7 @@ static int setup_confirm_stdio(const char *vc, int *_saved_stdin, int *_saved_st if (saved_stdout < 0) return -errno; - fd = acquire_terminal(vc, false, false, false, DEFAULT_CONFIRM_USEC); + fd = acquire_terminal(vc, ACQUIRE_TERMINAL_WAIT, DEFAULT_CONFIRM_USEC); if (fd < 0) return fd; @@ -764,15 +765,10 @@ static int setup_confirm_stdio(const char *vc, int *_saved_stdin, int *_saved_st if (r < 0) return r; - if (dup2(fd, STDIN_FILENO) < 0) - return -errno; - - if (dup2(fd, STDOUT_FILENO) < 0) - return -errno; - - if (fd >= 2) - safe_close(fd); + r = rearrange_stdio(fd, fd, STDERR_FILENO); fd = -1; + if (r < 0) + return r; *_saved_stdin = saved_stdin; *_saved_stdout = saved_stdout; @@ -1054,7 +1050,7 @@ static int get_supplementary_groups(const ExecContext *c, const char *user, return 0; } -static int enforce_groups(gid_t gid, gid_t *supplementary_gids, int ngids) { +static int enforce_groups(gid_t gid, const gid_t *supplementary_gids, int ngids) { int r; /* Handle SupplementaryGroups= if it is not empty */ @@ -1540,7 +1536,7 @@ static int apply_private_devices(const Unit *u, const ExecContext *c) { return seccomp_load_syscall_filter_set(SCMP_ACT_ALLOW, syscall_filter_sets + SYSCALL_FILTER_SET_RAW_IO, SCMP_ACT_ERRNO(EPERM)); } -static int apply_restrict_namespaces(Unit *u, const ExecContext *c) { +static int apply_restrict_namespaces(const Unit *u, const ExecContext *c) { assert(u); assert(c); @@ -1610,7 +1606,7 @@ static void do_idle_pipe_dance(int idle_pipe[4]) { } static int build_environment( - Unit *u, + const Unit *u, const ExecContext *c, const ExecParameters *p, unsigned n_fds, @@ -1792,6 +1788,9 @@ static bool exec_needs_mount_namespace( if (context->n_bind_mounts > 0) return true; + if (context->n_temporary_filesystems > 0) + return true; + if (context->mount_flags != 0) return true; @@ -2008,7 +2007,6 @@ static int setup_exec_directory( STRV_FOREACH(rt, context->directories[type].paths) { _cleanup_free_ char *p = NULL, *pp = NULL; - const char *effective; p = strjoin(params->prefix[type], "/", *rt); if (!p) { @@ -2102,20 +2100,17 @@ static int setup_exec_directory( if (r < 0) goto fail; - effective = pp; - + /* Lock down the access mode */ + if (chmod(pp, context->directories[type].mode) < 0) { + r = -errno; + goto fail; + } } else { r = mkdir_label(p, context->directories[type].mode); - if (r < 0 && r != -EEXIST) + if (r == -EEXIST) + continue; + if (r < 0) goto fail; - - effective = p; - } - - /* First lock down the access mode */ - if (chmod(effective, context->directories[type].mode) < 0) { - r = -errno; - goto fail; } /* Don't change the owner of the configuration directory, as in the common case it is not written to by @@ -2124,7 +2119,7 @@ static int setup_exec_directory( continue; /* Then, change the ownership of the whole tree, if necessary */ - r = path_chown_recursive(effective, uid, gid); + r = path_chown_recursive(pp ?: p, uid, gid); if (r < 0) goto fail; } @@ -2257,10 +2252,8 @@ static int compile_bind_mounts( } r = strv_consume(&empty_directories, private_root); - if (r < 0) { - r = -ENOMEM; + if (r < 0) goto finish; - } } STRV_FOREACH(suffix, context->directories[t].paths) { @@ -2309,11 +2302,11 @@ finish: } static int apply_mount_namespace( - Unit *u, - ExecCommand *command, + const Unit *u, + const ExecCommand *command, const ExecContext *context, const ExecParameters *params, - ExecRuntime *runtime) { + const ExecRuntime *runtime) { _cleanup_strv_free_ char **empty_directories = NULL; char *tmp = NULL, *var = NULL; @@ -2372,6 +2365,8 @@ static int apply_mount_namespace( empty_directories, bind_mounts, n_bind_mounts, + context->temporary_filesystems, + context->n_temporary_filesystems, tmp, var, needs_sandboxing ? context->protect_home : PROTECT_HOME_NO, @@ -2437,7 +2432,7 @@ static int apply_working_directory( } static int setup_keyring( - Unit *u, + const Unit *u, const ExecContext *context, const ExecParameters *p, uid_t uid, gid_t gid) { @@ -2548,7 +2543,7 @@ static int setup_keyring( return 0; } -static void append_socket_pair(int *array, unsigned *n, int pair[2]) { +static void append_socket_pair(int *array, unsigned *n, const int pair[2]) { assert(array); assert(n); @@ -2563,8 +2558,8 @@ static void append_socket_pair(int *array, unsigned *n, int pair[2]) { static int close_remaining_fds( const ExecParameters *params, - ExecRuntime *runtime, - DynamicCreds *dcreds, + const ExecRuntime *runtime, + const DynamicCreds *dcreds, int user_lookup_fd, int socket_fd, int *fds, unsigned n_fds) { @@ -2707,9 +2702,11 @@ static int compile_suggested_paths(const ExecContext *c, const ExecParameters *p return 0; } +static char *exec_command_line(char **argv); + static int exec_child( Unit *unit, - ExecCommand *command, + const ExecCommand *command, const ExecContext *context, const ExecParameters *params, ExecRuntime *runtime, @@ -3441,6 +3438,9 @@ static int exec_child( return log_unit_error_errno(unit, errno, "Failed to execute command: %m"); } +static int exec_context_load_environment(const Unit *unit, const ExecContext *c, char ***l); +static int exec_context_named_iofds(const ExecContext *c, const ExecParameters *p, int named_iofds[3]); + int exec_spawn(Unit *unit, ExecCommand *command, const ExecContext *context, @@ -3487,7 +3487,7 @@ int exec_spawn(Unit *unit, n_socket_fds = params->n_socket_fds; } - r = exec_context_named_iofds(unit, context, params, named_iofds); + r = exec_context_named_iofds(context, params, named_iofds); if (r < 0) return log_unit_error_errno(unit, r, "Failed to load a named file descriptor: %m"); @@ -3617,6 +3617,11 @@ void exec_context_done(ExecContext *c) { c->inaccessible_paths = strv_free(c->inaccessible_paths); bind_mount_free_many(c->bind_mounts, c->n_bind_mounts); + c->bind_mounts = NULL; + c->n_bind_mounts = 0; + temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems); + c->temporary_filesystems = NULL; + c->n_temporary_filesystems = 0; c->cpuset = cpu_set_mfree(c->cpuset); @@ -3640,7 +3645,7 @@ void exec_context_done(ExecContext *c) { c->stdin_data_size = 0; } -int exec_context_destroy_runtime_directory(ExecContext *c, const char *runtime_prefix) { +int exec_context_destroy_runtime_directory(const ExecContext *c, const char *runtime_prefix) { char **i; assert(c); @@ -3663,7 +3668,7 @@ int exec_context_destroy_runtime_directory(ExecContext *c, const char *runtime_p return 0; } -void exec_command_done(ExecCommand *c) { +static void exec_command_done(ExecCommand *c) { assert(c); c->path = mfree(c->path); @@ -3698,7 +3703,7 @@ void exec_command_free_array(ExecCommand **c, unsigned n) { } typedef struct InvalidEnvInfo { - Unit *unit; + const Unit *unit; const char *path; } InvalidEnvInfo; @@ -3736,7 +3741,7 @@ const char* exec_context_fdname(const ExecContext *c, int fd_index) { } } -int exec_context_named_iofds(Unit *unit, const ExecContext *c, const ExecParameters *p, int named_iofds[3]) { +static int exec_context_named_iofds(const ExecContext *c, const ExecParameters *p, int named_iofds[3]) { unsigned i, targets; const char* stdio_fdname[3]; unsigned n_fds; @@ -3782,7 +3787,7 @@ int exec_context_named_iofds(Unit *unit, const ExecContext *c, const ExecParamet return targets == 0 ? 0 : -ENOENT; } -int exec_context_load_environment(Unit *unit, const ExecContext *c, char ***l) { +static int exec_context_load_environment(const Unit *unit, const ExecContext *c, char ***l) { char **i, **r = NULL; assert(c); @@ -3865,8 +3870,7 @@ int exec_context_load_environment(Unit *unit, const ExecContext *c, char ***l) { } static bool tty_may_match_dev_console(const char *tty) { - _cleanup_free_ char *active = NULL; - char *console; + _cleanup_free_ char *resolved = NULL; if (!tty) return true; @@ -3877,16 +3881,14 @@ static bool tty_may_match_dev_console(const char *tty) { if (streq(tty, "console")) return true; - console = resolve_dev_console(&active); - /* if we could not resolve, assume it may */ - if (!console) - return true; + if (resolve_dev_console(&resolved) < 0) + return true; /* if we could not resolve, assume it may */ /* "tty0" means the active VC, so it may be the same sometimes */ - return streq(console, tty) || (streq(console, "tty0") && tty_is_vc(tty)); + return streq(resolved, tty) || (streq(resolved, "tty0") && tty_is_vc(tty)); } -bool exec_context_may_touch_console(ExecContext *ec) { +bool exec_context_may_touch_console(const ExecContext *ec) { return (ec->tty_reset || ec->tty_vhangup || @@ -3906,7 +3908,7 @@ static void strv_fprintf(FILE *f, char **l) { fprintf(f, " %s", *g); } -void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) { +void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix) { ExecDirectoryType dt; char **e, **d; unsigned i; @@ -4170,12 +4172,22 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) { } if (c->n_bind_mounts > 0) - for (i = 0; i < c->n_bind_mounts; i++) { - fprintf(f, "%s%s: %s:%s:%s\n", prefix, + for (i = 0; i < c->n_bind_mounts; i++) + fprintf(f, "%s%s: %s%s:%s:%s\n", prefix, c->bind_mounts[i].read_only ? "BindReadOnlyPaths" : "BindPaths", + c->bind_mounts[i].ignore_enoent ? "-": "", c->bind_mounts[i].source, c->bind_mounts[i].destination, c->bind_mounts[i].recursive ? "rbind" : "norbind"); + + if (c->n_temporary_filesystems > 0) + for (i = 0; i < c->n_temporary_filesystems; i++) { + TemporaryFileSystem *t = c->temporary_filesystems + i; + + fprintf(f, "%sTemporaryFileSystem: %s%s%s\n", prefix, + t->path, + isempty(t->options) ? "" : ":", + strempty(t->options)); } if (c->utmp_id) @@ -4292,7 +4304,7 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) { prefix, c->apparmor_profile_ignore ? "-" : "", c->apparmor_profile); } -bool exec_context_maintains_privileges(ExecContext *c) { +bool exec_context_maintains_privileges(const ExecContext *c) { assert(c); /* Returns true if the process forked off would run under @@ -4307,7 +4319,7 @@ bool exec_context_maintains_privileges(ExecContext *c) { return false; } -int exec_context_get_effective_ioprio(ExecContext *c) { +int exec_context_get_effective_ioprio(const ExecContext *c) { int p; assert(c); @@ -4341,7 +4353,7 @@ void exec_status_start(ExecStatus *s, pid_t pid) { dual_timestamp_get(&s->start_timestamp); } -void exec_status_exit(ExecStatus *s, ExecContext *context, pid_t pid, int code, int status) { +void exec_status_exit(ExecStatus *s, const ExecContext *context, pid_t pid, int code, int status) { assert(s); if (s->pid && s->pid != pid) @@ -4361,7 +4373,7 @@ void exec_status_exit(ExecStatus *s, ExecContext *context, pid_t pid, int code, } } -void exec_status_dump(ExecStatus *s, FILE *f, const char *prefix) { +void exec_status_dump(const ExecStatus *s, FILE *f, const char *prefix) { char buf[FORMAT_TIMESTAMP_MAX]; assert(s); @@ -4391,7 +4403,7 @@ void exec_status_dump(ExecStatus *s, FILE *f, const char *prefix) { prefix, s->status); } -char *exec_command_line(char **argv) { +static char *exec_command_line(char **argv) { size_t k; char *n, *p, **a; bool first = true; @@ -4431,7 +4443,7 @@ char *exec_command_line(char **argv) { return n; } -void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix) { +static void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix) { _cleanup_free_ char *cmd = NULL; const char *prefix2; @@ -4523,224 +4535,432 @@ int exec_command_append(ExecCommand *c, const char *path, ...) { return 0; } +static void *remove_tmpdir_thread(void *p) { + _cleanup_free_ char *path = p; -static int exec_runtime_allocate(ExecRuntime **rt) { + (void) rm_rf(path, REMOVE_ROOT|REMOVE_PHYSICAL); + return NULL; +} + +static ExecRuntime* exec_runtime_free(ExecRuntime *rt, bool destroy) { + int r; + + if (!rt) + return NULL; + + if (rt->manager) + (void) hashmap_remove(rt->manager->exec_runtime_by_id, rt->id); + + /* When destroy is true, then rm_rf tmp_dir and var_tmp_dir. */ + if (destroy && rt->tmp_dir) { + log_debug("Spawning thread to nuke %s", rt->tmp_dir); + + r = asynchronous_job(remove_tmpdir_thread, rt->tmp_dir); + if (r < 0) { + log_warning_errno(r, "Failed to nuke %s: %m", rt->tmp_dir); + free(rt->tmp_dir); + } + rt->tmp_dir = NULL; + } + + if (destroy && rt->var_tmp_dir) { + log_debug("Spawning thread to nuke %s", rt->var_tmp_dir); + + r = asynchronous_job(remove_tmpdir_thread, rt->var_tmp_dir); + if (r < 0) { + log_warning_errno(r, "Failed to nuke %s: %m", rt->var_tmp_dir); + free(rt->var_tmp_dir); + } + + rt->var_tmp_dir = NULL; + } + + rt->id = mfree(rt->id); + rt->tmp_dir = mfree(rt->tmp_dir); + rt->var_tmp_dir = mfree(rt->var_tmp_dir); + safe_close_pair(rt->netns_storage_socket); + return mfree(rt); +} + +static void exec_runtime_freep(ExecRuntime **rt) { if (*rt) - return 0; + (void) exec_runtime_free(*rt, false); +} + +static int exec_runtime_allocate(ExecRuntime **rt) { + assert(rt); *rt = new0(ExecRuntime, 1); if (!*rt) return -ENOMEM; - (*rt)->n_ref = 1; (*rt)->netns_storage_socket[0] = (*rt)->netns_storage_socket[1] = -1; - return 0; } -int exec_runtime_make(ExecRuntime **rt, ExecContext *c, const char *id) { +static int exec_runtime_add( + Manager *m, + const char *id, + const char *tmp_dir, + const char *var_tmp_dir, + const int netns_storage_socket[2], + ExecRuntime **ret) { + + _cleanup_(exec_runtime_freep) ExecRuntime *rt = NULL; int r; - assert(rt); - assert(c); + assert(m); assert(id); - if (*rt) - return 1; - - if (!c->private_network && !c->private_tmp) - return 0; + r = hashmap_ensure_allocated(&m->exec_runtime_by_id, &string_hash_ops); + if (r < 0) + return r; - r = exec_runtime_allocate(rt); + r = exec_runtime_allocate(&rt); if (r < 0) return r; - if (c->private_network && (*rt)->netns_storage_socket[0] < 0) { - if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, (*rt)->netns_storage_socket) < 0) - return -errno; + rt->id = strdup(id); + if (!rt->id) + return -ENOMEM; + + if (tmp_dir) { + rt->tmp_dir = strdup(tmp_dir); + if (!rt->tmp_dir) + return -ENOMEM; + + /* When tmp_dir is set, then we require var_tmp_dir is also set. */ + assert(var_tmp_dir); + rt->var_tmp_dir = strdup(var_tmp_dir); + if (!rt->var_tmp_dir) + return -ENOMEM; + } + + if (netns_storage_socket) { + rt->netns_storage_socket[0] = netns_storage_socket[0]; + rt->netns_storage_socket[1] = netns_storage_socket[1]; } - if (c->private_tmp && !(*rt)->tmp_dir) { - r = setup_tmp_dirs(id, &(*rt)->tmp_dir, &(*rt)->var_tmp_dir); + r = hashmap_put(m->exec_runtime_by_id, rt->id, rt); + if (r < 0) + return r; + + rt->manager = m; + + if (ret) + *ret = rt; + + /* do not remove created ExecRuntime object when the operation succeeds. */ + rt = NULL; + return 0; +} + +static int exec_runtime_make(Manager *m, const ExecContext *c, const char *id, ExecRuntime **ret) { + _cleanup_free_ char *tmp_dir = NULL, *var_tmp_dir = NULL; + _cleanup_close_pair_ int netns_storage_socket[2] = {-1, -1}; + int r; + + assert(m); + assert(c); + assert(id); + + /* It is not necessary to create ExecRuntime object. */ + if (!c->private_network && !c->private_tmp) + return 0; + + if (c->private_tmp) { + r = setup_tmp_dirs(id, &tmp_dir, &var_tmp_dir); if (r < 0) return r; } + if (c->private_network) { + if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, netns_storage_socket) < 0) + return -errno; + } + + r = exec_runtime_add(m, id, tmp_dir, var_tmp_dir, netns_storage_socket, ret); + if (r < 0) + return r; + + /* Avoid cleanup */ + netns_storage_socket[0] = -1; + netns_storage_socket[1] = -1; return 1; } -ExecRuntime *exec_runtime_ref(ExecRuntime *r) { - assert(r); - assert(r->n_ref > 0); +int exec_runtime_acquire(Manager *m, const ExecContext *c, const char *id, bool create, ExecRuntime **ret) { + ExecRuntime *rt; + int r; - r->n_ref++; - return r; -} + assert(m); + assert(id); + assert(ret); + + rt = hashmap_get(m->exec_runtime_by_id, id); + if (rt) + /* We already have a ExecRuntime object, let's increase the ref count and reuse it */ + goto ref; -ExecRuntime *exec_runtime_unref(ExecRuntime *r) { + if (!create) + return 0; - if (!r) + /* If not found, then create a new object. */ + r = exec_runtime_make(m, c, id, &rt); + if (r <= 0) + /* When r == 0, it is not necessary to create ExecRuntime object. */ + return r; + +ref: + /* increment reference counter. */ + rt->n_ref++; + *ret = rt; + return 1; +} + +ExecRuntime *exec_runtime_unref(ExecRuntime *rt, bool destroy) { + if (!rt) return NULL; - assert(r->n_ref > 0); + assert(rt->n_ref > 0); - r->n_ref--; - if (r->n_ref > 0) + rt->n_ref--; + if (rt->n_ref > 0) return NULL; - free(r->tmp_dir); - free(r->var_tmp_dir); - safe_close_pair(r->netns_storage_socket); - return mfree(r); + return exec_runtime_free(rt, destroy); } -int exec_runtime_serialize(Unit *u, ExecRuntime *rt, FILE *f, FDSet *fds) { - assert(u); +int exec_runtime_serialize(const Manager *m, FILE *f, FDSet *fds) { + ExecRuntime *rt; + Iterator i; + + assert(m); assert(f); assert(fds); - if (!rt) - return 0; + HASHMAP_FOREACH(rt, m->exec_runtime_by_id, i) { + fprintf(f, "exec-runtime=%s", rt->id); - if (rt->tmp_dir) - unit_serialize_item(u, f, "tmp-dir", rt->tmp_dir); + if (rt->tmp_dir) + fprintf(f, " tmp-dir=%s", rt->tmp_dir); - if (rt->var_tmp_dir) - unit_serialize_item(u, f, "var-tmp-dir", rt->var_tmp_dir); + if (rt->var_tmp_dir) + fprintf(f, " var-tmp-dir=%s", rt->var_tmp_dir); - if (rt->netns_storage_socket[0] >= 0) { - int copy; + if (rt->netns_storage_socket[0] >= 0) { + int copy; - copy = fdset_put_dup(fds, rt->netns_storage_socket[0]); - if (copy < 0) - return copy; + copy = fdset_put_dup(fds, rt->netns_storage_socket[0]); + if (copy < 0) + return copy; - unit_serialize_item_format(u, f, "netns-socket-0", "%i", copy); - } + fprintf(f, " netns-socket-0=%i", copy); + } - if (rt->netns_storage_socket[1] >= 0) { - int copy; + if (rt->netns_storage_socket[1] >= 0) { + int copy; - copy = fdset_put_dup(fds, rt->netns_storage_socket[1]); - if (copy < 0) - return copy; + copy = fdset_put_dup(fds, rt->netns_storage_socket[1]); + if (copy < 0) + return copy; + + fprintf(f, " netns-socket-1=%i", copy); + } - unit_serialize_item_format(u, f, "netns-socket-1", "%i", copy); + fputc('\n', f); } return 0; } -int exec_runtime_deserialize_item(Unit *u, ExecRuntime **rt, const char *key, const char *value, FDSet *fds) { +int exec_runtime_deserialize_compat(Unit *u, const char *key, const char *value, FDSet *fds) { + _cleanup_(exec_runtime_freep) ExecRuntime *rt_create = NULL; + ExecRuntime *rt; int r; - assert(rt); + /* This is for the migration from old (v237 or earlier) deserialization text. + * Due to the bug #7790, this may not work with the units that use JoinsNamespaceOf=. + * Even if the ExecRuntime object originally created by the other unit, we cannot judge + * so or not from the serialized text, then we always creates a new object owned by this. */ + + assert(u); assert(key); assert(value); - if (streq(key, "tmp-dir")) { - char *copy; + /* Manager manages ExecRuntime objects by the unit id. + * So, we omit the serialized text when the unit does not have id (yet?)... */ + if (isempty(u->id)) { + log_unit_debug(u, "Invocation ID not found. Dropping runtime parameter."); + return 0; + } - r = exec_runtime_allocate(rt); + r = hashmap_ensure_allocated(&u->manager->exec_runtime_by_id, &string_hash_ops); + if (r < 0) { + log_unit_debug_errno(u, r, "Failed to allocate storage for runtime parameter: %m"); + return 0; + } + + rt = hashmap_get(u->manager->exec_runtime_by_id, u->id); + if (!rt) { + r = exec_runtime_allocate(&rt_create); if (r < 0) return log_oom(); + rt_create->id = strdup(u->id); + if (!rt_create->id) + return log_oom(); + + rt = rt_create; + } + + if (streq(key, "tmp-dir")) { + char *copy; + copy = strdup(value); if (!copy) return log_oom(); - free((*rt)->tmp_dir); - (*rt)->tmp_dir = copy; + free_and_replace(rt->tmp_dir, copy); } else if (streq(key, "var-tmp-dir")) { char *copy; - r = exec_runtime_allocate(rt); - if (r < 0) - return log_oom(); - copy = strdup(value); if (!copy) return log_oom(); - free((*rt)->var_tmp_dir); - (*rt)->var_tmp_dir = copy; + free_and_replace(rt->var_tmp_dir, copy); } else if (streq(key, "netns-socket-0")) { int fd; - r = exec_runtime_allocate(rt); - if (r < 0) - return log_oom(); - - if (safe_atoi(value, &fd) < 0 || !fdset_contains(fds, fd)) + if (safe_atoi(value, &fd) < 0 || !fdset_contains(fds, fd)) { log_unit_debug(u, "Failed to parse netns socket value: %s", value); - else { - safe_close((*rt)->netns_storage_socket[0]); - (*rt)->netns_storage_socket[0] = fdset_remove(fds, fd); + return 0; } + + safe_close(rt->netns_storage_socket[0]); + rt->netns_storage_socket[0] = fdset_remove(fds, fd); + } else if (streq(key, "netns-socket-1")) { int fd; - r = exec_runtime_allocate(rt); - if (r < 0) - return log_oom(); - - if (safe_atoi(value, &fd) < 0 || !fdset_contains(fds, fd)) + if (safe_atoi(value, &fd) < 0 || !fdset_contains(fds, fd)) { log_unit_debug(u, "Failed to parse netns socket value: %s", value); - else { - safe_close((*rt)->netns_storage_socket[1]); - (*rt)->netns_storage_socket[1] = fdset_remove(fds, fd); + return 0; } + + safe_close(rt->netns_storage_socket[1]); + rt->netns_storage_socket[1] = fdset_remove(fds, fd); } else return 0; - return 1; -} -static void *remove_tmpdir_thread(void *p) { - _cleanup_free_ char *path = p; + /* If the object is newly created, then put it to the hashmap which manages ExecRuntime objects. */ + if (rt_create) { + r = hashmap_put(u->manager->exec_runtime_by_id, rt_create->id, rt_create); + if (r < 0) { + log_unit_debug_errno(u, r, "Failed to put runtime paramter to manager's storage: %m"); + return 0; + } - (void) rm_rf(path, REMOVE_ROOT|REMOVE_PHYSICAL); - return NULL; -} + rt_create->manager = u->manager; -void exec_runtime_destroy(ExecRuntime *rt) { - int r; + /* Avoid cleanup */ + rt_create = NULL; + } - if (!rt) - return; + return 1; +} - /* If there are multiple users of this, let's leave the stuff around */ - if (rt->n_ref > 1) - return; +void exec_runtime_deserialize_one(Manager *m, const char *value, FDSet *fds) { + char *id = NULL, *tmp_dir = NULL, *var_tmp_dir = NULL; + int r, fd0 = -1, fd1 = -1; + const char *p, *v = value; + size_t n; - if (rt->tmp_dir) { - log_debug("Spawning thread to nuke %s", rt->tmp_dir); + assert(m); + assert(value); + assert(fds); - r = asynchronous_job(remove_tmpdir_thread, rt->tmp_dir); - if (r < 0) { - log_warning_errno(r, "Failed to nuke %s: %m", rt->tmp_dir); - free(rt->tmp_dir); + n = strcspn(v, " "); + id = strndupa(v, n); + if (v[n] != ' ') + goto finalize; + p = v + n + 1; + + v = startswith(p, "tmp-dir="); + if (v) { + n = strcspn(v, " "); + tmp_dir = strndupa(v, n); + if (v[n] != ' ') + goto finalize; + p = v + n + 1; + } + + v = startswith(p, "var-tmp-dir="); + if (v) { + n = strcspn(v, " "); + var_tmp_dir = strndupa(v, n); + if (v[n] != ' ') + goto finalize; + p = v + n + 1; + } + + v = startswith(p, "netns-socket-0="); + if (v) { + char *buf; + + n = strcspn(v, " "); + buf = strndupa(v, n); + if (safe_atoi(buf, &fd0) < 0 || !fdset_contains(fds, fd0)) { + log_debug("Unable to process exec-runtime netns fd specification."); + return; } - - rt->tmp_dir = NULL; + fd0 = fdset_remove(fds, fd0); + if (v[n] != ' ') + goto finalize; + p = v + n + 1; } - if (rt->var_tmp_dir) { - log_debug("Spawning thread to nuke %s", rt->var_tmp_dir); + v = startswith(p, "netns-socket-1="); + if (v) { + char *buf; - r = asynchronous_job(remove_tmpdir_thread, rt->var_tmp_dir); - if (r < 0) { - log_warning_errno(r, "Failed to nuke %s: %m", rt->var_tmp_dir); - free(rt->var_tmp_dir); + n = strcspn(v, " "); + buf = strndupa(v, n); + if (safe_atoi(buf, &fd1) < 0 || !fdset_contains(fds, fd1)) { + log_debug("Unable to process exec-runtime netns fd specification."); + return; } + fd1 = fdset_remove(fds, fd1); + } - rt->var_tmp_dir = NULL; +finalize: + + r = exec_runtime_add(m, id, tmp_dir, var_tmp_dir, (int[]) { fd0, fd1 }, NULL); + if (r < 0) { + log_debug_errno(r, "Failed to add exec-runtime: %m"); + return; } +} - safe_close_pair(rt->netns_storage_socket); +void exec_runtime_vacuum(Manager *m) { + ExecRuntime *rt; + Iterator i; + + assert(m); + + /* Free unreferenced ExecRuntime objects. This is used after manager deserialization process. */ + + HASHMAP_FOREACH(rt, m->exec_runtime_by_id, i) { + if (rt->n_ref > 0) + continue; + + (void) exec_runtime_free(rt, false); + } } static const char* const exec_input_table[_EXEC_INPUT_MAX] = { diff --git a/src/core/execute.h b/src/core/execute.h index d04dfcf6c9..a34cf0b873 100644 --- a/src/core/execute.h +++ b/src/core/execute.h @@ -25,6 +25,7 @@ typedef struct ExecCommand ExecCommand; typedef struct ExecContext ExecContext; typedef struct ExecRuntime ExecRuntime; typedef struct ExecParameters ExecParameters; +typedef struct Manager Manager; #include <sched.h> #include <stdbool.h> @@ -120,6 +121,11 @@ struct ExecCommand { struct ExecRuntime { int n_ref; + Manager *manager; + + /* unit id of the owner */ + char *id; + char *tmp_dir; char *var_tmp_dir; @@ -213,6 +219,8 @@ struct ExecContext { unsigned long mount_flags; BindMount *bind_mounts; unsigned n_bind_mounts; + TemporaryFileSystem *temporary_filesystems; + unsigned n_temporary_filesystems; uint64_t capability_bounding_set; uint64_t capability_ambient_set; @@ -339,15 +347,11 @@ int exec_spawn(Unit *unit, DynamicCreds *dynamic_creds, pid_t *ret); -void exec_command_done(ExecCommand *c); void exec_command_done_array(ExecCommand *c, unsigned n); ExecCommand* exec_command_free_list(ExecCommand *c); void exec_command_free_array(ExecCommand **c, unsigned n); -char *exec_command_line(char **argv); - -void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix); void exec_command_dump_list(ExecCommand *c, FILE *f, const char *prefix); void exec_command_append_list(ExecCommand **l, ExecCommand *e); int exec_command_set(ExecCommand *c, const char *path, ...); @@ -355,33 +359,30 @@ int exec_command_append(ExecCommand *c, const char *path, ...); void exec_context_init(ExecContext *c); void exec_context_done(ExecContext *c); -void exec_context_dump(ExecContext *c, FILE* f, const char *prefix); +void exec_context_dump(const ExecContext *c, FILE* f, const char *prefix); -int exec_context_destroy_runtime_directory(ExecContext *c, const char *runtime_root); +int exec_context_destroy_runtime_directory(const ExecContext *c, const char *runtime_root); -int exec_context_load_environment(Unit *unit, const ExecContext *c, char ***l); -int exec_context_named_iofds(Unit *unit, const ExecContext *c, const ExecParameters *p, int named_iofds[3]); const char* exec_context_fdname(const ExecContext *c, int fd_index); -bool exec_context_may_touch_console(ExecContext *c); -bool exec_context_maintains_privileges(ExecContext *c); +bool exec_context_may_touch_console(const ExecContext *c); +bool exec_context_maintains_privileges(const ExecContext *c); -int exec_context_get_effective_ioprio(ExecContext *c); +int exec_context_get_effective_ioprio(const ExecContext *c); void exec_context_free_log_extra_fields(ExecContext *c); void exec_status_start(ExecStatus *s, pid_t pid); -void exec_status_exit(ExecStatus *s, ExecContext *context, pid_t pid, int code, int status); -void exec_status_dump(ExecStatus *s, FILE *f, const char *prefix); - -int exec_runtime_make(ExecRuntime **rt, ExecContext *c, const char *id); -ExecRuntime *exec_runtime_ref(ExecRuntime *r); -ExecRuntime *exec_runtime_unref(ExecRuntime *r); +void exec_status_exit(ExecStatus *s, const ExecContext *context, pid_t pid, int code, int status); +void exec_status_dump(const ExecStatus *s, FILE *f, const char *prefix); -int exec_runtime_serialize(Unit *unit, ExecRuntime *rt, FILE *f, FDSet *fds); -int exec_runtime_deserialize_item(Unit *unit, ExecRuntime **rt, const char *key, const char *value, FDSet *fds); +int exec_runtime_acquire(Manager *m, const ExecContext *c, const char *name, bool create, ExecRuntime **ret); +ExecRuntime *exec_runtime_unref(ExecRuntime *r, bool destroy); -void exec_runtime_destroy(ExecRuntime *rt); +int exec_runtime_serialize(const Manager *m, FILE *f, FDSet *fds); +int exec_runtime_deserialize_compat(Unit *u, const char *key, const char *value, FDSet *fds); +void exec_runtime_deserialize_one(Manager *m, const char *value, FDSet *fds); +void exec_runtime_vacuum(Manager *m); const char* exec_output_to_string(ExecOutput i) _const_; ExecOutput exec_output_from_string(const char *s) _pure_; diff --git a/src/core/ip-address-access.c b/src/core/ip-address-access.c index 08bd4c0bce..f10138c6de 100644 --- a/src/core/ip-address-access.c +++ b/src/core/ip-address-access.c @@ -156,7 +156,7 @@ int config_parse_ip_address_access( r = bpf_firewall_supported(); if (r < 0) return r; - if (r == 0) { + if (r == BPF_FIREWALL_UNSUPPORTED) { static bool warned = false; log_full(warned ? LOG_DEBUG : LOG_WARNING, diff --git a/src/core/job.c b/src/core/job.c index c6de8d27e4..1b3534a7a6 100644 --- a/src/core/job.c +++ b/src/core/job.c @@ -312,11 +312,13 @@ void job_dump(Job *j, FILE*f, const char *prefix) { "%s-> Job %u:\n" "%s\tAction: %s -> %s\n" "%s\tState: %s\n" - "%s\tIrreversible: %s\n", + "%s\tIrreversible: %s\n" + "%s\tMay GC: %s\n", prefix, j->id, prefix, j->unit->id, job_type_to_string(j->type), prefix, job_state_to_string(j->state), - prefix, yes_no(j->irreversible)); + prefix, yes_no(j->irreversible), + prefix, yes_no(job_may_gc(j))); } /* @@ -694,7 +696,7 @@ _pure_ static const char *job_get_status_message_format(Unit *u, JobType t, JobR static const struct { const char *color, *word; } job_print_status_messages [_JOB_RESULT_MAX] = { - [JOB_DONE] = { ANSI_GREEN, " OK " }, + [JOB_DONE] = { ANSI_OK_COLOR, " OK " }, [JOB_TIMEOUT] = { ANSI_HIGHLIGHT_RED, " TIME " }, [JOB_FAILED] = { ANSI_HIGHLIGHT_RED, "FAILED" }, [JOB_DEPENDENCY] = { ANSI_HIGHLIGHT_YELLOW, "DEPEND" }, @@ -774,9 +776,12 @@ static void job_log_status_message(Unit *u, JobType t, JobResult result) { if (!format) return; - /* The description might be longer than the buffer, but that's OK, we'll just truncate it here */ + /* The description might be longer than the buffer, but that's OK, + * we'll just truncate it here. Note that we use snprintf() rather than + * xsprintf() on purpose here: we are fine with truncation and don't + * consider that an error. */ DISABLE_WARNING_FORMAT_NONLITERAL; - xsprintf(buf, format, unit_description(u)); + (void) snprintf(buf, sizeof(buf), format, unit_description(u)); REENABLE_WARNING; switch (t) { @@ -1272,7 +1277,7 @@ int job_get_timeout(Job *j, usec_t *timeout) { return 1; } -bool job_check_gc(Job *j) { +bool job_may_gc(Job *j) { Unit *other; Iterator i; void *v; @@ -1280,13 +1285,14 @@ bool job_check_gc(Job *j) { assert(j); /* Checks whether this job should be GC'ed away. We only do this for jobs of units that have no effect on their - * own and just track external state. For now the only unit type that qualifies for this are .device units. */ + * own and just track external state. For now the only unit type that qualifies for this are .device units. + * Returns true if the job can be collected. */ if (!UNIT_VTABLE(j->unit)->gc_jobs) - return true; + return false; if (sd_bus_track_count(j->bus_track) > 0) - return true; + return false; /* FIXME: So this is a bit ugly: for now we don't properly track references made via private bus connections * (because it's nasty, as sd_bus_track doesn't apply to it). We simply remember that the job was once @@ -1296,11 +1302,11 @@ bool job_check_gc(Job *j) { if (set_isempty(j->unit->manager->private_buses)) j->ref_by_private_bus = false; else - return true; + return false; } if (j->type == JOB_NOP) - return true; + return false; /* If a job is ordered after ours, and is to be started, then it needs to wait for us, regardless if we stop or * start, hence let's not GC in that case. */ @@ -1312,7 +1318,7 @@ bool job_check_gc(Job *j) { continue; if (IN_SET(other->job->type, JOB_START, JOB_VERIFY_ACTIVE, JOB_RELOAD)) - return true; + return false; } /* If we are going down, but something else is ordered After= us, then it needs to wait for us */ @@ -1324,7 +1330,7 @@ bool job_check_gc(Job *j) { if (other->job->ignore_order) continue; - return true; + return false; } /* The logic above is kinda the inverse of the job_is_runnable() logic. Specifically, if the job "we" is @@ -1344,7 +1350,7 @@ bool job_check_gc(Job *j) { * */ - return false; + return true; } void job_add_to_gc_queue(Job *j) { @@ -1353,7 +1359,7 @@ void job_add_to_gc_queue(Job *j) { if (j->in_gc_queue) return; - if (job_check_gc(j)) + if (!job_may_gc(j)) return; LIST_PREPEND(gc_queue, j->unit->manager->gc_job_queue, j); diff --git a/src/core/job.h b/src/core/job.h index a2f3b7b5d2..2edb63169c 100644 --- a/src/core/job.h +++ b/src/core/job.h @@ -233,7 +233,7 @@ void job_shutdown_magic(Job *j); int job_get_timeout(Job *j, usec_t *timeout) _pure_; -bool job_check_gc(Job *j); +bool job_may_gc(Job *j); void job_add_to_gc_queue(Job *j); int job_get_before(Job *j, Job*** ret); diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4 index dde5010e02..5d90a7c054 100644 --- a/src/core/load-fragment-gperf.gperf.m4 +++ b/src/core/load-fragment-gperf.gperf.m4 @@ -104,6 +104,7 @@ $1.ReadOnlyPaths, config_parse_namespace_path_strv, 0, $1.InaccessiblePaths, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.inaccessible_paths) $1.BindPaths, config_parse_bind_paths, 0, offsetof($1, exec_context) $1.BindReadOnlyPaths, config_parse_bind_paths, 0, offsetof($1, exec_context) +$1.TemporaryFileSystem, config_parse_temporary_filesystems, 0, offsetof($1, exec_context) $1.PrivateTmp, config_parse_bool, 0, offsetof($1, exec_context.private_tmp) $1.PrivateDevices, config_parse_bool, 0, offsetof($1, exec_context.private_devices) $1.ProtectKernelTunables, config_parse_bool, 0, offsetof($1, exec_context.protect_kernel_tunables) diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c index 00408c4b84..1e3416c40b 100644 --- a/src/core/load-fragment.c +++ b/src/core/load-fragment.c @@ -1745,9 +1745,8 @@ int config_parse_trigger_unit( log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue); return 0; } - - if (type == u->type) { - log_syntax(unit, LOG_ERR, filename, line, 0, "Trigger cannot be of same type, ignoring: %s", rvalue); + if (unit_has_name(u, p)) { + log_syntax(unit, LOG_ERR, filename, line, 0, "Units cannot trigger themselves, ignoring: %s", rvalue); return 0; } @@ -1860,7 +1859,7 @@ int config_parse_socket_service( return -ENOEXEC; } - unit_ref_set(&s->service, x); + unit_ref_set(&s->service, UNIT(s), x); return 0; } @@ -2581,7 +2580,7 @@ int config_parse_log_extra_fields( continue; } - t = realloc_multiply(c->log_extra_fields, sizeof(struct iovec), c->n_log_extra_fields+1); + t = reallocarray(c->log_extra_fields, c->n_log_extra_fields+1, sizeof(struct iovec)); if (!t) return log_oom(); @@ -2935,7 +2934,7 @@ int config_parse_syscall_filter( c->syscall_whitelist = true; /* Accept default syscalls if we are on a whitelist */ - r = seccomp_parse_syscall_filter(false, "@default", -1, c->syscall_filter, true); + r = seccomp_parse_syscall_filter("@default", -1, c->syscall_filter, SECCOMP_PARSE_WHITELIST); if (r < 0) return r; } @@ -2962,7 +2961,9 @@ int config_parse_syscall_filter( continue; } - r = seccomp_parse_syscall_filter_and_warn(invert, name, num, c->syscall_filter, c->syscall_whitelist, unit, filename, line); + r = seccomp_parse_syscall_filter_full(name, num, c->syscall_filter, + SECCOMP_PARSE_LOG|SECCOMP_PARSE_PERMISSIVE|(invert ? SECCOMP_PARSE_INVERT : 0)|(c->syscall_whitelist ? SECCOMP_PARSE_WHITELIST : 0), + unit, filename, line); if (r < 0) return r; } @@ -4175,6 +4176,83 @@ int config_parse_namespace_path_strv( return 0; } +int config_parse_temporary_filesystems( + const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + + Unit *u = userdata; + ExecContext *c = data; + const char *cur; + int r; + + assert(filename); + assert(lvalue); + assert(rvalue); + assert(data); + + if (isempty(rvalue)) { + /* Empty assignment resets the list */ + temporary_filesystem_free_many(c->temporary_filesystems, c->n_temporary_filesystems); + c->temporary_filesystems = NULL; + c->n_temporary_filesystems = 0; + return 0; + } + + cur = rvalue; + for (;;) { + _cleanup_free_ char *word = NULL, *path = NULL, *resolved = NULL; + const char *w; + + r = extract_first_word(&cur, &word, NULL, EXTRACT_QUOTES); + if (r == 0) + break; + if (r == -ENOMEM) + return log_oom(); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Failed to extract first word, ignoring: %s", rvalue); + return 0; + } + + w = word; + r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS); + if (r < 0) + return r; + if (r == 0) + return -EINVAL; + + r = unit_full_printf(u, path, &resolved); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers in %s, ignoring: %m", word); + continue; + } + + if (!path_is_absolute(resolved)) { + log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", resolved); + continue; + } + + path_kill_slashes(resolved); + + r = temporary_filesystem_add(&c->temporary_filesystems, &c->n_temporary_filesystems, path, w); + if (r == -ENOMEM) + return log_oom(); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse mount options, ignoring: %s", word); + continue; + } + } + + return 0; +} + int config_parse_bind_paths( const char *unit, const char *filename, diff --git a/src/core/load-fragment.h b/src/core/load-fragment.h index cb17bdd3c3..163b5ce485 100644 --- a/src/core/load-fragment.h +++ b/src/core/load-fragment.h @@ -106,6 +106,7 @@ int config_parse_runtime_preserve_mode(const char *unit, const char *filename, u int config_parse_exec_directories(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_set_status(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_namespace_path_strv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); +int config_parse_temporary_filesystems(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_no_new_privileges(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_cpu_quota(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); int config_parse_protect_home(const char* unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); diff --git a/src/core/macros.systemd.in b/src/core/macros.systemd.in index 940f1e895a..4e27e1b06a 100644 --- a/src/core/macros.systemd.in +++ b/src/core/macros.systemd.in @@ -84,22 +84,18 @@ fi \ %systemd_user_postun_with_restart() %{nil} -%udev_hwdb_update() \ -systemd-hwdb update >/dev/null 2>&1 || : \ -%{nil} +%udev_hwdb_update() %{nil} -%udev_rules_update() \ -udevadm control --reload >/dev/null 2>&1 || : \ -%{nil} +%udev_rules_update() %{nil} -%journal_catalog_update() \ -journalctl --update-catalog >/dev/null 2>&1 || : \ -%{nil} +%journal_catalog_update() %{nil} +# Deprecated. Use %tmpfiles_create_package instead %tmpfiles_create() \ systemd-tmpfiles --create %{?*} >/dev/null 2>&1 || : \ %{nil} +# Deprecated. Use %sysusers_create_package instead %sysusers_create() \ systemd-sysusers %{?*} >/dev/null 2>&1 || : \ %{nil} @@ -108,6 +104,40 @@ systemd-sysusers %{?*} >/dev/null 2>&1 || : \ echo %{?*} | systemd-sysusers - >/dev/null 2>&1 || : \ %{nil} +# This should be used by package installation scripts which require users or +# groups to be present before the files installed by the package are present on +# disk (for example because some files are owned by those users or groups). +# +# Example: +# Source1: %{name}-sysusers.conf +# ... +# %install +# install -D %SOURCE1 %{buildroot}%{_sysusersdir}/%{name}.conf +# %pre +# %sysusers_create_package %{name} %SOURCE1 +# %files +# %{_sysusersdir}/%{name}.conf +%sysusers_create_package() \ +echo "%(cat %2)" | systemd-sysusers --replace=%_sysusersdir/%1.conf - >/dev/null 2>&1 || : \ +%{nil} + +# This may be used by package installation scripts to create files according to +# their tmpfiles configuration from a package installation script, even before +# the files of that package are installed on disk. +# +# Example: +# Source1: %{name}-tmpfiles.conf +# ... +# %install +# install -D %SOURCE1 %{buildroot}%{_tmpfilesdir}/%{name}.conf +# %pre +# %tmpfiles_create_package %{name} %SOURCE1 +# %files +# %{_tmpfilesdir}/%{name}.conf +%tmpfiles_create_package() \ +echo "%(cat %2)" | systemd-tmpfiles --replace=%_tmpfilesdir/%1.conf --create - >/dev/null 2>&1 || : \ +%{nil} + %sysctl_apply() \ @rootlibexecdir@/systemd-sysctl %{?*} >/dev/null 2>&1 || : \ %{nil} diff --git a/src/core/main.c b/src/core/main.c index b32f52b048..00faa10824 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -135,7 +135,7 @@ static bool arg_default_cpu_accounting = false; static bool arg_default_io_accounting = false; static bool arg_default_ip_accounting = false; static bool arg_default_blockio_accounting = false; -static bool arg_default_memory_accounting = false; +static bool arg_default_memory_accounting = MEMORY_ACCOUNTING_DEFAULT; static bool arg_default_tasks_accounting = true; static uint64_t arg_default_tasks_max = UINT64_MAX; static sd_id128_t arg_machine_id = {}; @@ -652,107 +652,6 @@ static int config_parse_crash_chvt( return 0; } -static int config_parse_join_controllers(const char *unit, - const char *filename, - unsigned line, - const char *section, - unsigned section_line, - const char *lvalue, - int ltype, - const char *rvalue, - void *data, - void *userdata) { - - const char *whole_rvalue = rvalue; - unsigned n = 0; - - assert(filename); - assert(lvalue); - assert(rvalue); - - arg_join_controllers = strv_free_free(arg_join_controllers); - - for (;;) { - _cleanup_free_ char *word = NULL; - char **l; - int r; - - r = extract_first_word(&rvalue, &word, NULL, EXTRACT_QUOTES); - if (r < 0) { - log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue); - return r; - } - if (r == 0) - break; - - l = strv_split(word, ","); - if (!l) - return log_oom(); - strv_uniq(l); - - if (strv_length(l) <= 1) { - strv_free(l); - continue; - } - - if (!arg_join_controllers) { - arg_join_controllers = new(char**, 2); - if (!arg_join_controllers) { - strv_free(l); - return log_oom(); - } - - arg_join_controllers[0] = l; - arg_join_controllers[1] = NULL; - - n = 1; - } else { - char ***a; - char ***t; - - t = new0(char**, n+2); - if (!t) { - strv_free(l); - return log_oom(); - } - - n = 0; - - for (a = arg_join_controllers; *a; a++) { - - if (strv_overlap(*a, l)) { - if (strv_extend_strv(&l, *a, false) < 0) { - strv_free(l); - strv_free_free(t); - return log_oom(); - } - - } else { - char **c; - - c = strv_copy(*a); - if (!c) { - strv_free(l); - strv_free_free(t); - return log_oom(); - } - - t[n++] = c; - } - } - - t[n++] = strv_uniq(l); - - strv_free_free(arg_join_controllers); - arg_join_controllers = t; - } - } - if (!isempty(rvalue)) - log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring."); - - return 0; -} - static int parse_config_file(void) { const ConfigTableItem items[] = { @@ -1314,32 +1213,6 @@ static void test_usr(void) { "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information."); } -static int initialize_join_controllers(void) { - /* By default, mount "cpu" + "cpuacct" together, and "net_cls" - * + "net_prio". We'd like to add "cpuset" to the mix, but - * "cpuset" doesn't really work for groups with no initialized - * attributes. */ - - arg_join_controllers = new(char**, 3); - if (!arg_join_controllers) - return -ENOMEM; - - arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL); - if (!arg_join_controllers[0]) - goto oom; - - arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL); - if (!arg_join_controllers[1]) - goto oom; - - arg_join_controllers[2] = NULL; - return 0; - -oom: - arg_join_controllers = strv_free_free(arg_join_controllers); - return -ENOMEM; -} - static int enforce_syscall_archs(Set *archs) { #if HAVE_SECCOMP int r; @@ -2094,12 +1967,6 @@ static int load_configuration(int argc, char **argv, const char **ret_error_mess assert(ret_error_message); - r = initialize_join_controllers(); - if (r < 0) { - *ret_error_message = "Failed to initialize cgroup controller joining table"; - return r; - } - arg_default_tasks_max = system_tasks_max_scale(DEFAULT_TASKS_MAX_PERCENTAGE, 100U); r = parse_config_file(); diff --git a/src/core/manager.c b/src/core/manager.c index e837a46f56..84adb9c666 100644 --- a/src/core/manager.c +++ b/src/core/manager.c @@ -102,6 +102,13 @@ #define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3) #define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3 +/* If there are more than 1K bus messages queue across our API and direct busses, then let's not add more on top until + * the queue gets more empty. */ +#define MANAGER_BUS_BUSY_THRESHOLD 1024LU + +/* How many units and jobs to process of the bus queue before returning to the event loop. */ +#define MANAGER_BUS_MESSAGE_BUDGET 100U + static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata); static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata); static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata); @@ -673,6 +680,7 @@ int manager_new(UnitFileScope scope, unsigned test_run_flags, Manager **_m) { m->unit_file_scope = scope; m->exit_code = _MANAGER_EXIT_CODE_INVALID; m->default_timer_accuracy_usec = USEC_PER_MINUTE; + m->default_memory_accounting = MEMORY_ACCOUNTING_DEFAULT; m->default_tasks_accounting = true; m->default_tasks_max = UINT64_MAX; m->default_timeout_start_usec = DEFAULT_TIMEOUT_USEC; @@ -731,7 +739,7 @@ int manager_new(UnitFileScope scope, unsigned test_run_flags, Manager **_m) { if (r < 0) goto fail; - r = hashmap_ensure_allocated(&m->cgroup_unit, &string_hash_ops); + r = hashmap_ensure_allocated(&m->cgroup_unit, &path_hash_ops); if (r < 0) goto fail; @@ -985,26 +993,6 @@ static int manager_setup_user_lookup_fd(Manager *m) { return 0; } -static int manager_connect_bus(Manager *m, bool reexecuting) { - bool try_bus_connect; - Unit *u = NULL; - - assert(m); - - if (m->test_run_flags) - return 0; - - u = manager_get_unit(m, SPECIAL_DBUS_SERVICE); - - try_bus_connect = - (u && SERVICE(u)->deserialized_state == SERVICE_RUNNING) && - (reexecuting || - (MANAGER_IS_USER(m) && getenv("DBUS_SESSION_BUS_ADDRESS"))); - - /* Try to connect to the buses, if possible. */ - return bus_init(m, try_bus_connect); -} - static unsigned manager_dispatch_cleanup_queue(Manager *m) { Unit *u; unsigned n = 0; @@ -1057,7 +1045,7 @@ static void unit_gc_sweep(Unit *u, unsigned gc_marker) { if (u->in_cleanup_queue) goto bad; - if (unit_check_gc(u)) + if (!unit_may_gc(u)) goto good; u->gc_marker = gc_marker + GC_OFFSET_IN_PATH; @@ -1074,6 +1062,20 @@ static void unit_gc_sweep(Unit *u, unsigned gc_marker) { is_bad = false; } + if (u->refs_by_target) { + const UnitRef *ref; + + LIST_FOREACH(refs_by_target, ref, u->refs_by_target) { + unit_gc_sweep(ref->source, gc_marker); + + if (ref->source->gc_marker == gc_marker + GC_OFFSET_GOOD) + goto good; + + if (ref->source->gc_marker != gc_marker + GC_OFFSET_BAD) + is_bad = false; + } + } + if (is_bad) goto bad; @@ -1144,7 +1146,7 @@ static unsigned manager_dispatch_gc_job_queue(Manager *m) { n++; - if (job_check_gc(j)) + if (!job_may_gc(j)) continue; log_unit_debug(j->unit, "Collecting job."); @@ -1200,6 +1202,9 @@ Manager* manager_free(Manager *m) { bus_done(m); + exec_runtime_vacuum(m); + hashmap_free(m->exec_runtime_by_id); + dynamic_user_vacuum(m, false); hashmap_free(m->dynamic_users); @@ -1220,6 +1225,7 @@ Manager* manager_free(Manager *m) { sd_event_source_unref(m->jobs_in_progress_event_source); sd_event_source_unref(m->run_queue_event_source); sd_event_source_unref(m->user_lookup_event_source); + sd_event_source_unref(m->sync_bus_names_event_source); safe_close(m->signal_fd); safe_close(m->notify_fd); @@ -1311,7 +1317,7 @@ static void manager_build_unit_path_cache(Manager *m) { set_free_free(m->unit_path_cache); - m->unit_path_cache = set_new(&string_hash_ops); + m->unit_path_cache = set_new(&path_hash_ops); if (!m->unit_path_cache) { r = -ENOMEM; goto fail; @@ -1371,6 +1377,38 @@ static void manager_distribute_fds(Manager *m, FDSet *fds) { } } +static bool manager_dbus_is_running(Manager *m, bool deserialized) { + Unit *u; + + assert(m); + + /* This checks whether the dbus instance we are supposed to expose our APIs on is up. We check both the socket + * and the service unit. If the 'deserialized' parameter is true we'll check the deserialized state of the unit + * rather than the current one. */ + + if (m->test_run_flags != 0) + return false; + + /* If we are in the user instance, and the env var is already set for us, then this means D-Bus is ran + * somewhere outside of our own logic. Let's use it */ + if (MANAGER_IS_USER(m) && getenv("DBUS_SESSION_BUS_ADDRESS")) + return true; + + u = manager_get_unit(m, SPECIAL_DBUS_SOCKET); + if (!u) + return false; + if ((deserialized ? SOCKET(u)->deserialized_state : SOCKET(u)->state) != SOCKET_RUNNING) + return false; + + u = manager_get_unit(m, SPECIAL_DBUS_SERVICE); + if (!u) + return false; + if (!IN_SET((deserialized ? SERVICE(u)->deserialized_state : SERVICE(u)->state), SERVICE_RUNNING, SERVICE_RELOAD)) + return false; + + return true; +} + int manager_startup(Manager *m, FILE *serialization, FDSet *fds) { int r; @@ -1451,9 +1489,22 @@ int manager_startup(Manager *m, FILE *serialization, FDSet *fds) { /* This shouldn't fail, except if things are really broken. */ return r; - /* Let's connect to the bus now. */ - (void) manager_connect_bus(m, !!serialization); + /* Let's set up our private bus connection now, unconditionally */ + (void) bus_init_private(m); + + /* If we are in --user mode also connect to the system bus now */ + if (MANAGER_IS_USER(m)) + (void) bus_init_system(m); + + /* Let's connect to the bus now, but only if the unit is supposed to be up */ + if (manager_dbus_is_running(m, !!serialization)) { + (void) bus_init_api(m); + if (MANAGER_IS_SYSTEM(m)) + (void) bus_init_system(m); + } + + /* Now that we are connected to all possible busses, let's deserialize who is tracking us. */ (void) bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed); m->deserialized_subscribed = strv_free(m->deserialized_subscribed); @@ -1463,6 +1514,8 @@ int manager_startup(Manager *m, FILE *serialization, FDSet *fds) { /* Release any dynamic users no longer referenced */ dynamic_user_vacuum(m, true); + exec_runtime_vacuum(m); + /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */ manager_vacuum_uid_refs(m); manager_vacuum_gid_refs(m); @@ -1840,41 +1893,65 @@ static int manager_dispatch_run_queue(sd_event_source *source, void *userdata) { } static unsigned manager_dispatch_dbus_queue(Manager *m) { - Job *j; + unsigned n = 0, budget; Unit *u; - unsigned n = 0; + Job *j; assert(m); if (m->dispatching_dbus_queue) return 0; + /* Anything to do at all? */ + if (!m->dbus_unit_queue && !m->dbus_job_queue && !m->send_reloading_done && !m->queued_message) + return 0; + + /* Do we have overly many messages queued at the moment? If so, let's not enqueue more on top, let's sit this + * cycle out, and process things in a later cycle when the queues got a bit emptier. */ + if (manager_bus_n_queued_write(m) > MANAGER_BUS_BUSY_THRESHOLD) + return 0; + + /* Only process a certain number of units/jobs per event loop iteration. Even if the bus queue wasn't overly + * full before this call we shouldn't increase it in size too wildly in one step, and we shouldn't monopolize + * CPU time with generating these messages. Note the difference in counting of this "budget" and the + * "threshold" above: the "budget" is decreased only once per generated message, regardless how many + * busses/direct connections it is enqueued on, while the "threshold" is applied to each queued instance of bus + * message, i.e. if the same message is enqueued to five busses/direct connections it will be counted five + * times. This difference in counting ("references" vs. "instances") is primarily a result of the fact that + * it's easier to implement it this way, however it also reflects the thinking that the "threshold" should put + * a limit on used queue memory, i.e. space, while the "budget" should put a limit on time. Also note that + * the "threshold" is currently chosen much higher than the "budget". */ + budget = MANAGER_BUS_MESSAGE_BUDGET; + m->dispatching_dbus_queue = true; - while ((u = m->dbus_unit_queue)) { + while (budget > 0 && (u = m->dbus_unit_queue)) { + assert(u->in_dbus_queue); bus_unit_send_change_signal(u); - n++; + n++, budget--; } - while ((j = m->dbus_job_queue)) { + while (budget > 0 && (j = m->dbus_job_queue)) { assert(j->in_dbus_queue); bus_job_send_change_signal(j); - n++; + n++, budget--; } m->dispatching_dbus_queue = false; - if (m->send_reloading_done) { + if (budget > 0 && m->send_reloading_done) { m->send_reloading_done = false; - bus_manager_send_reloading(m, false); + n++, budget--; } - if (m->queued_message) + if (budget > 0 && m->queued_message) { bus_send_queued_message(m); + n++; + } return n; } @@ -2116,11 +2193,10 @@ static int manager_dispatch_sigchld(sd_event_source *source, void *userdata) { if (waitid(P_ALL, 0, &si, WEXITED|WNOHANG|WNOWAIT) < 0) { - if (errno == ECHILD) - goto turn_off; + if (errno != ECHILD) + log_error_errno(errno, "Failed to peek for child with waitid(), ignoring: %m"); - log_error_errno(errno, "Failed to peek for child with waitid(), ignoring: %m"); - return 0; + goto turn_off; } if (si.si_pid <= 0) @@ -2253,7 +2329,7 @@ static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t case SIGCHLD: r = sd_event_source_set_enabled(m->sigchld_event_source, SD_EVENT_ON); if (r < 0) - log_warning_errno(r, "Failed to enable SIGCHLD even source, ignoring: %m"); + log_warning_errno(r, "Failed to enable SIGCHLD event source, ignoring: %m"); break; @@ -2290,23 +2366,21 @@ static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t /* This is a nop on non-init */ break; - case SIGUSR1: { - Unit *u; - - u = manager_get_unit(m, SPECIAL_DBUS_SERVICE); + case SIGUSR1: - if (!u || UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) { + if (manager_dbus_is_running(m, false)) { log_info("Trying to reconnect to bus..."); - bus_init(m, true); - } - if (!u || !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u))) { - log_info("Loading D-Bus service..."); + (void) bus_init_api(m); + + if (MANAGER_IS_SYSTEM(m)) + (void) bus_init_system(m); + } else { + log_info("Starting D-Bus service..."); manager_start_target(m, SPECIAL_DBUS_SERVICE, JOB_REPLACE); } break; - } case SIGUSR2: { _cleanup_free_ char *dump = NULL; @@ -2682,7 +2756,6 @@ void manager_send_unit_plymouth(Manager *m, Unit *u) { } if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) { - if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED)) log_error_errno(errno, "connect() failed: %m"); return; @@ -2800,6 +2873,10 @@ int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) { manager_serialize_uid_refs(m, f); manager_serialize_gid_refs(m, f); + r = exec_runtime_serialize(m, f, fds); + if (r < 0) + return r; + (void) fputc('\n', f); HASHMAP_FOREACH_KEY(u, t, m->units, i) { @@ -2978,6 +3055,8 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) { manager_deserialize_uid_refs_one(m, val); else if ((val = startswith(l, "destroy-ipc-gid="))) manager_deserialize_gid_refs_one(m, val); + else if ((val = startswith(l, "exec-runtime="))) + exec_runtime_deserialize_one(m, val, fds); else if ((val = startswith(l, "subscribed="))) { if (strv_extend(&m->deserialized_subscribed, val) < 0) @@ -3082,6 +3161,7 @@ int manager_reload(Manager *m) { manager_clear_jobs_and_units(m); lookup_paths_flush_generator(&m->lookup_paths); lookup_paths_free(&m->lookup_paths); + exec_runtime_vacuum(m); dynamic_user_vacuum(m, false); m->uid_refs = hashmap_free(m->uid_refs); m->gid_refs = hashmap_free(m->gid_refs); @@ -3140,12 +3220,16 @@ int manager_reload(Manager *m) { manager_vacuum_uid_refs(m); manager_vacuum_gid_refs(m); - /* It might be safe to log to the journal now. */ + exec_runtime_vacuum(m); + + /* It might be safe to log to the journal now and connect to dbus */ manager_recheck_journal(m); + manager_recheck_dbus(m); /* Sync current state of bus names with our set of listening units */ - if (m->api_bus) - manager_sync_bus_names(m, m->api_bus); + q = manager_enqueue_sync_bus_names(m); + if (q < 0 && r >= 0) + r = q; assert(m->n_reloading > 0); m->n_reloading--; @@ -3505,11 +3589,35 @@ int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit) { return 0; } +void manager_recheck_dbus(Manager *m) { + assert(m); + + /* Connects to the bus if the dbus service and socket are running. If we are running in user mode this is all + * it does. In system mode we'll also connect to the system bus (which will most likely just reuse the + * connection of the API bus). That's because the system bus after all runs as service of the system instance, + * while in the user instance we can assume it's already there. */ + + if (manager_dbus_is_running(m, false)) { + (void) bus_init_api(m); + + if (MANAGER_IS_SYSTEM(m)) + (void) bus_init_system(m); + } else { + (void) bus_done_api(m); + + if (MANAGER_IS_SYSTEM(m)) + (void) bus_done_system(m); + } +} + static bool manager_journal_is_running(Manager *m) { Unit *u; assert(m); + if (m->test_run_flags != 0) + return false; + /* If we are the user manager we can safely assume that the journal is up */ if (!MANAGER_IS_SYSTEM(m)) return true; @@ -3525,7 +3633,7 @@ static bool manager_journal_is_running(Manager *m) { u = manager_get_unit(m, SPECIAL_JOURNALD_SERVICE); if (!u) return false; - if (SERVICE(u)->state != SERVICE_RUNNING) + if (!IN_SET(SERVICE(u)->state, SERVICE_RELOAD, SERVICE_RUNNING)) return false; return true; @@ -3539,16 +3647,10 @@ void manager_recheck_journal(Manager *m) { if (getpid_cached() != 1) return; - if (manager_journal_is_running(m)) { - - /* The journal is fully and entirely up? If so, let's permit logging to it, if that's configured. */ - log_set_prohibit_ipc(false); - } else { - - /* If the journal is down, don't ever log to it, otherwise we might end up deadlocking ourselves as we - * might trigger an activation ourselves we can't fulfill */ - log_set_prohibit_ipc(true); - } + /* The journal is fully and entirely up? If so, let's permit logging to it, if that's configured. If the + * journal is down, don't ever log to it, otherwise we might end up deadlocking ourselves as we might trigger + * an activation ourselves we can't fulfill. */ + log_set_prohibit_ipc(!manager_journal_is_running(m)); log_open(); } @@ -3689,18 +3791,6 @@ Set *manager_get_units_requiring_mounts_for(Manager *m, const char *path) { return hashmap_get(m->units_requiring_mounts_for, streq(p, "/") ? "" : p); } -void manager_set_exec_params(Manager *m, ExecParameters *p) { - assert(m); - assert(p); - - p->environment = m->environment; - p->confirm_spawn = manager_get_confirm_spawn(m); - p->cgroup_supported = m->cgroup_supported; - p->prefix = m->prefix; - - SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(m)); -} - int manager_update_failed_units(Manager *m, Unit *u, bool failed) { unsigned size; int r; diff --git a/src/core/manager.h b/src/core/manager.h index 0eed67b46a..d4eaaa1c4b 100644 --- a/src/core/manager.h +++ b/src/core/manager.h @@ -182,6 +182,8 @@ struct Manager { int user_lookup_fds[2]; sd_event_source *user_lookup_event_source; + sd_event_source *sync_bus_names_event_source; + UnitFileScope unit_file_scope; LookupPaths lookup_paths; Set *unit_path_cache; @@ -341,6 +343,9 @@ struct Manager { Hashmap *uid_refs; Hashmap *gid_refs; + /* ExecRuntime, indexed by their owner unit id */ + Hashmap *exec_runtime_by_id; + /* When the user hits C-A-D more than 7 times per 2s, do something immediately... */ RateLimit ctrl_alt_del_ratelimit; EmergencyAction cad_burst_action; @@ -422,6 +427,7 @@ bool manager_unit_inactive_or_pending(Manager *m, const char *name); void manager_check_finished(Manager *m); +void manager_recheck_dbus(Manager *m); void manager_recheck_journal(Manager *m); void manager_set_show_status(Manager *m, ShowStatus mode); @@ -432,8 +438,6 @@ void manager_flip_auto_status(Manager *m, bool enable); Set *manager_get_units_requiring_mounts_for(Manager *m, const char *path); -void manager_set_exec_params(Manager *m, ExecParameters *p); - ManagerState manager_state(Manager *m); int manager_update_failed_units(Manager *m, Unit *u, bool failed); diff --git a/src/core/meson.build b/src/core/meson.build index bc034082a5..3fc43f6335 100644 --- a/src/core/meson.build +++ b/src/core/meson.build @@ -186,7 +186,8 @@ systemd_shutdown_sources = files(''' in_files = [['macros.systemd', rpmmacrosdir], ['triggers.systemd', ''], - ['systemd.pc', pkgconfigdatadir]] + ['systemd.pc', pkgconfigdatadir], + ['system.conf', pkgsysconfdir]] foreach item : in_files file = item[0] @@ -211,22 +212,14 @@ install_data('org.freedesktop.systemd1.conf', install_data('org.freedesktop.systemd1.service', install_dir : dbussystemservicedir) -policy_in = configure_file( - input : 'org.freedesktop.systemd1.policy.in.in', - output : 'org.freedesktop.systemd1.policy.in', - configuration : substs) - -i18n.merge_file( - 'org.freedesktop.systemd1.policy', - input : policy_in, +policy = configure_file( + input : 'org.freedesktop.systemd1.policy.in', output : 'org.freedesktop.systemd1.policy', - po_dir : po_dir, - data_dirs : po_dir, - install : install_polkit, - install_dir : polkitpolicydir) + configuration : substs) +install_data(policy, + install_dir : polkitpolicydir) -install_data('system.conf', - 'user.conf', +install_data('user.conf', install_dir : pkgsysconfdir) meson.add_install_script('sh', '-c', mkdir_p.format(systemshutdowndir)) diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c index a0c5f5aaae..9c27972aff 100644 --- a/src/core/mount-setup.c +++ b/src/core/mount-setup.c @@ -98,15 +98,15 @@ static const MountPoint mount_table[] = { #endif { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME, NULL, MNT_FATAL|MNT_IN_CONTAINER }, - { "cgroup", "/sys/fs/cgroup", "cgroup2", "nsdelegate", MS_NOSUID|MS_NOEXEC|MS_NODEV, + { "cgroup2", "/sys/fs/cgroup", "cgroup2", "nsdelegate", MS_NOSUID|MS_NOEXEC|MS_NODEV, cg_is_unified_wanted, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE }, - { "cgroup", "/sys/fs/cgroup", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, + { "cgroup2", "/sys/fs/cgroup", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, cg_is_unified_wanted, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE }, { "tmpfs", "/sys/fs/cgroup", "tmpfs", "mode=755", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER }, - { "cgroup", "/sys/fs/cgroup/unified", "cgroup2", "nsdelegate", MS_NOSUID|MS_NOEXEC|MS_NODEV, + { "cgroup2", "/sys/fs/cgroup/unified", "cgroup2", "nsdelegate", MS_NOSUID|MS_NOEXEC|MS_NODEV, cg_is_hybrid_wanted, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE }, - { "cgroup", "/sys/fs/cgroup/unified", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, + { "cgroup2", "/sys/fs/cgroup/unified", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, cg_is_hybrid_wanted, MNT_IN_CONTAINER|MNT_CHECK_WRITABLE }, { "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd,xattr", MS_NOSUID|MS_NOEXEC|MS_NODEV, cg_is_legacy_wanted, MNT_IN_CONTAINER }, @@ -118,6 +118,8 @@ static const MountPoint mount_table[] = { { "efivarfs", "/sys/firmware/efi/efivars", "efivarfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, is_efi_boot, MNT_NONE }, #endif + { "bpf", "/sys/fs/bpf", "bpf", "mode=700", MS_NOSUID|MS_NOEXEC|MS_NODEV, + NULL, MNT_NONE, }, }; /* These are API file systems that might be mounted by other software, @@ -246,6 +248,7 @@ int mount_setup_early(void) { int mount_cgroup_controllers(char ***join_controllers) { _cleanup_set_free_free_ Set *controllers = NULL; + bool has_argument = !!join_controllers; int r; if (!cg_is_legacy_wanted()) @@ -253,6 +256,19 @@ int mount_cgroup_controllers(char ***join_controllers) { /* Mount all available cgroup controllers that are built into the kernel. */ + if (!has_argument) + /* The defaults: + * mount "cpu" + "cpuacct" together, and "net_cls" + "net_prio". + * + * We'd like to add "cpuset" to the mix, but "cpuset" doesn't really + * work for groups with no initialized attributes. + */ + join_controllers = (char**[]) { + STRV_MAKE("cpu", "cpuacct"), + STRV_MAKE("net_cls", "net_prio"), + NULL, + }; + r = cg_kernel_controllers(&controllers); if (r < 0) return log_error_errno(r, "Failed to enumerate cgroup controllers: %m"); @@ -271,10 +287,9 @@ int mount_cgroup_controllers(char ***join_controllers) { if (!controller) break; - if (join_controllers) - for (k = join_controllers; *k; k++) - if (strv_find(*k, controller)) - break; + for (k = join_controllers; *k; k++) + if (strv_find(*k, controller)) + break; if (k && *k) { char **i, **j; @@ -286,7 +301,8 @@ int mount_cgroup_controllers(char ***join_controllers) { t = set_remove(controllers, *i); if (!t) { - free(*i); + if (has_argument) + free(*i); continue; } } diff --git a/src/core/mount.c b/src/core/mount.c index 4c12542bd7..cfe8ec9044 100644 --- a/src/core/mount.c +++ b/src/core/mount.c @@ -241,7 +241,7 @@ static void mount_done(Unit *u) { mount_parameters_done(&m->parameters_proc_self_mountinfo); mount_parameters_done(&m->parameters_fragment); - m->exec_runtime = exec_runtime_unref(m->exec_runtime); + m->exec_runtime = exec_runtime_unref(m->exec_runtime, false); exec_command_done_array(m->exec_command, _MOUNT_EXEC_COMMAND_MAX); m->control_command = NULL; @@ -699,14 +699,17 @@ static int mount_coldplug(Unit *u) { return r; } - if (!IN_SET(new_state, MOUNT_DEAD, MOUNT_FAILED)) + if (!IN_SET(new_state, MOUNT_DEAD, MOUNT_FAILED)) { (void) unit_setup_dynamic_creds(u); + (void) unit_setup_exec_runtime(u); + } mount_set_state(m, new_state); return 0; } static void mount_dump(Unit *u, FILE *f, const char *prefix) { + char buf[FORMAT_TIMESPAN_MAX]; Mount *m = MOUNT(u); MountParameters *p; @@ -728,7 +731,8 @@ static void mount_dump(Unit *u, FILE *f, const char *prefix) { "%sDirectoryMode: %04o\n" "%sSloppyOptions: %s\n" "%sLazyUnmount: %s\n" - "%sForceUnmount: %s\n", + "%sForceUnmount: %s\n" + "%sTimoutSec: %s\n", prefix, mount_state_to_string(m->state), prefix, mount_result_to_string(m->result), prefix, m->where, @@ -741,7 +745,8 @@ static void mount_dump(Unit *u, FILE *f, const char *prefix) { prefix, m->directory_mode, prefix, yes_no(m->sloppy_options), prefix, yes_no(m->lazy_unmount), - prefix, yes_no(m->force_unmount)); + prefix, yes_no(m->force_unmount), + prefix, format_timespan(buf, sizeof(buf), m->timeout_usec, USEC_PER_SEC)); if (m->control_pid > 0) fprintf(f, @@ -776,7 +781,6 @@ static int mount_spawn(Mount *m, ExecCommand *c, pid_t *_pid) { if (r < 0) return r; - manager_set_exec_params(UNIT(m)->manager, &exec_params); unit_set_exec_params(UNIT(m), &exec_params); r = exec_spawn(UNIT(m), @@ -810,8 +814,7 @@ static void mount_enter_dead(Mount *m, MountResult f) { mount_set_state(m, m->result != MOUNT_SUCCESS ? MOUNT_FAILED : MOUNT_DEAD); - exec_runtime_destroy(m->exec_runtime); - m->exec_runtime = exec_runtime_unref(m->exec_runtime); + m->exec_runtime = exec_runtime_unref(m->exec_runtime, true); exec_context_destroy_runtime_directory(&m->exec_context, UNIT(m)->manager->prefix[EXEC_DIRECTORY_RUNTIME]); @@ -1230,12 +1233,15 @@ _pure_ static const char *mount_sub_state_to_string(Unit *u) { return mount_state_to_string(MOUNT(u)->state); } -_pure_ static bool mount_check_gc(Unit *u) { +_pure_ static bool mount_may_gc(Unit *u) { Mount *m = MOUNT(u); assert(m); - return m->from_proc_self_mountinfo; + if (m->from_proc_self_mountinfo) + return false; + + return true; } static void mount_sigchld_event(Unit *u, pid_t pid, int code, int status) { @@ -1833,7 +1839,7 @@ static int mount_dispatch_io(sd_event_source *source, int fd, uint32_t revents, mount->parameters_proc_self_mountinfo.what) { /* Remember that this device might just have disappeared */ - if (set_ensure_allocated(&gone, &string_hash_ops) < 0 || + if (set_ensure_allocated(&gone, &path_hash_ops) < 0 || set_put(gone, mount->parameters_proc_self_mountinfo.what) < 0) log_oom(); /* we don't care too much about OOM here... */ } @@ -1888,7 +1894,7 @@ static int mount_dispatch_io(sd_event_source *source, int fd, uint32_t revents, mount->from_proc_self_mountinfo && mount->parameters_proc_self_mountinfo.what) { - if (set_ensure_allocated(&around, &string_hash_ops) < 0 || + if (set_ensure_allocated(&around, &path_hash_ops) < 0 || set_put(around, mount->parameters_proc_self_mountinfo.what) < 0) log_oom(); } @@ -1991,7 +1997,7 @@ const UnitVTable mount_vtable = { .active_state = mount_active_state, .sub_state_to_string = mount_sub_state_to_string, - .check_gc = mount_check_gc, + .may_gc = mount_may_gc, .sigchld_event = mount_sigchld_event, diff --git a/src/core/namespace.c b/src/core/namespace.c index 70089f212a..0e9c7b8fb4 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -58,7 +58,6 @@ typedef enum MountMode { BIND_MOUNT, BIND_MOUNT_RECURSIVE, PRIVATE_TMP, - PRIVATE_VAR_TMP, PRIVATE_DEV, BIND_DEV, EMPTY_DIR, @@ -66,6 +65,7 @@ typedef enum MountMode { PROCFS, READONLY, READWRITE, + TMPFS, } MountMode; typedef struct MountEntry { @@ -74,9 +74,12 @@ typedef struct MountEntry { bool ignore:1; /* Ignore if path does not exist? */ bool has_prefix:1; /* Already is prefixed by the root dir? */ bool read_only:1; /* Shall this mount point be read-only? */ - char *path_malloc; /* Use this instead of 'path' if we had to allocate memory */ + char *path_malloc; /* Use this instead of 'path_const' if we had to allocate memory */ const char *source_const; /* The source path, for bind mounts */ char *source_malloc; + const char *options_const;/* Mount options for tmpfs */ + char *options_malloc; + unsigned long flags; /* Mount flags used by EMPTY_DIR and TMPFS. Do not include MS_RDONLY here, but please use read_only. */ } MountEntry; /* If MountAPIVFS= is used, let's mount /sys and /proc into the it, but only as a fallback if the user hasn't mounted @@ -103,6 +106,7 @@ static const MountEntry protect_kernel_tunables_table[] = { { "/sys", READONLY, false }, { "/sys/kernel/debug", READONLY, true }, { "/sys/kernel/tracing", READONLY, true }, + { "/sys/fs/bpf", READONLY, true }, { "/sys/fs/cgroup", READWRITE, false }, /* READONLY is set by ProtectControlGroups= option */ { "/sys/fs/selinux", READWRITE, true }, }; @@ -125,6 +129,13 @@ static const MountEntry protect_home_read_only_table[] = { { "/root", READONLY, true }, }; +/* ProtectHome=tmpfs table */ +static const MountEntry protect_home_tmpfs_table[] = { + { "/home", TMPFS, true, .read_only = true, .options_const = "mode=0755", .flags = MS_NODEV|MS_STRICTATIME }, + { "/run/user", TMPFS, true, .read_only = true, .options_const = "mode=0755", .flags = MS_NODEV|MS_STRICTATIME }, + { "/root", TMPFS, true, .read_only = true, .options_const = "mode=0700", .flags = MS_NODEV|MS_STRICTATIME }, +}; + /* ProtectHome=yes table */ static const MountEntry protect_home_yes_table[] = { { "/home", INACCESSIBLE, true }, @@ -137,6 +148,14 @@ static const MountEntry protect_system_yes_table[] = { { "/usr", READONLY, false }, { "/boot", READONLY, true }, { "/efi", READONLY, true }, +#if HAVE_SPLIT_USR + { "/lib", READONLY, true }, + { "/lib64", READONLY, true }, + { "/bin", READONLY, true }, +# if HAVE_SPLIT_BIN + { "/sbin", READONLY, true }, +# endif +#endif }; /* ProtectSystem=full includes ProtectSystem=yes */ @@ -145,6 +164,14 @@ static const MountEntry protect_system_full_table[] = { { "/boot", READONLY, true }, { "/efi", READONLY, true }, { "/etc", READONLY, false }, +#if HAVE_SPLIT_USR + { "/lib", READONLY, true }, + { "/lib64", READONLY, true }, + { "/bin", READONLY, true }, +# if HAVE_SPLIT_BIN + { "/sbin", READONLY, true }, +# endif +#endif }; /* @@ -186,11 +213,18 @@ static const char *mount_entry_source(const MountEntry *p) { return p->source_malloc ?: p->source_const; } +static const char *mount_entry_options(const MountEntry *p) { + assert(p); + + return p->options_malloc ?: p->options_const; +} + static void mount_entry_done(MountEntry *p) { assert(p); p->path_malloc = mfree(p->path_malloc); p->source_malloc = mfree(p->source_malloc); + p->options_malloc = mfree(p->options_malloc); } static int append_access_mounts(MountEntry **p, char **strv, MountMode mode, bool forcibly_require_prefix) { @@ -244,6 +278,8 @@ static int append_empty_dir_mounts(MountEntry **p, char **strv) { .ignore = false, .has_prefix = false, .read_only = true, + .options_const = "mode=755", + .flags = MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, }; } @@ -263,7 +299,51 @@ static int append_bind_mounts(MountEntry **p, const BindMount *binds, unsigned n .mode = b->recursive ? BIND_MOUNT_RECURSIVE : BIND_MOUNT, .read_only = b->read_only, .source_const = b->source, + .ignore = b->ignore_enoent, + }; + } + + return 0; +} + +static int append_tmpfs_mounts(MountEntry **p, const TemporaryFileSystem *tmpfs, unsigned n) { + unsigned i; + int r; + + assert(p); + + for (i = 0; i < n; i++) { + const TemporaryFileSystem *t = tmpfs + i; + _cleanup_free_ char *o = NULL, *str = NULL; + unsigned long flags = MS_NODEV|MS_STRICTATIME; + bool ro = false; + + if (!path_is_absolute(t->path)) + return -EINVAL; + + if (!isempty(t->options)) { + str = strjoin("mode=0755,", t->options); + if (!str) + return -ENOMEM; + + r = mount_option_mangle(str, MS_NODEV|MS_STRICTATIME, &flags, &o); + if (r < 0) + return r; + + ro = !!(flags & MS_RDONLY); + if (ro) + flags ^= MS_RDONLY; + } + + *((*p)++) = (MountEntry) { + .path_const = t->path, + .mode = TMPFS, + .read_only = ro, + .options_malloc = o, + .flags = flags, }; + + o = NULL; } return 0; @@ -298,6 +378,9 @@ static int append_protect_home(MountEntry **p, ProtectHome protect_home, bool ig case PROTECT_HOME_READ_ONLY: return append_static_mounts(p, protect_home_read_only_table, ELEMENTSOF(protect_home_read_only_table), ignore_protect); + case PROTECT_HOME_TMPFS: + return append_static_mounts(p, protect_home_tmpfs_table, ELEMENTSOF(protect_home_tmpfs_table), ignore_protect); + case PROTECT_HOME_YES: return append_static_mounts(p, protect_home_yes_table, ELEMENTSOF(protect_home_yes_table), ignore_protect); @@ -366,9 +449,7 @@ static int prefix_where_needed(MountEntry *m, unsigned n, const char *root_direc if (!s) return -ENOMEM; - free(m[i].path_malloc); - m[i].path_malloc = s; - + free_and_replace(m[i].path_malloc, s); m[i].has_prefix = true; } @@ -651,7 +732,7 @@ fail: return r; } -static int mount_bind_dev(MountEntry *m) { +static int mount_bind_dev(const MountEntry *m) { int r; assert(m); @@ -673,7 +754,7 @@ static int mount_bind_dev(MountEntry *m) { return 1; } -static int mount_sysfs(MountEntry *m) { +static int mount_sysfs(const MountEntry *m) { int r; assert(m); @@ -693,7 +774,7 @@ static int mount_sysfs(MountEntry *m) { return 1; } -static int mount_procfs(MountEntry *m) { +static int mount_procfs(const MountEntry *m) { int r; assert(m); @@ -713,15 +794,15 @@ static int mount_procfs(MountEntry *m) { return 1; } -static int mount_empty_dir(MountEntry *m) { +static int mount_tmpfs(const MountEntry *m) { assert(m); - /* First, get rid of everything that is below if there is anything. Then, overmount with our new empty dir */ + /* First, get rid of everything that is below if there is anything. Then, overmount with our new tmpfs */ (void) mkdir_p_label(mount_entry_path(m), 0755); (void) umount_recursive(mount_entry_path(m), 0); - if (mount("tmpfs", mount_entry_path(m), "tmpfs", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, "mode=755") < 0) + if (mount("tmpfs", mount_entry_path(m), "tmpfs", m->flags, mount_entry_options(m)) < 0) return log_debug_errno(errno, "Failed to mount %s: %m", mount_entry_path(m)); return 1; @@ -729,8 +810,9 @@ static int mount_empty_dir(MountEntry *m) { static int mount_entry_chase( const char *root_directory, - MountEntry *m, + const MountEntry *m, const char *path, + bool chase_nonexistent, char **location) { char *chased; @@ -742,9 +824,7 @@ static int mount_entry_chase( * chase the symlinks on our own first. This is called for the destination path, as well as the source path (if * that applies). The result is stored in "location". */ - r = chase_symlinks(path, root_directory, - IN_SET(m->mode, BIND_MOUNT, BIND_MOUNT_RECURSIVE, PRIVATE_TMP, PRIVATE_VAR_TMP, PRIVATE_DEV, BIND_DEV, EMPTY_DIR, SYSFS, PROCFS) ? CHASE_NONEXISTENT : 0, - &chased); + r = chase_symlinks(path, root_directory, chase_nonexistent ? CHASE_NONEXISTENT : 0, &chased); if (r == -ENOENT && m->ignore) { log_debug_errno(r, "Path %s does not exist, ignoring.", path); return 0; @@ -762,9 +842,7 @@ static int mount_entry_chase( static int apply_mount( const char *root_directory, - MountEntry *m, - const char *tmp_dir, - const char *var_tmp_dir) { + MountEntry *m) { bool rbind = true, make = false; const char *what; @@ -772,7 +850,7 @@ static int apply_mount( assert(m); - r = mount_entry_chase(root_directory, m, mount_entry_path(m), &m->path_malloc); + r = mount_entry_chase(root_directory, m, mount_entry_path(m), !IN_SET(m->mode, INACCESSIBLE, READONLY, READWRITE), &m->path_malloc); if (r <= 0) return r; @@ -817,7 +895,7 @@ static int apply_mount( case BIND_MOUNT_RECURSIVE: /* Also chase the source mount */ - r = mount_entry_chase(root_directory, m, mount_entry_source(m), &m->source_malloc); + r = mount_entry_chase(root_directory, m, mount_entry_source(m), false, &m->source_malloc); if (r <= 0) return r; @@ -826,15 +904,11 @@ static int apply_mount( break; case EMPTY_DIR: - return mount_empty_dir(m); + case TMPFS: + return mount_tmpfs(m); case PRIVATE_TMP: - what = tmp_dir; - make = true; - break; - - case PRIVATE_VAR_TMP: - what = var_tmp_dir; + what = mount_entry_source(m); make = true; break; @@ -891,15 +965,21 @@ static int apply_mount( return 0; } -static int make_read_only(MountEntry *m, char **blacklist, FILE *proc_self_mountinfo) { +static int make_read_only(const MountEntry *m, char **blacklist, FILE *proc_self_mountinfo) { int r = 0; assert(m); assert(proc_self_mountinfo); - if (mount_entry_read_only(m)) - r = bind_remount_recursive_with_mountinfo(mount_entry_path(m), true, blacklist, proc_self_mountinfo); - else if (m->mode == PRIVATE_DEV) { /* Superblock can be readonly but the submounts can't */ + if (mount_entry_read_only(m)) { + if (IN_SET(m->mode, EMPTY_DIR, TMPFS)) { + /* Make superblock readonly */ + if (mount(NULL, mount_entry_path(m), NULL, MS_REMOUNT | MS_RDONLY | m->flags, mount_entry_options(m)) < 0) + r = -errno; + } else + r = bind_remount_recursive_with_mountinfo(mount_entry_path(m), true, blacklist, proc_self_mountinfo); + } else if (m->mode == PRIVATE_DEV) { + /* Superblock can be readonly but the submounts can't */ if (mount(NULL, mount_entry_path(m), NULL, MS_REMOUNT|DEV_MOUNT_OPTIONS|MS_RDONLY, NULL) < 0) r = -errno; } else @@ -938,8 +1018,8 @@ static unsigned namespace_calculate_mounts( char** read_only_paths, char** inaccessible_paths, char** empty_directories, - const BindMount *bind_mounts, unsigned n_bind_mounts, + unsigned n_temporary_filesystems, const char* tmp_dir, const char* var_tmp_dir, ProtectHome protect_home, @@ -958,7 +1038,9 @@ static unsigned namespace_calculate_mounts( (protect_home == PROTECT_HOME_YES ? ELEMENTSOF(protect_home_yes_table) : ((protect_home == PROTECT_HOME_READ_ONLY) ? - ELEMENTSOF(protect_home_read_only_table) : 0)); + ELEMENTSOF(protect_home_read_only_table) : + ((protect_home == PROTECT_HOME_TMPFS) ? + ELEMENTSOF(protect_home_tmpfs_table) : 0))); return !!tmp_dir + !!var_tmp_dir + strv_length(read_write_paths) + @@ -966,6 +1048,7 @@ static unsigned namespace_calculate_mounts( strv_length(inaccessible_paths) + strv_length(empty_directories) + n_bind_mounts + + n_temporary_filesystems + ns_info->private_dev + (ns_info->protect_kernel_tunables ? ELEMENTSOF(protect_kernel_tunables_table) : 0) + (ns_info->protect_control_groups ? 1 : 0) + @@ -984,6 +1067,8 @@ int setup_namespace( char** empty_directories, const BindMount *bind_mounts, unsigned n_bind_mounts, + const TemporaryFileSystem *temporary_filesystems, + unsigned n_temporary_filesystems, const char* tmp_dir, const char* var_tmp_dir, ProtectHome protect_home, @@ -1035,7 +1120,7 @@ int setup_namespace( if (root_directory) root = root_directory; - else if (root_image || n_bind_mounts > 0) { + else if (root_image || n_bind_mounts > 0 || n_temporary_filesystems > 0) { /* If we are booting from an image, create a mount point for the image, if it's still missing. We use * the same mount point for all images, which is safe, since they all live in their own namespaces @@ -1056,7 +1141,8 @@ int setup_namespace( read_only_paths, inaccessible_paths, empty_directories, - bind_mounts, n_bind_mounts, + n_bind_mounts, + n_temporary_filesystems, tmp_dir, var_tmp_dir, protect_home, protect_system); @@ -1086,17 +1172,23 @@ int setup_namespace( if (r < 0) goto finish; + r = append_tmpfs_mounts(&m, temporary_filesystems, n_temporary_filesystems); + if (r < 0) + goto finish; + if (tmp_dir) { *(m++) = (MountEntry) { .path_const = "/tmp", .mode = PRIVATE_TMP, + .source_const = tmp_dir, }; } if (var_tmp_dir) { *(m++) = (MountEntry) { .path_const = "/var/tmp", - .mode = PRIVATE_VAR_TMP, + .mode = PRIVATE_TMP, + .source_const = var_tmp_dir, }; } @@ -1224,7 +1316,7 @@ int setup_namespace( /* First round, add in all special mounts we need */ for (m = mounts; m < mounts + n_mounts; ++m) { - r = apply_mount(root, m, tmp_dir, var_tmp_dir); + r = apply_mount(root, m); if (r < 0) goto finish; } @@ -1250,7 +1342,7 @@ int setup_namespace( goto finish; } - /* Remount / as the desired mode. Not that this will not + /* Remount / as the desired mode. Note that this will not * reestablish propagation from our side to the host, since * what's disconnected is disconnected. */ if (mount(NULL, "/", NULL, mount_flags | MS_REC, NULL) < 0) { @@ -1296,7 +1388,7 @@ int bind_mount_add(BindMount **b, unsigned *n, const BindMount *item) { if (!d) return -ENOMEM; - c = realloc_multiply(*b, sizeof(BindMount), *n + 1); + c = reallocarray(*b, *n + 1, sizeof(BindMount)); if (!c) return -ENOMEM; @@ -1314,6 +1406,57 @@ int bind_mount_add(BindMount **b, unsigned *n, const BindMount *item) { return 0; } +void temporary_filesystem_free_many(TemporaryFileSystem *t, unsigned n) { + unsigned i; + + assert(t || n == 0); + + for (i = 0; i < n; i++) { + free(t[i].path); + free(t[i].options); + } + + free(t); +} + +int temporary_filesystem_add( + TemporaryFileSystem **t, + unsigned *n, + const char *path, + const char *options) { + + _cleanup_free_ char *p = NULL, *o = NULL; + TemporaryFileSystem *c; + + assert(t); + assert(n); + assert(path); + + p = strdup(path); + if (!p) + return -ENOMEM; + + if (!isempty(options)) { + o = strdup(options); + if (!o) + return -ENOMEM; + } + + c = reallocarray(*t, *n + 1, sizeof(TemporaryFileSystem)); + if (!c) + return -ENOMEM; + + *t = c; + + c[(*n) ++] = (TemporaryFileSystem) { + .path = p, + .options = o, + }; + + p = o = NULL; + return 0; +} + static int setup_one_tmp_dir(const char *id, const char *prefix, char **path) { _cleanup_free_ char *x = NULL; char bid[SD_ID128_STRING_MAX]; @@ -1462,6 +1605,7 @@ static const char *const protect_home_table[_PROTECT_HOME_MAX] = { [PROTECT_HOME_NO] = "no", [PROTECT_HOME_YES] = "yes", [PROTECT_HOME_READ_ONLY] = "read-only", + [PROTECT_HOME_TMPFS] = "tmpfs", }; DEFINE_STRING_TABLE_LOOKUP(protect_home, ProtectHome); diff --git a/src/core/namespace.h b/src/core/namespace.h index 42d841c4d2..3d56a7302d 100644 --- a/src/core/namespace.h +++ b/src/core/namespace.h @@ -23,6 +23,7 @@ typedef struct NamespaceInfo NamespaceInfo; typedef struct BindMount BindMount; +typedef struct TemporaryFileSystem TemporaryFileSystem; #include <stdbool.h> @@ -33,6 +34,7 @@ typedef enum ProtectHome { PROTECT_HOME_NO, PROTECT_HOME_YES, PROTECT_HOME_READ_ONLY, + PROTECT_HOME_TMPFS, _PROTECT_HOME_MAX, _PROTECT_HOME_INVALID = -1 } ProtectHome; @@ -75,6 +77,11 @@ struct BindMount { bool ignore_enoent:1; }; +struct TemporaryFileSystem { + char *path; + char *options; +}; + int setup_namespace( const char *root_directory, const char *root_image, @@ -85,6 +92,8 @@ int setup_namespace( char **empty_directories, const BindMount *bind_mounts, unsigned n_bind_mounts, + const TemporaryFileSystem *temporary_filesystems, + unsigned n_temporary_filesystems, const char *tmp_dir, const char *var_tmp_dir, ProtectHome protect_home, @@ -110,6 +119,10 @@ ProtectSystem parse_protect_system_or_bool(const char *s); void bind_mount_free_many(BindMount *b, unsigned n); int bind_mount_add(BindMount **b, unsigned *n, const BindMount *item); +void temporary_filesystem_free_many(TemporaryFileSystem *t, unsigned n); +int temporary_filesystem_add(TemporaryFileSystem **t, unsigned *n, + const char *path, const char *options); + const char* namespace_type_to_string(NamespaceType t) _const_; NamespaceType namespace_type_from_string(const char *s) _pure_; diff --git a/src/core/org.freedesktop.systemd1.conf b/src/core/org.freedesktop.systemd1.conf index 97f6094b66..645c8f1659 100644 --- a/src/core/org.freedesktop.systemd1.conf +++ b/src/core/org.freedesktop.systemd1.conf @@ -30,7 +30,7 @@ <policy context="default"> <deny send_destination="org.freedesktop.systemd1"/> - <!-- Completely open to anyone --> + <!-- Completely open to anyone: org.freedesktop.DBus.* interfaces --> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.DBus.Introspectable"/> @@ -46,6 +46,8 @@ send_interface="org.freedesktop.DBus.Properties" send_member="GetAll"/> + <!-- Completely open to anyone: org.freedesktop.systemd1.Manager interface --> + <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" send_member="GetUnit"/> @@ -64,6 +66,10 @@ <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" + send_member="GetUnitProcesses"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Manager" send_member="GetJob"/> <allow send_destination="org.freedesktop.systemd1" @@ -88,43 +94,43 @@ <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="ListUnitFiles"/> + send_member="ListUnitsByNames"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="ListUnitFilesByPatterns"/> + send_member="ListJobs"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="GetUnitFileState"/> + send_member="Subscribe"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="GetUnitProcesses"/> + send_member="Unsubscribe"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="GetUnitFileLinks"/> + send_member="Dump"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="ListJobs"/> + send_member="ListUnitFiles"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="Subscribe"/> + send_member="ListUnitFilesByPatterns"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="Unsubscribe"/> + send_member="GetUnitFileState"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="Dump"/> + send_member="GetDefaultTarget"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="GetDefaultTarget"/> + send_member="GetUnitFileLinks"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" @@ -134,7 +140,43 @@ send_interface="org.freedesktop.systemd1.Manager" send_member="LookupDynamicUserByUID"/> - <!-- Managed via polkit or other criteria --> + <!-- Completely open to anyone: org.freedesktop.systemd1.Unit interface --> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Service" + send_member="GetProcesses"/> + + <!-- Completely open to anyone: org.freedesktop.systemd1.Slice interface --> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Slice" + send_member="GetProcesses"/> + + <!-- Completely open to anyone: org.freedesktop.systemd1.Scope interface --> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Scope" + send_member="GetProcesses"/> + + <!-- Completely open to anyone: org.freedesktop.systemd1.Socket interface --> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Socket" + send_member="GetProcesses"/> + + <!-- Completely open to anyone: org.freedesktop.systemd1.Mount interface --> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Mount" + send_member="GetProcesses"/> + + <!-- Completely open to anyone: org.freedesktop.systemd1.Swap interface --> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Swap" + send_member="GetProcesses"/> + + <!-- Managed via polkit or other criteria: org.freedesktop.systemd1.Manager interface --> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" @@ -182,7 +224,11 @@ <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="ListUnitsByNames"/> + send_member="RefUnit"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Manager" + send_member="UnrefUnit"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" @@ -190,23 +236,27 @@ <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" + send_member="AttachProcessesToUnit"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Manager" send_member="CancelJob"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="Reload"/> + send_member="ClearJobs"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="Reexecute"/> + send_member="ResetFailed"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="RefUnit"/> + send_member="Reload"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="UnrefUnit"/> + send_member="Reexecute"/> <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" @@ -226,10 +276,6 @@ <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" - send_member="RevertUnitFiles"/> - - <allow send_destination="org.freedesktop.systemd1" - send_interface="org.freedesktop.systemd1.Manager" send_member="PresetUnitFiles"/> <allow send_destination="org.freedesktop.systemd1" @@ -246,6 +292,10 @@ <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Manager" + send_member="RevertUnitFiles"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Manager" send_member="SetDefaultTarget"/> <allow send_destination="org.freedesktop.systemd1" @@ -256,6 +306,8 @@ send_interface="org.freedesktop.systemd1.Manager" send_member="AddDependencyUnitFiles"/> + <!-- Managed via polkit or other criteria: org.freedesktop.systemd1.Job interface --> + <allow send_destination="org.freedesktop.systemd1" send_interface="org.freedesktop.systemd1.Job" send_member="Cancel"/> @@ -268,6 +320,68 @@ send_interface="org.freedesktop.systemd1.Job" send_member="GetBefore"/> + <!-- Managed via polkit or other criteria: org.freedesktop.systemd1.Unit interface --> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="Start"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="Stop"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="Reload"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="Restart"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="TryRestart"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="ReloadOrRestart"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="ReloadOrTryRestart"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="Kill"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="ResetFailed"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="SetProperties"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="Ref"/> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Unit" + send_member="Unref"/> + + <!-- Managed via polkit or other criteria: org.freedesktop.systemd1.Service interface --> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Service" + send_member="AttachProcesses"/> + + <!-- Managed via polkit or other criteria: org.freedesktop.systemd1.Scope interface --> + + <allow send_destination="org.freedesktop.systemd1" + send_interface="org.freedesktop.systemd1.Scope" + send_member="AttachProcesses"/> + <allow receive_sender="org.freedesktop.systemd1"/> </policy> diff --git a/src/core/org.freedesktop.systemd1.policy.in.in b/src/core/org.freedesktop.systemd1.policy.in index 2c6ed749fd..648221b85c 100644 --- a/src/core/org.freedesktop.systemd1.policy.in.in +++ b/src/core/org.freedesktop.systemd1.policy.in @@ -19,8 +19,8 @@ <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url> <action id="org.freedesktop.systemd1.reply-password"> - <description>Send passphrase back to system</description> - <message>Authentication is required to send the entered passphrase back to the system.</message> + <description gettext-domain="systemd">Send passphrase back to system</description> + <message gettext-domain="systemd">Authentication is required to send the entered passphrase back to the system.</message> <defaults> <allow_any>no</allow_any> <allow_inactive>no</allow_inactive> @@ -30,8 +30,8 @@ </action> <action id="org.freedesktop.systemd1.manage-units"> - <description>Manage system services or other units</description> - <message>Authentication is required to manage system services or other units.</message> + <description gettext-domain="systemd">Manage system services or other units</description> + <message gettext-domain="systemd">Authentication is required to manage system services or other units.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -40,8 +40,8 @@ </action> <action id="org.freedesktop.systemd1.manage-unit-files"> - <description>Manage system service or unit files</description> - <message>Authentication is required to manage system service or unit files.</message> + <description gettext-domain="systemd">Manage system service or unit files</description> + <message gettext-domain="systemd">Authentication is required to manage system service or unit files.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -50,8 +50,8 @@ </action> <action id="org.freedesktop.systemd1.set-environment"> - <description>Set or unset system and service manager environment variables</description> - <message>Authentication is required to set or unset system and service manager environment variables.</message> + <description gettext-domain="systemd">Set or unset system and service manager environment variables</description> + <message gettext-domain="systemd">Authentication is required to set or unset system and service manager environment variables.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -60,8 +60,8 @@ </action> <action id="org.freedesktop.systemd1.reload-daemon"> - <description>Reload the systemd state</description> - <message>Authentication is required to reload the systemd state.</message> + <description gettext-domain="systemd">Reload the systemd state</description> + <message gettext-domain="systemd">Authentication is required to reload the systemd state.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> diff --git a/src/core/path.c b/src/core/path.c index 8a5ec0a72f..1893d8de45 100644 --- a/src/core/path.c +++ b/src/core/path.c @@ -80,7 +80,8 @@ int path_spec_watch(PathSpec *s, sd_event_io_handler_t handler) { (void) sd_event_source_set_description(s->event_source, "path"); - /* This assumes the path was passed through path_kill_slashes()! */ + /* This function assumes the path was passed through path_kill_slashes()! */ + assert(!strstr(s->path, "//")); for (slash = strchr(s->path, '/'); ; slash = strchr(slash+1, '/')) { char *cut = NULL; diff --git a/src/core/scope.c b/src/core/scope.c index 468dd81217..5b9c2bb3c4 100644 --- a/src/core/scope.c +++ b/src/core/scope.c @@ -163,9 +163,6 @@ static int scope_load_init_scope(Unit *u) { * synthesize it here, instead of relying on the unit file on disk. */ u->default_dependencies = false; - u->ignore_on_isolate = true; - - SCOPE(u)->kill_context.kill_signal = SIGRTMIN+14; /* Prettify things, if we can. */ if (!u->description) @@ -346,7 +343,7 @@ static int scope_start(Unit *u) { unit_export_state_files(UNIT(s)); - r = unit_attach_pids_to_cgroup(u); + r = unit_attach_pids_to_cgroup(u, UNIT(s)->pids, NULL); if (r < 0) { log_unit_warning_errno(UNIT(s), r, "Failed to add PIDs to scope's control group: %m"); scope_enter_dead(s, SCOPE_FAILURE_RESOURCES); @@ -602,6 +599,7 @@ const UnitVTable scope_vtable = { .private_section = "Scope", .can_transient = true, + .can_delegate = true, .init = scope_init, .load = scope_load, diff --git a/src/core/selinux-access.h b/src/core/selinux-access.h index c5f5fb975e..dd48d0654e 100644 --- a/src/core/selinux-access.h +++ b/src/core/selinux-access.h @@ -33,10 +33,7 @@ int mac_selinux_generic_access_check(sd_bus_message *message, const char *path, mac_selinux_generic_access_check((message), NULL, (permission), (error)) #define mac_selinux_unit_access_check(unit, message, permission, error) \ - ({ \ - const Unit *_unit = (unit); \ - mac_selinux_generic_access_check((message), _unit->source_path ?: _unit->fragment_path, (permission), (error)); \ - }) + mac_selinux_generic_access_check((message), unit_label_path(unit), (permission), (error)) #else diff --git a/src/core/service.c b/src/core/service.c index 6476dc68c5..df36019f62 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -120,6 +120,9 @@ static void service_init(Unit *u) { s->guess_main_pid = true; s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID; + + s->exec_context.keyring_mode = MANAGER_IS_SYSTEM(u->manager) ? + EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT; } static void service_unwatch_control_pid(Service *s) { @@ -369,7 +372,7 @@ static void service_done(Unit *u) { s->pid_file = mfree(s->pid_file); s->status_text = mfree(s->status_text); - s->exec_runtime = exec_runtime_unref(s->exec_runtime); + s->exec_runtime = exec_runtime_unref(s->exec_runtime, false); exec_command_free_array(s->exec_command, _SERVICE_EXEC_COMMAND_MAX); s->control_command = NULL; s->main_command = NULL; @@ -774,6 +777,8 @@ static int service_load(Unit *u) { } static void service_dump(Unit *u, FILE *f, const char *prefix) { + char buf_restart[FORMAT_TIMESPAN_MAX], buf_start[FORMAT_TIMESPAN_MAX], buf_stop[FORMAT_TIMESPAN_MAX]; + char buf_runtime[FORMAT_TIMESPAN_MAX], buf_watchdog[FORMAT_TIMESPAN_MAX]; ServiceExecCommand c; Service *s = SERVICE(u); const char *prefix2; @@ -838,6 +843,18 @@ static void service_dump(Unit *u, FILE *f, const char *prefix) { "%sAccept Socket: %s\n", prefix, UNIT_DEREF(s->accept_socket)->id); + fprintf(f, + "%sRestartSec: %s\n" + "%sTimeoutStartSec: %s\n" + "%sTimeoutStopSec: %s\n" + "%sRuntimeMaxSec: %s\n" + "%sWatchdogSec: %s\n", + prefix, format_timespan(buf_restart, sizeof(buf_restart), s->restart_usec, USEC_PER_SEC), + prefix, format_timespan(buf_start, sizeof(buf_start), s->timeout_start_usec, USEC_PER_SEC), + prefix, format_timespan(buf_stop, sizeof(buf_stop), s->timeout_stop_usec, USEC_PER_SEC), + prefix, format_timespan(buf_runtime, sizeof(buf_runtime), s->runtime_max_usec, USEC_PER_SEC), + prefix, format_timespan(buf_watchdog, sizeof(buf_watchdog), s->watchdog_usec, USEC_PER_SEC)); + kill_context_dump(&s->kill_context, f, prefix); exec_context_dump(&s->exec_context, f, prefix); @@ -902,6 +919,7 @@ static int service_is_suitable_main_pid(Service *s, pid_t pid, int prio) { static int service_load_pid_file(Service *s, bool may_warn) { char procfs[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; + bool questionable_pid_file = false; _cleanup_free_ char *k = NULL; _cleanup_close_ int fd = -1; int r, prio; @@ -915,8 +933,13 @@ static int service_load_pid_file(Service *s, bool may_warn) { prio = may_warn ? LOG_INFO : LOG_DEBUG; fd = chase_symlinks(s->pid_file, NULL, CHASE_OPEN|CHASE_SAFE, NULL); - if (fd == -EPERM) - return log_unit_full(UNIT(s), prio, fd, "Permission denied while opening PID file or unsafe symlink chain: %s", s->pid_file); + if (fd == -EPERM) { + log_unit_full(UNIT(s), LOG_DEBUG, fd, "Permission denied while opening PID file or potentially unsafe symlink chain, will now retry with relaxed checks: %s", s->pid_file); + + questionable_pid_file = true; + + fd = chase_symlinks(s->pid_file, NULL, CHASE_OPEN, NULL); + } if (fd < 0) return log_unit_full(UNIT(s), prio, fd, "Can't open PID file %s (yet?) after %s: %m", s->pid_file, service_state_to_string(s->state)); @@ -939,6 +962,11 @@ static int service_load_pid_file(Service *s, bool may_warn) { if (r == 0) { struct stat st; + if (questionable_pid_file) { + log_unit_error(UNIT(s), "Refusing to accept PID outside of service control group, acquired through unsafe symlink chain: %s", s->pid_file); + return -EPERM; + } + /* Hmm, it's not clear if the new main PID is safe. Let's allow this if the PID file is owned by root */ if (fstat(fd, &st) < 0) @@ -1141,8 +1169,10 @@ static int service_coldplug(Unit *u) { if (IN_SET(s->deserialized_state, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD)) service_start_watchdog(s); - if (!IN_SET(s->deserialized_state, SERVICE_DEAD, SERVICE_FAILED, SERVICE_AUTO_RESTART)) + if (!IN_SET(s->deserialized_state, SERVICE_DEAD, SERVICE_FAILED, SERVICE_AUTO_RESTART)) { (void) unit_setup_dynamic_creds(u); + (void) unit_setup_exec_runtime(u); + } if (UNIT_ISSET(s->accept_socket)) { Socket* socket = SOCKET(UNIT_DEREF(s->accept_socket)); @@ -1224,7 +1254,7 @@ static int service_collect_fds(Service *s, } else { int *t; - t = realloc(rfds, (rn_socket_fds + cn_fds) * sizeof(int)); + t = reallocarray(rfds, rn_socket_fds + cn_fds, sizeof(int)); if (!t) return -ENOMEM; @@ -1246,13 +1276,13 @@ static int service_collect_fds(Service *s, char **nl; int *t; - t = realloc(rfds, (rn_socket_fds + s->n_fd_store) * sizeof(int)); + t = reallocarray(rfds, rn_socket_fds + s->n_fd_store, sizeof(int)); if (!t) return -ENOMEM; rfds = t; - nl = realloc(rfd_names, (rn_socket_fds + s->n_fd_store + 1) * sizeof(char*)); + nl = reallocarray(rfd_names, rn_socket_fds + s->n_fd_store + 1, sizeof(char *)); if (!nl) return -ENOMEM; @@ -1422,7 +1452,6 @@ static int service_spawn( } } - manager_set_exec_params(UNIT(s)->manager, &exec_params); unit_set_exec_params(UNIT(s), &exec_params); final_env = strv_env_merge(2, exec_params.environment, our_env, NULL); @@ -1629,8 +1658,7 @@ static void service_enter_dead(Service *s, ServiceResult f, bool allow_restart) s->forbid_restart = false; /* We want fresh tmpdirs in case service is started again immediately */ - exec_runtime_destroy(s->exec_runtime); - s->exec_runtime = exec_runtime_unref(s->exec_runtime); + s->exec_runtime = exec_runtime_unref(s->exec_runtime, true); if (s->exec_context.runtime_directory_preserve_mode == EXEC_PRESERVE_NO || (s->exec_context.runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !service_will_restart(UNIT(s)))) @@ -2658,7 +2686,7 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value, if (r < 0) log_unit_debug_errno(u, r, "Failed to load accept-socket unit: %s", value); else { - unit_ref_set(&s->accept_socket, socket); + unit_ref_set(&s->accept_socket, u, socket); SOCKET(socket)->n_connections++; } @@ -2807,20 +2835,20 @@ static const char *service_sub_state_to_string(Unit *u) { return service_state_to_string(SERVICE(u)->state); } -static bool service_check_gc(Unit *u) { +static bool service_may_gc(Unit *u) { Service *s = SERVICE(u); assert(s); /* Never clean up services that still have a process around, even if the service is formally dead. Note that - * unit_check_gc() already checked our cgroup for us, we just check our two additional PIDs, too, in case they + * unit_may_gc() already checked our cgroup for us, we just check our two additional PIDs, too, in case they * have moved outside of the cgroup. */ if (main_pid_good(s) > 0 || control_pid_good(s) > 0) - return true; + return false; - return false; + return true; } static int service_retry_pid_file(Service *s) { @@ -3744,7 +3772,7 @@ int service_set_socket_fd(Service *s, int fd, Socket *sock, bool selinux_context s->socket_fd = fd; s->socket_fd_selinux_context_net = selinux_context_net; - unit_ref_set(&s->accept_socket, UNIT(sock)); + unit_ref_set(&s->accept_socket, UNIT(s), UNIT(sock)); return 0; } @@ -3883,6 +3911,9 @@ const UnitVTable service_vtable = { "Install\0", .private_section = "Service", + .can_transient = true, + .can_delegate = true, + .init = service_init, .done = service_done, .load = service_load, @@ -3908,7 +3939,7 @@ const UnitVTable service_vtable = { .will_restart = service_will_restart, - .check_gc = service_check_gc, + .may_gc = service_may_gc, .sigchld_event = service_sigchld_event, @@ -3928,7 +3959,6 @@ const UnitVTable service_vtable = { .get_timeout = service_get_timeout, .needs_console = service_needs_console, - .can_transient = true, .status_message_formats = { .starting_stopping = { diff --git a/src/core/shutdown.c b/src/core/shutdown.c index cc31b33f1c..58c9a9de79 100644 --- a/src/core/shutdown.c +++ b/src/core/shutdown.c @@ -42,6 +42,7 @@ #include "missing.h" #include "parse-util.h" #include "process-util.h" +#include "reboot-util.h" #include "signal-util.h" #include "string-util.h" #include "switch-root.h" @@ -93,14 +94,14 @@ static int parse_argv(int argc, char *argv[]) { case ARG_LOG_LEVEL: r = log_set_max_level_from_string(optarg); if (r < 0) - log_error("Failed to parse log level %s, ignoring.", optarg); + log_error_errno(r, "Failed to parse log level %s, ignoring.", optarg); break; case ARG_LOG_TARGET: r = log_set_target_from_string(optarg); if (r < 0) - log_error("Failed to parse log target %s, ignoring", optarg); + log_error_errno(r, "Failed to parse log target %s, ignoring", optarg); break; @@ -109,7 +110,7 @@ static int parse_argv(int argc, char *argv[]) { if (optarg) { r = log_show_color_from_string(optarg); if (r < 0) - log_error("Failed to parse log color setting %s, ignoring", optarg); + log_error_errno(r, "Failed to parse log color setting %s, ignoring", optarg); } else log_show_color(true); @@ -119,7 +120,7 @@ static int parse_argv(int argc, char *argv[]) { if (optarg) { r = log_show_location_from_string(optarg); if (r < 0) - log_error("Failed to parse log location setting %s, ignoring", optarg); + log_error_errno(r, "Failed to parse log location setting %s, ignoring", optarg); } else log_show_location(true); @@ -128,14 +129,14 @@ static int parse_argv(int argc, char *argv[]) { case ARG_EXIT_CODE: r = safe_atou8(optarg, &arg_exit_code); if (r < 0) - log_error("Failed to parse exit code %s, ignoring", optarg); + log_error_errno(r, "Failed to parse exit code %s, ignoring", optarg); break; case ARG_TIMEOUT: r = parse_sec(optarg, &arg_timeout); if (r < 0) - log_error("Failed to parse shutdown timeout %s, ignoring", optarg); + log_error_errno(r, "Failed to parse shutdown timeout %s, ignoring", optarg); break; @@ -276,15 +277,18 @@ int main(int argc, char *argv[]) { static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, NULL}; char *watchdog_device; + /* The log target defaults to console, but the original systemd process will pass its log target in through a + * command line argument, which will override this default. Also, ensure we'll never log to the journal or + * syslog, as these logging daemons are either already dead or will die very soon. */ + + log_set_target(LOG_TARGET_CONSOLE); + log_set_prohibit_ipc(true); log_parse_environment(); + r = parse_argv(argc, argv); if (r < 0) goto error; - /* journald will die if not gone yet. The log target defaults - * to console, but may have been changed by command line options. */ - - log_set_prohibit_ipc(true); log_open(); umask(0022); @@ -306,8 +310,8 @@ int main(int argc, char *argv[]) { else if (streq(arg_verb, "exit")) cmd = 0; /* ignored, just checking that arg_verb is valid */ else { - r = -EINVAL; log_error("Unknown action '%s'.", arg_verb); + r = -EINVAL; goto error; } @@ -324,7 +328,7 @@ int main(int argc, char *argv[]) { } /* Lock us into memory */ - mlockall(MCL_CURRENT|MCL_FUTURE); + (void) mlockall(MCL_CURRENT|MCL_FUTURE); /* Synchronize everything that is not written to disk yet at this point already. This is a good idea so that * slow IO is processed here already and the final process killing spree is not impacted by processes @@ -481,12 +485,9 @@ int main(int argc, char *argv[]) { if (streq(arg_verb, "exit")) { if (in_container) - exit(arg_exit_code); - else { - /* We cannot exit() on the host, fallback on another - * method. */ - cmd = RB_POWER_OFF; - } + return arg_exit_code; + + cmd = RB_POWER_OFF; /* We cannot exit() on the host, fallback on another method. */ } switch (cmd) { @@ -514,22 +515,9 @@ int main(int argc, char *argv[]) { cmd = RB_AUTOBOOT; _fallthrough_; - case RB_AUTOBOOT: - - if (!in_container) { - _cleanup_free_ char *param = NULL; - - r = read_one_line_file("/run/systemd/reboot-param", ¶m); - if (r < 0 && r != -ENOENT) - log_warning_errno(r, "Failed to read reboot parameter file: %m"); - - if (!isempty(param)) { - log_info("Rebooting with argument '%s'.", param); - syscall(SYS_reboot, LINUX_REBOOT_MAGIC1, LINUX_REBOOT_MAGIC2, LINUX_REBOOT_CMD_RESTART2, param); - log_warning_errno(errno, "Failed to reboot with parameter, retrying without: %m"); - } - } + case RB_AUTOBOOT: + (void) reboot_with_parameter(REBOOT_LOG); log_info("Rebooting."); break; @@ -545,13 +533,13 @@ int main(int argc, char *argv[]) { assert_not_reached("Unknown magic"); } - reboot(cmd); + (void) reboot(cmd); if (errno == EPERM && in_container) { /* If we are in a container, and we lacked * CAP_SYS_BOOT just exit, this will kill our * container for good. */ log_info("Exiting container."); - exit(EXIT_SUCCESS); + return EXIT_SUCCESS; } r = log_error_errno(errno, "Failed to invoke reboot(): %m"); diff --git a/src/core/slice.c b/src/core/slice.c index fef47b04fe..1c4574b8bb 100644 --- a/src/core/slice.c +++ b/src/core/slice.c @@ -76,7 +76,7 @@ static int slice_add_parent_slice(Slice *s) { if (r < 0) return r; - unit_ref_set(&u->slice, parent); + unit_ref_set(&u->slice, u, parent); return 0; } @@ -137,7 +137,6 @@ static int slice_load_root_slice(Unit *u) { * special semantics we synthesize it here, instead of relying on the unit file on disk. */ u->default_dependencies = false; - u->ignore_on_isolate = true; if (!u->description) u->description = strdup("Root Slice"); @@ -147,6 +146,29 @@ static int slice_load_root_slice(Unit *u) { return 1; } +static int slice_load_system_slice(Unit *u) { + assert(u); + + if (!MANAGER_IS_SYSTEM(u->manager)) + return 0; + if (!unit_has_name(u, SPECIAL_SYSTEM_SLICE)) + return 0; + + u->perpetual = true; + + /* The system slice is a bit special. For example it is always running and cannot be terminated. Because of its + * special semantics we synthesize it here, instead of relying on the unit file on disk. */ + + u->default_dependencies = false; + + if (!u->description) + u->description = strdup("System Slice"); + if (!u->documentation) + u->documentation = strv_new("man:systemd.special(7)", NULL); + + return 1; +} + static int slice_load(Unit *u) { Slice *s = SLICE(u); int r; @@ -157,6 +179,10 @@ static int slice_load(Unit *u) { r = slice_load_root_slice(u); if (r < 0) return r; + r = slice_load_system_slice(u); + if (r < 0) + return r; + r = unit_load_fragment_and_dropin_optional(u); if (r < 0) return r; @@ -287,19 +313,18 @@ _pure_ static const char *slice_sub_state_to_string(Unit *u) { return slice_state_to_string(SLICE(u)->state); } -static void slice_enumerate(Manager *m) { +static int slice_make_perpetual(Manager *m, const char *name, Unit **ret) { Unit *u; int r; assert(m); + assert(name); - u = manager_get_unit(m, SPECIAL_ROOT_SLICE); + u = manager_get_unit(m, name); if (!u) { - r = unit_new_for_name(m, sizeof(Slice), SPECIAL_ROOT_SLICE, &u); - if (r < 0) { - log_error_errno(r, "Failed to allocate the special " SPECIAL_ROOT_SLICE " unit: %m"); - return; - } + r = unit_new_for_name(m, sizeof(Slice), name, &u); + if (r < 0) + return log_error_errno(r, "Failed to allocate the special %s unit: %m", name); } u->perpetual = true; @@ -307,6 +332,34 @@ static void slice_enumerate(Manager *m) { unit_add_to_load_queue(u); unit_add_to_dbus_queue(u); + + if (ret) + *ret = u; + + return 0; +} + +static void slice_enumerate(Manager *m) { + Unit *u; + int r; + + assert(m); + + r = slice_make_perpetual(m, SPECIAL_ROOT_SLICE, &u); + if (r >= 0 && manager_owns_root_cgroup(m)) { + Slice *s = SLICE(u); + + /* If we are managing the root cgroup then this means our root slice covers the whole system, which + * means the kernel will track CPU/tasks/memory for us anyway, and it is all available in /proc. Let's + * hence turn accounting on here, so that our APIs to query this data are available. */ + + s->cgroup_context.cpu_accounting = true; + s->cgroup_context.tasks_accounting = true; + s->cgroup_context.memory_accounting = true; + } + + if (MANAGER_IS_SYSTEM(m)) + (void) slice_make_perpetual(m, SPECIAL_SYSTEM_SLICE, NULL); } const UnitVTable slice_vtable = { diff --git a/src/core/socket.c b/src/core/socket.c index 74cdebbe81..41988788b8 100644 --- a/src/core/socket.c +++ b/src/core/socket.c @@ -164,7 +164,7 @@ static void socket_done(Unit *u) { s->peers_by_address = set_free(s->peers_by_address); - s->exec_runtime = exec_runtime_unref(s->exec_runtime); + s->exec_runtime = exec_runtime_unref(s->exec_runtime, false); exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX); s->control_command = NULL; @@ -250,7 +250,7 @@ int socket_instantiate_service(Socket *s) { if (r < 0) return r; - unit_ref_set(&s->service, u); + unit_ref_set(&s->service, UNIT(s), u); return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false, UNIT_DEPENDENCY_IMPLICIT); } @@ -377,7 +377,7 @@ static int socket_add_extras(Socket *s) { if (r < 0) return r; - unit_ref_set(&s->service, x); + unit_ref_set(&s->service, u, x); } r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true, UNIT_DEPENDENCY_IMPLICIT); @@ -1521,7 +1521,7 @@ static int socket_address_listen_in_cgroup( r = bpf_firewall_supported(); if (r < 0) return r; - if (r == 0) /* If BPF firewalling isn't supported anyway — there's no point in this forking complexity */ + if (r == BPF_FIREWALL_UNSUPPORTED) /* If BPF firewalling isn't supported anyway — there's no point in this forking complexity */ goto shortcut; if (socketpair(AF_UNIX, SOCK_SEQPACKET|SOCK_CLOEXEC, 0, pair) < 0) @@ -1878,8 +1878,10 @@ static int socket_coldplug(Unit *u) { return r; } - if (!IN_SET(s->deserialized_state, SOCKET_DEAD, SOCKET_FAILED)) + if (!IN_SET(s->deserialized_state, SOCKET_DEAD, SOCKET_FAILED)) { (void) unit_setup_dynamic_creds(u); + (void) unit_setup_exec_runtime(u); + } socket_set_state(s, s->deserialized_state); return 0; @@ -1908,7 +1910,6 @@ static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) { if (r < 0) return r; - manager_set_exec_params(UNIT(s)->manager, &exec_params); unit_set_exec_params(UNIT(s), &exec_params); exec_params.argv = c->argv; @@ -2017,8 +2018,7 @@ static void socket_enter_dead(Socket *s, SocketResult f) { socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD); - exec_runtime_destroy(s->exec_runtime); - s->exec_runtime = exec_runtime_unref(s->exec_runtime); + s->exec_runtime = exec_runtime_unref(s->exec_runtime, true); exec_context_destroy_runtime_directory(&s->exec_context, UNIT(s)->manager->prefix[EXEC_DIRECTORY_RUNTIME]); @@ -2818,12 +2818,12 @@ SocketType socket_port_type_from_string(const char *s) { return _SOCKET_TYPE_INVALID; } -_pure_ static bool socket_check_gc(Unit *u) { +_pure_ static bool socket_may_gc(Unit *u) { Socket *s = SOCKET(u); assert(u); - return s->n_connections > 0; + return s->n_connections == 0; } static int socket_accept_do(Socket *s, int fd) { @@ -2865,7 +2865,7 @@ static int socket_accept_in_cgroup(Socket *s, SocketPort *p, int fd) { r = bpf_firewall_supported(); if (r < 0) return r; - if (r == 0) + if (r == BPF_FIREWALL_UNSUPPORTED) goto shortcut; if (socketpair(AF_UNIX, SOCK_SEQPACKET|SOCK_CLOEXEC, 0, pair) < 0) @@ -3323,7 +3323,7 @@ const UnitVTable socket_vtable = { .active_state = socket_active_state, .sub_state_to_string = socket_sub_state_to_string, - .check_gc = socket_check_gc, + .may_gc = socket_may_gc, .sigchld_event = socket_sigchld_event, diff --git a/src/core/socket.h b/src/core/socket.h index 9c528fb39c..84ec9cff08 100644 --- a/src/core/socket.h +++ b/src/core/socket.h @@ -104,8 +104,8 @@ struct Socket { DynamicCreds dynamic_creds; /* For Accept=no sockets refers to the one service we'll - activate. For Accept=yes sockets is either NULL, or filled - when the next service we spawn. */ + * activate. For Accept=yes sockets is either NULL, or filled + * to refer to the next service we spawn. */ UnitRef service; SocketState state, deserialized_state; diff --git a/src/core/swap.c b/src/core/swap.c index 70097ff2ba..ed397c4c9e 100644 --- a/src/core/swap.c +++ b/src/core/swap.c @@ -85,7 +85,7 @@ static int swap_set_devnode(Swap *s, const char *devnode) { assert(s); - r = hashmap_ensure_allocated(&UNIT(s)->manager->swaps_by_devnode, &string_hash_ops); + r = hashmap_ensure_allocated(&UNIT(s)->manager->swaps_by_devnode, &path_hash_ops); if (r < 0) return r; @@ -157,7 +157,7 @@ static void swap_done(Unit *u) { s->parameters_fragment.what = mfree(s->parameters_fragment.what); s->parameters_fragment.options = mfree(s->parameters_fragment.options); - s->exec_runtime = exec_runtime_unref(s->exec_runtime); + s->exec_runtime = exec_runtime_unref(s->exec_runtime, false); exec_command_done_array(s->exec_command, _SWAP_EXEC_COMMAND_MAX); s->control_command = NULL; @@ -549,14 +549,17 @@ static int swap_coldplug(Unit *u) { return r; } - if (!IN_SET(new_state, SWAP_DEAD, SWAP_FAILED)) + if (!IN_SET(new_state, SWAP_DEAD, SWAP_FAILED)) { (void) unit_setup_dynamic_creds(u); + (void) unit_setup_exec_runtime(u); + } swap_set_state(s, new_state); return 0; } static void swap_dump(Unit *u, FILE *f, const char *prefix) { + char buf[FORMAT_TIMESPAN_MAX]; Swap *s = SWAP(u); SwapParameters *p; @@ -592,6 +595,10 @@ static void swap_dump(Unit *u, FILE *f, const char *prefix) { prefix, p->priority, prefix, strempty(p->options)); + fprintf(f, + "%sTimeoutSec: %s\n", + prefix, format_timespan(buf, sizeof(buf), s->timeout_usec, USEC_PER_SEC)); + if (s->control_pid > 0) fprintf(f, "%sControl PID: "PID_FMT"\n", @@ -625,7 +632,6 @@ static int swap_spawn(Swap *s, ExecCommand *c, pid_t *_pid) { if (r < 0) goto fail; - manager_set_exec_params(UNIT(s)->manager, &exec_params); unit_set_exec_params(UNIT(s), &exec_params); r = exec_spawn(UNIT(s), @@ -664,8 +670,7 @@ static void swap_enter_dead(Swap *s, SwapResult f) { swap_set_state(s, s->result != SWAP_SUCCESS ? SWAP_FAILED : SWAP_DEAD); - exec_runtime_destroy(s->exec_runtime); - s->exec_runtime = exec_runtime_unref(s->exec_runtime); + s->exec_runtime = exec_runtime_unref(s->exec_runtime, true); exec_context_destroy_runtime_directory(&s->exec_context, UNIT(s)->manager->prefix[EXEC_DIRECTORY_RUNTIME]); @@ -973,12 +978,15 @@ _pure_ static const char *swap_sub_state_to_string(Unit *u) { return swap_state_to_string(SWAP(u)->state); } -_pure_ static bool swap_check_gc(Unit *u) { +_pure_ static bool swap_may_gc(Unit *u) { Swap *s = SWAP(u); assert(s); - return s->from_proc_swaps; + if (s->from_proc_swaps) + return false; + + return true; } static void swap_sigchld_event(Unit *u, pid_t pid, int code, int status) { @@ -1500,7 +1508,7 @@ const UnitVTable swap_vtable = { .active_state = swap_active_state, .sub_state_to_string = swap_sub_state_to_string, - .check_gc = swap_check_gc, + .may_gc = swap_may_gc, .sigchld_event = swap_sigchld_event, diff --git a/src/core/system.conf b/src/core/system.conf.in index 6b86eac33d..08cbe529ba 100644 --- a/src/core/system.conf +++ b/src/core/system.conf.in @@ -42,7 +42,7 @@ #DefaultIOAccounting=no #DefaultIPAccounting=no #DefaultBlockIOAccounting=no -#DefaultMemoryAccounting=no +#DefaultMemoryAccounting=@MEMORY_ACCOUNTING_DEFAULT@ #DefaultTasksAccounting=yes #DefaultTasksMax=15% #DefaultLimitCPU= diff --git a/src/core/timer.c b/src/core/timer.c index 133cbb974d..ddb9c82b87 100644 --- a/src/core/timer.c +++ b/src/core/timer.c @@ -354,7 +354,6 @@ static void timer_enter_waiting(Timer *t, bool initial) { bool found_monotonic = false, found_realtime = false; bool leave_around = false; triple_timestamp ts; - usec_t base = 0; TimerValue *v; Unit *trigger; int r; @@ -372,7 +371,6 @@ static void timer_enter_waiting(Timer *t, bool initial) { t->next_elapse_monotonic_or_boottime = t->next_elapse_realtime = 0; LIST_FOREACH(value, v, t->values) { - if (v->disabled) continue; @@ -381,10 +379,17 @@ static void timer_enter_waiting(Timer *t, bool initial) { /* If we know the last time this was * triggered, schedule the job based relative - * to that. If we don't just start from - * now. */ + * to that. If we don't, just start from + * the activation time. */ - b = t->last_trigger.realtime > 0 ? t->last_trigger.realtime : ts.realtime; + if (t->last_trigger.realtime > 0) + b = t->last_trigger.realtime; + else { + if (state_translation_table[t->state] == UNIT_ACTIVE) + b = UNIT(t)->inactive_exit_timestamp.realtime; + else + b = ts.realtime; + } r = calendar_spec_next_usec(v->calendar_spec, b, &v->next_elapse); if (r < 0) @@ -397,7 +402,8 @@ static void timer_enter_waiting(Timer *t, bool initial) { found_realtime = true; - } else { + } else { + usec_t base; switch (v->base) { @@ -807,12 +813,21 @@ static void timer_reset_failed(Unit *u) { static void timer_time_change(Unit *u) { Timer *t = TIMER(u); + usec_t ts; assert(u); if (t->state != TIMER_WAITING) return; + /* If we appear to have triggered in the future, the system clock must + * have been set backwards. So let's rewind our own clock and allow + * the future trigger(s) to happen again :). Exactly the same as when + * you start a timer unit with Persistent=yes. */ + ts = now(CLOCK_REALTIME); + if (t->last_trigger.realtime > ts) + t->last_trigger.realtime = ts; + log_unit_debug(u, "Time change, recalculating next elapse."); timer_enter_waiting(t, false); } diff --git a/src/core/triggers.systemd.in b/src/core/triggers.systemd.in index 985c6d8b26..c582d40977 100644 --- a/src/core/triggers.systemd.in +++ b/src/core/triggers.systemd.in @@ -4,6 +4,7 @@ # This file is part of systemd. # # Copyright 2015 Zbigniew Jędrzejewski-Szmek +# Copyright 2018 Neal Gompa # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by @@ -69,3 +70,89 @@ if posix.access("%{_localstatedir}/lib/rpm-state/systemd/needs-reload") then posix.wait(pid) end end + +%transfiletriggerin -P 100700 -p <lua> -- @sysusersdir@ +-- This script will process files installed in @sysusersdir@ to create +-- specified users automatically. The priority is set such that it +-- will run before the tmpfiles file trigger. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/systemd-sysusers")) + elseif pid > 0 then + posix.wait(pid) + end +end + +%transfiletriggerin -P 100500 -- @tmpfilesdir@ +-- This script will process files installed in @tmpfilesdir@ to create +-- tmpfiles automatically. The priority is set such that it will run +-- after the sysusers file trigger, but before any other triggers. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/systemd-tmpfiles", "--create")) + elseif pid > 0 then + posix.wait(pid) + end +end + +%transfiletriggerin -- @udevhwdbdir@ +-- This script will automatically invoke hwdb update if files have been +-- installed or updated in @udevhwdbdir@. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/systemd-hwdb", "update")) + elseif pid > 0 then + posix.wait(pid) + end +end + +%transfiletriggerin -- @catalogdir@ +-- This script will automatically invoke journal catalog update if files +-- have been installed or updated in @catalogdir@. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/journalctl", "--update-catalog")) + elseif pid > 0 then + posix.wait(pid) + end +end + +%transfiletriggerin -- @udevrulesdir@ +-- This script will automatically update udev with new rules if files +-- have been installed or updated in @udevrulesdir@. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("%{_bindir}/udevadm", "control", "--reload")) + elseif pid > 0 then + posix.wait(pid) + end +end + +%transfiletriggerin -- @sysctldir@ +-- This script will automatically apply sysctl rules if files have been +-- installed or updated in @sysctldir@. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("@rootlibexecdir@/systemd-sysctl")) + elseif pid > 0 then + posix.wait(pid) + end +end + +%transfiletriggerin -- @binfmtdir@ +-- This script will automatically apply binfmt rules if files have been +-- installed or updated in @binfmtdir@. +if posix.access("/run/systemd/system") then + pid = posix.fork() + if pid == 0 then + assert(posix.exec("@rootlibexecdir@/systemd-binfmt")) + elseif pid > 0 then + posix.wait(pid) + end +end diff --git a/src/core/umount.c b/src/core/umount.c index 731436af27..ff3e63710c 100644 --- a/src/core/umount.c +++ b/src/core/umount.c @@ -390,7 +390,7 @@ static int remount_with_timeout(MountPoint *m, char *options, int *n_failed) { * fork a child process and set a timeout. If the timeout * lapses, the assumption is that that particular remount * failed. */ - r = safe_fork("(sd-remount)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_LOG, &pid); + r = safe_fork("(sd-remount)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_REOPEN_LOG, &pid); if (r < 0) return r; if (r == 0) { @@ -406,10 +406,12 @@ static int remount_with_timeout(MountPoint *m, char *options, int *n_failed) { r = wait_for_terminate_with_timeout(pid, DEFAULT_TIMEOUT_USEC); if (r == -ETIMEDOUT) { - log_error_errno(errno, "Remounting '%s' - timed out, issuing SIGKILL to PID "PID_FMT".", m->path, pid); + log_error_errno(r, "Remounting '%s' timed out, issuing SIGKILL to PID " PID_FMT ".", m->path, pid); (void) kill(pid, SIGKILL); - } else if (r < 0) - log_error_errno(r, "Failed to wait for process: %m"); + } else if (r == -EPROTO) + log_error_errno(r, "Remounting '%s' failed abnormally, child process " PID_FMT " aborted or exited non-zero.", m->path, pid); + else if (r < 0) + log_error_errno(r, "Remounting '%s' failed unexpectedly, couldn't wait for child process " PID_FMT ": %m", m->path, pid); return r; } @@ -424,7 +426,7 @@ static int umount_with_timeout(MountPoint *m, bool *changed) { * fork a child process and set a timeout. If the timeout * lapses, the assumption is that that particular umount * failed. */ - r = safe_fork("(sd-umount)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_LOG, &pid); + r = safe_fork("(sd-umount)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_REOPEN_LOG, &pid); if (r < 0) return r; if (r == 0) { @@ -446,10 +448,12 @@ static int umount_with_timeout(MountPoint *m, bool *changed) { r = wait_for_terminate_with_timeout(pid, DEFAULT_TIMEOUT_USEC); if (r == -ETIMEDOUT) { - log_error_errno(errno, "Unmounting '%s' - timed out, issuing SIGKILL to PID "PID_FMT".", m->path, pid); + log_error_errno(r, "Unmounting '%s' timed out, issuing SIGKILL to PID " PID_FMT ".", m->path, pid); (void) kill(pid, SIGKILL); - } else if (r < 0) - log_error_errno(r, "Failed to wait for process: %m"); + } else if (r == -EPROTO) + log_error_errno(r, "Unmounting '%s' failed abnormally, child process " PID_FMT " aborted or exited non-zero.", m->path, pid); + else if (r < 0) + log_error_errno(r, "Unmounting '%s' failed unexpectedly, couldn't wait for child process " PID_FMT ": %m", m->path, pid); return r; } diff --git a/src/core/unit.c b/src/core/unit.c index 932f05baa2..c3056624ef 100644 --- a/src/core/unit.c +++ b/src/core/unit.c @@ -186,7 +186,7 @@ static void unit_init(Unit *u) { exec_context_init(ec); ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ? - EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT; + EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT; } kc = unit_get_kill_context(u); @@ -336,20 +336,25 @@ int unit_set_description(Unit *u, const char *description) { return 0; } -bool unit_check_gc(Unit *u) { +bool unit_may_gc(Unit *u) { UnitActiveState state; int r; assert(u); - /* Checks whether the unit is ready to be unloaded for garbage collection. Returns true, when the unit shall - * stay around, false if there's no reason to keep it loaded. */ + /* Checks whether the unit is ready to be unloaded for garbage collection. + * Returns true when the unit may be collected, and false if there's some + * reason to keep it loaded. + * + * References from other units are *not* checked here. Instead, this is done + * in unit_gc_sweep(), but using markers to properly collect dependency loops. + */ if (u->job) - return true; + return false; if (u->nop_job) - return true; + return false; state = unit_active_state(u); @@ -359,26 +364,23 @@ bool unit_check_gc(Unit *u) { UNIT_VTABLE(u)->release_resources(u); if (u->perpetual) - return true; - - if (u->refs) - return true; + return false; if (sd_bus_track_count(u->bus_track) > 0) - return true; + return false; /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */ switch (u->collect_mode) { case COLLECT_INACTIVE: if (state != UNIT_INACTIVE) - return true; + return false; break; case COLLECT_INACTIVE_OR_FAILED: if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED)) - return true; + return false; break; @@ -394,14 +396,13 @@ bool unit_check_gc(Unit *u) { if (r < 0) log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path); if (r <= 0) - return true; + return false; } - if (UNIT_VTABLE(u)->check_gc) - if (UNIT_VTABLE(u)->check_gc(u)) - return true; + if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u)) + return false; - return false; + return true; } void unit_add_to_load_queue(Unit *u) { @@ -431,7 +432,7 @@ void unit_add_to_gc_queue(Unit *u) { if (u->in_gc_queue || u->in_cleanup_queue) return; - if (unit_check_gc(u)) + if (!unit_may_gc(u)) return; LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u); @@ -609,6 +610,25 @@ void unit_free(Unit *u) { for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) bidi_set_free(u, u->dependencies[d]); + if (u->on_console) + manager_unref_console(u->manager); + + unit_release_cgroup(u); + + if (!MANAGER_IS_RELOADING(u->manager)) + unit_unlink_state_files(u); + + unit_unref_uid_gid(u, false); + + (void) manager_update_failed_units(u->manager, u, false); + set_remove(u->manager->startup_units, u); + + unit_unwatch_all_pids(u); + + unit_ref_unset(&u->slice); + while (u->refs_by_target) + unit_ref_unset(u->refs_by_target); + if (u->type != _UNIT_TYPE_INVALID) LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u); @@ -618,9 +638,6 @@ void unit_free(Unit *u) { if (u->in_dbus_queue) LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u); - if (u->in_cleanup_queue) - LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u); - if (u->in_gc_queue) LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u); @@ -630,18 +647,24 @@ void unit_free(Unit *u) { if (u->in_cgroup_empty_queue) LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u); - if (u->on_console) - manager_unref_console(u->manager); + if (u->in_cleanup_queue) + LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u); - unit_release_cgroup(u); + safe_close(u->ip_accounting_ingress_map_fd); + safe_close(u->ip_accounting_egress_map_fd); - if (!MANAGER_IS_RELOADING(u->manager)) - unit_unlink_state_files(u); + safe_close(u->ipv4_allow_map_fd); + safe_close(u->ipv6_allow_map_fd); + safe_close(u->ipv4_deny_map_fd); + safe_close(u->ipv6_deny_map_fd); - unit_unref_uid_gid(u, false); + bpf_program_unref(u->ip_bpf_ingress); + bpf_program_unref(u->ip_bpf_ingress_installed); + bpf_program_unref(u->ip_bpf_egress); + bpf_program_unref(u->ip_bpf_egress_installed); - (void) manager_update_failed_units(u->manager, u, false); - set_remove(u->manager->startup_units, u); + condition_free_list(u->conditions); + condition_free_list(u->asserts); free(u->description); strv_free(u->documentation); @@ -654,29 +677,8 @@ void unit_free(Unit *u) { set_free_free(u->names); - unit_unwatch_all_pids(u); - - condition_free_list(u->conditions); - condition_free_list(u->asserts); - free(u->reboot_arg); - unit_ref_unset(&u->slice); - - while (u->refs) - unit_ref_unset(u->refs); - - safe_close(u->ip_accounting_ingress_map_fd); - safe_close(u->ip_accounting_egress_map_fd); - - safe_close(u->ipv4_allow_map_fd); - safe_close(u->ipv6_allow_map_fd); - safe_close(u->ipv4_deny_map_fd); - safe_close(u->ipv6_deny_map_fd); - - bpf_program_unref(u->ip_bpf_ingress); - bpf_program_unref(u->ip_bpf_egress); - free(u); } @@ -896,8 +898,8 @@ int unit_merge(Unit *u, Unit *other) { return r; /* Redirect all references */ - while (other->refs) - unit_ref_set(other->refs, u); + while (other->refs_by_target) + unit_ref_set(other->refs_by_target, other->refs_by_target->source, u); /* Merge dependencies */ for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) @@ -1119,7 +1121,7 @@ void unit_dump(Unit *u, FILE *f, const char *prefix) { "%s\tActive Enter Timestamp: %s\n" "%s\tActive Exit Timestamp: %s\n" "%s\tInactive Enter Timestamp: %s\n" - "%s\tGC Check Good: %s\n" + "%s\tMay GC: %s\n" "%s\tNeed Daemon Reload: %s\n" "%s\tTransient: %s\n" "%s\tPerpetual: %s\n" @@ -1137,7 +1139,7 @@ void unit_dump(Unit *u, FILE *f, const char *prefix) { prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)), prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)), prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)), - prefix, yes_no(unit_check_gc(u)), + prefix, yes_no(unit_may_gc(u)), prefix, yes_no(unit_need_daemon_reload(u)), prefix, yes_no(u->transient), prefix, yes_no(u->perpetual), @@ -1697,7 +1699,7 @@ static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) { format = unit_get_status_message_format(u, t); DISABLE_WARNING_FORMAT_NONLITERAL; - xsprintf(buf, format, unit_description(u)); + (void) snprintf(buf, sizeof buf, format, unit_description(u)); REENABLE_WARNING; mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR : @@ -2326,18 +2328,16 @@ static void unit_update_on_console(Unit *u) { } void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) { - Manager *m; bool unexpected; + Manager *m; assert(u); assert(os < _UNIT_ACTIVE_STATE_MAX); assert(ns < _UNIT_ACTIVE_STATE_MAX); - /* Note that this is called for all low-level state changes, - * even if they might map to the same high-level - * UnitActiveState! That means that ns == os is an expected - * behavior here. For example: if a mount point is remounted - * this function will be called too! */ + /* Note that this is called for all low-level state changes, even if they might map to the same high-level + * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is + * remounted this function will be called too! */ m = u->manager; @@ -2460,15 +2460,8 @@ void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_su } } - /* Some names are special */ if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) { - if (unit_has_name(u, SPECIAL_DBUS_SERVICE)) - /* The bus might have just become available, - * hence try to connect to it, if we aren't - * yet connected. */ - bus_init(m, true); - if (u->type == UNIT_SERVICE && !UNIT_IS_ACTIVE_OR_RELOADING(os) && !MANAGER_IS_RELOADING(m)) { @@ -2481,8 +2474,6 @@ void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_su manager_send_unit_plymouth(m, u); } else { - /* We don't care about D-Bus going down here, since we'll get an asynchronous notification for it - * anyway. */ if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os) @@ -2512,17 +2503,15 @@ void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_su } manager_recheck_journal(m); + manager_recheck_dbus(m); unit_trigger_notify(u); if (!MANAGER_IS_RELOADING(u->manager)) { - /* Maybe we finished startup and are now ready for - * being stopped because unneeded? */ + /* Maybe we finished startup and are now ready for being stopped because unneeded? */ unit_check_unneeded(u); - /* Maybe we finished startup, but something we needed - * has vanished? Let's die then. (This happens when - * something BindsTo= to a Type=oneshot unit, as these - * units go directly from starting to inactive, + /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when + * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive, * without ever entering started.) */ unit_check_binds_to(u); @@ -2976,8 +2965,7 @@ int unit_set_slice(Unit *u, Unit *slice) { if (UNIT_ISSET(u->slice) && u->cgroup_realized) return -EBUSY; - unit_ref_unset(&u->slice); - unit_ref_set(&u->slice, slice); + unit_ref_set(&u->slice, u, slice); return 1; } @@ -3176,18 +3164,9 @@ int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) { assert(fds); if (unit_can_serialize(u)) { - ExecRuntime *rt; - r = UNIT_VTABLE(u)->serialize(u, f, fds); if (r < 0) return r; - - rt = unit_get_exec_runtime(u); - if (rt) { - r = exec_runtime_serialize(u, rt, f, fds); - if (r < 0) - return r; - } } dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp); @@ -3333,18 +3312,12 @@ void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *f } int unit_deserialize(Unit *u, FILE *f, FDSet *fds) { - ExecRuntime **rt = NULL; - size_t offset; int r; assert(u); assert(f); assert(fds); - offset = UNIT_VTABLE(u)->exec_runtime_offset; - if (offset > 0) - rt = (ExecRuntime**) ((uint8_t*) u + offset); - for (;;) { char line[LINE_MAX], *l, *v; CGroupIPAccountingMetric m; @@ -3604,18 +3577,16 @@ int unit_deserialize(Unit *u, FILE *f, FDSet *fds) { } if (unit_can_serialize(u)) { - if (rt) { - r = exec_runtime_deserialize_item(u, rt, l, v, fds); - if (r < 0) { - log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l); - continue; - } - - /* Returns positive if key was handled by the call */ - if (r > 0) - continue; + r = exec_runtime_deserialize_compat(u, l, v, fds); + if (r < 0) { + log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l); + continue; } + /* Returns positive if key was handled by the call */ + if (r > 0) + continue; + r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds); if (r < 0) log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l); @@ -3982,7 +3953,7 @@ UnitFileState unit_get_unit_file_state(Unit *u) { r = unit_file_get_state( u->manager->unit_file_scope, NULL, - basename(u->fragment_path), + u->id, &u->unit_file_state); if (r < 0) u->unit_file_state = UNIT_FILE_BAD; @@ -4003,30 +3974,32 @@ int unit_get_unit_file_preset(Unit *u) { return u->unit_file_preset; } -Unit* unit_ref_set(UnitRef *ref, Unit *u) { +Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) { assert(ref); - assert(u); + assert(source); + assert(target); - if (ref->unit) + if (ref->target) unit_ref_unset(ref); - ref->unit = u; - LIST_PREPEND(refs, u->refs, ref); - return u; + ref->source = source; + ref->target = target; + LIST_PREPEND(refs_by_target, target->refs_by_target, ref); + return target; } void unit_ref_unset(UnitRef *ref) { assert(ref); - if (!ref->unit) + if (!ref->target) return; /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might * be unreferenced now. */ - unit_add_to_gc_queue(ref->unit); + unit_add_to_gc_queue(ref->target); - LIST_REMOVE(refs, ref->unit->refs, ref); - ref->unit = NULL; + LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref); + ref->source = ref->target = NULL; } static int user_from_unit_name(Unit *u, char **ret) { @@ -4558,22 +4531,15 @@ int unit_kill_context( } else if (r > 0) { - /* FIXME: For now, on the legacy hierarchy, we - * will not wait for the cgroup members to die - * if we are running in a container or if this - * is a delegation unit, simply because cgroup - * notification is unreliable in these - * cases. It doesn't work at all in - * containers, and outside of containers it - * can be confused easily by left-over - * directories in the cgroup — which however - * should not exist in non-delegated units. On - * the unified hierarchy that's different, - * there we get proper events. Hence rely on - * them. */ + /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if + * we are running in a container or if this is a delegation unit, simply because cgroup + * notification is unreliable in these cases. It doesn't work at all in containers, and outside + * of containers it can be confused easily by left-over directories in the cgroup — which + * however should not exist in non-delegated units. On the unified hierarchy that's different, + * there we get proper events. Hence rely on them. */ if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 || - (detect_container() == 0 && !UNIT_CGROUP_BOOL(u, delegate))) + (detect_container() == 0 && !unit_cgroup_delegate(u))) wait_for_exit = true; if (send_sighup) { @@ -4611,7 +4577,7 @@ int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) if (!path_is_absolute(path)) return -EINVAL; - r = hashmap_ensure_allocated(&u->requires_mounts_for, &string_hash_ops); + r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops); if (r < 0) return r; @@ -4648,7 +4614,7 @@ int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) if (!x) { char *q; - r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &string_hash_ops); + r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops); if (r < 0) return r; @@ -4684,6 +4650,7 @@ int unit_setup_exec_runtime(Unit *u) { Unit *other; Iterator i; void *v; + int r; offset = UNIT_VTABLE(u)->exec_runtime_offset; assert(offset > 0); @@ -4695,15 +4662,12 @@ int unit_setup_exec_runtime(Unit *u) { /* Try to get it from somebody else */ HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) { - - *rt = unit_get_exec_runtime(other); - if (*rt) { - exec_runtime_ref(*rt); - return 0; - } + r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt); + if (r == 1) + return 1; } - return exec_runtime_make(rt, unit_get_exec_context(u), u->id); + return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt); } int unit_setup_dynamic_creds(Unit *u) { @@ -4745,7 +4709,7 @@ void unit_warn_if_dir_nonempty(Unit *u, const char* where) { assert(where); r = dir_is_empty(where); - if (r > 0) + if (r > 0 || r == -ENOTDIR) return; if (r < 0) { log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where); @@ -5025,8 +4989,16 @@ void unit_set_exec_params(Unit *u, ExecParameters *p) { assert(u); assert(p); + /* Copy parameters from manager */ + p->environment = u->manager->environment; + p->confirm_spawn = manager_get_confirm_spawn(u->manager); + p->cgroup_supported = u->manager->cgroup_supported; + p->prefix = u->manager->prefix; + SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager)); + + /* Copy paramaters from unit */ p->cgroup_path = u->cgroup_path; - SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, UNIT_CGROUP_BOOL(u, delegate)); + SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u)); } int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) { @@ -5375,6 +5347,51 @@ bool unit_needs_console(Unit *u) { return exec_context_may_touch_console(ec); } +const char *unit_label_path(Unit *u) { + const char *p; + + /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off + * when validating access checks. */ + + p = u->source_path ?: u->fragment_path; + if (!p) + return NULL; + + /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */ + if (path_equal(p, "/dev/null")) + return NULL; + + return p; +} + +int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) { + int r; + + assert(u); + + /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself, + * and not a kernel thread either */ + + /* First, a simple range check */ + if (!pid_is_valid(pid)) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid); + + /* Some extra safety check */ + if (pid == 1 || pid == getpid_cached()) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager processs, refusing.", pid); + + /* Don't even begin to bother with kernel threads */ + r = is_kernel_thread(pid); + if (r == -ESRCH) + return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid); + if (r < 0) + return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid); + if (r > 0) + return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid); + + return 0; +} + static const char* const collect_mode_table[_COLLECT_MODE_MAX] = { [COLLECT_INACTIVE] = "inactive", [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed", diff --git a/src/core/unit.h b/src/core/unit.h index 8c79d4ed2e..e903bf8ad7 100644 --- a/src/core/unit.h +++ b/src/core/unit.h @@ -123,8 +123,8 @@ struct UnitRef { * that we can merge two units if necessary and correct all * references to them */ - Unit* unit; - LIST_FIELDS(UnitRef, refs); + Unit *source, *target; + LIST_FIELDS(UnitRef, refs_by_target); }; typedef enum UnitCGroupBPFState { @@ -187,7 +187,7 @@ struct Unit { char *job_timeout_reboot_arg; /* References to this */ - LIST_HEAD(UnitRef, refs); + LIST_HEAD(UnitRef, refs_by_target); /* Conditions to check */ LIST_HEAD(Condition, conditions); @@ -287,8 +287,8 @@ struct Unit { int ipv4_deny_map_fd; int ipv6_deny_map_fd; - BPFProgram *ip_bpf_ingress; - BPFProgram *ip_bpf_egress; + BPFProgram *ip_bpf_ingress, *ip_bpf_ingress_installed; + BPFProgram *ip_bpf_egress, *ip_bpf_egress_installed; uint64_t ip_accounting_extra[_CGROUP_IP_ACCOUNTING_METRIC_MAX]; @@ -490,10 +490,9 @@ struct UnitVTable { /* Additionally to UnitActiveState determine whether unit is to be restarted. */ bool (*will_restart)(Unit *u); - /* Return true when there is reason to keep this entry around - * even nothing references it and it isn't active in any - * way */ - bool (*check_gc)(Unit *u); + /* Return false when there is a reason to prevent this unit from being gc'ed + * even though nothing references it and it isn't active in any way. */ + bool (*may_gc)(Unit *u); /* When the unit is not running and no job for it queued we shall release its runtime resources */ void (*release_resources)(Unit *u); @@ -568,6 +567,9 @@ struct UnitVTable { /* True if transient units of this type are OK */ bool can_transient:1; + /* True if cgroup delegation is permissible */ + bool can_delegate:1; + /* True if queued jobs of this type should be GC'ed if no other job needs them anymore */ bool gc_jobs:1; }; @@ -623,7 +625,7 @@ int unit_add_exec_dependencies(Unit *u, ExecContext *c); int unit_choose_id(Unit *u, const char *name); int unit_set_description(Unit *u, const char *description); -bool unit_check_gc(Unit *u); +bool unit_may_gc(Unit *u); void unit_add_to_load_queue(Unit *u); void unit_add_to_dbus_queue(Unit *u); @@ -725,11 +727,11 @@ void unit_trigger_notify(Unit *u); UnitFileState unit_get_unit_file_state(Unit *u); int unit_get_unit_file_preset(Unit *u); -Unit* unit_ref_set(UnitRef *ref, Unit *u); +Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target); void unit_ref_unset(UnitRef *ref); -#define UNIT_DEREF(ref) ((ref).unit) -#define UNIT_ISSET(ref) (!!(ref).unit) +#define UNIT_DEREF(ref) ((ref).target) +#define UNIT_ISSET(ref) (!!(ref).target) int unit_patch_contexts(Unit *u); @@ -801,6 +803,10 @@ void unit_warn_leftover_processes(Unit *u); bool unit_needs_console(Unit *u); +const char *unit_label_path(Unit *u); + +int unit_pid_attachable(Unit *unit, pid_t pid, sd_bus_error *error); + /* Macros which append UNIT= or USER_UNIT= to the message */ #define log_unit_full(unit, level, error, ...) \ diff --git a/src/coredump/coredump-vacuum.c b/src/coredump/coredump-vacuum.c index aede180b43..e27512167c 100644 --- a/src/coredump/coredump-vacuum.c +++ b/src/coredump/coredump-vacuum.c @@ -24,6 +24,7 @@ #include "coredump-vacuum.h" #include "dirent-util.h" #include "fd-util.h" +#include "fs-util.h" #include "hashmap.h" #include "macro.h" #include "string-util.h" @@ -247,14 +248,13 @@ int coredump_vacuum(int exclude_fd, uint64_t keep_free, uint64_t max_use) { if (r <= 0) return r; - if (unlinkat(dirfd(d), worst->oldest_file, 0) < 0) { + r = unlinkat_deallocate(dirfd(d), worst->oldest_file, 0); + if (r == -ENOENT) + continue; + if (r < 0) + return log_error_errno(r, "Failed to remove file %s: %m", worst->oldest_file); - if (errno == ENOENT) - continue; - - return log_error_errno(errno, "Failed to remove file %s: %m", worst->oldest_file); - } else - log_info("Removed old coredump %s.", worst->oldest_file); + log_info("Removed old coredump %s.", worst->oldest_file); } return 0; diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c index fdcea22f56..e924750d1b 100644 --- a/src/coredump/coredump.c +++ b/src/coredump/coredump.c @@ -102,6 +102,7 @@ enum { CONTEXT_SIGNAL, CONTEXT_TIMESTAMP, CONTEXT_RLIMIT, + CONTEXT_HOSTNAME, CONTEXT_COMM, CONTEXT_EXE, CONTEXT_UNIT, @@ -205,6 +206,7 @@ static int fix_xattr(int fd, const char *context[_CONTEXT_MAX]) { [CONTEXT_SIGNAL] = "user.coredump.signal", [CONTEXT_TIMESTAMP] = "user.coredump.timestamp", [CONTEXT_RLIMIT] = "user.coredump.rlimit", + [CONTEXT_HOSTNAME] = "user.coredump.hostname", [CONTEXT_COMM] = "user.coredump.comm", [CONTEXT_EXE] = "user.coredump.exe", }; @@ -258,6 +260,8 @@ static int fix_permissions( if (fsync(fd) < 0) return log_error_errno(errno, "Failed to sync coredump %s: %m", coredump_tmpfile_name(filename)); + (void) fsync_directory_of_file(fd); + r = link_tmpfile(fd, filename, target); if (r < 0) return log_error_errno(r, "Failed to move coredump %s into place: %m", target); @@ -848,6 +852,7 @@ static void map_context_fields(const struct iovec *iovec, const char* context[]) [CONTEXT_SIGNAL] = "COREDUMP_SIGNAL=", [CONTEXT_TIMESTAMP] = "COREDUMP_TIMESTAMP=", [CONTEXT_RLIMIT] = "COREDUMP_RLIMIT=", + [CONTEXT_HOSTNAME] = "COREDUMP_HOSTNAME=", [CONTEXT_COMM] = "COREDUMP_COMM=", [CONTEXT_EXE] = "COREDUMP_EXE=", }; @@ -981,6 +986,7 @@ static int process_socket(int fd) { assert(context[CONTEXT_SIGNAL]); assert(context[CONTEXT_TIMESTAMP]); assert(context[CONTEXT_RLIMIT]); + assert(context[CONTEXT_HOSTNAME]); assert(context[CONTEXT_COMM]); assert(coredump_fd >= 0); @@ -1067,7 +1073,7 @@ static int send_iovec(const struct iovec iovec[], size_t n_iovec, int input_fd) return 0; } -static char* set_iovec_field(struct iovec iovec[27], size_t *n_iovec, const char *field, const char *value) { +static char* set_iovec_field(struct iovec *iovec, size_t *n_iovec, const char *field, const char *value) { char *x; x = strappend(field, value); @@ -1076,7 +1082,7 @@ static char* set_iovec_field(struct iovec iovec[27], size_t *n_iovec, const char return x; } -static char* set_iovec_field_free(struct iovec iovec[27], size_t *n_iovec, const char *field, char *value) { +static char* set_iovec_field_free(struct iovec *iovec, size_t *n_iovec, const char *field, char *value) { char *x; x = set_iovec_field(iovec, n_iovec, field, value); @@ -1089,7 +1095,7 @@ static int gather_pid_metadata( char **comm_fallback, struct iovec *iovec, size_t *n_iovec) { - /* We need 26 empty slots in iovec! + /* We need 27 empty slots in iovec! * * Note that if we fail on oom later on, we do not roll-back changes to the iovec structure. (It remains valid, * with the first n_iovec fields initialized.) */ @@ -1151,6 +1157,9 @@ static int gather_pid_metadata( if (!set_iovec_field(iovec, n_iovec, "COREDUMP_RLIMIT=", context[CONTEXT_RLIMIT])) return log_oom(); + if (!set_iovec_field(iovec, n_iovec, "COREDUMP_HOSTNAME=", context[CONTEXT_HOSTNAME])) + return log_oom(); + if (!set_iovec_field(iovec, n_iovec, "COREDUMP_COMM=", context[CONTEXT_COMM])) return log_oom(); @@ -1231,7 +1240,7 @@ static int gather_pid_metadata( static int process_kernel(int argc, char* argv[]) { char* context[_CONTEXT_MAX] = {}; - struct iovec iovec[28 + SUBMIT_COREDUMP_FIELDS]; + struct iovec iovec[29 + SUBMIT_COREDUMP_FIELDS]; size_t i, n_iovec, n_to_free = 0; int r; @@ -1248,6 +1257,7 @@ static int process_kernel(int argc, char* argv[]) { context[CONTEXT_SIGNAL] = argv[1 + CONTEXT_SIGNAL]; context[CONTEXT_TIMESTAMP] = argv[1 + CONTEXT_TIMESTAMP]; context[CONTEXT_RLIMIT] = argv[1 + CONTEXT_RLIMIT]; + context[CONTEXT_HOSTNAME] = argv[1 + CONTEXT_HOSTNAME]; r = gather_pid_metadata(context, argv + 1 + CONTEXT_COMM, iovec, &n_to_free); if (r < 0) @@ -1304,9 +1314,10 @@ static int process_backtrace(int argc, char *argv[]) { context[CONTEXT_SIGNAL] = argv[2 + CONTEXT_SIGNAL]; context[CONTEXT_TIMESTAMP] = argv[2 + CONTEXT_TIMESTAMP]; context[CONTEXT_RLIMIT] = argv[2 + CONTEXT_RLIMIT]; + context[CONTEXT_HOSTNAME] = argv[2 + CONTEXT_HOSTNAME]; - n_allocated = 33 + COREDUMP_STORAGE_EXTERNAL; - /* 25 metadata, 2 static, +unknown input, 4 storage, rounded up */ + n_allocated = 34 + COREDUMP_STORAGE_EXTERNAL; + /* 26 metadata, 2 static, +unknown input, 4 storage, rounded up */ iovec = new(struct iovec, n_allocated); if (!iovec) return log_oom(); diff --git a/src/coredump/coredumpctl.c b/src/coredump/coredumpctl.c index 96e4a3e7e2..a4cc9c1db3 100644 --- a/src/coredump/coredumpctl.c +++ b/src/coredump/coredumpctl.c @@ -94,10 +94,7 @@ static int add_match(sd_journal *j, const char *match) { else prefix = "COREDUMP_COMM="; - pattern = strjoin(prefix, match); - if (!pattern) - return log_oom(); - + pattern = strjoina(prefix, match); log_debug("Adding match: %s", pattern); r = sd_journal_add_match(j, pattern, 0); if (r < 0) @@ -932,6 +929,7 @@ static int run_gdb(sd_journal *j) { goto finish; if (r == 0) { execlp("gdb", "gdb", exe, path, NULL); + log_open(); log_error_errno(errno, "Failed to invoke gdb: %m"); _exit(EXIT_FAILURE); } @@ -1040,7 +1038,7 @@ int main(int argc, char *argv[]) { } } - r = journal_access_check_and_warn(j, arg_quiet); + r = journal_access_check_and_warn(j, arg_quiet, true); if (r < 0) goto end; diff --git a/src/delta/delta.c b/src/delta/delta.c index 645b0b2278..4fe89ff9b0 100644 --- a/src/delta/delta.c +++ b/src/delta/delta.c @@ -191,6 +191,7 @@ static int found_override(const char *top, const char *bottom) { return r; if (r == 0) { execlp("diff", "diff", "-us", "--", bottom, top, NULL); + log_open(); log_error_errno(errno, "Failed to execute diff: %m"); _exit(EXIT_FAILURE); } diff --git a/src/firstboot/firstboot.c b/src/firstboot/firstboot.c index c254d6b7e3..d293e0a94a 100644 --- a/src/firstboot/firstboot.c +++ b/src/firstboot/firstboot.c @@ -558,7 +558,7 @@ static int prompt_root_password(void) { for (;;) { _cleanup_string_free_erase_ char *a = NULL, *b = NULL; - r = ask_password_tty(msg1, NULL, 0, 0, NULL, &a); + r = ask_password_tty(-1, msg1, NULL, 0, 0, NULL, &a); if (r < 0) return log_error_errno(r, "Failed to query root password: %m"); @@ -567,7 +567,7 @@ static int prompt_root_password(void) { break; } - r = ask_password_tty(msg2, NULL, 0, 0, NULL, &b); + r = ask_password_tty(-1, msg2, NULL, 0, 0, NULL, &b); if (r < 0) return log_error_errno(r, "Failed to query root password: %m"); diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c index f392f89099..fc58cba64f 100644 --- a/src/fstab-generator/fstab-generator.c +++ b/src/fstab-generator/fstab-generator.c @@ -557,31 +557,28 @@ static int parse_fstab(bool initrd) { if (is_path(where)) { path_kill_slashes(where); + /* Follow symlinks here; see 5261ba901845c084de5a8fd06500ed09bfb0bd80 which makes sense for * mount units, but causes problems since it historically worked to have symlinks in e.g. * /etc/fstab. So we canonicalize here. Note that we use CHASE_NONEXISTENT to handle the case * where a symlink refers to another mount target; this works assuming the sub-mountpoint - * target is the final directory. - */ + * target is the final directory. */ r = chase_symlinks(where, initrd ? "/sysroot" : NULL, CHASE_PREFIX_ROOT | CHASE_NONEXISTENT, &canonical_where); - if (r < 0) - /* In this case for now we continue on as if it wasn't a symlink */ - log_warning_errno(r, "Failed to read symlink target for %s: %m", where); - else { - if (streq(canonical_where, where)) - canonical_where = mfree(canonical_where); - else - log_debug("Canonicalized what=%s where=%s to %s", - what, where, canonical_where); - } + if (r < 0) /* If we can't canonicalize we continue on as if it wasn't a symlink */ + log_debug_errno(r, "Failed to read symlink target for %s, ignoring: %m", where); + else if (streq(canonical_where, where)) /* If it was fully canonicalized, suppress the change */ + canonical_where = mfree(canonical_where); + else + log_debug("Canonicalized what=%s where=%s to %s", what, where, canonical_where); } makefs = fstab_test_option(me->mnt_opts, "x-systemd.makefs\0"); growfs = fstab_test_option(me->mnt_opts, "x-systemd.growfs\0"); noauto = fstab_test_yes_no_option(me->mnt_opts, "noauto\0" "auto\0"); nofail = fstab_test_yes_no_option(me->mnt_opts, "nofail\0" "fail\0"); + log_debug("Found entry what=%s where=%s type=%s makefs=%s nofail=%s noauto=%s", what, where, me->mnt_type, yes_no(makefs), diff --git a/src/hostname/meson.build b/src/hostname/meson.build index 75cc94874b..1ab9271b4c 100644 --- a/src/hostname/meson.build +++ b/src/hostname/meson.build @@ -20,13 +20,6 @@ if conf.get('ENABLE_HOSTNAMED') == 1 install_dir : dbuspolicydir) install_data('org.freedesktop.hostname1.service', install_dir : dbussystemservicedir) - - i18n.merge_file( - 'org.freedesktop.hostname1.policy', - input : 'org.freedesktop.hostname1.policy.in', - output : 'org.freedesktop.hostname1.policy', - po_dir : po_dir, - data_dirs : po_dir, - install : install_polkit, - install_dir : polkitpolicydir) + install_data('org.freedesktop.hostname1.policy', + install_dir : polkitpolicydir) endif diff --git a/src/hostname/org.freedesktop.hostname1.policy.in b/src/hostname/org.freedesktop.hostname1.policy index b10ca31ac5..4ac82c659c 100644 --- a/src/hostname/org.freedesktop.hostname1.policy.in +++ b/src/hostname/org.freedesktop.hostname1.policy @@ -19,8 +19,8 @@ <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url> <action id="org.freedesktop.hostname1.set-hostname"> - <description>Set host name</description> - <message>Authentication is required to set the local host name.</message> + <description gettext-domain="systemd">Set host name</description> + <message gettext-domain="systemd">Authentication is required to set the local host name.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -29,8 +29,8 @@ </action> <action id="org.freedesktop.hostname1.set-static-hostname"> - <description>Set static host name</description> - <message>Authentication is required to set the statically configured local host name, as well as the pretty host name.</message> + <description gettext-domain="systemd">Set static host name</description> + <message gettext-domain="systemd">Authentication is required to set the statically configured local host name, as well as the pretty host name.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -40,8 +40,8 @@ </action> <action id="org.freedesktop.hostname1.set-machine-info"> - <description>Set machine information</description> - <message>Authentication is required to set local machine information.</message> + <description gettext-domain="systemd">Set machine information</description> + <message gettext-domain="systemd">Authentication is required to set local machine information.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> diff --git a/src/hwdb/hwdb.c b/src/hwdb/hwdb.c index 4540260f9b..f27f60e977 100644 --- a/src/hwdb/hwdb.c +++ b/src/hwdb/hwdb.c @@ -103,7 +103,7 @@ static int node_add_child(struct trie *trie, struct trie_node *node, struct trie struct trie_child_entry *child; /* extend array, add new entry, sort for bisection */ - child = realloc(node->children, (node->children_count + 1) * sizeof(struct trie_child_entry)); + child = reallocarray(node->children, node->children_count + 1, sizeof(struct trie_child_entry)); if (!child) return -ENOMEM; @@ -197,7 +197,7 @@ static int trie_node_add_value(struct trie *trie, struct trie_node *node, } /* extend array, add new entry, sort for bisection */ - val = realloc(node->values, (node->values_count + 1) * sizeof(struct trie_value_entry)); + val = reallocarray(node->values, node->values_count + 1, sizeof(struct trie_value_entry)); if (!val) return -ENOMEM; trie->values_count++; diff --git a/src/import/export-raw.c b/src/import/export-raw.c index 8485027b2b..eaa6d10915 100644 --- a/src/import/export-raw.c +++ b/src/import/export-raw.c @@ -37,6 +37,7 @@ #include "import-common.h" #include "missing.h" #include "ratelimit.h" +#include "stat-util.h" #include "string-util.h" #include "util.h" @@ -319,8 +320,9 @@ int raw_export_start(RawExport *e, const char *path, int fd, ImportCompressType if (fstat(sfd, &e->st) < 0) return -errno; - if (!S_ISREG(e->st.st_mode)) - return -ENOTTY; + r = stat_verify_regular(&e->st); + if (r < 0) + return r; /* Try to take a reflink snapshot of the file, if we can t make the export atomic */ tfd = reflink_snapshot(sfd, path); diff --git a/src/import/import-common.c b/src/import/import-common.c index c24a0b0c86..a3dc1dde8c 100644 --- a/src/import/import-common.c +++ b/src/import/import-common.c @@ -87,7 +87,6 @@ int import_fork_tar_x(const char *path, pid_t *ret) { if (r < 0) return r; if (r == 0) { - int null_fd; uint64_t retain = (1ULL << CAP_CHOWN) | (1ULL << CAP_FOWNER) | @@ -100,26 +99,12 @@ int import_fork_tar_x(const char *path, pid_t *ret) { pipefd[1] = safe_close(pipefd[1]); - r = move_fd(pipefd[0], STDIN_FILENO, false); + r = rearrange_stdio(pipefd[0], -1, STDERR_FILENO); if (r < 0) { - log_error_errno(r, "Failed to move fd: %m"); + log_error_errno(r, "Failed to rearrange stdin/stdout: %m"); _exit(EXIT_FAILURE); } - null_fd = open("/dev/null", O_WRONLY|O_NOCTTY); - if (null_fd < 0) { - log_error_errno(errno, "Failed to open /dev/null: %m"); - _exit(EXIT_FAILURE); - } - - r = move_fd(null_fd, STDOUT_FILENO, false); - if (r < 0) { - log_error_errno(r, "Failed to move fd: %m"); - _exit(EXIT_FAILURE); - } - - stdio_unset_cloexec(); - if (unshare(CLONE_NEWNET) < 0) log_error_errno(errno, "Failed to lock tar into network namespace, ignoring: %m"); @@ -156,33 +141,18 @@ int import_fork_tar_c(const char *path, pid_t *ret) { if (r < 0) return r; if (r == 0) { - int null_fd; uint64_t retain = (1ULL << CAP_DAC_OVERRIDE); /* Child */ pipefd[0] = safe_close(pipefd[0]); - r = move_fd(pipefd[1], STDOUT_FILENO, false); + r = rearrange_stdio(-1, pipefd[1], STDERR_FILENO); if (r < 0) { - log_error_errno(r, "Failed to move fd: %m"); + log_error_errno(r, "Failed to rearrange stdin/stdout: %m"); _exit(EXIT_FAILURE); } - null_fd = open("/dev/null", O_RDONLY|O_NOCTTY); - if (null_fd < 0) { - log_error_errno(errno, "Failed to open /dev/null: %m"); - _exit(EXIT_FAILURE); - } - - r = move_fd(null_fd, STDIN_FILENO, false); - if (r < 0) { - log_error_errno(errno, "Failed to move fd: %m"); - _exit(EXIT_FAILURE); - } - - stdio_unset_cloexec(); - if (unshare(CLONE_NEWNET) < 0) log_error_errno(errno, "Failed to lock tar into network namespace, ignoring: %m"); diff --git a/src/import/importd.c b/src/import/importd.c index 98ee1a2fab..10f52c7fc1 100644 --- a/src/import/importd.c +++ b/src/import/importd.c @@ -395,57 +395,14 @@ static int transfer_start(Transfer *t) { pipefd[0] = safe_close(pipefd[0]); - if (dup2(pipefd[1], STDERR_FILENO) != STDERR_FILENO) { - log_error_errno(errno, "Failed to dup2() fd: %m"); + r = rearrange_stdio(t->stdin_fd, + t->stdout_fd < 0 ? pipefd[1] : t->stdout_fd, + pipefd[1]); + if (r < 0) { + log_error_errno(r, "Failed to set stdin/stdout/stderr: %m"); _exit(EXIT_FAILURE); } - if (t->stdout_fd >= 0) { - if (dup2(t->stdout_fd, STDOUT_FILENO) != STDOUT_FILENO) { - log_error_errno(errno, "Failed to dup2() fd: %m"); - _exit(EXIT_FAILURE); - } - - if (t->stdout_fd != STDOUT_FILENO) - safe_close(t->stdout_fd); - } else { - if (dup2(pipefd[1], STDOUT_FILENO) != STDOUT_FILENO) { - log_error_errno(errno, "Failed to dup2() fd: %m"); - _exit(EXIT_FAILURE); - } - } - - if (!IN_SET(pipefd[1], STDOUT_FILENO, STDERR_FILENO)) - pipefd[1] = safe_close(pipefd[1]); - - if (t->stdin_fd >= 0) { - if (dup2(t->stdin_fd, STDIN_FILENO) != STDIN_FILENO) { - log_error_errno(errno, "Failed to dup2() fd: %m"); - _exit(EXIT_FAILURE); - } - - if (t->stdin_fd != STDIN_FILENO) - safe_close(t->stdin_fd); - } else { - int null_fd; - - null_fd = open("/dev/null", O_RDONLY|O_NOCTTY); - if (null_fd < 0) { - log_error_errno(errno, "Failed to open /dev/null: %m"); - _exit(EXIT_FAILURE); - } - - if (dup2(null_fd, STDIN_FILENO) != STDIN_FILENO) { - log_error_errno(errno, "Failed to dup2() fd: %m"); - _exit(EXIT_FAILURE); - } - - if (null_fd != STDIN_FILENO) - safe_close(null_fd); - } - - stdio_unset_cloexec(); - if (setenv("SYSTEMD_LOG_TARGET", "console-prefixed", 1) < 0 || setenv("NOTIFY_SOCKET", "/run/systemd/import/notify", 1) < 0) { log_error_errno(errno, "setenv() failed: %m"); diff --git a/src/import/meson.build b/src/import/meson.build index 2dcc0bcc00..975afc624d 100644 --- a/src/import/meson.build +++ b/src/import/meson.build @@ -70,15 +70,8 @@ if conf.get('ENABLE_IMPORTD') == 1 install_dir : dbuspolicydir) install_data('org.freedesktop.import1.service', install_dir : dbussystemservicedir) - - i18n.merge_file( - 'org.freedesktop.import1.policy', - input : 'org.freedesktop.import1.policy.in', - output : 'org.freedesktop.import1.policy', - po_dir : po_dir, - data_dirs : po_dir, - install : install_polkit, - install_dir : polkitpolicydir) + install_data('org.freedesktop.import1.policy', + install_dir : polkitpolicydir) install_data('import-pubring.gpg', install_dir : rootlibexecdir) diff --git a/src/import/org.freedesktop.import1.policy.in b/src/import/org.freedesktop.import1.policy index d96ca2d060..beea5fea67 100644 --- a/src/import/org.freedesktop.import1.policy.in +++ b/src/import/org.freedesktop.import1.policy @@ -19,8 +19,8 @@ <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url> <action id="org.freedesktop.import1.import"> - <description>Import a VM or container image</description> - <message>Authentication is required to import a VM or container image</message> + <description gettext-domain="systemd">Import a VM or container image</description> + <message gettext-domain="systemd">Authentication is required to import a VM or container image</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -29,8 +29,8 @@ </action> <action id="org.freedesktop.import1.export"> - <description>Export a VM or container image</description> - <message>Authentication is required to export a VM or container image</message> + <description gettext-domain="systemd">Export a VM or container image</description> + <message gettext-domain="systemd">Authentication is required to export a VM or container image</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -39,8 +39,8 @@ </action> <action id="org.freedesktop.import1.pull"> - <description>Download a VM or container image</description> - <message>Authentication is required to download a VM or container image</message> + <description gettext-domain="systemd">Download a VM or container image</description> + <message gettext-domain="systemd">Authentication is required to download a VM or container image</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> diff --git a/src/import/pull-common.c b/src/import/pull-common.c index ecdcbd2dc2..7651870bf0 100644 --- a/src/import/pull-common.c +++ b/src/import/pull-common.c @@ -483,27 +483,14 @@ int pull_verify(PullJob *main_job, NULL /* trailing NULL */ }; unsigned k = ELEMENTSOF(cmd) - 6; - int null_fd; /* Child */ gpg_pipe[1] = safe_close(gpg_pipe[1]); - r = move_fd(gpg_pipe[0], STDIN_FILENO, false); + r = rearrange_stdio(gpg_pipe[0], -1, STDERR_FILENO); if (r < 0) { - log_error_errno(errno, "Failed to move fd: %m"); - _exit(EXIT_FAILURE); - } - - null_fd = open("/dev/null", O_WRONLY|O_NOCTTY); - if (null_fd < 0) { - log_error_errno(errno, "Failed to open /dev/null: %m"); - _exit(EXIT_FAILURE); - } - - r = move_fd(null_fd, STDOUT_FILENO, false); - if (r < 0) { - log_error_errno(errno, "Failed to move fd: %m"); + log_error_errno(r, "Failed to rearrange stdin/stdout: %m"); _exit(EXIT_FAILURE); } @@ -524,8 +511,6 @@ int pull_verify(PullJob *main_job, cmd[k++] = NULL; } - stdio_unset_cloexec(); - execvp("gpg2", (char * const *) cmd); execvp("gpg", (char * const *) cmd); log_error_errno(errno, "Failed to execute gpg: %m"); diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c index 66d5369a54..428725223d 100644 --- a/src/journal-remote/journal-remote.c +++ b/src/journal-remote/journal-remote.c @@ -96,23 +96,20 @@ static int spawn_child(const char* child, char** argv) { /* In the child */ if (r == 0) { + safe_close(fd[0]); - r = dup2(fd[1], STDOUT_FILENO); + r = rearrange_stdio(STDIN_FILENO, fd[1], STDERR_FILENO); if (r < 0) { - log_error_errno(errno, "Failed to dup pipe to stdout: %m"); + log_error_errno(r, "Failed to dup pipe to stdout: %m"); _exit(EXIT_FAILURE); } - safe_close_pair(fd); - execvp(child, argv); log_error_errno(errno, "Failed to exec child %s: %m", child); _exit(EXIT_FAILURE); } - r = close(fd[1]); - if (r < 0) - log_warning_errno(errno, "Failed to close write end of pipe: %m"); + safe_close(fd[1]); r = fd_nonblock(fd[0], true); if (r < 0) diff --git a/src/journal-remote/journal-upload.c b/src/journal-remote/journal-upload.c index 0b74ca98a7..3094785618 100644 --- a/src/journal-remote/journal-upload.c +++ b/src/journal-remote/journal-upload.c @@ -328,9 +328,7 @@ static size_t fd_input_callback(void *buf, size_t size, size_t nmemb, void *user static void close_fd_input(Uploader *u) { assert(u); - if (u->input >= 0) - close_nointr(u->input); - u->input = -1; + u->input = safe_close(u->input); u->timeout = 0; } diff --git a/src/journal/cat.c b/src/journal/cat.c index b2f9ed5010..1815d58158 100644 --- a/src/journal/cat.c +++ b/src/journal/cat.c @@ -135,16 +135,13 @@ int main(int argc, char *argv[]) { saved_stderr = fcntl(STDERR_FILENO, F_DUPFD_CLOEXEC, 3); - if (dup3(fd, STDOUT_FILENO, 0) < 0 || - dup3(fd, STDERR_FILENO, 0) < 0) { - r = log_error_errno(errno, "Failed to duplicate fd: %m"); + r = rearrange_stdio(STDIN_FILENO, fd, fd); /* Invalidates fd on succcess + error! */ + fd = -1; + if (r < 0) { + log_error_errno(r, "Failed to rearrange stdout/stderr: %m"); goto finish; } - if (fd >= 3) - safe_close(fd); - fd = -1; - if (argc <= optind) (void) execl("/bin/cat", "/bin/cat", NULL); else diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c index 3353b3a0d8..5643c0578d 100644 --- a/src/journal/journal-file.c +++ b/src/journal/journal-file.c @@ -33,6 +33,7 @@ #include "chattr-util.h" #include "compress.h" #include "fd-util.h" +#include "fs-util.h" #include "journal-authenticate.h" #include "journal-def.h" #include "journal-file.h" @@ -42,6 +43,7 @@ #include "random-util.h" #include "sd-event.h" #include "set.h" +#include "stat-util.h" #include "string-util.h" #include "strv.h" #include "xattr-util.h" @@ -453,39 +455,6 @@ static int journal_file_init_header(JournalFile *f, JournalFile *template) { return 0; } -static int fsync_directory_of_file(int fd) { - _cleanup_free_ char *path = NULL, *dn = NULL; - _cleanup_close_ int dfd = -1; - struct stat st; - int r; - - if (fstat(fd, &st) < 0) - return -errno; - - if (!S_ISREG(st.st_mode)) - return -EBADFD; - - r = fd_get_path(fd, &path); - if (r < 0) - return r; - - if (!path_is_absolute(path)) - return -EINVAL; - - dn = dirname_malloc(path); - if (!dn) - return -ENOMEM; - - dfd = open(dn, O_RDONLY|O_CLOEXEC|O_DIRECTORY); - if (dfd < 0) - return -errno; - - if (fsync(dfd) < 0) - return -errno; - - return 0; -} - static int journal_file_refresh_header(JournalFile *f) { sd_id128_t boot_id; int r; @@ -643,6 +612,8 @@ static int journal_file_verify_header(JournalFile *f) { } static int journal_file_fstat(JournalFile *f) { + int r; + assert(f); assert(f->fd >= 0); @@ -651,6 +622,11 @@ static int journal_file_fstat(JournalFile *f) { f->last_stat_usec = now(CLOCK_MONOTONIC); + /* Refuse dealing with with files that aren't regular */ + r = stat_verify_regular(&f->last_stat); + if (r < 0) + return r; + /* Refuse appending to files that are already deleted */ if (f->last_stat.st_nlink <= 0) return -EIDRM; @@ -3292,6 +3268,8 @@ int journal_file_open( goto fail; } } else { + assert(fd >= 0); + /* If we don't know the path, fill in something explanatory and vaguely useful */ if (asprintf(&f->path, "/proc/self/%i", fd) < 0) { r = -ENOMEM; @@ -3306,7 +3284,11 @@ int journal_file_open( } if (f->fd < 0) { - f->fd = open(f->path, f->flags|O_CLOEXEC, f->mode); + /* We pass O_NONBLOCK here, so that in case somebody pointed us to some character device node or FIFO + * or so, we likely fail quickly than block for long. For regular files O_NONBLOCK has no effect, hence + * it doesn't hurt in that case. */ + + f->fd = open(f->path, f->flags|O_CLOEXEC|O_NONBLOCK, f->mode); if (f->fd < 0) { r = -errno; goto fail; @@ -3314,6 +3296,10 @@ int journal_file_open( /* fds we opened here by us should also be closed by us. */ f->close_fd = true; + + r = fd_nonblock(f->fd, false); + if (r < 0) + goto fail; } f->cache_fd = mmap_cache_add_fd(f->mmap, f->fd); @@ -3330,17 +3316,12 @@ int journal_file_open( (void) journal_file_warn_btrfs(f); - /* Let's attach the creation time to the journal file, - * so that the vacuuming code knows the age of this - * file even if the file might end up corrupted one - * day... Ideally we'd just use the creation time many - * file systems maintain for each file, but there is - * currently no usable API to query this, hence let's - * emulate this via extended attributes. If extended - * attributes are not supported we'll just skip this, - * and rely solely on mtime/atime/ctime of the file. */ - - fd_setcrtime(f->fd, 0); + /* Let's attach the creation time to the journal file, so that the vacuuming code knows the age of this + * file even if the file might end up corrupted one day... Ideally we'd just use the creation time many + * file systems maintain for each file, but the API to query this is very new, hence let's emulate this + * via extended attributes. If extended attributes are not supported we'll just skip this, and rely + * solely on mtime/atime/ctime of the file. */ + (void) fd_setcrtime(f->fd, 0); #if HAVE_GCRYPT /* Try to load the FSPRG state, and if we can't, then @@ -3691,7 +3672,7 @@ void journal_default_metrics(JournalMetrics *m, int fd) { if (fstatvfs(fd, &ss) >= 0) fs_size = ss.f_frsize * ss.f_blocks; else { - log_debug_errno(errno, "Failed to detremine disk size: %m"); + log_debug_errno(errno, "Failed to determine disk size: %m"); fs_size = 0; } diff --git a/src/journal/journal-file.h b/src/journal/journal-file.h index c5cfa3d878..67abf8da49 100644 --- a/src/journal/journal-file.h +++ b/src/journal/journal-file.h @@ -122,6 +122,8 @@ typedef struct JournalFile { pthread_t offline_thread; volatile OfflineState offline_state; + unsigned last_seen_generation; + #if HAVE_XZ || HAVE_LZ4 void *compress_buffer; size_t compress_buffer_size; diff --git a/src/journal/journal-internal.h b/src/journal/journal-internal.h index 5ec87e83d7..e5f563cced 100644 --- a/src/journal/journal-internal.h +++ b/src/journal/journal-internal.h @@ -80,6 +80,7 @@ struct Directory { char *path; int wd; bool is_root; + unsigned last_seen_generation; }; struct sd_journal { @@ -89,6 +90,7 @@ struct sd_journal { char *prefix; OrderedHashmap *files; + IteratedCache *files_cache; MMapCache *mmap; Location current_location; @@ -103,6 +105,7 @@ struct sd_journal { int inotify_fd; unsigned current_invalidate_counter, last_invalidate_counter; usec_t last_process_usec; + unsigned generation; /* Iterating through unique fields and their data values */ char *unique_field; diff --git a/src/journal/journal-vacuum.c b/src/journal/journal-vacuum.c index c21e87858a..db36a6ab80 100644 --- a/src/journal/journal-vacuum.c +++ b/src/journal/journal-vacuum.c @@ -27,6 +27,7 @@ #include "alloc-util.h" #include "dirent-util.h" #include "fd-util.h" +#include "fs-util.h" #include "journal-def.h" #include "journal-file.h" #include "journal-vacuum.h" @@ -278,14 +279,15 @@ int journal_directory_vacuum( if (r > 0) { /* Always vacuum empty non-online files. */ - if (unlinkat(dirfd(d), p, 0) >= 0) { + r = unlinkat_deallocate(dirfd(d), p, 0); + if (r >= 0) { log_full(verbose ? LOG_INFO : LOG_DEBUG, "Deleted empty archived journal %s/%s (%s).", directory, p, format_bytes(sbytes, sizeof(sbytes), size)); freed += size; - } else if (errno != ENOENT) - log_warning_errno(errno, "Failed to delete empty archived journal %s/%s: %m", directory, p); + } else if (r != -ENOENT) + log_warning_errno(r, "Failed to delete empty archived journal %s/%s: %m", directory, p); continue; } @@ -321,7 +323,8 @@ int journal_directory_vacuum( (n_max_files <= 0 || left <= n_max_files)) break; - if (unlinkat(dirfd(d), list[i].filename, 0) >= 0) { + r = unlinkat_deallocate(dirfd(d), list[i].filename, 0); + if (r >= 0) { log_full(verbose ? LOG_INFO : LOG_DEBUG, "Deleted archived journal %s/%s (%s).", directory, list[i].filename, format_bytes(sbytes, sizeof(sbytes), list[i].usage)); freed += list[i].usage; @@ -330,8 +333,8 @@ int journal_directory_vacuum( else sum = 0; - } else if (errno != ENOENT) - log_warning_errno(errno, "Failed to delete archived journal %s/%s: %m", directory, list[i].filename); + } else if (r != -ENOENT) + log_warning_errno(r, "Failed to delete archived journal %s/%s: %m", directory, list[i].filename); } if (oldest_usec && i < n_list && (*oldest_usec == 0 || list[i].realtime < *oldest_usec)) diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c index 17782688d9..e0ad0e1d11 100644 --- a/src/journal/journalctl.c +++ b/src/journal/journalctl.c @@ -81,6 +81,8 @@ #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE) +#define PROCESS_INOTIFY_INTERVAL 1024 /* Every 1,024 messages processed */ + #if HAVE_PCRE2 DEFINE_TRIVIAL_CLEANUP_FUNC(pcre2_match_data*, pcre2_match_data_free); DEFINE_TRIVIAL_CLEANUP_FUNC(pcre2_code*, pcre2_code_free); @@ -334,7 +336,7 @@ static void help(void) { " --user-unit=UNIT Show logs from the specified user unit\n" " -t --identifier=STRING Show entries with the specified syslog identifier\n" " -p --priority=RANGE Show entries with the specified priority\n" - " -g --grep=PATTERN Show entries with MESSSAGE matching PATTERN\n" + " -g --grep=PATTERN Show entries with MESSAGE matching PATTERN\n" " --case-sensitive[=BOOL] Force case sensitive or insenstive matching\n" " -e --pager-end Immediately jump to the end in the pager\n" " -f --follow Follow the journal\n" @@ -492,7 +494,7 @@ static int parse_argv(int argc, char *argv[]) { assert(argc >= 0); assert(argv); - while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:c:S:U:t:u:NF:xrM:", options, NULL)) >= 0) + while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:g:c:S:U:t:u:NF:xrM:", options, NULL)) >= 0) switch (c) { @@ -970,8 +972,7 @@ static int parse_argv(int argc, char *argv[]) { return -EINVAL; } - if (!strv_isempty(arg_system_units) && (arg_journal_type == SD_JOURNAL_CURRENT_USER)) { - + if (!strv_isempty(arg_system_units) && arg_journal_type == SD_JOURNAL_CURRENT_USER) { /* Specifying --user and --unit= at the same time makes no sense (as the former excludes the user * journal, but the latter excludes the system journal, thus resulting in empty output). Let's be nice * to users, and automatically turn --unit= into --user-unit= if combined with --user. */ @@ -2239,7 +2240,8 @@ int main(int argc, char *argv[]) { goto finish; } - r = journal_access_check_and_warn(j, arg_quiet); + r = journal_access_check_and_warn(j, arg_quiet, + !(arg_journal_type == SD_JOURNAL_CURRENT_USER || arg_user_units)); if (r < 0) goto finish; @@ -2639,6 +2641,20 @@ int main(int argc, char *argv[]) { goto finish; n_shown++; + + /* If journalctl take a long time to process messages, and during that time journal file + * rotation occurs, a journalctl client will keep those rotated files open until it calls + * sd_journal_process(), which typically happens as a result of calling sd_journal_wait() below + * in the "following" case. By periodically calling sd_journal_process() during the processing + * loop we shrink the window of time a client instance has open file descriptors for rotated + * (deleted) journal files. */ + if ((n_shown % PROCESS_INOTIFY_INTERVAL) == 0) { + r = sd_journal_process(j); + if (r < 0) { + log_error_errno(r, "Failed to process inotify events: %m"); + goto finish; + } + } } if (!arg_follow) { diff --git a/src/journal/journald-kmsg.c b/src/journal/journald-kmsg.c index 0fadc16fbd..5895e48701 100644 --- a/src/journal/journald-kmsg.c +++ b/src/journal/journald-kmsg.c @@ -98,15 +98,17 @@ void server_forward_kmsg( log_debug_errno(errno, "Failed to write to /dev/kmsg for logging: %m"); } -static bool is_us(const char *pid) { - pid_t t; +static bool is_us(const char *identifier, const char *pid) { + pid_t pid_num; - assert(pid); + if (!identifier || !pid) + return false; - if (parse_pid(pid, &t) < 0) + if (parse_pid(pid, &pid_num) < 0) return false; - return t == getpid_cached(); + return pid_num == getpid_cached() && + streq(identifier, program_invocation_short_name); } static void dev_kmsg_record(Server *s, const char *p, size_t l) { @@ -136,7 +138,7 @@ static void dev_kmsg_record(Server *s, const char *p, size_t l) { if (r < 0 || priority < 0 || priority > 999) return; - if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN) + if (s->forward_to_kmsg && LOG_FAC(priority) != LOG_KERN) return; l -= (e - p) + 1; @@ -285,14 +287,14 @@ static void dev_kmsg_record(Server *s, const char *p, size_t l) { if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0) iovec[n++] = IOVEC_MAKE_STRING(syslog_facility); - if ((priority & LOG_FACMASK) == LOG_KERN) + if (LOG_FAC(priority) == LOG_KERN) iovec[n++] = IOVEC_MAKE_STRING("SYSLOG_IDENTIFIER=kernel"); else { pl -= syslog_parse_identifier((const char**) &p, &identifier, &pid); /* Avoid any messages we generated ourselves via * log_info() and friends. */ - if (pid && is_us(pid)) + if (is_us(identifier, pid)) goto finish; if (identifier) { diff --git a/src/journal/journald-native.h b/src/journal/journald-native.h index 7ca17ec609..f1b4abc41a 100644 --- a/src/journal/journald-native.h +++ b/src/journal/journald-native.h @@ -22,8 +22,6 @@ #include "journald-server.h" -bool valid_user_field(const char *p, size_t l, bool allow_protected); - void server_process_native_message(Server *s, const void *buffer, size_t buffer_size, const struct ucred *ucred, const struct timeval *tv, const char *label, size_t label_len); void server_process_native_file(Server *s, int fd, const struct ucred *ucred, const struct timeval *tv, const char *label, size_t label_len); diff --git a/src/journal/journald-stream.c b/src/journal/journald-stream.c index 671ada718c..bb7330f3db 100644 --- a/src/journal/journald-stream.c +++ b/src/journal/journald-stream.c @@ -778,7 +778,9 @@ int server_restore_streams(Server *s, FDSet *fds) { if (!found) { /* No file descriptor? Then let's delete the state file */ log_debug("Cannot restore stream file %s", de->d_name); - unlinkat(dirfd(d), de->d_name, 0); + if (unlinkat(dirfd(d), de->d_name, 0) < 0) + log_warning("Failed to remove /run/systemd/journal/streams/%s: %m", + de->d_name); continue; } diff --git a/src/journal/meson.build b/src/journal/meson.build index a23f6a712c..db4d598e72 100644 --- a/src/journal/meson.build +++ b/src/journal/meson.build @@ -131,8 +131,8 @@ meson.add_install_script( mkdir_p.format('/var/log/journal')) meson.add_install_script( 'sh', '-c', - 'chown 0:0 $DESTDIR/var/log/journal && - chmod 755 $DESTDIR/var/log/journal || :') + '''chown 0:0 $DESTDIR/var/log/journal && + chmod 755 $DESTDIR/var/log/journal || :''') if get_option('adm-group') meson.add_install_script( 'sh', '-c', diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c index 6da7bf8e81..11dbd83f2d 100644 --- a/src/journal/sd-journal.c +++ b/src/journal/sd-journal.c @@ -40,6 +40,7 @@ #include "fs-util.h" #include "hashmap.h" #include "hostname-util.h" +#include "id128-util.h" #include "io-util.h" #include "journal-def.h" #include "journal-file.h" @@ -51,6 +52,7 @@ #include "process-util.h" #include "replace-var.h" #include "stat-util.h" +#include "stat-util.h" #include "stdio-util.h" #include "string-util.h" #include "strv.h" @@ -820,15 +822,21 @@ static int next_beyond_location(sd_journal *j, JournalFile *f, direction_t direc } static int real_journal_next(sd_journal *j, direction_t direction) { - JournalFile *f, *new_file = NULL; - Iterator i; + JournalFile *new_file = NULL; + unsigned i, n_files; + const void **files; Object *o; int r; assert_return(j, -EINVAL); assert_return(!journal_pid_changed(j), -ECHILD); - ORDERED_HASHMAP_FOREACH(f, j->files, i) { + r = iterated_cache_get(j->files_cache, NULL, &files, &n_files); + if (r < 0) + return r; + + for (i = 0; i < n_files; i++) { + JournalFile *f = (JournalFile *)files[i]; bool found; r = next_beyond_location(j, f, direction); @@ -1133,7 +1141,6 @@ _public_ int sd_journal_test_cursor(sd_journal *j, const char *cursor) { return 1; } - _public_ int sd_journal_seek_monotonic_usec(sd_journal *j, sd_id128_t boot_id, uint64_t usec) { assert_return(j, -EINVAL); assert_return(!journal_pid_changed(j), -ECHILD); @@ -1180,22 +1187,12 @@ _public_ int sd_journal_seek_tail(sd_journal *j) { } static void check_network(sd_journal *j, int fd) { - struct statfs sfs; - assert(j); if (j->on_network) return; - if (fstatfs(fd, &sfs) < 0) - return; - - j->on_network = - F_TYPE_EQUAL(sfs.f_type, CIFS_MAGIC_NUMBER) || - F_TYPE_EQUAL(sfs.f_type, CODA_SUPER_MAGIC) || - F_TYPE_EQUAL(sfs.f_type, NCP_SUPER_MAGIC) || - F_TYPE_EQUAL(sfs.f_type, NFS_SUPER_MAGIC) || - F_TYPE_EQUAL(sfs.f_type, SMB_SUPER_MAGIC); + j->on_network = fd_is_network_fs(fd); } static bool file_has_type_prefix(const char *prefix, const char *filename) { @@ -1246,6 +1243,16 @@ static bool path_has_prefix(sd_journal *j, const char *path, const char *prefix) return path_startswith(path, prefix); } +static void track_file_disposition(sd_journal *j, JournalFile *f) { + assert(j); + assert(f); + + if (!j->has_runtime_files && path_has_prefix(j, f->path, "/run")) + j->has_runtime_files = true; + else if (!j->has_persistent_files && path_has_prefix(j, f->path, "/var")) + j->has_persistent_files = true; +} + static const char *skip_slash(const char *p) { if (!p) @@ -1257,76 +1264,125 @@ static const char *skip_slash(const char *p) { return p; } -static int add_any_file(sd_journal *j, int fd, const char *path) { - JournalFile *f = NULL; +static int add_any_file( + sd_journal *j, + int fd, + const char *path) { + bool close_fd = false; + JournalFile *f; + struct stat st; int r, k; assert(j); assert(fd >= 0 || path); - if (path && ordered_hashmap_get(j->files, path)) - return 0; + if (fd < 0) { + if (j->toplevel_fd >= 0) + /* If there's a top-level fd defined make the path relative, explicitly, since otherwise + * openat() ignores the first argument. */ - if (ordered_hashmap_size(j->files) >= JOURNAL_FILES_MAX) { - log_debug("Too many open journal files, not adding %s.", path); - r = -ETOOMANYREFS; - goto fail; + fd = openat(j->toplevel_fd, skip_slash(path), O_RDONLY|O_CLOEXEC|O_NONBLOCK); + else + fd = open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK); + if (fd < 0) { + r = log_debug_errno(errno, "Failed to open journal file %s: %m", path); + goto finish; + } + + close_fd = true; + + r = fd_nonblock(fd, false); + if (r < 0) { + r = log_debug_errno(errno, "Failed to turn off O_NONBLOCK for %s: %m", path); + goto finish; + } } - if (fd < 0 && j->toplevel_fd >= 0) { + if (fstat(fd, &st) < 0) { + r = log_debug_errno(errno, "Failed to fstat file '%s': %m", path); + goto finish; + } - /* If there's a top-level fd defined, open the file relative to this now. (Make the path relative, - * explicitly, since otherwise openat() ignores the first argument.) */ + r = stat_verify_regular(&st); + if (r < 0) { + log_debug_errno(r, "Refusing to open '%s', as it is not a regular file.", path); + goto finish; + } - fd = openat(j->toplevel_fd, skip_slash(path), O_RDONLY|O_CLOEXEC); - if (fd < 0) { - r = log_debug_errno(errno, "Failed to open journal file %s: %m", path); - goto fail; + f = ordered_hashmap_get(j->files, path); + if (f) { + if (f->last_stat.st_dev == st.st_dev && + f->last_stat.st_ino == st.st_ino) { + + /* We already track this file, under the same path and with the same device/inode numbers, it's + * hence really the same. Mark this file as seen in this generation. This is used to GC old + * files in process_q_overflow() to detect journal files that are still there and discern them + * from those which are gone. */ + + f->last_seen_generation = j->generation; + r = 0; + goto finish; } - close_fd = true; + /* So we tracked a file under this name, but it has a different inode/device. In that case, it got + * replaced (probably due to rotation?), let's drop it hence from our list. */ + remove_file_real(j, f); + f = NULL; + } + + if (ordered_hashmap_size(j->files) >= JOURNAL_FILES_MAX) { + log_debug("Too many open journal files, not adding %s.", path); + r = -ETOOMANYREFS; + goto finish; } r = journal_file_open(fd, path, O_RDONLY, 0, false, false, NULL, j->mmap, NULL, NULL, &f); if (r < 0) { - if (close_fd) - safe_close(fd); log_debug_errno(r, "Failed to open journal file %s: %m", path); - goto fail; + goto finish; } /* journal_file_dump(f); */ r = ordered_hashmap_put(j->files, f->path, f); if (r < 0) { - f->close_fd = close_fd; + f->close_fd = false; /* make sure journal_file_close() doesn't close the caller's fd (or our own). We'll let the caller do that, or ourselves */ (void) journal_file_close(f); - goto fail; + goto finish; } - if (!j->has_runtime_files && path_has_prefix(j, f->path, "/run")) - j->has_runtime_files = true; - else if (!j->has_persistent_files && path_has_prefix(j, f->path, "/var")) - j->has_persistent_files = true; + close_fd = false; /* the fd is now owned by the JournalFile object */ - log_debug("File %s added.", f->path); + f->last_seen_generation = j->generation; + track_file_disposition(j, f); check_network(j, f->fd); j->current_invalidate_counter++; - return 0; + log_debug("File %s added.", f->path); -fail: - k = journal_put_error(j, r, path); - if (k < 0) - return k; + r = 0; + +finish: + if (close_fd) + safe_close(fd); + + if (r < 0) { + k = journal_put_error(j, r, path); + if (k < 0) + return k; + } return r; } -static int add_file(sd_journal *j, const char *prefix, const char *filename) { +static int add_file_by_name( + sd_journal *j, + const char *prefix, + const char *filename) { + const char *path; assert(j); @@ -1343,7 +1399,11 @@ static int add_file(sd_journal *j, const char *prefix, const char *filename) { return add_any_file(j, -1, path); } -static void remove_file(sd_journal *j, const char *prefix, const char *filename) { +static void remove_file_by_name( + sd_journal *j, + const char *prefix, + const char *filename) { + const char *path; JournalFile *f; @@ -1363,7 +1423,7 @@ static void remove_file_real(sd_journal *j, JournalFile *f) { assert(j); assert(f); - ordered_hashmap_remove(j->files, f->path); + (void) ordered_hashmap_remove(j->files, f->path); log_debug("File %s removed.", f->path); @@ -1407,10 +1467,102 @@ static int dirname_is_machine_id(const char *fn) { return sd_id128_equal(id, machine); } +static bool dirent_is_journal_file(const struct dirent *de) { + assert(de); + + if (!IN_SET(de->d_type, DT_REG, DT_LNK, DT_UNKNOWN)) + return false; + + return endswith(de->d_name, ".journal") || + endswith(de->d_name, ".journal~"); +} + +static bool dirent_is_id128_subdir(const struct dirent *de) { + assert(de); + + if (!IN_SET(de->d_type, DT_DIR, DT_LNK, DT_UNKNOWN)) + return false; + + return id128_is_valid(de->d_name); +} + +static int directory_open(sd_journal *j, const char *path, DIR **ret) { + DIR *d; + + assert(j); + assert(path); + assert(ret); + + if (j->toplevel_fd < 0) + d = opendir(path); + else + /* Open the specified directory relative to the toplevel fd. Enforce that the path specified is + * relative, by dropping the initial slash */ + d = xopendirat(j->toplevel_fd, skip_slash(path), 0); + if (!d) + return -errno; + + *ret = d; + return 0; +} + +static int add_directory(sd_journal *j, const char *prefix, const char *dirname); + +static void directory_enumerate(sd_journal *j, Directory *m, DIR *d) { + struct dirent *de; + + assert(j); + assert(m); + assert(d); + + FOREACH_DIRENT_ALL(de, d, goto fail) { + + if (dirent_is_journal_file(de)) + (void) add_file_by_name(j, m->path, de->d_name); + + if (m->is_root && dirent_is_id128_subdir(de)) + (void) add_directory(j, m->path, de->d_name); + } + + return; + +fail: + log_debug_errno(errno, "Failed to enumerate directory %s, ignoring: %m", m->path); +} + +static void directory_watch(sd_journal *j, Directory *m, int fd, uint32_t mask) { + int r; + + assert(j); + assert(m); + assert(fd >= 0); + + /* Watch this directory if that's enabled and if it not being watched yet. */ + + if (m->wd > 0) /* Already have a watch? */ + return; + if (j->inotify_fd < 0) /* Not watching at all? */ + return; + + m->wd = inotify_add_watch_fd(j->inotify_fd, fd, mask); + if (m->wd < 0) { + log_debug_errno(errno, "Failed to watch journal directory '%s', ignoring: %m", m->path); + return; + } + + r = hashmap_put(j->directories_by_wd, INT_TO_PTR(m->wd), m); + if (r == -EEXIST) + log_debug_errno(r, "Directory '%s' already being watched under a different path, ignoring: %m", m->path); + if (r < 0) { + log_debug_errno(r, "Failed to add watch for journal directory '%s' to hashmap, ignoring: %m", m->path); + (void) inotify_rm_watch(j->inotify_fd, m->wd); + m->wd = -1; + } +} + static int add_directory(sd_journal *j, const char *prefix, const char *dirname) { _cleanup_free_ char *path = NULL; _cleanup_closedir_ DIR *d = NULL; - struct dirent *de = NULL; Directory *m; int r, k; @@ -1429,22 +1581,16 @@ static int add_directory(sd_journal *j, const char *prefix, const char *dirname) goto fail; } - log_debug("Considering directory %s.", path); + log_debug("Considering directory '%s'.", path); /* We consider everything local that is in a directory for the local machine ID, or that is stored in /run */ if ((j->flags & SD_JOURNAL_LOCAL_ONLY) && !((dirname && dirname_is_machine_id(dirname) > 0) || path_has_prefix(j, path, "/run"))) - return 0; - + return 0; - if (j->toplevel_fd < 0) - d = opendir(path); - else - /* Open the specified directory relative to the toplevel fd. Enforce that the path specified is - * relative, by dropping the initial slash */ - d = xopendirat(j->toplevel_fd, skip_slash(path), 0); - if (!d) { - r = log_debug_errno(errno, "Failed to open directory %s: %m", path); + r = directory_open(j, path, &d); + if (r < 0) { + log_debug_errno(r, "Failed to open directory '%s': %m", path); goto fail; } @@ -1471,26 +1617,17 @@ static int add_directory(sd_journal *j, const char *prefix, const char *dirname) log_debug("Directory %s added.", m->path); } else if (m->is_root) - return 0; + return 0; /* Don't 'downgrade' from root directory */ - if (m->wd <= 0 && j->inotify_fd >= 0) { - /* Watch this directory, if it not being watched yet. */ + m->last_seen_generation = j->generation; - m->wd = inotify_add_watch_fd(j->inotify_fd, dirfd(d), - IN_CREATE|IN_MOVED_TO|IN_MODIFY|IN_ATTRIB|IN_DELETE| - IN_DELETE_SELF|IN_MOVE_SELF|IN_UNMOUNT|IN_MOVED_FROM| - IN_ONLYDIR); + directory_watch(j, m, dirfd(d), + IN_CREATE|IN_MOVED_TO|IN_MODIFY|IN_ATTRIB|IN_DELETE| + IN_DELETE_SELF|IN_MOVE_SELF|IN_UNMOUNT|IN_MOVED_FROM| + IN_ONLYDIR); - if (m->wd > 0 && hashmap_put(j->directories_by_wd, INT_TO_PTR(m->wd), m) < 0) - inotify_rm_watch(j->inotify_fd, m->wd); - } - - FOREACH_DIRENT_ALL(de, d, r = log_debug_errno(errno, "Failed to read directory %s: %m", m->path); goto fail) { - - if (dirent_is_file_with_suffix(de, ".journal") || - dirent_is_file_with_suffix(de, ".journal~")) - (void) add_file(j, m->path, de->d_name); - } + if (!j->no_new_files) + directory_enumerate(j, m, d); check_network(j, dirfd(d)); @@ -1507,7 +1644,6 @@ fail: static int add_root_directory(sd_journal *j, const char *p, bool missing_ok) { _cleanup_closedir_ DIR *d = NULL; - struct dirent *de; Directory *m; int r, k; @@ -1520,6 +1656,8 @@ static int add_root_directory(sd_journal *j, const char *p, bool missing_ok) { if (p) { /* If there's a path specified, use it. */ + log_debug("Considering root directory '%s'.", p); + if ((j->flags & SD_JOURNAL_RUNTIME_ONLY) && !path_has_prefix(j, p, "/run")) return -EINVAL; @@ -1527,16 +1665,11 @@ static int add_root_directory(sd_journal *j, const char *p, bool missing_ok) { if (j->prefix) p = strjoina(j->prefix, p); - if (j->toplevel_fd < 0) - d = opendir(p); - else - d = xopendirat(j->toplevel_fd, skip_slash(p), 0); - - if (!d) { - if (errno == ENOENT && missing_ok) - return 0; - - r = log_debug_errno(errno, "Failed to open root directory %s: %m", p); + r = directory_open(j, p, &d); + if (r == -ENOENT && missing_ok) + return 0; + if (r < 0) { + log_debug_errno(r, "Failed to open root directory %s: %m", p); goto fail; } } else { @@ -1594,29 +1727,12 @@ static int add_root_directory(sd_journal *j, const char *p, bool missing_ok) { } else if (!m->is_root) return 0; - if (m->wd <= 0 && j->inotify_fd >= 0) { - - m->wd = inotify_add_watch_fd(j->inotify_fd, dirfd(d), - IN_CREATE|IN_MOVED_TO|IN_MODIFY|IN_ATTRIB|IN_DELETE| - IN_ONLYDIR); - - if (m->wd > 0 && hashmap_put(j->directories_by_wd, INT_TO_PTR(m->wd), m) < 0) - inotify_rm_watch(j->inotify_fd, m->wd); - } - - if (j->no_new_files) - return 0; - - FOREACH_DIRENT_ALL(de, d, r = log_debug_errno(errno, "Failed to read directory %s: %m", m->path); goto fail) { - sd_id128_t id; + directory_watch(j, m, dirfd(d), + IN_CREATE|IN_MOVED_TO|IN_MODIFY|IN_ATTRIB|IN_DELETE| + IN_ONLYDIR); - if (dirent_is_file_with_suffix(de, ".journal") || - dirent_is_file_with_suffix(de, ".journal~")) - (void) add_file(j, m->path, de->d_name); - else if (IN_SET(de->d_type, DT_DIR, DT_LNK, DT_UNKNOWN) && - sd_id128_from_string(de->d_name, &id) >= 0) - (void) add_directory(j, m->path, de->d_name); - } + if (!j->no_new_files) + directory_enumerate(j, m, d); check_network(j, dirfd(d)); @@ -1736,10 +1852,14 @@ static sd_journal *journal_new(int flags, const char *path) { j->path = t; } - j->files = ordered_hashmap_new(&string_hash_ops); - j->directories_by_path = hashmap_new(&string_hash_ops); + j->files = ordered_hashmap_new(&path_hash_ops); + if (!j->files) + goto fail; + + j->files_cache = ordered_hashmap_iterated_cache_new(j->files); + j->directories_by_path = hashmap_new(&path_hash_ops); j->mmap = mmap_cache_new(); - if (!j->files || !j->directories_by_path || !j->mmap) + if (!j->files_cache || !j->directories_by_path || !j->mmap) goto fail; return j; @@ -1950,10 +2070,9 @@ _public_ int sd_journal_open_files_fd(sd_journal **ret, int fds[], unsigned n_fd goto fail; } - if (!S_ISREG(st.st_mode)) { - r = -EBADFD; + r = stat_verify_regular(&st); + if (r < 0) goto fail; - } r = add_any_file(j, fds[i], NULL); if (r < 0) @@ -1985,6 +2104,7 @@ _public_ void sd_journal_close(sd_journal *j) { sd_journal_flush_matches(j); ordered_hashmap_free_with_destructor(j->files, journal_file_close); + iterated_cache_free(j->files_cache); while ((d = hashmap_first(j->directories_by_path))) remove_directory(j, d); @@ -2286,6 +2406,24 @@ _public_ void sd_journal_restart_data(sd_journal *j) { j->current_field = 0; } +static int reiterate_all_paths(sd_journal *j) { + assert(j); + + if (j->no_new_files) + return add_current_paths(j); + + if (j->flags & SD_JOURNAL_OS_ROOT) + return add_search_paths(j); + + if (j->toplevel_fd >= 0) + return add_root_directory(j, NULL, false); + + if (j->path) + return add_root_directory(j, j->path, true); + + return add_search_paths(j); +} + _public_ int sd_journal_get_fd(sd_journal *j) { int r; @@ -2302,20 +2440,10 @@ _public_ int sd_journal_get_fd(sd_journal *j) { if (r < 0) return r; - log_debug("Reiterating files to get inotify watches established"); + log_debug("Reiterating files to get inotify watches established."); - /* Iterate through all dirs again, to add them to the - * inotify */ - if (j->no_new_files) - r = add_current_paths(j); - else if (j->flags & SD_JOURNAL_OS_ROOT) - r = add_search_paths(j); - else if (j->toplevel_fd >= 0) - r = add_root_directory(j, NULL, false); - else if (j->path) - r = add_root_directory(j, j->path, true); - else - r = add_search_paths(j); + /* Iterate through all dirs again, to add them to the inotify */ + r = reiterate_all_paths(j); if (r < 0) return r; @@ -2358,17 +2486,61 @@ _public_ int sd_journal_get_timeout(sd_journal *j, uint64_t *timeout_usec) { return 1; } +static void process_q_overflow(sd_journal *j) { + JournalFile *f; + Directory *m; + Iterator i; + + assert(j); + + /* When the inotify queue overruns we need to enumerate and re-validate all journal files to bring our list + * back in sync with what's on disk. For this we pick a new generation counter value. It'll be assigned to all + * journal files we encounter. All journal files and all directories that don't carry it after reenumeration + * are subject for unloading. */ + + log_debug("Inotify queue overrun, reiterating everything."); + + j->generation++; + (void) reiterate_all_paths(j); + + ORDERED_HASHMAP_FOREACH(f, j->files, i) { + + if (f->last_seen_generation == j->generation) + continue; + + log_debug("File '%s' hasn't been seen in this enumeration, removing.", f->path); + remove_file_real(j, f); + } + + HASHMAP_FOREACH(m, j->directories_by_path, i) { + + if (m->last_seen_generation == j->generation) + continue; + + if (m->is_root) /* Never GC root directories */ + continue; + + log_debug("Directory '%s' hasn't been seen in this enumeration, removing.", f->path); + remove_directory(j, m); + } + + log_debug("Reiteration complete."); +} + static void process_inotify_event(sd_journal *j, struct inotify_event *e) { Directory *d; assert(j); assert(e); + if (e->mask & IN_Q_OVERFLOW) { + process_q_overflow(j); + return; + } + /* Is this a subdirectory we watch? */ d = hashmap_get(j->directories_by_wd, INT_TO_PTR(e->wd)); if (d) { - sd_id128_t id; - if (!(e->mask & IN_ISDIR) && e->len > 0 && (endswith(e->name, ".journal") || endswith(e->name, ".journal~"))) { @@ -2376,9 +2548,9 @@ static void process_inotify_event(sd_journal *j, struct inotify_event *e) { /* Event for a journal file */ if (e->mask & (IN_CREATE|IN_MOVED_TO|IN_MODIFY|IN_ATTRIB)) - (void) add_file(j, d->path, e->name); + (void) add_file_by_name(j, d->path, e->name); else if (e->mask & (IN_DELETE|IN_MOVED_FROM|IN_UNMOUNT)) - remove_file(j, d->path, e->name); + remove_file_by_name(j, d->path, e->name); } else if (!d->is_root && e->len == 0) { @@ -2387,7 +2559,7 @@ static void process_inotify_event(sd_journal *j, struct inotify_event *e) { if (e->mask & (IN_DELETE_SELF|IN_MOVE_SELF|IN_UNMOUNT)) remove_directory(j, d); - } else if (d->is_root && (e->mask & IN_ISDIR) && e->len > 0 && sd_id128_from_string(e->name, &id) >= 0) { + } else if (d->is_root && (e->mask & IN_ISDIR) && e->len > 0 && id128_is_valid(e->name)) { /* Event for root directory */ @@ -2401,7 +2573,7 @@ static void process_inotify_event(sd_journal *j, struct inotify_event *e) { if (e->mask & IN_IGNORED) return; - log_debug("Unknown inotify event."); + log_debug("Unexpected inotify event."); } static int determine_change(sd_journal *j) { @@ -2421,6 +2593,9 @@ _public_ int sd_journal_process(sd_journal *j) { assert_return(j, -EINVAL); assert_return(!journal_pid_changed(j), -ECHILD); + if (j->inotify_fd < 0) /* We have no inotify fd yet? Then there's noting to process. */ + return 0; + j->last_process_usec = now(CLOCK_MONOTONIC); j->last_invalidate_counter = j->current_invalidate_counter; diff --git a/src/kernel-install/90-loaderentry.install b/src/kernel-install/90-loaderentry.install index ae46dcc34d..29047ccbff 100644 --- a/src/kernel-install/90-loaderentry.install +++ b/src/kernel-install/90-loaderentry.install @@ -11,6 +11,10 @@ if ! [[ $KERNEL_INSTALL_MACHINE_ID ]]; then exit 0 fi +if ! [[ -d "$BOOT_DIR_ABS" ]]; then + exit 0 +fi + MACHINE_ID=$KERNEL_INSTALL_MACHINE_ID BOOT_DIR="/$MACHINE_ID/$KERNEL_VERSION" diff --git a/src/libsystemd-network/arp-util.c b/src/libsystemd-network/arp-util.c index 89e68c7ac7..b8e9b2e496 100644 --- a/src/libsystemd-network/arp-util.c +++ b/src/libsystemd-network/arp-util.c @@ -49,12 +49,12 @@ int arp_network_bind_raw_socket(int ifindex, be32_t address, const struct ether_ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ARPOP_REPLY, 1, 0), /* protocol == reply ? */ BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */ /* Sender Hardware Address must be different from our own */ - BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_ne32(ð_mac->ether_addr_octet[0])),/* A <- 4 bytes of client's MAC */ + BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_be32(ð_mac->ether_addr_octet[0])),/* A <- 4 bytes of client's MAC */ BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */ BPF_STMT(BPF_LD + BPF_W + BPF_ABS, offsetof(struct ether_arp, arp_sha)), /* A <- 4 bytes of SHA */ BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */ BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 0, 6), /* A == 0 ? */ - BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_ne16(ð_mac->ether_addr_octet[4])),/* A <- remainder of client's MAC */ + BPF_STMT(BPF_LD + BPF_IMM, unaligned_read_be16(ð_mac->ether_addr_octet[4])),/* A <- remainder of client's MAC */ BPF_STMT(BPF_MISC + BPF_TAX, 0), /* X <- A */ BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct ether_arp, arp_sha) + 4), /* A <- remainder of SHA */ BPF_STMT(BPF_ALU + BPF_XOR + BPF_X, 0), /* A xor X */ diff --git a/src/libsystemd-network/network-internal.c b/src/libsystemd-network/network-internal.c index 94386e4860..584a1f36ac 100644 --- a/src/libsystemd-network/network-internal.c +++ b/src/libsystemd-network/network-internal.c @@ -424,7 +424,7 @@ int deserialize_in_addrs(struct in_addr **ret, const char *string) { if (r == 0) break; - new_addresses = realloc(addresses, (size + 1) * sizeof(struct in_addr)); + new_addresses = reallocarray(addresses, size + 1, sizeof(struct in_addr)); if (!new_addresses) return -ENOMEM; else @@ -478,7 +478,7 @@ int deserialize_in6_addrs(struct in6_addr **ret, const char *string) { if (r == 0) break; - new_addresses = realloc(addresses, (size + 1) * sizeof(struct in6_addr)); + new_addresses = reallocarray(addresses, size + 1, sizeof(struct in6_addr)); if (!new_addresses) return -ENOMEM; else diff --git a/src/libsystemd-network/sd-dhcp-client.c b/src/libsystemd-network/sd-dhcp-client.c index 228af69d88..33f3469f07 100644 --- a/src/libsystemd-network/sd-dhcp-client.c +++ b/src/libsystemd-network/sd-dhcp-client.c @@ -1260,9 +1260,9 @@ static int client_handle_offer(sd_dhcp_client *client, DHCPMessage *offer, size_ if (!lease->have_subnet_mask) { r = dhcp_lease_set_default_subnet_mask(lease); if (r < 0) { - log_dhcp_client(client, "received lease lacks subnet " - "mask, and a fallback one can not be " - "generated, ignoring"); + log_dhcp_client(client, + "received lease lacks subnet mask, " + "and a fallback one cannot be generated, ignoring"); return -ENOMSG; } } @@ -1331,9 +1331,9 @@ static int client_handle_ack(sd_dhcp_client *client, DHCPMessage *ack, size_t le if (lease->subnet_mask == INADDR_ANY) { r = dhcp_lease_set_default_subnet_mask(lease); if (r < 0) { - log_dhcp_client(client, "received lease lacks subnet " - "mask, and a fallback one can not be " - "generated, ignoring"); + log_dhcp_client(client, + "received lease lacks subnet mask, " + "and a fallback one cannot be generated, ignoring"); return -ENOMSG; } } diff --git a/src/libsystemd-network/sd-dhcp-server.c b/src/libsystemd-network/sd-dhcp-server.c index 907b72391b..d64a47d2fc 100644 --- a/src/libsystemd-network/sd-dhcp-server.c +++ b/src/libsystemd-network/sd-dhcp-server.c @@ -316,7 +316,7 @@ static int dhcp_server_send_udp(sd_dhcp_server *server, be32_t destination, int r; assert(server); - assert(server->fd > 0); + assert(server->fd >= 0); assert(message); assert(len > sizeof(DHCPMessage)); diff --git a/src/libsystemd-network/sd-dhcp6-client.c b/src/libsystemd-network/sd-dhcp6-client.c index ec3484383b..056bfa3d3d 100644 --- a/src/libsystemd-network/sd-dhcp6-client.c +++ b/src/libsystemd-network/sd-dhcp6-client.c @@ -771,8 +771,6 @@ static int client_parse_message( size_t pos = 0; int r; bool clientid = false; - uint8_t *id = NULL; - size_t id_len; uint32_t lt_t1 = ~0, lt_t2 = ~0; assert(client); @@ -817,8 +815,8 @@ static int client_parse_message( break; case SD_DHCP6_OPTION_SERVERID: - r = dhcp6_lease_get_serverid(lease, &id, &id_len); - if (r >= 0 && id) { + r = dhcp6_lease_get_serverid(lease, NULL, NULL); + if (r >= 0) { log_dhcp6_client(client, "%s contains multiple serverids", dhcp6_message_type_to_string(message->type)); return -EINVAL; @@ -956,24 +954,26 @@ static int client_parse_message( } if (client->state != DHCP6_STATE_INFORMATION_REQUEST) { - r = dhcp6_lease_get_serverid(lease, &id, &id_len); - if (r < 0) + r = dhcp6_lease_get_serverid(lease, NULL, NULL); + if (r < 0) { log_dhcp6_client(client, "%s has no server id", dhcp6_message_type_to_string(message->type)); - return r; - } + return -EINVAL; + } - if (lease->ia.addresses) { - lease->ia.ia_na.lifetime_t1 = htobe32(lt_t1); - lease->ia.ia_na.lifetime_t2 = htobe32(lt_t2); - } + } else { + if (lease->ia.addresses) { + lease->ia.ia_na.lifetime_t1 = htobe32(lt_t1); + lease->ia.ia_na.lifetime_t2 = htobe32(lt_t2); + } - if (lease->pd.addresses) { - lease->pd.ia_pd.lifetime_t1 = htobe32(lt_t1); - lease->pd.ia_pd.lifetime_t2 = htobe32(lt_t2); + if (lease->pd.addresses) { + lease->pd.ia_pd.lifetime_t1 = htobe32(lt_t1); + lease->pd.ia_pd.lifetime_t2 = htobe32(lt_t2); + } } - return r; + return 0; } static int client_receive_reply(sd_dhcp6_client *client, DHCP6Message *reply, size_t len) { diff --git a/src/libsystemd-network/sd-dhcp6-lease.c b/src/libsystemd-network/sd-dhcp6-lease.c index 1f3a782f8c..0089fbb737 100644 --- a/src/libsystemd-network/sd-dhcp6-lease.c +++ b/src/libsystemd-network/sd-dhcp6-lease.c @@ -95,11 +95,14 @@ int dhcp6_lease_set_serverid(sd_dhcp6_lease *lease, const uint8_t *id, int dhcp6_lease_get_serverid(sd_dhcp6_lease *lease, uint8_t **id, size_t *len) { assert_return(lease, -EINVAL); - assert_return(id, -EINVAL); - assert_return(len, -EINVAL); - *id = lease->serverid; - *len = lease->serverid_len; + if (!lease->serverid) + return -ENOMSG; + + if (id) + *id = lease->serverid; + if (len) + *len = lease->serverid_len; return 0; } diff --git a/src/libsystemd-network/test-lldp.c b/src/libsystemd-network/test-lldp.c index b91797cb66..5f6829cf6d 100644 --- a/src/libsystemd-network/test-lldp.c +++ b/src/libsystemd-network/test-lldp.c @@ -139,7 +139,7 @@ static void test_receive_basic_packet(sd_event *e) { assert_se(sd_lldp_neighbor_get_port_id(neighbors[0], &type, &data, &length) == 0); assert_se(type == SD_LLDP_PORT_SUBTYPE_INTERFACE_NAME); assert_se(length == 3); - assert_se(strneq((char *) data, "1/3", 3)); + assert_se(!memcmp(data, "1/3", 3)); assert_se(sd_lldp_neighbor_get_port_description(neighbors[0], &str) == 0); assert_se(streq(str, "Port")); diff --git a/src/libsystemd/libsystemd.sym b/src/libsystemd/libsystemd.sym index 00aeefbe19..7ff5816180 100644 --- a/src/libsystemd/libsystemd.sym +++ b/src/libsystemd/libsystemd.sym @@ -549,3 +549,9 @@ global: sd_event_source_get_io_fd_own; sd_event_source_set_io_fd_own; } LIBSYSTEMD_236; + +LIBSYSTEMD_238 { +global: + sd_bus_get_n_queued_read; + sd_bus_get_n_queued_write; +} LIBSYSTEMD_237; diff --git a/src/libsystemd/meson.build b/src/libsystemd/meson.build index 706e090762..bd72e3d691 100644 --- a/src/libsystemd/meson.build +++ b/src/libsystemd/meson.build @@ -15,6 +15,14 @@ # You should have received a copy of the GNU Lesser General Public License # along with systemd; If not, see <http://www.gnu.org/licenses/>. +id128_sources = files(''' + sd-id128/id128-util.c + sd-id128/id128-util.h + sd-id128/sd-id128.c +'''.split()) + +sd_daemon_c = files('sd-daemon/sd-daemon.c') +sd_event_c = files('sd-event/sd-event.c') sd_login_c = files('sd-login/sd-login.c') libsystemd_sources = files(''' @@ -57,7 +65,6 @@ libsystemd_sources = files(''' sd-bus/bus-type.c sd-bus/bus-type.h sd-bus/sd-bus.c - sd-daemon/sd-daemon.c sd-device/device-enumerator-private.h sd-device/device-enumerator.c sd-device/device-internal.h @@ -65,13 +72,9 @@ libsystemd_sources = files(''' sd-device/device-private.h sd-device/device-util.h sd-device/sd-device.c - sd-event/sd-event.c sd-hwdb/hwdb-internal.h sd-hwdb/hwdb-util.h sd-hwdb/sd-hwdb.c - sd-id128/id128-util.c - sd-id128/id128-util.h - sd-id128/sd-id128.c sd-netlink/generic-netlink.c sd-netlink/local-addresses.c sd-netlink/local-addresses.h @@ -90,7 +93,7 @@ libsystemd_sources = files(''' sd-path/sd-path.c sd-resolve/sd-resolve.c sd-utf8/sd-utf8.c -'''.split()) + sd_login_c +'''.split()) + id128_sources + sd_daemon_c + sd_event_c + sd_login_c libsystemd_static = static_library( 'systemd', diff --git a/src/libsystemd/sd-bus/bus-container.c b/src/libsystemd/sd-bus/bus-container.c index 16156d8823..477f7053ed 100644 --- a/src/libsystemd/sd-bus/bus-container.c +++ b/src/libsystemd/sd-bus/bus-container.c @@ -54,6 +54,8 @@ int bus_container_connect_socket(sd_bus *b) { if (b->input_fd < 0) return -errno; + b->input_fd = fd_move_above_stdio(b->input_fd); + b->output_fd = b->input_fd; bus_socket_setup(b); diff --git a/src/libsystemd/sd-bus/bus-error.c b/src/libsystemd/sd-bus/bus-error.c index c9517499d7..3939d0a4ef 100644 --- a/src/libsystemd/sd-bus/bus-error.c +++ b/src/libsystemd/sd-bus/bus-error.c @@ -595,7 +595,7 @@ _public_ int sd_bus_error_add_map(const sd_bus_error_map *map) { if (additional_error_maps[n] == map) return 0; - maps = realloc_multiply(additional_error_maps, sizeof(struct sd_bus_error_map*), n + 2); + maps = reallocarray(additional_error_maps, n + 2, sizeof(struct sd_bus_error_map*)); if (!maps) return -ENOMEM; diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h index 1b55cdafed..b305c41622 100644 --- a/src/libsystemd/sd-bus/bus-internal.h +++ b/src/libsystemd/sd-bus/bus-internal.h @@ -296,6 +296,7 @@ struct sd_bus { unsigned n_memfd_cache; pid_t original_pid; + pid_t busexec_pid; sd_event_source *input_io_event_source; sd_event_source *output_io_event_source; diff --git a/src/libsystemd/sd-bus/bus-message.c b/src/libsystemd/sd-bus/bus-message.c index 95a87da08b..c76f6e87ba 100644 --- a/src/libsystemd/sd-bus/bus-message.c +++ b/src/libsystemd/sd-bus/bus-message.c @@ -1400,7 +1400,7 @@ static int message_push_fd(sd_bus_message *m, int fd) { if (copy < 0) return -errno; - f = realloc(m->fds, sizeof(int) * (m->n_fds + 1)); + f = reallocarray(m->fds, sizeof(int), m->n_fds + 1); if (!f) { m->poisoned = true; safe_close(copy); @@ -2646,7 +2646,7 @@ _public_ int sd_bus_message_append_array_memfd( if (r < 0) return r; - copy_fd = dup(memfd); + copy_fd = fcntl(memfd, F_DUPFD_CLOEXEC, 3); if (copy_fd < 0) return copy_fd; @@ -2721,7 +2721,7 @@ _public_ int sd_bus_message_append_string_memfd( if (r < 0) return r; - copy_fd = dup(memfd); + copy_fd = fcntl(memfd, FD_CLOEXEC, 3); if (copy_fd < 0) return copy_fd; diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c index 2fe86b61c4..b5160cff6a 100644 --- a/src/libsystemd/sd-bus/bus-socket.c +++ b/src/libsystemd/sd-bus/bus-socket.c @@ -713,6 +713,8 @@ static int bus_socket_inotify_setup(sd_bus *b) { b->inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC); if (b->inotify_fd < 0) return -errno; + + b->inotify_fd = fd_move_above_stdio(b->inotify_fd); } /* Make sure the path is NUL terminated */ @@ -879,6 +881,8 @@ int bus_socket_connect(sd_bus *b) { if (b->input_fd < 0) return -errno; + b->input_fd = fd_move_above_stdio(b->input_fd); + b->output_fd = b->input_fd; bus_socket_setup(b); @@ -937,18 +941,18 @@ int bus_socket_connect(sd_bus *b) { int bus_socket_exec(sd_bus *b) { int s[2], r; - pid_t pid; assert(b); assert(b->input_fd < 0); assert(b->output_fd < 0); assert(b->exec_path); + assert(b->busexec_pid == 0); r = socketpair(AF_UNIX, SOCK_STREAM|SOCK_NONBLOCK|SOCK_CLOEXEC, 0, s); if (r < 0) return -errno; - r = safe_fork_full("(sd-busexec)", s+1, 1, FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS, &pid); + r = safe_fork_full("(sd-busexec)", s+1, 1, FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS, &b->busexec_pid); if (r < 0) { safe_close_pair(s); return r; @@ -956,14 +960,11 @@ int bus_socket_exec(sd_bus *b) { if (r == 0) { /* Child */ - assert_se(dup3(s[1], STDIN_FILENO, 0) == STDIN_FILENO); - assert_se(dup3(s[1], STDOUT_FILENO, 0) == STDOUT_FILENO); + safe_close(s[0]); - if (!IN_SET(s[1], STDIN_FILENO, STDOUT_FILENO)) - safe_close(s[1]); + if (rearrange_stdio(s[1], s[1], STDERR_FILENO) < 0) + _exit(EXIT_FAILURE); - (void) fd_cloexec(STDIN_FILENO, false); - (void) fd_cloexec(STDOUT_FILENO, false); (void) fd_nonblock(STDIN_FILENO, false); (void) fd_nonblock(STDOUT_FILENO, false); @@ -978,7 +979,7 @@ int bus_socket_exec(sd_bus *b) { } safe_close(s[1]); - b->output_fd = b->input_fd = s[0]; + b->output_fd = b->input_fd = fd_move_above_stdio(s[0]); bus_socket_setup(b); @@ -1206,7 +1207,7 @@ int bus_socket_read_message(sd_bus *bus) { CMSG_FOREACH(cmsg, &mh) if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) { - int n, *f; + int n, *f, i; n = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int); @@ -1219,15 +1220,15 @@ int bus_socket_read_message(sd_bus *bus) { return -EIO; } - f = realloc(bus->fds, sizeof(int) * (bus->n_fds + n)); + f = reallocarray(bus->fds, bus->n_fds + n, sizeof(int)); if (!f) { close_many((int*) CMSG_DATA(cmsg), n); return -ENOMEM; } - memcpy_safe(f + bus->n_fds, CMSG_DATA(cmsg), n * sizeof(int)); + for (i = 0; i < n; i++) + f[bus->n_fds++] = fd_move_above_stdio(((int*) CMSG_DATA(cmsg))[i]); bus->fds = f; - bus->n_fds += n; } else log_debug("Got unexpected auxiliary data with level=%d and type=%d", cmsg->cmsg_level, cmsg->cmsg_type); diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c index 7e7ebb27a7..2f5e483ae2 100644 --- a/src/libsystemd/sd-bus/sd-bus.c +++ b/src/libsystemd/sd-bus/sd-bus.c @@ -22,8 +22,10 @@ #include <netdb.h> #include <poll.h> #include <pthread.h> +#include <signal.h> #include <stdlib.h> #include <sys/mman.h> +#include <sys/wait.h> #include <unistd.h> #include "sd-bus.h" @@ -286,8 +288,7 @@ _public_ int sd_bus_set_address(sd_bus *bus, const char *address) { if (!a) return -ENOMEM; - free(bus->address); - bus->address = a; + free_and_replace(bus->address, a); return 0; } @@ -325,10 +326,9 @@ _public_ int sd_bus_set_exec(sd_bus *bus, const char *path, char *const argv[]) return -ENOMEM; } - free(bus->exec_path); - strv_free(bus->exec_argv); + free_and_replace(bus->exec_path, p); - bus->exec_path = p; + strv_free(bus->exec_argv); bus->exec_argv = a; return 0; @@ -351,7 +351,7 @@ _public_ int sd_bus_set_monitor(sd_bus *bus, int b) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_pid_changed(bus), -ECHILD); - bus->is_monitor = b; + bus->is_monitor = !!b; return 0; } @@ -361,7 +361,7 @@ _public_ int sd_bus_negotiate_fds(sd_bus *bus, int b) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_pid_changed(bus), -ECHILD); - bus->accept_fd = b; + bus->accept_fd = !!b; return 0; } @@ -373,7 +373,7 @@ _public_ int sd_bus_negotiate_timestamp(sd_bus *bus, int b) { /* This is not actually supported by any of our transports these days, but we do honour it for synthetic * replies, and maybe one day classic D-Bus learns this too */ - bus->attach_timestamp = b; + bus->attach_timestamp = !!b; return 0; } @@ -457,7 +457,7 @@ _public_ int sd_bus_set_watch_bind(sd_bus *bus, int b) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_pid_changed(bus), -ECHILD); - bus->watch_bind = b; + bus->watch_bind = !!b; return 0; } @@ -475,7 +475,7 @@ _public_ int sd_bus_set_connected_signal(sd_bus *bus, int b) { assert_return(bus->state == BUS_UNSET, -EPERM); assert_return(!bus_pid_changed(bus), -ECHILD); - bus->connected_signal = b; + bus->connected_signal = !!b; return 0; } @@ -556,6 +556,7 @@ void bus_set_state(sd_bus *bus, enum bus_state state) { static int hello_callback(sd_bus_message *reply, void *userdata, sd_bus_error *error) { const char *s; + char *t; sd_bus *bus; int r; @@ -575,10 +576,12 @@ static int hello_callback(sd_bus_message *reply, void *userdata, sd_bus_error *e if (!service_name_is_valid(s) || s[0] != ':') return -EBADMSG; - bus->unique_name = strdup(s); - if (!bus->unique_name) + t = strdup(s); + if (!t) return -ENOMEM; + free_and_replace(bus->unique_name, t); + if (bus->state == BUS_HELLO) { bus_set_state(bus, BUS_RUNNING); @@ -649,8 +652,8 @@ int bus_start_running(sd_bus *bus) { static int parse_address_key(const char **p, const char *key, char **value) { size_t l, n = 0, allocated = 0; + _cleanup_free_ char *r = NULL; const char *a; - char *r = NULL; assert(p); assert(*p); @@ -678,16 +681,12 @@ static int parse_address_key(const char **p, const char *key, char **value) { int x, y; x = unhexchar(a[1]); - if (x < 0) { - free(r); + if (x < 0) return x; - } y = unhexchar(a[2]); - if (y < 0) { - free(r); + if (y < 0) return y; - } c = (char) ((x << 4) | y); a += 3; @@ -714,8 +713,7 @@ static int parse_address_key(const char **p, const char *key, char **value) { *p = a; - free(*value); - *value = r; + free_and_replace(*value, r); return 1; } @@ -1099,6 +1097,13 @@ static int bus_parse_next_address(sd_bus *b) { return 1; } +static void bus_kill_exec(sd_bus *bus) { + if (pid_is_valid(bus->busexec_pid) > 0) { + sigterm_wait(bus->busexec_pid); + bus->busexec_pid = 0; + } +} + static int bus_start_address(sd_bus *b) { int r; @@ -1108,6 +1113,8 @@ static int bus_start_address(sd_bus *b) { bus_close_io_fds(b); bus_close_inotify_fd(b); + bus_kill_exec(b); + /* If you provide multiple different bus-addresses, we * try all of them in order and use the first one that * succeeds. */ @@ -1377,7 +1384,7 @@ fail: int bus_set_address_system_remote(sd_bus *b, const char *host) { _cleanup_free_ char *e = NULL; - char *m = NULL, *c = NULL; + char *m = NULL, *c = NULL, *a; assert(b); assert(host); @@ -1408,10 +1415,12 @@ int bus_set_address_system_remote(sd_bus *b, const char *host) { return -ENOMEM; } - b->address = strjoin("unixexec:path=ssh,argv1=-xT,argv2=--,argv3=", e, ",argv4=systemd-stdio-bridge", c); - if (!b->address) + a = strjoin("unixexec:path=ssh,argv1=-xT,argv2=--,argv3=", e, ",argv4=systemd-stdio-bridge", c); + if (!a) return -ENOMEM; + free_and_replace(b->address, a); + return 0; } @@ -1449,6 +1458,7 @@ fail: int bus_set_address_system_machine(sd_bus *b, const char *machine) { _cleanup_free_ char *e = NULL; + char *a; assert(b); assert(machine); @@ -1457,10 +1467,12 @@ int bus_set_address_system_machine(sd_bus *b, const char *machine) { if (!e) return -ENOMEM; - b->address = strjoin("x-machine-unix:machine=", e); - if (!b->address) + a = strjoin("x-machine-unix:machine=", e); + if (!a) return -ENOMEM; + free_and_replace(b->address, a); + return 0; } @@ -1506,6 +1518,9 @@ _public_ void sd_bus_close(sd_bus *bus) { if (bus_pid_changed(bus)) return; + /* Don't leave ssh hanging around */ + bus_kill_exec(bus); + bus_set_state(bus, BUS_CLOSED); sd_bus_detach_event(bus); @@ -1523,6 +1538,9 @@ _public_ sd_bus* sd_bus_flush_close_unref(sd_bus *bus) { if (!bus) return NULL; + /* Have to do this before flush() to prevent hang */ + bus_kill_exec(bus); + sd_bus_flush(bus); sd_bus_close(bus); @@ -3902,7 +3920,15 @@ _public_ int sd_bus_get_description(sd_bus *bus, const char **description) { assert_return(bus->description, -ENXIO); assert_return(!bus_pid_changed(bus), -ECHILD); - *description = bus->description; + if (bus->description) + *description = bus->description; + else if (bus->is_system) + *description = "system"; + else if (bus->is_user) + *description = "user"; + else + *description = NULL; + return 0; } @@ -4065,3 +4091,23 @@ _public_ int sd_bus_get_sender(sd_bus *bus, const char **ret) { *ret = bus->patch_sender; return 0; } + +_public_ int sd_bus_get_n_queued_read(sd_bus *bus, uint64_t *ret) { + assert_return(bus, -EINVAL); + assert_return(bus = bus_resolve(bus), -ENOPKG); + assert_return(!bus_pid_changed(bus), -ECHILD); + assert_return(ret, -EINVAL); + + *ret = bus->rqueue_size; + return 0; +} + +_public_ int sd_bus_get_n_queued_write(sd_bus *bus, uint64_t *ret) { + assert_return(bus, -EINVAL); + assert_return(bus = bus_resolve(bus), -ENOPKG); + assert_return(!bus_pid_changed(bus), -ECHILD); + assert_return(ret, -EINVAL); + + *ret = bus->wqueue_size; + return 0; +} diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c index cb9b3a4545..7355921d30 100644 --- a/src/libsystemd/sd-event/sd-event.c +++ b/src/libsystemd/sd-event/sd-event.c @@ -457,6 +457,8 @@ _public_ int sd_event_new(sd_event** ret) { goto fail; } + e->epoll_fd = fd_move_above_stdio(e->epoll_fd); + if (secure_getenv("SD_EVENT_PROFILE_DELAYS")) { log_debug("Event loop profiling enabled. Logarithmic histogram of event loop iterations in the range 2^0 ... 2^63 us will be logged every 5s."); e->profile_delays = true; @@ -695,7 +697,7 @@ static int event_make_signal_data( return 0; } - d->fd = r; + d->fd = fd_move_above_stdio(r); ev.events = EPOLLIN; ev.data.ptr = d; @@ -1045,6 +1047,8 @@ static int event_setup_timer_fd( if (fd < 0) return -errno; + fd = fd_move_above_stdio(fd); + ev.events = EPOLLIN; ev.data.ptr = d; diff --git a/src/libsystemd/sd-id128/id128-util.c b/src/libsystemd/sd-id128/id128-util.c index a6e38578b1..8ce012e35f 100644 --- a/src/libsystemd/sd-id128/id128-util.c +++ b/src/libsystemd/sd-id128/id128-util.c @@ -23,6 +23,7 @@ #include <unistd.h> #include "fd-util.h" +#include "fs-util.h" #include "hexdecoct.h" #include "id128-util.h" #include "io-util.h" @@ -180,9 +181,13 @@ int id128_write_fd(int fd, Id128Format f, sd_id128_t id, bool do_sync) { if (do_sync) { if (fsync(fd) < 0) return -errno; + + r = fsync_directory_of_file(fd); + if (r < 0) + return r; } - return r; + return 0; } int id128_write(const char *p, Id128Format f, sd_id128_t id, bool do_sync) { diff --git a/src/libsystemd/sd-login/sd-login.c b/src/libsystemd/sd-login/sd-login.c index 69572d1a51..6601bcd6be 100644 --- a/src/libsystemd/sd-login/sd-login.c +++ b/src/libsystemd/sd-login/sd-login.c @@ -990,8 +990,9 @@ static inline sd_login_monitor* FD_TO_MONITOR(int fd) { } _public_ int sd_login_monitor_new(const char *category, sd_login_monitor **m) { - int fd, k; + _cleanup_close_ int fd = -1; bool good = false; + int k; assert_return(m, -EINVAL); @@ -1001,50 +1002,42 @@ _public_ int sd_login_monitor_new(const char *category, sd_login_monitor **m) { if (!category || streq(category, "seat")) { k = inotify_add_watch(fd, "/run/systemd/seats/", IN_MOVED_TO|IN_DELETE); - if (k < 0) { - safe_close(fd); + if (k < 0) return -errno; - } good = true; } if (!category || streq(category, "session")) { k = inotify_add_watch(fd, "/run/systemd/sessions/", IN_MOVED_TO|IN_DELETE); - if (k < 0) { - safe_close(fd); + if (k < 0) return -errno; - } good = true; } if (!category || streq(category, "uid")) { k = inotify_add_watch(fd, "/run/systemd/users/", IN_MOVED_TO|IN_DELETE); - if (k < 0) { - safe_close(fd); + if (k < 0) return -errno; - } good = true; } if (!category || streq(category, "machine")) { k = inotify_add_watch(fd, "/run/systemd/machines/", IN_MOVED_TO|IN_DELETE); - if (k < 0) { - safe_close(fd); + if (k < 0) return -errno; - } good = true; } - if (!good) { - close_nointr(fd); + if (!good) return -EINVAL; - } *m = FD_TO_MONITOR(fd); + fd = -1; + return 0; } diff --git a/src/libsystemd/sd-netlink/netlink-socket.c b/src/libsystemd/sd-netlink/netlink-socket.c index e08248c9f6..3474ad9ddb 100644 --- a/src/libsystemd/sd-netlink/netlink-socket.c +++ b/src/libsystemd/sd-netlink/netlink-socket.c @@ -25,6 +25,7 @@ #include "sd-netlink.h" #include "alloc-util.h" +#include "fd-util.h" #include "format-util.h" #include "missing.h" #include "netlink-internal.h" @@ -41,7 +42,7 @@ int socket_open(int family) { if (fd < 0) return -errno; - return fd; + return fd_move_above_stdio(fd); } static int broadcast_groups_get(sd_netlink *nl) { diff --git a/src/libsystemd/sd-path/sd-path.c b/src/libsystemd/sd-path/sd-path.c index cd76e3507c..419c763668 100644 --- a/src/libsystemd/sd-path/sd-path.c +++ b/src/libsystemd/sd-path/sd-path.c @@ -478,6 +478,12 @@ static int search_from_environment( return 0; } +#if HAVE_SPLIT_BIN +# define ARRAY_SBIN_BIN(x) x "sbin", x "bin" +#else +# define ARRAY_SBIN_BIN(x) x "bin" +#endif + static int get_search(uint64_t type, char ***list) { assert(list); @@ -490,13 +496,10 @@ static int get_search(uint64_t type, char ***list) { ".local/bin", "PATH", true, - "/usr/local/sbin", - "/usr/local/bin", - "/usr/sbin", - "/usr/bin", + ARRAY_SBIN_BIN("/usr/local/"), + ARRAY_SBIN_BIN("/usr/"), #if HAVE_SPLIT_USR - "/sbin", - "/bin", + ARRAY_SBIN_BIN("/"), #endif NULL); diff --git a/src/libsystemd/sd-resolve/sd-resolve.c b/src/libsystemd/sd-resolve/sd-resolve.c index 787642a7fb..1c68a96fec 100644 --- a/src/libsystemd/sd-resolve/sd-resolve.c +++ b/src/libsystemd/sd-resolve/sd-resolve.c @@ -507,12 +507,15 @@ _public_ int sd_resolve_new(sd_resolve **ret) { goto fail; } - fd_inc_sndbuf(resolve->fds[REQUEST_SEND_FD], QUERIES_MAX * BUFSIZE); - fd_inc_rcvbuf(resolve->fds[REQUEST_RECV_FD], QUERIES_MAX * BUFSIZE); - fd_inc_sndbuf(resolve->fds[RESPONSE_SEND_FD], QUERIES_MAX * BUFSIZE); - fd_inc_rcvbuf(resolve->fds[RESPONSE_RECV_FD], QUERIES_MAX * BUFSIZE); + for (i = 0; i < _FD_MAX; i++) + resolve->fds[i] = fd_move_above_stdio(resolve->fds[i]); + + (void) fd_inc_sndbuf(resolve->fds[REQUEST_SEND_FD], QUERIES_MAX * BUFSIZE); + (void) fd_inc_rcvbuf(resolve->fds[REQUEST_RECV_FD], QUERIES_MAX * BUFSIZE); + (void) fd_inc_sndbuf(resolve->fds[RESPONSE_SEND_FD], QUERIES_MAX * BUFSIZE); + (void) fd_inc_rcvbuf(resolve->fds[RESPONSE_RECV_FD], QUERIES_MAX * BUFSIZE); - fd_nonblock(resolve->fds[RESPONSE_RECV_FD], true); + (void) fd_nonblock(resolve->fds[RESPONSE_RECV_FD], true); *ret = resolve; return 0; diff --git a/src/libudev/libudev-device.c b/src/libudev/libudev-device.c index 82df426491..8e65cfd40a 100644 --- a/src/libudev/libudev-device.c +++ b/src/libudev/libudev-device.c @@ -143,7 +143,7 @@ _public_ const char *udev_device_get_driver(struct udev_device *udev_device) * * Retrieve the devtype string of the udev device. * - * Returns: the devtype name of the udev device, or #NULL if it can not be determined + * Returns: the devtype name of the udev device, or #NULL if it cannot be determined **/ _public_ const char *udev_device_get_devtype(struct udev_device *udev_device) { @@ -168,7 +168,7 @@ _public_ const char *udev_device_get_devtype(struct udev_device *udev_device) * Retrieve the subsystem string of the udev device. The string does not * contain any "/". * - * Returns: the subsystem name of the udev device, or #NULL if it can not be determined + * Returns: the subsystem name of the udev device, or #NULL if it cannot be determined **/ _public_ const char *udev_device_get_subsystem(struct udev_device *udev_device) { diff --git a/src/libudev/libudev-list.c b/src/libudev/libudev-list.c index 29fbdbd450..681e2e445c 100644 --- a/src/libudev/libudev-list.c +++ b/src/libudev/libudev-list.c @@ -140,8 +140,7 @@ static int list_search(struct udev_list *list, const char *name) return -(first+1); } -struct udev_list_entry *udev_list_entry_add(struct udev_list *list, const char *name, const char *value) -{ +struct udev_list_entry *udev_list_entry_add(struct udev_list *list, const char *name, const char *value) { struct udev_list_entry *entry; int i = 0; @@ -152,12 +151,12 @@ struct udev_list_entry *udev_list_entry_add(struct udev_list *list, const char * entry = list->entries[i]; free(entry->value); - if (value == NULL) { + if (!value) { entry->value = NULL; return entry; } entry->value = strdup(value); - if (entry->value == NULL) + if (!entry->value) return NULL; return entry; } @@ -165,16 +164,16 @@ struct udev_list_entry *udev_list_entry_add(struct udev_list *list, const char * /* add new name */ entry = new0(struct udev_list_entry, 1); - if (entry == NULL) + if (!entry) return NULL; entry->name = strdup(name); - if (entry->name == NULL) + if (!entry->name) return mfree(entry); - if (value != NULL) { + if (value) { entry->value = strdup(value); - if (entry->value == NULL) { + if (!entry->value) { free(entry->name); return mfree(entry); } @@ -189,8 +188,8 @@ struct udev_list_entry *udev_list_entry_add(struct udev_list *list, const char * add = list->entries_max; if (add < 1) add = 64; - entries = realloc(list->entries, (list->entries_max + add) * sizeof(struct udev_list_entry *)); - if (entries == NULL) { + entries = reallocarray(list->entries, list->entries_max + add, sizeof(struct udev_list_entry *)); + if (!entries) { free(entry->name); free(entry->value); return mfree(entry); @@ -213,9 +212,8 @@ struct udev_list_entry *udev_list_entry_add(struct udev_list *list, const char * (list->entries_cur - i) * sizeof(struct udev_list_entry *)); list->entries[i] = entry; list->entries_cur++; - } else { + } else udev_list_entry_append(entry, list); - } return entry; } diff --git a/src/libudev/libudev-private.h b/src/libudev/libudev-private.h index 76730cc055..565da326f5 100644 --- a/src/libudev/libudev-private.h +++ b/src/libudev/libudev-private.h @@ -1,4 +1,6 @@ /* SPDX-License-Identifier: LGPL-2.1+ */ +#pragma once + /*** This file is part of systemd. @@ -18,9 +20,6 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>. ***/ -#ifndef _LIBUDEV_PRIVATE_H_ -#define _LIBUDEV_PRIVATE_H_ - #include <signal.h> #include <stdbool.h> #include <stdint.h> @@ -146,5 +145,3 @@ uint64_t util_string_bloom64(const char *str); /* libudev-util-private.c */ int util_resolve_subsys_kernel(struct udev *udev, const char *string, char *result, size_t maxsize, int read_value); - -#endif diff --git a/src/locale/meson.build b/src/locale/meson.build index dca2c51d2f..6b85f6bea6 100644 --- a/src/locale/meson.build +++ b/src/locale/meson.build @@ -28,15 +28,8 @@ if conf.get('ENABLE_LOCALED') == 1 install_dir : dbuspolicydir) install_data('org.freedesktop.locale1.service', install_dir : dbussystemservicedir) - - i18n.merge_file( - 'org.freedesktop.locale1.policy', - input : 'org.freedesktop.locale1.policy.in', - output : 'org.freedesktop.locale1.policy', - po_dir : po_dir, - data_dirs : po_dir, - install : install_polkit, - install_dir : polkitpolicydir) + install_data('org.freedesktop.locale1.policy', + install_dir : polkitpolicydir) endif # If you know a way that allows the same variables to be used diff --git a/src/locale/org.freedesktop.locale1.policy.in b/src/locale/org.freedesktop.locale1.policy index 4c1c34da09..f9241749e6 100644 --- a/src/locale/org.freedesktop.locale1.policy.in +++ b/src/locale/org.freedesktop.locale1.policy @@ -19,8 +19,8 @@ <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url> <action id="org.freedesktop.locale1.set-locale"> - <description>Set system locale</description> - <message>Authentication is required to set the system locale.</message> + <description gettext-domain="systemd">Set system locale</description> + <message gettext-domain="systemd">Authentication is required to set the system locale.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -30,8 +30,8 @@ </action> <action id="org.freedesktop.locale1.set-keyboard"> - <description>Set system keyboard settings</description> - <message>Authentication is required to set the system keyboard settings.</message> + <description gettext-domain="systemd">Set system keyboard settings</description> + <message gettext-domain="systemd">Authentication is required to set the system keyboard settings.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> diff --git a/src/login/70-uaccess.rules b/src/login/70-uaccess.rules index f2c838f353..3515d292ac 100644 --- a/src/login/70-uaccess.rules +++ b/src/login/70-uaccess.rules @@ -27,7 +27,7 @@ SUBSYSTEM=="block", ENV{ID_CDROM}=="1", TAG+="uaccess" SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", TAG+="uaccess" # Sound devices -SUBSYSTEM=="sound", TAG+="uaccess" \ +SUBSYSTEM=="sound", TAG+="uaccess", \ OPTIONS+="static_node=snd/timer", OPTIONS+="static_node=snd/seq" # ffado is an userspace driver for firewire sound cards diff --git a/src/login/inhibit.c b/src/login/inhibit.c index 22657f9eda..6b5d9c29b9 100644 --- a/src/login/inhibit.c +++ b/src/login/inhibit.c @@ -272,6 +272,7 @@ int main(int argc, char *argv[]) { if (r == 0) { /* Child */ execvp(argv[optind], argv + optind); + log_open(); log_error_errno(errno, "Failed to execute %s: %m", argv[optind]); _exit(EXIT_FAILURE); } diff --git a/src/login/logind-acl.c b/src/login/logind-acl.c index d785f67ca3..3f355e7ea8 100644 --- a/src/login/logind-acl.c +++ b/src/login/logind-acl.c @@ -192,7 +192,7 @@ int devnode_acl_all(struct udev *udev, assert(udev); - nodes = set_new(&string_hash_ops); + nodes = set_new(&path_hash_ops); if (!nodes) return -ENOMEM; diff --git a/src/login/logind-button.c b/src/login/logind-button.c index 94945f0bcb..2da6e69952 100644 --- a/src/login/logind-button.c +++ b/src/login/logind-button.c @@ -110,9 +110,13 @@ static void button_lid_switch_handle_action(Manager *manager, bool is_edge) { assert(manager); - /* If we are docked, handle the lid switch differently */ + /* If we are docked or on external power, handle the lid switch + * differently */ if (manager_is_docked_or_external_displays(manager)) handle_action = manager->handle_lid_switch_docked; + else if (manager->handle_lid_switch_ep != _HANDLE_ACTION_INVALID && + manager_is_on_external_power()) + handle_action = manager->handle_lid_switch_ep; else handle_action = manager->handle_lid_switch; diff --git a/src/login/logind-core.c b/src/login/logind-core.c index e338682f41..41b4d4d8d7 100644 --- a/src/login/logind-core.c +++ b/src/login/logind-core.c @@ -602,3 +602,37 @@ bool manager_is_docked_or_external_displays(Manager *m) { return false; } + +bool manager_is_on_external_power(void) { + int r; + + /* For now we only check for AC power, but 'external power' can apply + * to anything that isn't an internal battery */ + r = on_ac_power(); + if (r < 0) + log_warning_errno(r, "Failed to read AC power status: %m"); + else if (r > 0) + return true; + + return false; +} + +bool manager_all_buttons_ignored(Manager *m) { + assert(m); + + if (m->handle_power_key != HANDLE_IGNORE) + return false; + if (m->handle_suspend_key != HANDLE_IGNORE) + return false; + if (m->handle_hibernate_key != HANDLE_IGNORE) + return false; + if (m->handle_lid_switch != HANDLE_IGNORE) + return false; + if (m->handle_lid_switch_ep != _HANDLE_ACTION_INVALID && + m->handle_lid_switch_ep != HANDLE_IGNORE) + return false; + if (m->handle_lid_switch_docked != HANDLE_IGNORE) + return false; + + return true; +} diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c index ae36ececb5..07cb257151 100644 --- a/src/login/logind-dbus.c +++ b/src/login/logind-dbus.c @@ -41,6 +41,7 @@ #include "mkdir.h" #include "path-util.h" #include "process-util.h" +#include "cgroup-util.h" #include "selinux-util.h" #include "sleep-config.h" #include "special.h" @@ -658,6 +659,7 @@ static int method_list_inhibitors(sd_bus_message *message, void *userdata, sd_bu static int method_create_session(sd_bus_message *message, void *userdata, sd_bus_error *error) { const char *service, *type, *class, *cseat, *tty, *display, *remote_user, *remote_host, *desktop; uint32_t audit_id = 0; + _cleanup_free_ char *unit = NULL; _cleanup_free_ char *id = NULL; Session *session = NULL; Manager *m = userdata; @@ -787,8 +789,15 @@ static int method_create_session(sd_bus_message *message, void *userdata, sd_bus return r; } - r = manager_get_session_by_pid(m, leader, NULL); - if (r > 0) + /* + * Check if we are already in a logind session. Or if we are in user@.service + * which is a special PAM session that avoids creating a logind session. + */ + r = cg_pid_get_unit(leader, &unit); + if (r < 0) + return r; + if (hashmap_get(m->session_units, unit) || + hashmap_get(m->user_units, unit)) return sd_bus_error_setf(error, BUS_ERROR_SESSION_BUSY, "Already running in a session"); /* @@ -1930,15 +1939,11 @@ static int nologin_timeout_handler( void *userdata) { Manager *m = userdata; - int r; log_info("Creating /run/nologin, blocking further logins..."); - r = write_string_file_atomic_label("/run/nologin", "System is going down."); - if (r < 0) - log_error_errno(r, "Failed to create /run/nologin: %m"); - else - m->unlink_nologin = true; + m->unlink_nologin = + create_shutdown_run_nologin_or_warn() >= 0; return 0; } @@ -2010,7 +2015,7 @@ static void reset_scheduled_shutdown(Manager *m) { m->shutdown_dry_run = false; if (m->unlink_nologin) { - (void) unlink("/run/nologin"); + (void) unlink_or_warn("/run/nologin"); m->unlink_nologin = false; } @@ -2653,6 +2658,7 @@ const sd_bus_vtable manager_vtable[] = { SD_BUS_PROPERTY("HandleSuspendKey", "s", property_get_handle_action, offsetof(Manager, handle_suspend_key), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("HandleHibernateKey", "s", property_get_handle_action, offsetof(Manager, handle_hibernate_key), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("HandleLidSwitch", "s", property_get_handle_action, offsetof(Manager, handle_lid_switch), SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("HandleLidSwitchExternalPower", "s", property_get_handle_action, offsetof(Manager, handle_lid_switch_ep), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("HandleLidSwitchDocked", "s", property_get_handle_action, offsetof(Manager, handle_lid_switch_docked), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("HoldoffTimeoutUSec", "t", NULL, offsetof(Manager, holdoff_timeout_usec), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("IdleAction", "s", property_get_handle_action, offsetof(Manager, idle_action), SD_BUS_VTABLE_PROPERTY_CONST), diff --git a/src/login/logind-gperf.gperf b/src/login/logind-gperf.gperf index ee62db63a5..f6f57526f6 100644 --- a/src/login/logind-gperf.gperf +++ b/src/login/logind-gperf.gperf @@ -27,6 +27,7 @@ Login.HandlePowerKey, config_parse_handle_action, 0, offsetof(Manag Login.HandleSuspendKey, config_parse_handle_action, 0, offsetof(Manager, handle_suspend_key) Login.HandleHibernateKey, config_parse_handle_action, 0, offsetof(Manager, handle_hibernate_key) Login.HandleLidSwitch, config_parse_handle_action, 0, offsetof(Manager, handle_lid_switch) +Login.HandleLidSwitchExternalPower,config_parse_handle_action, 0, offsetof(Manager, handle_lid_switch_ep) Login.HandleLidSwitchDocked, config_parse_handle_action, 0, offsetof(Manager, handle_lid_switch_docked) Login.PowerKeyIgnoreInhibited, config_parse_bool, 0, offsetof(Manager, power_key_ignore_inhibited) Login.SuspendKeyIgnoreInhibited, config_parse_bool, 0, offsetof(Manager, suspend_key_ignore_inhibited) diff --git a/src/login/logind-seat.c b/src/login/logind-seat.c index b99e7abf91..46e7c06ddc 100644 --- a/src/login/logind-seat.c +++ b/src/login/logind-seat.c @@ -639,16 +639,16 @@ int seat_get_idle_hint(Seat *s, dual_timestamp *t) { return idle_hint; } -bool seat_check_gc(Seat *s, bool drop_not_started) { +bool seat_may_gc(Seat *s, bool drop_not_started) { assert(s); if (drop_not_started && !s->started) - return false; + return true; if (seat_is_seat0(s)) - return true; + return false; - return seat_has_master_device(s); + return !seat_has_master_device(s); } void seat_add_to_gc_queue(Seat *s) { diff --git a/src/login/logind-seat.h b/src/login/logind-seat.h index 5427ac21c8..4982ea3381 100644 --- a/src/login/logind-seat.h +++ b/src/login/logind-seat.h @@ -79,7 +79,7 @@ int seat_start(Seat *s); int seat_stop(Seat *s, bool force); int seat_stop_sessions(Seat *s, bool force); -bool seat_check_gc(Seat *s, bool drop_not_started); +bool seat_may_gc(Seat *s, bool drop_not_started); void seat_add_to_gc_queue(Seat *s); bool seat_name_is_valid(const char *name); diff --git a/src/login/logind-session-device.c b/src/login/logind-session-device.c index 067e67a93d..73eee72515 100644 --- a/src/login/logind-session-device.c +++ b/src/login/logind-session-device.c @@ -74,20 +74,25 @@ static int session_device_notify(SessionDevice *sd, enum SessionDeviceNotificati return r; switch (type) { + case SESSION_DEVICE_RESUME: r = sd_bus_message_append(m, "uuh", major, minor, sd->fd); if (r < 0) return r; break; + case SESSION_DEVICE_TRY_PAUSE: t = "pause"; break; + case SESSION_DEVICE_PAUSE: t = "force"; break; + case SESSION_DEVICE_RELEASE: t = "gone"; break; + default: return -EINVAL; } @@ -101,43 +106,33 @@ static int session_device_notify(SessionDevice *sd, enum SessionDeviceNotificati return sd_bus_send(sd->session->manager->bus, m, NULL); } -static int sd_eviocrevoke(int fd) { - static bool warned; - int r; +static void sd_eviocrevoke(int fd) { + static bool warned = false; assert(fd >= 0); - r = ioctl(fd, EVIOCREVOKE, NULL); - if (r < 0) { - r = -errno; - if (r == -EINVAL && !warned) { + if (ioctl(fd, EVIOCREVOKE, NULL) < 0) { + + if (errno == EINVAL && !warned) { + log_warning_errno(errno, "Kernel does not support evdev-revocation: %m"); warned = true; - log_warning("kernel does not support evdev-revocation"); } } - - return 0; } static int sd_drmsetmaster(int fd) { - int r; - assert(fd >= 0); - r = ioctl(fd, DRM_IOCTL_SET_MASTER, 0); - if (r < 0) + if (ioctl(fd, DRM_IOCTL_SET_MASTER, 0) < 0) return -errno; return 0; } static int sd_drmdropmaster(int fd) { - int r; - assert(fd >= 0); - r = ioctl(fd, DRM_IOCTL_DROP_MASTER, 0); - if (r < 0) + if (ioctl(fd, DRM_IOCTL_DROP_MASTER, 0) < 0) return -errno; return 0; @@ -146,7 +141,9 @@ static int sd_drmdropmaster(int fd) { static int session_device_open(SessionDevice *sd, bool active) { int fd, r; + assert(sd); assert(sd->type != DEVICE_TYPE_UNKNOWN); + assert(sd->node); /* open device and try to get an udev_device from it */ fd = open(sd->node, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK); @@ -154,28 +151,27 @@ static int session_device_open(SessionDevice *sd, bool active) { return -errno; switch (sd->type) { + case DEVICE_TYPE_DRM: if (active) { - /* Weird legacy DRM semantics might return an error - * even though we're master. No way to detect that so - * fail at all times and let caller retry in inactive - * state. */ + /* Weird legacy DRM semantics might return an error even though we're master. No way to detect + * that so fail at all times and let caller retry in inactive state. */ r = sd_drmsetmaster(fd); if (r < 0) { close_nointr(fd); return r; } - } else { - /* DRM-Master is granted to the first user who opens a - * device automatically (ughh, racy!). Hence, we just - * drop DRM-Master in case we were the first. */ - sd_drmdropmaster(fd); - } + } else + /* DRM-Master is granted to the first user who opens a device automatically (ughh, + * racy!). Hence, we just drop DRM-Master in case we were the first. */ + (void) sd_drmdropmaster(fd); break; + case DEVICE_TYPE_EVDEV: if (!active) sd_eviocrevoke(fd); break; + case DEVICE_TYPE_UNKNOWN: default: /* fallback for devices wihout synchronizations */ @@ -195,29 +191,38 @@ static int session_device_start(SessionDevice *sd) { return 0; switch (sd->type) { + case DEVICE_TYPE_DRM: - /* Device is kept open. Simply call drmSetMaster() and hope - * there is no-one else. In case it fails, we keep the device - * paused. Maybe at some point we have a drmStealMaster(). */ - r = sd_drmsetmaster(sd->fd); - if (r < 0) - return r; + + if (sd->fd < 0) { + /* Open device if it isn't open yet */ + sd->fd = session_device_open(sd, true); + if (sd->fd < 0) + return sd->fd; + } else { + /* Device is kept open. Simply call drmSetMaster() and hope there is no-one else. In case it fails, we + * keep the device paused. Maybe at some point we have a drmStealMaster(). */ + r = sd_drmsetmaster(sd->fd); + if (r < 0) + return r; + } break; + case DEVICE_TYPE_EVDEV: - /* Evdev devices are revoked while inactive. Reopen it and we - * are fine. */ + /* Evdev devices are revoked while inactive. Reopen it and we are fine. */ r = session_device_open(sd, true); if (r < 0) return r; - /* For evdev devices, the file descriptor might be left - * uninitialized. This might happen while resuming into a - * session and logind has been restarted right before. */ + + /* For evdev devices, the file descriptor might be left uninitialized. This might happen while resuming + * into a session and logind has been restarted right before. */ safe_close(sd->fd); sd->fd = r; break; + case DEVICE_TYPE_UNKNOWN: default: - /* fallback for devices wihout synchronizations */ + /* fallback for devices without synchronizations */ break; } @@ -232,6 +237,7 @@ static void session_device_stop(SessionDevice *sd) { return; switch (sd->type) { + case DEVICE_TYPE_DRM: /* On DRM devices we simply drop DRM-Master but keep it open. * This allows the user to keep resources allocated. The @@ -239,6 +245,7 @@ static void session_device_stop(SessionDevice *sd) { * circumventing this. */ sd_drmdropmaster(sd->fd); break; + case DEVICE_TYPE_EVDEV: /* Revoke access on evdev file-descriptors during deactivation. * This will basically prevent any operations on the fd and @@ -246,6 +253,7 @@ static void session_device_stop(SessionDevice *sd) { * protection this way. */ sd_eviocrevoke(sd->fd); break; + case DEVICE_TYPE_UNKNOWN: default: /* fallback for devices without synchronization */ @@ -371,10 +379,8 @@ int session_device_new(Session *s, dev_t dev, bool open_device, SessionDevice ** goto error; r = hashmap_put(s->devices, &sd->dev, sd); - if (r < 0) { - r = -ENOMEM; + if (r < 0) goto error; - } if (open_device) { /* Open the device for the first time. We need a valid fd to pass back @@ -423,7 +429,7 @@ void session_device_free(SessionDevice *sd) { session_device_stop(sd); session_device_notify(sd, SESSION_DEVICE_RELEASE); - close_nointr(sd->fd); + safe_close(sd->fd); LIST_REMOVE(sd_by_device, sd->device->session_devices, sd); @@ -458,13 +464,15 @@ void session_device_resume_all(Session *s) { assert(s); HASHMAP_FOREACH(sd, s->devices, i) { - if (!sd->active) { - if (session_device_start(sd) < 0) - continue; - if (session_device_save(sd) < 0) - continue; - session_device_notify(sd, SESSION_DEVICE_RESUME); - } + if (sd->active) + continue; + + if (session_device_start(sd) < 0) + continue; + if (session_device_save(sd) < 0) + continue; + + session_device_notify(sd, SESSION_DEVICE_RESUME); } } @@ -475,25 +483,27 @@ void session_device_pause_all(Session *s) { assert(s); HASHMAP_FOREACH(sd, s->devices, i) { - if (sd->active) { - session_device_stop(sd); - session_device_notify(sd, SESSION_DEVICE_PAUSE); - } + if (!sd->active) + continue; + + session_device_stop(sd); + session_device_notify(sd, SESSION_DEVICE_PAUSE); } } unsigned int session_device_try_pause_all(Session *s) { + unsigned num_pending = 0; SessionDevice *sd; Iterator i; - unsigned int num_pending = 0; assert(s); HASHMAP_FOREACH(sd, s->devices, i) { - if (sd->active) { - session_device_notify(sd, SESSION_DEVICE_TRY_PAUSE); - ++num_pending; - } + if (!sd->active) + continue; + + session_device_notify(sd, SESSION_DEVICE_TRY_PAUSE); + num_pending++; } return num_pending; @@ -516,7 +526,7 @@ int session_device_save(SessionDevice *sd) { return 0; m = strjoina("FDSTORE=1\n" - "FDNAME=session", sd->session->id); + "FDNAME=session-", sd->session->id); r = sd_pid_notify_with_fds(0, false, m, &sd->fd, 1); if (r < 0) @@ -527,11 +537,12 @@ int session_device_save(SessionDevice *sd) { } void session_device_attach_fd(SessionDevice *sd, int fd, bool active) { - assert(fd > 0); + assert(fd >= 0); assert(sd); assert(sd->fd < 0); assert(!sd->active); sd->fd = fd; + sd->pushed_fd = true; sd->active = active; } diff --git a/src/login/logind-session-device.h b/src/login/logind-session-device.h index a1cf17af92..a9ead7bdca 100644 --- a/src/login/logind-session-device.h +++ b/src/login/logind-session-device.h @@ -39,9 +39,9 @@ struct SessionDevice { dev_t dev; char *node; int fd; - bool active; - DeviceType type; - bool pushed_fd; + DeviceType type:3; + bool active:1; + bool pushed_fd:1; LIST_FIELDS(struct SessionDevice, sd_by_device); }; diff --git a/src/login/logind-session.c b/src/login/logind-session.c index 92eb2943fe..1859150b5e 100644 --- a/src/login/logind-session.c +++ b/src/login/logind-session.c @@ -1000,27 +1000,27 @@ static void session_remove_fifo(Session *s) { } } -bool session_check_gc(Session *s, bool drop_not_started) { +bool session_may_gc(Session *s, bool drop_not_started) { assert(s); if (drop_not_started && !s->started) - return false; + return true; if (!s->user) - return false; + return true; if (s->fifo_fd >= 0) { if (pipe_eof(s->fifo_fd) <= 0) - return true; + return false; } if (s->scope_job && manager_job_is_active(s->manager, s->scope_job)) - return true; + return false; if (s->scope && manager_unit_is_active(s->manager, s->scope)) - return true; + return false; - return false; + return true; } void session_add_to_gc_queue(Session *s) { diff --git a/src/login/logind-session.h b/src/login/logind-session.h index 8491832402..16a278c792 100644 --- a/src/login/logind-session.h +++ b/src/login/logind-session.h @@ -131,7 +131,7 @@ struct Session { Session *session_new(Manager *m, const char *id); void session_free(Session *s); void session_set_user(Session *s, User *u); -bool session_check_gc(Session *s, bool drop_not_started); +bool session_may_gc(Session *s, bool drop_not_started); void session_add_to_gc_queue(Session *s); int session_activate(Session *s); bool session_is_active(Session *s); diff --git a/src/login/logind-user.c b/src/login/logind-user.c index 32b2045696..f85564f221 100644 --- a/src/login/logind-user.c +++ b/src/login/logind-user.c @@ -680,25 +680,25 @@ int user_check_linger_file(User *u) { return access(p, F_OK) >= 0; } -bool user_check_gc(User *u, bool drop_not_started) { +bool user_may_gc(User *u, bool drop_not_started) { assert(u); if (drop_not_started && !u->started) - return false; + return true; if (u->sessions) - return true; + return false; if (user_check_linger_file(u) > 0) - return true; + return false; if (u->slice_job && manager_job_is_active(u->manager, u->slice_job)) - return true; + return false; if (u->service_job && manager_job_is_active(u->manager, u->service_job)) - return true; + return false; - return false; + return true; } void user_add_to_gc_queue(User *u) { diff --git a/src/login/logind-user.h b/src/login/logind-user.h index ad1686ffc5..c3452dcd08 100644 --- a/src/login/logind-user.h +++ b/src/login/logind-user.h @@ -66,7 +66,7 @@ User *user_free(User *u); DEFINE_TRIVIAL_CLEANUP_FUNC(User *, user_free); -bool user_check_gc(User *u, bool drop_not_started); +bool user_may_gc(User *u, bool drop_not_started); void user_add_to_gc_queue(User *u); int user_start(User *u); int user_stop(User *u, bool force); diff --git a/src/login/logind.c b/src/login/logind.c index d15d4cec5b..5220861c1d 100644 --- a/src/login/logind.c +++ b/src/login/logind.c @@ -35,6 +35,7 @@ #include "dirent-util.h" #include "fd-util.h" #include "format-util.h" +#include "fs-util.h" #include "logind.h" #include "process-util.h" #include "selinux-util.h" @@ -53,6 +54,7 @@ static void manager_reset_config(Manager *m) { m->handle_suspend_key = HANDLE_SUSPEND; m->handle_hibernate_key = HANDLE_HIBERNATE; m->handle_lid_switch = HANDLE_SUSPEND; + m->handle_lid_switch_ep = _HANDLE_ACTION_INVALID; m->handle_lid_switch_docked = HANDLE_IGNORE; m->power_key_ignore_inhibited = false; m->suspend_key_ignore_inhibited = false; @@ -182,7 +184,7 @@ static void manager_free(Manager *m) { udev_unref(m->udev); if (m->unlink_nologin) - (void) unlink("/run/nologin"); + (void) unlink_or_warn("/run/nologin"); bus_verify_polkit_async_registry_free(m->polkit_registry); @@ -253,11 +255,7 @@ static int manager_enumerate_buttons(Manager *m) { /* Loads buttons from udev */ - if (m->handle_power_key == HANDLE_IGNORE && - m->handle_suspend_key == HANDLE_IGNORE && - m->handle_hibernate_key == HANDLE_IGNORE && - m->handle_lid_switch == HANDLE_IGNORE && - m->handle_lid_switch_docked == HANDLE_IGNORE) + if (manager_all_buttons_ignored(m)) return 0; e = udev_enumerate_new(m->udev); @@ -325,7 +323,9 @@ static int manager_enumerate_seats(Manager *m) { s = hashmap_get(m->seats, de->d_name); if (!s) { - unlinkat(dirfd(d), de->d_name, 0); + if (unlinkat(dirfd(d), de->d_name, 0) < 0) + log_warning("Failed to remove /run/systemd/seats/%s: %m", + de->d_name); continue; } @@ -453,9 +453,15 @@ static int manager_attach_fds(Manager *m) { continue; } + if (!S_ISCHR(st.st_mode) && !S_ISBLK(st.st_mode)) { + log_debug("Device fd doesn't actually point to device node: %m"); + close_nointr(fd); + continue; + } + sd = hashmap_get(s->devices, &st.st_rdev); if (!sd) { - /* Weird we got an fd for a session device which wasn't + /* Weird, we got an fd for a session device which wasn't * recorded in the session state file... */ log_warning("Got fd for missing session device [%u:%u] in session %s", major(st.st_rdev), minor(st.st_rdev), s->id); @@ -905,12 +911,7 @@ static int manager_connect_udev(Manager *m) { return r; /* Don't watch keys if nobody cares */ - if (m->handle_power_key != HANDLE_IGNORE || - m->handle_suspend_key != HANDLE_IGNORE || - m->handle_hibernate_key != HANDLE_IGNORE || - m->handle_lid_switch != HANDLE_IGNORE || - m->handle_lid_switch_docked != HANDLE_IGNORE) { - + if (!manager_all_buttons_ignored(m)) { m->udev_button_monitor = udev_monitor_new_from_netlink(m->udev, "udev"); if (!m->udev_button_monitor) return -ENOMEM; @@ -966,7 +967,7 @@ static void manager_gc(Manager *m, bool drop_not_started) { LIST_REMOVE(gc_queue, m->seat_gc_queue, seat); seat->in_gc_queue = false; - if (!seat_check_gc(seat, drop_not_started)) { + if (seat_may_gc(seat, drop_not_started)) { seat_stop(seat, false); seat_free(seat); } @@ -977,14 +978,14 @@ static void manager_gc(Manager *m, bool drop_not_started) { session->in_gc_queue = false; /* First, if we are not closing yet, initiate stopping */ - if (!session_check_gc(session, drop_not_started) && + if (session_may_gc(session, drop_not_started) && session_get_state(session) != SESSION_CLOSING) session_stop(session, false); /* Normally, this should make the session referenced * again, if it doesn't then let's get rid of it * immediately */ - if (!session_check_gc(session, drop_not_started)) { + if (session_may_gc(session, drop_not_started)) { session_finalize(session); session_free(session); } @@ -995,11 +996,11 @@ static void manager_gc(Manager *m, bool drop_not_started) { user->in_gc_queue = false; /* First step: queue stop jobs */ - if (!user_check_gc(user, drop_not_started)) + if (user_may_gc(user, drop_not_started)) user_stop(user, false); /* Second step: finalize user */ - if (!user_check_gc(user, drop_not_started)) { + if (user_may_gc(user, drop_not_started)) { user_finalize(user); user_free(user); } diff --git a/src/login/logind.conf.in b/src/login/logind.conf.in index 6f720b7708..40a77dc7be 100644 --- a/src/login/logind.conf.in +++ b/src/login/logind.conf.in @@ -22,6 +22,7 @@ #HandleSuspendKey=suspend #HandleHibernateKey=hibernate #HandleLidSwitch=suspend +#HandleLidSwitchExternalPower=suspend #HandleLidSwitchDocked=ignore #PowerKeyIgnoreInhibited=no #SuspendKeyIgnoreInhibited=no diff --git a/src/login/logind.h b/src/login/logind.h index 8262367135..918bc1f919 100644 --- a/src/login/logind.h +++ b/src/login/logind.h @@ -118,6 +118,7 @@ struct Manager { HandleAction handle_suspend_key; HandleAction handle_hibernate_key; HandleAction handle_lid_switch; + HandleAction handle_lid_switch_ep; HandleAction handle_lid_switch_docked; bool power_key_ignore_inhibited; @@ -160,6 +161,8 @@ int manager_get_user_by_pid(Manager *m, pid_t pid, User **user); int manager_get_session_by_pid(Manager *m, pid_t pid, Session **session); bool manager_is_docked_or_external_displays(Manager *m); +bool manager_is_on_external_power(void); +bool manager_all_buttons_ignored(Manager *m); extern const sd_bus_vtable manager_vtable[]; diff --git a/src/login/meson.build b/src/login/meson.build index e8e4f7bd7d..5b75382e5f 100644 --- a/src/login/meson.build +++ b/src/login/meson.build @@ -87,15 +87,8 @@ if conf.get('ENABLE_LOGIND') == 1 install_dir : dbuspolicydir) install_data('org.freedesktop.login1.service', install_dir : dbussystemservicedir) - - i18n.merge_file( - 'org.freedesktop.login1.policy', - input : 'org.freedesktop.login1.policy.in', - output : 'org.freedesktop.login1.policy', - po_dir : po_dir, - data_dirs : po_dir, - install : install_polkit, - install_dir : polkitpolicydir) + install_data('org.freedesktop.login1.policy', + install_dir : polkitpolicydir) install_data('70-power-switch.rules', install_dir : udevrulesdir) diff --git a/src/login/org.freedesktop.login1.policy.in b/src/login/org.freedesktop.login1.policy index 47162022d2..f1d1f956d3 100644 --- a/src/login/org.freedesktop.login1.policy.in +++ b/src/login/org.freedesktop.login1.policy @@ -19,8 +19,8 @@ <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url> <action id="org.freedesktop.login1.inhibit-block-shutdown"> - <description>Allow applications to inhibit system shutdown</description> - <message>Authentication is required for an application to inhibit system shutdown.</message> + <description gettext-domain="systemd">Allow applications to inhibit system shutdown</description> + <message gettext-domain="systemd">Authentication is required for an application to inhibit system shutdown.</message> <defaults> <allow_any>no</allow_any> <allow_inactive>yes</allow_inactive> @@ -30,8 +30,8 @@ </action> <action id="org.freedesktop.login1.inhibit-delay-shutdown"> - <description>Allow applications to delay system shutdown</description> - <message>Authentication is required for an application to delay system shutdown.</message> + <description gettext-domain="systemd">Allow applications to delay system shutdown</description> + <message gettext-domain="systemd">Authentication is required for an application to delay system shutdown.</message> <defaults> <allow_any>yes</allow_any> <allow_inactive>yes</allow_inactive> @@ -41,8 +41,8 @@ </action> <action id="org.freedesktop.login1.inhibit-block-sleep"> - <description>Allow applications to inhibit system sleep</description> - <message>Authentication is required for an application to inhibit system sleep.</message> + <description gettext-domain="systemd">Allow applications to inhibit system sleep</description> + <message gettext-domain="systemd">Authentication is required for an application to inhibit system sleep.</message> <defaults> <allow_any>no</allow_any> <allow_inactive>yes</allow_inactive> @@ -52,8 +52,8 @@ </action> <action id="org.freedesktop.login1.inhibit-delay-sleep"> - <description>Allow applications to delay system sleep</description> - <message>Authentication is required for an application to delay system sleep.</message> + <description gettext-domain="systemd">Allow applications to delay system sleep</description> + <message gettext-domain="systemd">Authentication is required for an application to delay system sleep.</message> <defaults> <allow_any>yes</allow_any> <allow_inactive>yes</allow_inactive> @@ -62,8 +62,8 @@ </action> <action id="org.freedesktop.login1.inhibit-block-idle"> - <description>Allow applications to inhibit automatic system suspend</description> - <message>Authentication is required for an application to inhibit automatic system suspend.</message> + <description gettext-domain="systemd">Allow applications to inhibit automatic system suspend</description> + <message gettext-domain="systemd">Authentication is required for an application to inhibit automatic system suspend.</message> <defaults> <allow_any>yes</allow_any> <allow_inactive>yes</allow_inactive> @@ -72,8 +72,8 @@ </action> <action id="org.freedesktop.login1.inhibit-handle-power-key"> - <description>Allow applications to inhibit system handling of the power key</description> - <message>Authentication is required for an application to inhibit system handling of the power key.</message> + <description gettext-domain="systemd">Allow applications to inhibit system handling of the power key</description> + <message gettext-domain="systemd">Authentication is required for an application to inhibit system handling of the power key.</message> <defaults> <allow_any>no</allow_any> <allow_inactive>yes</allow_inactive> @@ -83,8 +83,8 @@ </action> <action id="org.freedesktop.login1.inhibit-handle-suspend-key"> - <description>Allow applications to inhibit system handling of the suspend key</description> - <message>Authentication is required for an application to inhibit system handling of the suspend key.</message> + <description gettext-domain="systemd">Allow applications to inhibit system handling of the suspend key</description> + <message gettext-domain="systemd">Authentication is required for an application to inhibit system handling of the suspend key.</message> <defaults> <allow_any>no</allow_any> <allow_inactive>yes</allow_inactive> @@ -94,8 +94,8 @@ </action> <action id="org.freedesktop.login1.inhibit-handle-hibernate-key"> - <description>Allow applications to inhibit system handling of the hibernate key</description> - <message>Authentication is required for an application to inhibit system handling of the hibernate key.</message> + <description gettext-domain="systemd">Allow applications to inhibit system handling of the hibernate key</description> + <message gettext-domain="systemd">Authentication is required for an application to inhibit system handling of the hibernate key.</message> <defaults> <allow_any>no</allow_any> <allow_inactive>yes</allow_inactive> @@ -104,8 +104,8 @@ </action> <action id="org.freedesktop.login1.inhibit-handle-lid-switch"> - <description>Allow applications to inhibit system handling of the lid switch</description> - <message>Authentication is required for an application to inhibit system handling of the lid switch.</message> + <description gettext-domain="systemd">Allow applications to inhibit system handling of the lid switch</description> + <message gettext-domain="systemd">Authentication is required for an application to inhibit system handling of the lid switch.</message> <defaults> <allow_any>no</allow_any> <allow_inactive>yes</allow_inactive> @@ -114,8 +114,8 @@ </action> <action id="org.freedesktop.login1.set-self-linger"> - <description>Allow non-logged-in user to run programs</description> - <message>Explicit request is required to run programs as a non-logged-in user.</message> + <description gettext-domain="systemd">Allow non-logged-in user to run programs</description> + <message gettext-domain="systemd">Explicit request is required to run programs as a non-logged-in user.</message> <defaults> <allow_any>yes</allow_any> <allow_inactive>yes</allow_inactive> @@ -124,8 +124,8 @@ </action> <action id="org.freedesktop.login1.set-user-linger"> - <description>Allow non-logged-in users to run programs</description> - <message>Authentication is required to run programs as a non-logged-in user.</message> + <description gettext-domain="systemd">Allow non-logged-in users to run programs</description> + <message gettext-domain="systemd">Authentication is required to run programs as a non-logged-in user.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -134,8 +134,8 @@ </action> <action id="org.freedesktop.login1.attach-device"> - <description>Allow attaching devices to seats</description> - <message>Authentication is required for attaching a device to a seat.</message> + <description gettext-domain="systemd">Allow attaching devices to seats</description> + <message gettext-domain="systemd">Authentication is required for attaching a device to a seat.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -145,8 +145,8 @@ </action> <action id="org.freedesktop.login1.flush-devices"> - <description>Flush device to seat attachments</description> - <message>Authentication is required for resetting how devices are attached to seats.</message> + <description gettext-domain="systemd">Flush device to seat attachments</description> + <message gettext-domain="systemd">Authentication is required for resetting how devices are attached to seats.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -155,8 +155,8 @@ </action> <action id="org.freedesktop.login1.power-off"> - <description>Power off the system</description> - <message>Authentication is required for powering off the system.</message> + <description gettext-domain="systemd">Power off the system</description> + <message gettext-domain="systemd">Authentication is required for powering off the system.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -166,8 +166,8 @@ </action> <action id="org.freedesktop.login1.power-off-multiple-sessions"> - <description>Power off the system while other users are logged in</description> - <message>Authentication is required for powering off the system while other users are logged in.</message> + <description gettext-domain="systemd">Power off the system while other users are logged in</description> + <message gettext-domain="systemd">Authentication is required for powering off the system while other users are logged in.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -177,8 +177,8 @@ </action> <action id="org.freedesktop.login1.power-off-ignore-inhibit"> - <description>Power off the system while an application asked to inhibit it</description> - <message>Authentication is required for powering off the system while an application asked to inhibit it.</message> + <description gettext-domain="systemd">Power off the system while an application asked to inhibit it</description> + <message gettext-domain="systemd">Authentication is required for powering off the system while an application asked to inhibit it.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -188,8 +188,8 @@ </action> <action id="org.freedesktop.login1.reboot"> - <description>Reboot the system</description> - <message>Authentication is required for rebooting the system.</message> + <description gettext-domain="systemd">Reboot the system</description> + <message gettext-domain="systemd">Authentication is required for rebooting the system.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -199,8 +199,8 @@ </action> <action id="org.freedesktop.login1.reboot-multiple-sessions"> - <description>Reboot the system while other users are logged in</description> - <message>Authentication is required for rebooting the system while other users are logged in.</message> + <description gettext-domain="systemd">Reboot the system while other users are logged in</description> + <message gettext-domain="systemd">Authentication is required for rebooting the system while other users are logged in.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -210,8 +210,8 @@ </action> <action id="org.freedesktop.login1.reboot-ignore-inhibit"> - <description>Reboot the system while an application asked to inhibit it</description> - <message>Authentication is required for rebooting the system while an application asked to inhibit it.</message> + <description gettext-domain="systemd">Reboot the system while an application asked to inhibit it</description> + <message gettext-domain="systemd">Authentication is required for rebooting the system while an application asked to inhibit it.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -221,8 +221,8 @@ </action> <action id="org.freedesktop.login1.halt"> - <description>Halt the system</description> - <message>Authentication is required for halting the system.</message> + <description gettext-domain="systemd">Halt the system</description> + <message gettext-domain="systemd">Authentication is required for halting the system.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -232,8 +232,8 @@ </action> <action id="org.freedesktop.login1.halt-multiple-sessions"> - <description>Halt the system while other users are logged in</description> - <message>Authentication is required for halting the system while other users are logged in.</message> + <description gettext-domain="systemd">Halt the system while other users are logged in</description> + <message gettext-domain="systemd">Authentication is required for halting the system while other users are logged in.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -243,8 +243,8 @@ </action> <action id="org.freedesktop.login1.halt-ignore-inhibit"> - <description>Halt the system while an application asked to inhibit it</description> - <message>Authentication is required for halting the system while an application asked to inhibit it.</message> + <description gettext-domain="systemd">Halt the system while an application asked to inhibit it</description> + <message gettext-domain="systemd">Authentication is required for halting the system while an application asked to inhibit it.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -254,8 +254,8 @@ </action> <action id="org.freedesktop.login1.suspend"> - <description>Suspend the system</description> - <message>Authentication is required for suspending the system.</message> + <description gettext-domain="systemd">Suspend the system</description> + <message gettext-domain="systemd">Authentication is required for suspending the system.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -264,8 +264,8 @@ </action> <action id="org.freedesktop.login1.suspend-multiple-sessions"> - <description>Suspend the system while other users are logged in</description> - <message>Authentication is required for suspending the system while other users are logged in.</message> + <description gettext-domain="systemd">Suspend the system while other users are logged in</description> + <message gettext-domain="systemd">Authentication is required for suspending the system while other users are logged in.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -275,8 +275,8 @@ </action> <action id="org.freedesktop.login1.suspend-ignore-inhibit"> - <description>Suspend the system while an application asked to inhibit it</description> - <message>Authentication is required for suspending the system while an application asked to inhibit it.</message> + <description gettext-domain="systemd">Suspend the system while an application asked to inhibit it</description> + <message gettext-domain="systemd">Authentication is required for suspending the system while an application asked to inhibit it.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -286,8 +286,8 @@ </action> <action id="org.freedesktop.login1.hibernate"> - <description>Hibernate the system</description> - <message>Authentication is required for hibernating the system.</message> + <description gettext-domain="systemd">Hibernate the system</description> + <message gettext-domain="systemd">Authentication is required for hibernating the system.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -296,8 +296,8 @@ </action> <action id="org.freedesktop.login1.hibernate-multiple-sessions"> - <description>Hibernate the system while other users are logged in</description> - <message>Authentication is required for hibernating the system while other users are logged in.</message> + <description gettext-domain="systemd">Hibernate the system while other users are logged in</description> + <message gettext-domain="systemd">Authentication is required for hibernating the system while other users are logged in.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -307,8 +307,8 @@ </action> <action id="org.freedesktop.login1.hibernate-ignore-inhibit"> - <description>Hibernate the system while an application asked to inhibit it</description> - <message>Authentication is required for hibernating the system while an application asked to inhibit it.</message> + <description gettext-domain="systemd">Hibernate the system while an application asked to inhibit it</description> + <message gettext-domain="systemd">Authentication is required for hibernating the system while an application asked to inhibit it.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -318,8 +318,8 @@ </action> <action id="org.freedesktop.login1.manage"> - <description>Manage active sessions, users and seats</description> - <message>Authentication is required for managing active sessions, users and seats.</message> + <description gettext-domain="systemd">Manage active sessions, users and seats</description> + <message gettext-domain="systemd">Authentication is required for managing active sessions, users and seats.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -328,8 +328,8 @@ </action> <action id="org.freedesktop.login1.lock-sessions"> - <description>Lock or unlock active sessions</description> - <message>Authentication is required to lock or unlock active sessions.</message> + <description gettext-domain="systemd">Lock or unlock active sessions</description> + <message gettext-domain="systemd">Authentication is required to lock or unlock active sessions.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -338,8 +338,8 @@ </action> <action id="org.freedesktop.login1.set-reboot-to-firmware-setup"> - <description>Allow indication to the firmware to boot to setup interface</description> - <message>Authentication is required to indicate to the firmware to boot to setup interface.</message> + <description gettext-domain="systemd">Allow indication to the firmware to boot to setup interface</description> + <message gettext-domain="systemd">Authentication is required to indicate to the firmware to boot to setup interface.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -348,8 +348,8 @@ </action> <action id="org.freedesktop.login1.set-wall-message"> - <description>Set a wall message</description> - <message>Authentication is required to set a wall message</message> + <description gettext-domain="systemd">Set a wall message</description> + <message gettext-domain="systemd">Authentication is required to set a wall message</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c index 2d7806491b..9c435d6715 100644 --- a/src/machine/machine-dbus.c +++ b/src/machine/machine-dbus.c @@ -1204,7 +1204,7 @@ int bus_machine_method_copy(sd_bus_message *message, void *userdata, sd_bus_erro containerfd = open(container_dirname, O_CLOEXEC|O_RDONLY|O_NOCTTY|O_DIRECTORY); if (containerfd < 0) { - r = log_error_errno(errno, "Failed top open destination directory: %m"); + r = log_error_errno(errno, "Failed to open destination directory: %m"); goto child_fail; } diff --git a/src/machine/machine.c b/src/machine/machine.c index 7375d83a44..4bacf91d26 100644 --- a/src/machine/machine.c +++ b/src/machine/machine.c @@ -486,22 +486,22 @@ int machine_finalize(Machine *m) { return 0; } -bool machine_check_gc(Machine *m, bool drop_not_started) { +bool machine_may_gc(Machine *m, bool drop_not_started) { assert(m); if (m->class == MACHINE_HOST) - return true; + return false; if (drop_not_started && !m->started) - return false; + return true; if (m->scope_job && manager_job_is_active(m->manager, m->scope_job)) - return true; + return false; if (m->unit && manager_unit_is_active(m->manager, m->unit)) - return true; + return false; - return false; + return true; } void machine_add_to_gc_queue(Machine *m) { diff --git a/src/machine/machine.h b/src/machine/machine.h index 1ee82ffe81..1ef5dcdb89 100644 --- a/src/machine/machine.h +++ b/src/machine/machine.h @@ -85,7 +85,7 @@ struct Machine { Machine* machine_new(Manager *manager, MachineClass class, const char *name); void machine_free(Machine *m); -bool machine_check_gc(Machine *m, bool drop_not_started); +bool machine_may_gc(Machine *m, bool drop_not_started); void machine_add_to_gc_queue(Machine *m); int machine_start(Machine *m, sd_bus_message *properties, sd_bus_error *error); int machine_stop(Machine *m); diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c index 75743ce6a6..e695bdbab4 100644 --- a/src/machine/machinectl.c +++ b/src/machine/machinectl.c @@ -1724,6 +1724,8 @@ static int rename_image(int argc, char *argv[], void *userdata) { sd_bus *bus = userdata; int r; + assert(bus); + polkit_agent_open_if_enabled(arg_transport, arg_ask_password); r = sd_bus_call_method( @@ -1749,6 +1751,8 @@ static int clone_image(int argc, char *argv[], void *userdata) { sd_bus *bus = userdata; int r; + assert(bus); + polkit_agent_open_if_enabled(arg_transport, arg_ask_password); r = sd_bus_message_new_method_call( @@ -1778,6 +1782,8 @@ static int read_only_image(int argc, char *argv[], void *userdata) { sd_bus *bus = userdata; int b = true, r; + assert(bus); + if (argc > 2) { b = parse_boolean(argv[2]); if (b < 0) { diff --git a/src/machine/machined-dbus.c b/src/machine/machined-dbus.c index c5e59c4716..2eb97ebed0 100644 --- a/src/machine/machined-dbus.c +++ b/src/machine/machined-dbus.c @@ -1327,7 +1327,7 @@ static int method_map_to_machine_user(sd_bus_message *message, void *userdata, s xsprintf(p, "/proc/" UID_FMT "/uid_map", machine->leader); f = fopen(p, "re"); if (!f) { - log_warning_errno(errno, "Failed top open %s, ignoring,", p); + log_warning_errno(errno, "Failed to open %s, ignoring,", p); continue; } @@ -1445,7 +1445,7 @@ static int method_map_to_machine_group(sd_bus_message *message, void *groupdata, xsprintf(p, "/proc/" GID_FMT "/gid_map", machine->leader); f = fopen(p, "re"); if (!f) { - log_warning_errno(errno, "Failed top open %s, ignoring,", p); + log_warning_errno(errno, "Failed to open %s, ignoring,", p); continue; } diff --git a/src/machine/machined.c b/src/machine/machined.c index 34b2024043..9fb67882e1 100644 --- a/src/machine/machined.c +++ b/src/machine/machined.c @@ -292,14 +292,14 @@ void manager_gc(Manager *m, bool drop_not_started) { machine->in_gc_queue = false; /* First, if we are not closing yet, initiate stopping */ - if (!machine_check_gc(machine, drop_not_started) && + if (machine_may_gc(machine, drop_not_started) && machine_get_state(machine) != MACHINE_CLOSING) machine_stop(machine); /* Now, the stop probably made this referenced * again, but if it didn't, then it's time to let it * go entirely. */ - if (!machine_check_gc(machine, drop_not_started)) { + if (machine_may_gc(machine, drop_not_started)) { machine_finalize(machine); machine_free(machine); } diff --git a/src/machine/meson.build b/src/machine/meson.build index 7ea5d9de80..b530ca6377 100644 --- a/src/machine/meson.build +++ b/src/machine/meson.build @@ -43,15 +43,8 @@ if conf.get('ENABLE_MACHINED') == 1 install_dir : dbuspolicydir) install_data('org.freedesktop.machine1.service', install_dir : dbussystemservicedir) - - i18n.merge_file( - 'org.freedesktop.machine1.policy', - input : 'org.freedesktop.machine1.policy.in', - output : 'org.freedesktop.machine1.policy', - po_dir : po_dir, - data_dirs : po_dir, - install : install_polkit, - install_dir : polkitpolicydir) + install_data('org.freedesktop.machine1.policy', + install_dir : polkitpolicydir) endif tests += [ diff --git a/src/machine/org.freedesktop.machine1.policy.in b/src/machine/org.freedesktop.machine1.policy index eeeeb4c0f8..039c3d4513 100644 --- a/src/machine/org.freedesktop.machine1.policy.in +++ b/src/machine/org.freedesktop.machine1.policy @@ -19,8 +19,8 @@ <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url> <action id="org.freedesktop.machine1.login"> - <description>Log into a local container</description> - <message>Authentication is required to log into a local container.</message> + <description gettext-domain="systemd">Log into a local container</description> + <message gettext-domain="systemd">Authentication is required to log into a local container.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -29,8 +29,8 @@ </action> <action id="org.freedesktop.machine1.host-login"> - <description>Log into the local host</description> - <message>Authentication is required to log into the local host.</message> + <description gettext-domain="systemd">Log into the local host</description> + <message gettext-domain="systemd">Authentication is required to log into the local host.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -39,8 +39,8 @@ </action> <action id="org.freedesktop.machine1.shell"> - <description>Acquire a shell in a local container</description> - <message>Authentication is required to acquire a shell in a local container.</message> + <description gettext-domain="systemd">Acquire a shell in a local container</description> + <message gettext-domain="systemd">Authentication is required to acquire a shell in a local container.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -50,8 +50,8 @@ </action> <action id="org.freedesktop.machine1.host-shell"> - <description>Acquire a shell on the local host</description> - <message>Authentication is required to acquire a shell on the local host.</message> + <description gettext-domain="systemd">Acquire a shell on the local host</description> + <message gettext-domain="systemd">Authentication is required to acquire a shell on the local host.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -61,8 +61,8 @@ </action> <action id="org.freedesktop.machine1.open-pty"> - <description>Acquire a pseudo TTY in a local container</description> - <message>Authentication is required to acquire a pseudo TTY in a local container.</message> + <description gettext-domain="systemd">Acquire a pseudo TTY in a local container</description> + <message gettext-domain="systemd">Authentication is required to acquire a pseudo TTY in a local container.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -71,8 +71,8 @@ </action> <action id="org.freedesktop.machine1.host-open-pty"> - <description>Acquire a pseudo TTY on the local host</description> - <message>Authentication is required to acquire a pseudo TTY on the local host.</message> + <description gettext-domain="systemd">Acquire a pseudo TTY on the local host</description> + <message gettext-domain="systemd">Authentication is required to acquire a pseudo TTY on the local host.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -81,8 +81,8 @@ </action> <action id="org.freedesktop.machine1.manage-machines"> - <description>Manage local virtual machines and containers</description> - <message>Authentication is required to manage local virtual machines and containers.</message> + <description gettext-domain="systemd">Manage local virtual machines and containers</description> + <message gettext-domain="systemd">Authentication is required to manage local virtual machines and containers.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -92,8 +92,8 @@ </action> <action id="org.freedesktop.machine1.manage-images"> - <description>Manage local virtual machine and container images</description> - <message>Authentication is required to manage local virtual machine and container images.</message> + <description gettext-domain="systemd">Manage local virtual machine and container images</description> + <message gettext-domain="systemd">Authentication is required to manage local virtual machine and container images.</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> diff --git a/src/network/netdev/vxlan.c b/src/network/netdev/vxlan.c index 580e5e6505..c9fd931718 100644 --- a/src/network/netdev/vxlan.c +++ b/src/network/netdev/vxlan.c @@ -198,20 +198,23 @@ int config_parse_vxlan_address(const char *unit, r = in_addr_is_multicast(f, &buffer); - if (STR_IN_SET(lvalue, "Group", "Remote")) { + if (streq(lvalue, "Group")) { if (r <= 0) { - log_syntax(unit, LOG_ERR, filename, line, 0, "vxlan invalid multicast '%s' address, ignoring assignment: %s", lvalue, rvalue); + log_syntax(unit, LOG_ERR, filename, line, 0, "vxlan %s invalid multicast address, ignoring assignment: %s", lvalue, rvalue); return 0; } v->remote_family = f; } else { if (r > 0) { - log_syntax(unit, LOG_ERR, filename, line, 0, "vxlan %s can not be multicast address, ignoring assignment: %s", lvalue, rvalue); + log_syntax(unit, LOG_ERR, filename, line, 0, "vxlan %s cannot be a multicast address, ignoring assignment: %s", lvalue, rvalue); return 0; } - v->local_family = f; + if (streq(lvalue, "Remote")) + v->remote_family = f; + else + v->local_family = f; } *addr = buffer; diff --git a/src/network/networkctl.c b/src/network/networkctl.c index 59ce098cd1..14d8ecb03f 100644 --- a/src/network/networkctl.c +++ b/src/network/networkctl.c @@ -56,49 +56,28 @@ static bool arg_no_pager = false; static bool arg_legend = true; static bool arg_all = false; -static int link_get_type_string(unsigned short iftype, sd_device *d, char **ret) { +static char *link_get_type_string(unsigned short iftype, sd_device *d) { const char *t; char *p; - assert(ret); - - if (iftype == ARPHRD_ETHER && d) { - const char *devtype = NULL, *id = NULL; - /* WLANs have iftype ARPHRD_ETHER, but we want - * to show a more useful type string for - * them */ + if (d) { + const char *devtype = NULL; (void) sd_device_get_devtype(d, &devtype); - - if (streq_ptr(devtype, "wlan")) - id = "wlan"; - else if (streq_ptr(devtype, "wwan")) - id = "wwan"; - - if (id) { - p = strdup(id); - if (!p) - return -ENOMEM; - - *ret = p; - return 1; - } + if (!isempty(devtype)) + return strdup(devtype); } t = arphrd_to_name(iftype); - if (!t) { - *ret = NULL; - return 0; - } + if (!t) + return NULL; p = strdup(t); if (!p) - return -ENOMEM; + return NULL; ascii_strlower(p); - *ret = p; - - return 0; + return p; } static void operational_state_to_color(const char *state, const char **on, const char **off) { @@ -323,7 +302,7 @@ static int list_links(int argc, char *argv[], void *userdata) { xsprintf(devid, "n%i", links[i].ifindex); (void) sd_device_new_from_device_id(&d, devid); - (void) link_get_type_string(links[i].iftype, d, &t); + t = link_get_type_string(links[i].iftype, d); printf("%3i %-16s %-18s %s%-11s%s %s%-10s%s\n", links[i].ifindex, links[i].name, strna(t), @@ -816,7 +795,7 @@ static int link_status_one( (void) sd_device_get_property_value(d, "ID_MODEL", &model); } - (void) link_get_type_string(info->iftype, d, &t); + t = link_get_type_string(info->iftype, d); (void) sd_network_link_get_network_file(info->ifindex, &network); diff --git a/src/network/networkd-address.c b/src/network/networkd-address.c index ca5b54bdbf..7e722b1a2e 100644 --- a/src/network/networkd-address.c +++ b/src/network/networkd-address.c @@ -776,7 +776,7 @@ int config_parse_address(const char *unit, if (!e && f == AF_INET) { r = in4_addr_default_prefixlen(&buffer.in, &n->prefixlen); if (r < 0) { - log_syntax(unit, LOG_ERR, filename, line, r, "Prefix length not specified, and a default one can not be deduced for '%s', ignoring assignment", address); + log_syntax(unit, LOG_ERR, filename, line, r, "Prefix length not specified, and a default one cannot be deduced for '%s', ignoring assignment", address); return 0; } } diff --git a/src/network/networkd-ipv6-proxy-ndp.c b/src/network/networkd-ipv6-proxy-ndp.c index 31b7c6b0f4..1a357ac8e6 100644 --- a/src/network/networkd-ipv6-proxy-ndp.c +++ b/src/network/networkd-ipv6-proxy-ndp.c @@ -142,7 +142,7 @@ int config_parse_ipv6_proxy_ndp_address( r = in_addr_is_null(AF_INET6, &buffer); if (r != 0) { log_syntax(unit, LOG_ERR, filename, line, r, - "IPv6 proxy NDP address can not be the ANY address, ignoring: %s", rvalue); + "IPv6 proxy NDP address cannot be the ANY address, ignoring: %s", rvalue); return 0; } diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c index 749b87f336..4f55c0172f 100644 --- a/src/network/networkd-manager.c +++ b/src/network/networkd-manager.c @@ -1380,7 +1380,7 @@ static void dhcp6_prefixes_hash_func(const void *p, struct siphash *state) { static int dhcp6_prefixes_compare_func(const void *_a, const void *_b) { const struct in6_addr *a = _a, *b = _b; - return memcmp(&a, &b, sizeof(*a)); + return memcmp(a, b, sizeof(*a)); } static const struct hash_ops dhcp6_prefixes_hash_ops = { diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c index 2dc3de3f6a..709ae2a0cc 100644 --- a/src/network/networkd-network.c +++ b/src/network/networkd-network.c @@ -635,13 +635,13 @@ int config_parse_netdev(const char *unit, case NETDEV_KIND_VCAN: r = hashmap_put(network->stacked_netdevs, netdev->ifname, netdev); if (r < 0) { - log_syntax(unit, LOG_ERR, filename, line, r, "Can not add NetDev '%s' to network: %m", rvalue); + log_syntax(unit, LOG_ERR, filename, line, r, "Cannot add NetDev '%s' to network: %m", rvalue); return 0; } break; default: - assert_not_reached("Can not parse NetDev"); + assert_not_reached("Cannot parse NetDev"); } netdev_ref(netdev); @@ -894,12 +894,12 @@ int config_parse_ipv6token( r = in_addr_is_null(AF_INET6, &buffer); if (r != 0) { - log_syntax(unit, LOG_ERR, filename, line, r, "IPv6 token can not be the ANY address, ignoring: %s", rvalue); + log_syntax(unit, LOG_ERR, filename, line, r, "IPv6 token cannot be the ANY address, ignoring: %s", rvalue); return 0; } if ((buffer.in6.s6_addr32[0] | buffer.in6.s6_addr32[1]) != 0) { - log_syntax(unit, LOG_ERR, filename, line, 0, "IPv6 token can not be longer than 64 bits, ignoring: %s", rvalue); + log_syntax(unit, LOG_ERR, filename, line, 0, "IPv6 token cannot be longer than 64 bits, ignoring: %s", rvalue); return 0; } @@ -1072,7 +1072,7 @@ int config_parse_dhcp_server_dns( continue; } - m = realloc(n->dhcp_server_dns, (n->n_dhcp_server_dns + 1) * sizeof(struct in_addr)); + m = reallocarray(n->dhcp_server_dns, n->n_dhcp_server_dns + 1, sizeof(struct in_addr)); if (!m) return log_oom(); @@ -1120,7 +1120,7 @@ int config_parse_radv_dns( if (in_addr_from_string(AF_INET6, w, &a) >= 0) { struct in6_addr *m; - m = realloc(n->router_dns, (n->n_router_dns + 1) * sizeof(struct in6_addr)); + m = reallocarray(n->router_dns, n->n_router_dns + 1, sizeof(struct in6_addr)); if (!m) return log_oom(); @@ -1223,7 +1223,7 @@ int config_parse_dhcp_server_ntp( continue; } - m = realloc(n->dhcp_server_ntp, (n->n_dhcp_server_ntp + 1) * sizeof(struct in_addr)); + m = reallocarray(n->dhcp_server_ntp, n->n_dhcp_server_ntp + 1, sizeof(struct in_addr)); if (!m) return log_oom(); @@ -1273,7 +1273,7 @@ int config_parse_dns( continue; } - m = realloc(n->dns, (n->n_dns + 1) * sizeof(struct in_addr_data)); + m = reallocarray(n->dns, n->n_dns + 1, sizeof(struct in_addr_data)); if (!m) return log_oom(); diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c index c9236ea3d1..0ee69114b2 100644 --- a/src/nspawn/nspawn-mount.c +++ b/src/nspawn/nspawn-mount.c @@ -48,7 +48,7 @@ CustomMount* custom_mount_add(CustomMount **l, unsigned *n, CustomMountType t) { assert(t >= 0); assert(t < _CUSTOM_MOUNT_TYPE_MAX); - c = realloc_multiply(*l, (*n + 1), sizeof(CustomMount)); + c = reallocarray(*l, *n + 1, sizeof(CustomMount)); if (!c) return NULL; @@ -545,21 +545,21 @@ int mount_all(const char *dest, { "/proc/sys", "/proc/sys", NULL, NULL, MS_BIND, MOUNT_FATAL|MOUNT_IN_USERNS|MOUNT_APPLY_APIVFS_RO }, /* Bind mount first ... */ { "/proc/sys/net", "/proc/sys/net", NULL, NULL, MS_BIND, MOUNT_FATAL|MOUNT_IN_USERNS|MOUNT_APPLY_APIVFS_RO|MOUNT_APPLY_APIVFS_NETNS }, /* (except for this) */ { NULL, "/proc/sys", NULL, NULL, MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, MOUNT_FATAL|MOUNT_IN_USERNS|MOUNT_APPLY_APIVFS_RO }, /* ... then, make it r/o */ - { "/proc/sysrq-trigger", "/proc/sysrq-trigger", NULL, NULL, MS_BIND, MOUNT_IN_USERNS|MOUNT_APPLY_APIVFS_RO }, /* Bind mount first ... */ - { NULL, "/proc/sysrq-trigger", NULL, NULL, MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, MOUNT_IN_USERNS|MOUNT_APPLY_APIVFS_RO }, /* ... then, make it r/o */ + { "/proc/sysrq-trigger", "/proc/sysrq-trigger", NULL, NULL, MS_BIND, MOUNT_IN_USERNS|MOUNT_APPLY_APIVFS_RO }, /* Bind mount first ... */ + { NULL, "/proc/sysrq-trigger", NULL, NULL, MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, MOUNT_IN_USERNS|MOUNT_APPLY_APIVFS_RO }, /* ... then, make it r/o */ /* outer child mounts */ - { "tmpfs", "/tmp", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME, MOUNT_FATAL }, + { "tmpfs", "/tmp", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME, MOUNT_FATAL }, { "tmpfs", "/sys", "tmpfs", "mode=755", MS_NOSUID|MS_NOEXEC|MS_NODEV, MOUNT_FATAL|MOUNT_APPLY_APIVFS_NETNS }, { "sysfs", "/sys", "sysfs", NULL, MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV, MOUNT_FATAL|MOUNT_APPLY_APIVFS_RO }, /* skipped if above was mounted */ - { "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, MOUNT_FATAL }, /* skipped if above was mounted */ + { "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, MOUNT_FATAL }, /* skipped if above was mounted */ { "tmpfs", "/dev", "tmpfs", "mode=755", MS_NOSUID|MS_STRICTATIME, MOUNT_FATAL }, { "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME, MOUNT_FATAL }, { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME, MOUNT_FATAL }, #if HAVE_SELINUX - { "/sys/fs/selinux", "/sys/fs/selinux", NULL, NULL, MS_BIND, 0 }, /* Bind mount first */ - { NULL, "/sys/fs/selinux", NULL, NULL, MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, 0 }, /* Then, make it r/o */ + { "/sys/fs/selinux", "/sys/fs/selinux", NULL, NULL, MS_BIND, 0 }, /* Bind mount first */ + { NULL, "/sys/fs/selinux", NULL, NULL, MS_BIND|MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REMOUNT, 0 }, /* Then, make it r/o */ #endif }; @@ -634,56 +634,15 @@ int mount_all(const char *dest, return 0; } -static int parse_mount_bind_options(const char *options, unsigned long *mount_flags, char **mount_opts) { - const char *p = options; - unsigned long flags = *mount_flags; - char *opts = NULL; - int r; - - assert(options); - - for (;;) { - _cleanup_free_ char *word = NULL; - - r = extract_first_word(&p, &word, ",", 0); - if (r < 0) - return log_error_errno(r, "Failed to extract mount option: %m"); - if (r == 0) - break; - - if (streq(word, "rbind")) - flags |= MS_REC; - else if (streq(word, "norbind")) - flags &= ~MS_REC; - else { - log_error("Invalid bind mount option: %s", word); - return -EINVAL; - } - } - - *mount_flags = flags; - /* in the future mount_opts will hold string options for mount(2) */ - *mount_opts = opts; - - return 0; -} - static int mount_bind(const char *dest, CustomMount *m) { - _cleanup_free_ char *mount_opts = NULL, *where = NULL; - unsigned long mount_flags = MS_BIND | MS_REC; + _cleanup_free_ char *where = NULL; struct stat source_st, dest_st; int r; assert(dest); assert(m); - if (m->options) { - r = parse_mount_bind_options(m->options, &mount_flags, &mount_opts); - if (r < 0) - return r; - } - if (stat(m->source, &source_st) < 0) return log_error_errno(errno, "Failed to stat %s: %m", m->source); @@ -723,7 +682,7 @@ static int mount_bind(const char *dest, CustomMount *m) { } - r = mount_verbose(LOG_ERR, m->source, where, NULL, mount_flags, mount_opts); + r = mount_verbose(LOG_ERR, m->source, where, NULL, MS_BIND | MS_REC, m->options); if (r < 0) return r; diff --git a/src/nspawn/nspawn-setuid.c b/src/nspawn/nspawn-setuid.c index b08bcd988a..2dee5f8ec8 100644 --- a/src/nspawn/nspawn-setuid.c +++ b/src/nspawn/nspawn-setuid.c @@ -23,13 +23,16 @@ #include <unistd.h> #include "alloc-util.h" +#include "def.h" #include "errno.h" #include "fd-util.h" +#include "fileio.h" #include "mkdir.h" #include "nspawn-setuid.h" #include "process-util.h" #include "signal-util.h" #include "string-util.h" +#include "strv.h" #include "user-util.h" #include "util.h" @@ -45,33 +48,18 @@ static int spawn_getent(const char *database, const char *key, pid_t *rpid) { return log_error_errno(errno, "Failed to allocate pipe: %m"); r = safe_fork("(getent)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG, &pid); - if (r < 0) + if (r < 0) { + safe_close_pair(pipe_fds); return r; + } if (r == 0) { - int nullfd; char *empty_env = NULL; - if (dup3(pipe_fds[1], STDOUT_FILENO, 0) < 0) - _exit(EXIT_FAILURE); - - if (pipe_fds[0] > 2) - safe_close(pipe_fds[0]); - if (pipe_fds[1] > 2) - safe_close(pipe_fds[1]); + safe_close(pipe_fds[0]); - nullfd = open("/dev/null", O_RDWR); - if (nullfd < 0) + if (rearrange_stdio(-1, pipe_fds[1], -1) < 0) _exit(EXIT_FAILURE); - if (dup3(nullfd, STDIN_FILENO, 0) < 0) - _exit(EXIT_FAILURE); - - if (dup3(nullfd, STDERR_FILENO, 0) < 0) - _exit(EXIT_FAILURE); - - if (nullfd > 2) - safe_close(nullfd); - close_all_fds(NULL, 0); execle("/usr/bin/getent", "getent", database, key, NULL, &empty_env); @@ -87,10 +75,10 @@ static int spawn_getent(const char *database, const char *key, pid_t *rpid) { } int change_uid_gid(const char *user, char **_home) { - char line[LINE_MAX], *x, *u, *g, *h; + char *x, *u, *g, *h; const char *word, *state; _cleanup_free_ uid_t *uids = NULL; - _cleanup_free_ char *home = NULL; + _cleanup_free_ char *home = NULL, *line = NULL; _cleanup_fclose_ FILE *f = NULL; _cleanup_close_ int fd = -1; unsigned n_uids = 0; @@ -102,7 +90,7 @@ int change_uid_gid(const char *user, char **_home) { assert(_home); - if (!user || streq(user, "root") || streq(user, "0")) { + if (!user || STR_IN_SET(user, "root", "0")) { /* Reset everything fully to 0, just in case */ r = reset_uid_gid(); @@ -118,21 +106,18 @@ int change_uid_gid(const char *user, char **_home) { if (fd < 0) return fd; - f = fdopen(fd, "r"); + f = fdopen(fd, "re"); if (!f) return log_oom(); fd = -1; - if (!fgets(line, sizeof(line), f)) { - if (!ferror(f)) { - log_error("Failed to resolve user %s.", user); - return -ESRCH; - } - - return log_error_errno(errno, "Failed to read from getent: %m"); + r = read_line(f, LONG_LINE_MAX, &line); + if (r == 0) { + log_error("Failed to resolve user %s.", user); + return -ESRCH; } - - truncate_nl(line); + if (r < 0) + return log_error_errno(r, "Failed to read from getent: %m"); (void) wait_for_terminate_and_check("getent passwd", pid, WAIT_LOG); @@ -195,27 +180,26 @@ int change_uid_gid(const char *user, char **_home) { if (!home) return log_oom(); + f = safe_fclose(f); + line = mfree(line); + /* Second, get group memberships */ fd = spawn_getent("initgroups", user, &pid); if (fd < 0) return fd; - fclose(f); - f = fdopen(fd, "r"); + f = fdopen(fd, "re"); if (!f) return log_oom(); fd = -1; - if (!fgets(line, sizeof(line), f)) { - if (!ferror(f)) { - log_error("Failed to resolve user %s.", user); - return -ESRCH; - } - - return log_error_errno(errno, "Failed to read from getent: %m"); + r = read_line(f, LONG_LINE_MAX, &line); + if (r == 0) { + log_error("Failed to resolve user %s.", user); + return -ESRCH; } - - truncate_nl(line); + if (r < 0) + return log_error_errno(r, "Failed to read from getent: %m"); (void) wait_for_terminate_and_check("getent initgroups", pid, WAIT_LOG); @@ -234,10 +218,8 @@ int change_uid_gid(const char *user, char **_home) { return log_oom(); r = parse_uid(c, &uids[n_uids++]); - if (r < 0) { - log_error("Failed to parse group data from getent."); - return -EIO; - } + if (r < 0) + return log_error_errno(r, "Failed to parse group data from getent: %m"); } r = mkdir_parents(home, 0775); diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index 0f05ecff03..90f1c4184f 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -2233,10 +2233,8 @@ static int chase_symlinks_and_update(char **p, unsigned flags) { if (r < 0) return log_error_errno(r, "Failed to resolve path %s: %m", *p); - free(*p); - *p = chased; - - return 0; + free_and_replace(*p, chased); + return r; /* r might be an fd here in case we ever use CHASE_OPEN in flags */ } static int determine_uid_shift(const char *directory) { @@ -2584,23 +2582,15 @@ static int outer_child( return log_error_errno(errno, "PR_SET_PDEATHSIG failed: %m"); if (interactive) { - close_nointr(STDIN_FILENO); - close_nointr(STDOUT_FILENO); - close_nointr(STDERR_FILENO); - - r = open_terminal(console, O_RDWR); - if (r != STDIN_FILENO) { - if (r >= 0) { - safe_close(r); - r = -EINVAL; - } + int terminal; - return log_error_errno(r, "Failed to open console: %m"); - } + terminal = open_terminal(console, O_RDWR); + if (terminal < 0) + return log_error_errno(terminal, "Failed to open console: %m"); - if (dup2(STDIN_FILENO, STDOUT_FILENO) != STDOUT_FILENO || - dup2(STDIN_FILENO, STDERR_FILENO) != STDERR_FILENO) - return log_error_errno(errno, "Failed to duplicate console: %m"); + r = rearrange_stdio(terminal, terminal, terminal); /* invalidates 'terminal' on success and failure */ + if (r < 0) + return log_error_errno(r, "Failed to move console to stdin/stdout/stderr: %m"); } r = reset_audit_loginuid(); diff --git a/src/nss-mymachines/nss-mymachines.c b/src/nss-mymachines/nss-mymachines.c index b2f46e3db2..8a665cba3e 100644 --- a/src/nss-mymachines/nss-mymachines.c +++ b/src/nss-mymachines/nss-mymachines.c @@ -575,6 +575,8 @@ fail: return NSS_STATUS_UNAVAIL; } +#pragma GCC diagnostic ignored "-Wsizeof-pointer-memaccess" + enum nss_status _nss_mymachines_getgrnam_r( const char *name, struct group *gr, diff --git a/src/nss-systemd/nss-systemd.c b/src/nss-systemd/nss-systemd.c index f75405d2e5..c502b5f5fd 100644 --- a/src/nss-systemd/nss-systemd.c +++ b/src/nss-systemd/nss-systemd.c @@ -328,6 +328,8 @@ fail: return NSS_STATUS_UNAVAIL; } +#pragma GCC diagnostic ignored "-Wsizeof-pointer-memaccess" + enum nss_status _nss_systemd_getgrnam_r( const char *name, struct group *gr, diff --git a/src/resolve/meson.build b/src/resolve/meson.build index 15752d24ff..16ba83ef88 100644 --- a/src/resolve/meson.build +++ b/src/resolve/meson.build @@ -154,6 +154,8 @@ if conf.get('ENABLE_RESOLVE') == 1 install_dir : dbuspolicydir) install_data('org.freedesktop.resolve1.service', install_dir : dbussystemservicedir) + install_data('org.freedesktop.resolve1.policy', + install_dir : polkitpolicydir) resolved_conf = configure_file( input : 'resolved.conf.in', @@ -164,15 +166,6 @@ if conf.get('ENABLE_RESOLVE') == 1 install_data('resolv.conf', install_dir : rootlibexecdir) - - i18n.merge_file( - 'org.freedesktop.resolve1.policy', - input : 'org.freedesktop.resolve1.policy.in', - output : 'org.freedesktop.resolve1.policy', - po_dir : po_dir, - data_dirs : po_dir, - install : install_polkit, - install_dir : polkitpolicydir) endif tests += [ diff --git a/src/resolve/org.freedesktop.resolve1.policy.in b/src/resolve/org.freedesktop.resolve1.policy index da948eb0b7..b65ba3e56a 100644 --- a/src/resolve/org.freedesktop.resolve1.policy.in +++ b/src/resolve/org.freedesktop.resolve1.policy @@ -19,8 +19,8 @@ <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url> <action id="org.freedesktop.resolve1.register-service"> - <description>Register a DNS-SD service</description> - <message>Authentication is required to register a DNS-SD service</message> + <description gettext-domain="systemd">Register a DNS-SD service</description> + <message gettext-domain="systemd">Authentication is required to register a DNS-SD service</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> @@ -30,8 +30,8 @@ </action> <action id="org.freedesktop.resolve1.unregister-service"> - <description>Unregister a DNS-SD service</description> - <message>Authentication is required to unregister a DNS-SD service</message> + <description gettext-domain="systemd">Unregister a DNS-SD service</description> + <message gettext-domain="systemd">Authentication is required to unregister a DNS-SD service</message> <defaults> <allow_any>auth_admin</allow_any> <allow_inactive>auth_admin</allow_inactive> diff --git a/src/resolve/resolve-tool.c b/src/resolve/resolve-tool.c index 2a6bf94070..fce86d1e74 100644 --- a/src/resolve/resolve-tool.c +++ b/src/resolve/resolve-tool.c @@ -88,7 +88,7 @@ static char *arg_set_dnssec = NULL; static char **arg_set_nta = NULL; static ServiceFamily service_family_from_string(const char *s) { - if (s == NULL || streq(s, "tcp")) + if (!s || streq(s, "tcp")) return SERVICE_FAMILY_TCP; if (streq(s, "udp")) return SERVICE_FAMILY_UDP; @@ -1940,12 +1940,10 @@ static int parse_argv(int argc, char *argv[]) { arg_family = AF_INET6; break; - case 'i': { - int ifi; + case 'i': + if (parse_ifindex(optarg, &arg_ifindex) < 0) { + int ifi; - if (parse_ifindex(optarg, &ifi) >= 0) - arg_ifindex = ifi; - else { ifi = if_nametoindex(optarg); if (ifi <= 0) return log_error_errno(errno, "Unknown interface %s: %m", optarg); @@ -1954,7 +1952,6 @@ static int parse_argv(int argc, char *argv[]) { } break; - } case 't': if (streq(optarg, "help")) { @@ -2116,7 +2113,7 @@ static int parse_argv(int argc, char *argv[]) { if (r < 0) return log_error_errno(r, "Failed to parse DNS server address: %s", optarg); - n = realloc(arg_set_dns, sizeof(struct in_addr_data) * (arg_n_set_dns + 1)); + n = reallocarray(arg_set_dns, arg_n_set_dns + 1, sizeof(struct in_addr_data)); if (!n) return log_oom(); arg_set_dns = n; @@ -2134,8 +2131,10 @@ static int parse_argv(int argc, char *argv[]) { r = dns_name_is_valid(p); if (r < 0) return log_error_errno(r, "Failed to validate specified domain %s: %m", p); - if (r == 0) - return log_error_errno(r, "Domain not valid: %s", p); + if (r == 0) { + log_error("Domain not valid: %s", p); + return -EINVAL; + } r = strv_extend(&arg_set_domain, optarg); if (r < 0) @@ -2173,8 +2172,10 @@ static int parse_argv(int argc, char *argv[]) { r = dns_name_is_valid(optarg); if (r < 0) return log_error_errno(r, "Failed to validate specified domain %s: %m", optarg); - if (r == 0) - return log_error_errno(r, "Domain not valid: %s", optarg); + if (r == 0) { + log_error("Domain not valid: %s", optarg); + return -EINVAL; + } r = strv_extend(&arg_set_nta, optarg); if (r < 0) @@ -2415,7 +2416,6 @@ int main(int argc, char **argv) { break; - case MODE_SET_LINK: if (argc > optind) { log_error("Too many arguments."); diff --git a/src/resolve/resolved-dns-dnssec.c b/src/resolve/resolved-dns-dnssec.c index e3eca7e62c..1bd2c93a33 100644 --- a/src/resolve/resolved-dns-dnssec.c +++ b/src/resolve/resolved-dns-dnssec.c @@ -716,7 +716,7 @@ int dnssec_verify_rrset( uint8_t wire_format_name[DNS_WIRE_FOMAT_HOSTNAME_MAX]; DnsResourceRecord **list, *rr; const char *source, *name; - gcry_md_hd_t md = NULL; + _cleanup_(gcry_md_closep) gcry_md_hd_t md = NULL; int r, md_algorithm; size_t k, n = 0; size_t sig_size = 0; @@ -841,13 +841,13 @@ int dnssec_verify_rrset( r = dns_name_to_wire_format(rrsig->rrsig.signer, wire_format_name, sizeof(wire_format_name), true); if (r < 0) - goto finish; + return r; fwrite(wire_format_name, 1, r, f); /* Convert the source of synthesis into wire format */ r = dns_name_to_wire_format(source, wire_format_name, sizeof(wire_format_name), true); if (r < 0) - goto finish; + return r; for (k = 0; k < n; k++) { size_t l; @@ -885,26 +885,20 @@ int dnssec_verify_rrset( #endif case DNSSEC_ALGORITHM_ED448: *result = DNSSEC_UNSUPPORTED_ALGORITHM; - r = 0; - goto finish; + return 0; default: /* OK, the RRs are now in canonical order. Let's calculate the digest */ md_algorithm = algorithm_to_gcrypt_md(rrsig->rrsig.algorithm); if (md_algorithm == -EOPNOTSUPP) { *result = DNSSEC_UNSUPPORTED_ALGORITHM; - r = 0; - goto finish; - } - if (md_algorithm < 0) { - r = md_algorithm; - goto finish; + return 0; } + if (md_algorithm < 0) + return md_algorithm; gcry_md_open(&md, md_algorithm, 0); - if (!md) { - r = -EIO; - goto finish; - } + if (!md) + return -EIO; hash_size = gcry_md_get_algo_dlen(md_algorithm); assert(hash_size > 0); @@ -912,10 +906,8 @@ int dnssec_verify_rrset( gcry_md_write(md, sig_data, sig_size); hash = gcry_md_read(md, 0); - if (!hash) { - r = -EIO; - goto finish; - } + if (!hash) + return -EIO; } switch (rrsig->rrsig.algorithm) { @@ -950,9 +942,8 @@ int dnssec_verify_rrset( break; #endif } - if (r < 0) - goto finish; + return r; /* Now, fix the ttl, expiry, and remember the synthesizing source and the signer */ if (r > 0) @@ -965,13 +956,7 @@ int dnssec_verify_rrset( else *result = DNSSEC_VALIDATED; - r = 0; - -finish: - if (md) - gcry_md_close(md); - - return r; + return 0; } int dnssec_rrsig_match_dnskey(DnsResourceRecord *rrsig, DnsResourceRecord *dnskey, bool revoked_ok) { @@ -1182,7 +1167,7 @@ static int digest_to_gcrypt_md(uint8_t algorithm) { int dnssec_verify_dnskey_by_ds(DnsResourceRecord *dnskey, DnsResourceRecord *ds, bool mask_revoke) { char owner_name[DNSSEC_CANONICAL_HOSTNAME_MAX]; - gcry_md_hd_t md = NULL; + _cleanup_(gcry_md_closep) gcry_md_hd_t md = NULL; size_t hash_size; int md_algorithm, r; void *result; @@ -1238,16 +1223,10 @@ int dnssec_verify_dnskey_by_ds(DnsResourceRecord *dnskey, DnsResourceRecord *ds, gcry_md_write(md, dnskey->dnskey.key, dnskey->dnskey.key_size); result = gcry_md_read(md, 0); - if (!result) { - r = -EIO; - goto finish; - } - - r = memcmp(result, ds->ds.digest, ds->ds.digest_size) != 0; + if (!result) + return -EIO; -finish: - gcry_md_close(md); - return r; + return memcmp(result, ds->ds.digest, ds->ds.digest_size) != 0; } int dnssec_verify_dnskey_by_ds_search(DnsResourceRecord *dnskey, DnsAnswer *validated_ds) { diff --git a/src/resolve/resolved-resolv-conf.c b/src/resolve/resolved-resolv-conf.c index bad04d6a29..c828e9201f 100644 --- a/src/resolve/resolved-resolv-conf.c +++ b/src/resolve/resolved-resolv-conf.c @@ -68,6 +68,7 @@ int manager_read_resolv_conf(Manager *m) { _cleanup_fclose_ FILE *f = NULL; struct stat st; char line[LINE_MAX]; + unsigned n = 0; int r; assert(m); @@ -118,8 +119,10 @@ int manager_read_resolv_conf(Manager *m) { const char *a; char *l; + n++; + l = strstrip(line); - if (IN_SET(*l, '#', ';')) + if (IN_SET(*l, '#', ';', 0)) continue; a = first_word(l, "nameserver"); @@ -139,6 +142,8 @@ int manager_read_resolv_conf(Manager *m) { if (r < 0) log_warning_errno(r, "Failed to parse search domain string '%s', ignoring.", a); } + + log_syntax(NULL, LOG_DEBUG, "/etc/resolv.conf", n, 0, "Ignoring resolv.conf line: %s", l); } m->resolv_conf_mtime = timespec_load(&st.st_mtim); diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c index 99d6a9b143..4fa9188957 100644 --- a/src/shared/ask-password-api.c +++ b/src/shared/ask-password-api.c @@ -201,7 +201,29 @@ static void backspace_chars(int ttyfd, size_t p) { } } +static void backspace_string(int ttyfd, const char *str) { + size_t m; + + assert(str); + + if (ttyfd < 0) + return; + + /* Backspaces through enough characters to entirely undo printing of the specified string. */ + + m = utf8_n_codepoints(str); + if (m == (size_t) -1) + m = strlen(str); /* Not a valid UTF-8 string? If so, let's backspace the number of bytes output. Most + * likely this happened because we are not in an UTF-8 locale, and in that case that + * is the correct thing to do. And even if it's not, terminals tend to stop + * backspacing at the leftmost column, hence backspacing too much should be mostly + * OK. */ + + backspace_chars(ttyfd, m); +} + int ask_password_tty( + int ttyfd, const char *message, const char *keyname, usec_t until, @@ -209,18 +231,19 @@ int ask_password_tty( const char *flag_file, char **ret) { + enum { + POLL_TTY, + POLL_INOTIFY, + _POLL_MAX, + }; + + bool reset_tty = false, dirty = false, use_color = false; + _cleanup_close_ int cttyfd = -1, notify = -1; struct termios old_termios, new_termios; char passphrase[LINE_MAX + 1] = {}, *x; + struct pollfd pollfd[_POLL_MAX]; size_t p = 0, codepoint = 0; int r; - _cleanup_close_ int ttyfd = -1, notify = -1; - struct pollfd pollfd[2]; - bool reset_tty = false; - bool dirty = false; - enum { - POLL_TTY, - POLL_INOTIFY - }; assert(ret); @@ -232,33 +255,34 @@ int ask_password_tty( if (flag_file) { notify = inotify_init1(IN_CLOEXEC|IN_NONBLOCK); - if (notify < 0) { - r = -errno; - goto finish; - } + if (notify < 0) + return -errno; - if (inotify_add_watch(notify, flag_file, IN_ATTRIB /* for the link count */) < 0) { - r = -errno; - goto finish; - } + if (inotify_add_watch(notify, flag_file, IN_ATTRIB /* for the link count */) < 0) + return -errno; } - ttyfd = open("/dev/tty", O_RDWR|O_NOCTTY|O_CLOEXEC); + /* If the caller didn't specify a TTY, then use the controlling tty, if we can. */ + if (ttyfd < 0) + ttyfd = cttyfd = open("/dev/tty", O_RDWR|O_NOCTTY|O_CLOEXEC); + if (ttyfd >= 0) { + if (tcgetattr(ttyfd, &old_termios) < 0) + return -errno; - if (tcgetattr(ttyfd, &old_termios) < 0) { - r = -errno; - goto finish; - } + if (flags & ASK_PASSWORD_CONSOLE_COLOR) + use_color = dev_console_colors_enabled(); + else + use_color = colors_enabled(); + + if (use_color) + (void) loop_write(ttyfd, ANSI_HIGHLIGHT, STRLEN(ANSI_HIGHLIGHT), false); + + (void) loop_write(ttyfd, message, strlen(message), false); + (void) loop_write(ttyfd, " ", 1, false); - if (colors_enabled()) - loop_write(ttyfd, ANSI_HIGHLIGHT, - STRLEN(ANSI_HIGHLIGHT), false); - loop_write(ttyfd, message, strlen(message), false); - loop_write(ttyfd, " ", 1, false); - if (colors_enabled()) - loop_write(ttyfd, ANSI_NORMAL, STRLEN(ANSI_NORMAL), - false); + if (use_color) + (void) loop_write(ttyfd, ANSI_NORMAL, STRLEN(ANSI_NORMAL), false); new_termios = old_termios; new_termios.c_lflag &= ~(ICANON|ECHO); @@ -273,16 +297,19 @@ int ask_password_tty( reset_tty = true; } - zero(pollfd); - pollfd[POLL_TTY].fd = ttyfd >= 0 ? ttyfd : STDIN_FILENO; - pollfd[POLL_TTY].events = POLLIN; - pollfd[POLL_INOTIFY].fd = notify; - pollfd[POLL_INOTIFY].events = POLLIN; + pollfd[POLL_TTY] = (struct pollfd) { + .fd = ttyfd >= 0 ? ttyfd : STDIN_FILENO, + .events = POLLIN, + }; + pollfd[POLL_INOTIFY] = (struct pollfd) { + .fd = notify, + .events = POLLIN, + }; for (;;) { - char c; int sleep_for = -1, k; ssize_t n; + char c; if (until > 0) { usec_t y; @@ -294,7 +321,7 @@ int ask_password_tty( goto finish; } - sleep_for = (int) ((until - y) / USEC_PER_MSEC); + sleep_for = (int) DIV_ROUND_UP(until - y, USEC_PER_MSEC); } if (flag_file) @@ -329,72 +356,99 @@ int ask_password_tty( r = -errno; goto finish; - } else if (n == 0) - break; + } - if (c == '\n') + /* We treat EOF, newline and NUL byte all as valid end markers */ + if (n == 0 || c == '\n' || c == 0) break; - else if (c == 21) { /* C-u */ + + if (c == 21) { /* C-u */ if (!(flags & ASK_PASSWORD_SILENT)) - backspace_chars(ttyfd, p); - p = 0; + backspace_string(ttyfd, passphrase); + + explicit_bzero(passphrase, sizeof(passphrase)); + p = codepoint = 0; } else if (IN_SET(c, '\b', 127)) { if (p > 0) { + size_t q; if (!(flags & ASK_PASSWORD_SILENT)) backspace_chars(ttyfd, 1); - p--; + /* Remove a full UTF-8 codepoint from the end. For that, figure out where the last one + * begins */ + q = 0; + for (;;) { + size_t z; + + z = utf8_encoded_valid_unichar(passphrase + q); + if (z == 0) { + q = (size_t) -1; /* Invalid UTF8! */ + break; + } + + if (q + z >= p) /* This one brings us over the edge */ + break; + + q += z; + } + + p = codepoint = q == (size_t) -1 ? p - 1 : q; + explicit_bzero(passphrase + p, sizeof(passphrase) - p); + } else if (!dirty && !(flags & ASK_PASSWORD_SILENT)) { flags |= ASK_PASSWORD_SILENT; - /* There are two ways to enter silent - * mode. Either by pressing backspace - * as first key (and only as first - * key), or ... */ + /* There are two ways to enter silent mode. Either by pressing backspace as first key + * (and only as first key), or ... */ + if (ttyfd >= 0) - loop_write(ttyfd, "(no echo) ", 10, false); + (void) loop_write(ttyfd, "(no echo) ", 10, false); } else if (ttyfd >= 0) - loop_write(ttyfd, "\a", 1, false); + (void) loop_write(ttyfd, "\a", 1, false); } else if (c == '\t' && !(flags & ASK_PASSWORD_SILENT)) { - backspace_chars(ttyfd, p); + backspace_string(ttyfd, passphrase); flags |= ASK_PASSWORD_SILENT; /* ... or by pressing TAB at any time. */ if (ttyfd >= 0) - loop_write(ttyfd, "(no echo) ", 10, false); - } else { - if (p >= sizeof(passphrase)-1) { - loop_write(ttyfd, "\a", 1, false); - continue; - } + (void) loop_write(ttyfd, "(no echo) ", 10, false); + + } else if (p >= sizeof(passphrase)-1) { + /* Reached the size limit */ + if (ttyfd >= 0) + (void) loop_write(ttyfd, "\a", 1, false); + + } else { passphrase[p++] = c; if (!(flags & ASK_PASSWORD_SILENT) && ttyfd >= 0) { + /* Check if we got a complete UTF-8 character now. If so, let's output one '*'. */ n = utf8_encoded_valid_unichar(passphrase + codepoint); if (n >= 0) { codepoint = p; - loop_write(ttyfd, (flags & ASK_PASSWORD_ECHO) ? &c : "*", 1, false); + (void) loop_write(ttyfd, (flags & ASK_PASSWORD_ECHO) ? &c : "*", 1, false); } } dirty = true; } + /* Let's forget this char, just to not keep needlessly copies of key material around */ c = 'x'; } x = strndup(passphrase, p); - explicit_bzero(passphrase, p); + explicit_bzero(passphrase, sizeof(passphrase)); if (!x) { r = -ENOMEM; goto finish; @@ -408,8 +462,8 @@ int ask_password_tty( finish: if (ttyfd >= 0 && reset_tty) { - loop_write(ttyfd, "\n", 1, false); - tcsetattr(ttyfd, TCSADRAIN, &old_termios); + (void) loop_write(ttyfd, "\n", 1, false); + (void) tcsetattr(ttyfd, TCSADRAIN, &old_termios); } return r; @@ -715,7 +769,7 @@ int ask_password_auto( if (!(flags & ASK_PASSWORD_NO_TTY) && isatty(STDIN_FILENO)) { char *s = NULL, **l = NULL; - r = ask_password_tty(message, keyname, until, flags, NULL, &s); + r = ask_password_tty(-1, message, keyname, until, flags, NULL, &s); if (r < 0) return r; diff --git a/src/shared/ask-password-api.h b/src/shared/ask-password-api.h index f3ca6743a9..4b2eb3fe92 100644 --- a/src/shared/ask-password-api.h +++ b/src/shared/ask-password-api.h @@ -25,15 +25,16 @@ #include "time-util.h" typedef enum AskPasswordFlags { - ASK_PASSWORD_ACCEPT_CACHED = 1, - ASK_PASSWORD_PUSH_CACHE = 2, - ASK_PASSWORD_ECHO = 4, /* show the password literally while reading, instead of "*" */ - ASK_PASSWORD_SILENT = 8, /* do no show any password at all while reading */ - ASK_PASSWORD_NO_TTY = 16, - ASK_PASSWORD_NO_AGENT = 32, + ASK_PASSWORD_ACCEPT_CACHED = 1U << 0, + ASK_PASSWORD_PUSH_CACHE = 1U << 1, + ASK_PASSWORD_ECHO = 1U << 2, /* show the password literally while reading, instead of "*" */ + ASK_PASSWORD_SILENT = 1U << 3, /* do no show any password at all while reading */ + ASK_PASSWORD_NO_TTY = 1U << 4, + ASK_PASSWORD_NO_AGENT = 1U << 5, + ASK_PASSWORD_CONSOLE_COLOR = 1U << 6, /* Use color if /dev/console points to a console that supports color */ } AskPasswordFlags; -int ask_password_tty(const char *message, const char *keyname, usec_t until, AskPasswordFlags flags, const char *flag_file, char **ret); +int ask_password_tty(int tty_fd, const char *message, const char *keyname, usec_t until, AskPasswordFlags flags, const char *flag_file, char **ret); int ask_password_agent(const char *message, const char *icon, const char *id, const char *keyname, usec_t until, AskPasswordFlags flag, char ***ret); int ask_password_keyring(const char *keyname, AskPasswordFlags flags, char ***ret); int ask_password_auto(const char *message, const char *icon, const char *id, const char *keyname, usec_t until, AskPasswordFlags flag, char ***ret); diff --git a/src/shared/bootspec.c b/src/shared/bootspec.c index 9c3bdd47de..0e3e17a776 100644 --- a/src/shared/bootspec.c +++ b/src/shared/bootspec.c @@ -79,8 +79,8 @@ int boot_entry_load(const char *path, BootEntry *entry) { return log_error_errno(errno, "Failed to open \"%s\": %m", path); for (;;) { - _cleanup_free_ char *buf = NULL; - char *p; + _cleanup_free_ char *buf = NULL, *field = NULL; + const char *p; r = read_line(f, LONG_LINE_MAX, &buf); if (r == 0) @@ -95,34 +95,37 @@ int boot_entry_load(const char *path, BootEntry *entry) { if (IN_SET(*strstrip(buf), '#', '\0')) continue; - p = strchr(buf, ' '); - if (!p) { + p = buf; + r = extract_first_word(&p, &field, " \t", 0); + if (r < 0) { + log_error_errno(r, "Failed to parse config file %s line %u: %m", path, line); + continue; + } + if (r == 0) { log_warning("%s:%u: Bad syntax", path, line); continue; } - *p = '\0'; - p = strstrip(p + 1); - if (streq(buf, "title")) + if (streq(field, "title")) r = free_and_strdup(&tmp.title, p); - else if (streq(buf, "version")) + else if (streq(field, "version")) r = free_and_strdup(&tmp.version, p); - else if (streq(buf, "machine-id")) + else if (streq(field, "machine-id")) r = free_and_strdup(&tmp.machine_id, p); - else if (streq(buf, "architecture")) + else if (streq(field, "architecture")) r = free_and_strdup(&tmp.architecture, p); - else if (streq(buf, "options")) + else if (streq(field, "options")) r = strv_extend(&tmp.options, p); - else if (streq(buf, "linux")) + else if (streq(field, "linux")) r = free_and_strdup(&tmp.kernel, p); - else if (streq(buf, "efi")) + else if (streq(field, "efi")) r = free_and_strdup(&tmp.efi, p); - else if (streq(buf, "initrd")) + else if (streq(field, "initrd")) r = strv_extend(&tmp.initrd, p); - else if (streq(buf, "devicetree")) + else if (streq(field, "devicetree")) r = free_and_strdup(&tmp.device_tree, p); else { - log_notice("%s:%u: Unknown line \"%s\"", path, line, buf); + log_notice("%s:%u: Unknown line \"%s\"", path, line, field); continue; } if (r < 0) @@ -164,8 +167,8 @@ int boot_loader_read_conf(const char *path, BootConfig *config) { return log_error_errno(errno, "Failed to open \"%s\": %m", path); for (;;) { - _cleanup_free_ char *buf = NULL; - char *p; + _cleanup_free_ char *buf = NULL, *field = NULL; + const char *p; r = read_line(f, LONG_LINE_MAX, &buf); if (r == 0) @@ -180,22 +183,25 @@ int boot_loader_read_conf(const char *path, BootConfig *config) { if (IN_SET(*strstrip(buf), '#', '\0')) continue; - p = strchr(buf, ' '); - if (!p) { + p = buf; + r = extract_first_word(&p, &field, " \t", 0); + if (r < 0) { + log_error_errno(r, "Failed to parse config file %s line %u: %m", path, line); + continue; + } + if (r == 0) { log_warning("%s:%u: Bad syntax", path, line); continue; } - *p = '\0'; - p = strstrip(p + 1); - if (streq(buf, "default")) + if (streq(field, "default")) r = free_and_strdup(&config->default_pattern, p); - else if (streq(buf, "timeout")) + else if (streq(field, "timeout")) r = free_and_strdup(&config->timeout, p); - else if (streq(buf, "editor")) + else if (streq(field, "editor")) r = free_and_strdup(&config->editor, p); else { - log_notice("%s:%u: Unknown line \"%s\"", path, line, buf); + log_notice("%s:%u: Unknown line \"%s\"", path, line, field); continue; } if (r < 0) diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c index bc77c3abdb..54b2137c9c 100644 --- a/src/shared/bus-unit-util.c +++ b/src/shared/bus-unit-util.c @@ -1135,6 +1135,62 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con return 1; } + if (streq(field, "TemporaryFileSystem")) { + const char *p = eq; + + r = sd_bus_message_open_container(m, SD_BUS_TYPE_STRUCT, "sv"); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_append_basic(m, SD_BUS_TYPE_STRING, field); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_open_container(m, 'v', "a(ss)"); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_open_container(m, 'a', "(ss)"); + if (r < 0) + return bus_log_create_error(r); + + for (;;) { + _cleanup_free_ char *word = NULL, *path = NULL; + const char *w; + + r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES); + if (r < 0) + return log_error_errno(r, "Failed to parse argument: %m"); + if (r == 0) + break; + + w = word; + r = extract_first_word(&w, &path, ":", EXTRACT_DONT_COALESCE_SEPARATORS); + if (r < 0) + return log_error_errno(r, "Failed to parse argument: %m"); + if (r == 0) + return log_error("Failed to parse argument: %m"); + + r = sd_bus_message_append(m, "(ss)", path, w); + if (r < 0) + return bus_log_create_error(r); + } + + r = sd_bus_message_close_container(m); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_close_container(m); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_close_container(m); + if (r < 0) + return bus_log_create_error(r); + + return 1; + } + return 0; } @@ -1263,13 +1319,13 @@ static int bus_append_service_property(sd_bus_message *m, const char *field, con if (val < 0) return log_error_errno(r, "Invalid status or signal %s in %s: %m", word, field); - signal = realloc_multiply(signal, sizeof(int), sz_signal + 1); + signal = reallocarray(signal, sz_signal + 1, sizeof(int)); if (!signal) return log_oom(); signal[sz_signal++] = val; } else { - status = realloc_multiply(status, sizeof(int), sz_status + 1); + status = reallocarray(status, sz_status + 1, sizeof(int)); if (!status) return log_oom(); @@ -2369,7 +2425,7 @@ int unit_show_processes( if (r < 0) return r; - cgroups = hashmap_new(&string_hash_ops); + cgroups = hashmap_new(&path_hash_ops); if (!cgroups) return -ENOMEM; diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c index daddb7cf20..15cfe4e4f7 100644 --- a/src/shared/conf-parser.c +++ b/src/shared/conf-parser.c @@ -1021,3 +1021,119 @@ int config_parse_ip_port( return 0; } + +int config_parse_join_controllers( + const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + + char ****ret = data; + const char *whole_rvalue = rvalue; + unsigned n = 0; + _cleanup_(strv_free_freep) char ***controllers = NULL; + + assert(filename); + assert(lvalue); + assert(rvalue); + assert(ret); + + for (;;) { + _cleanup_free_ char *word = NULL; + char **l; + int r; + + r = extract_first_word(&rvalue, &word, NULL, EXTRACT_QUOTES); + if (r < 0) { + log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue); + return r; + } + if (r == 0) + break; + + l = strv_split(word, ","); + if (!l) + return log_oom(); + strv_uniq(l); + + if (strv_length(l) <= 1) { + strv_free(l); + continue; + } + + if (!controllers) { + controllers = new(char**, 2); + if (!controllers) { + strv_free(l); + return log_oom(); + } + + controllers[0] = l; + controllers[1] = NULL; + + n = 1; + } else { + char ***a; + char ***t; + + t = new0(char**, n+2); + if (!t) { + strv_free(l); + return log_oom(); + } + + n = 0; + + for (a = controllers; *a; a++) + if (strv_overlap(*a, l)) { + if (strv_extend_strv(&l, *a, false) < 0) { + strv_free(l); + strv_free_free(t); + return log_oom(); + } + + } else { + char **c; + + c = strv_copy(*a); + if (!c) { + strv_free(l); + strv_free_free(t); + return log_oom(); + } + + t[n++] = c; + } + + t[n++] = strv_uniq(l); + + strv_free_free(controllers); + controllers = t; + } + } + if (!isempty(rvalue)) + log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring."); + + /* As a special case, return a single empty strv, to override the default */ + if (!controllers) { + controllers = new(char**, 2); + if (!controllers) + return log_oom(); + controllers[0] = strv_new(NULL, NULL); + if (!controllers[0]) + return log_oom(); + controllers[1] = NULL; + } + + strv_free_free(*ret); + *ret = controllers; + controllers = NULL; + + return 0; +} diff --git a/src/shared/conf-parser.h b/src/shared/conf-parser.h index 2fd135baa0..908f530713 100644 --- a/src/shared/conf-parser.h +++ b/src/shared/conf-parser.h @@ -121,44 +121,46 @@ int config_parse_many( void *userdata); /* Generic parsers */ -int config_parse_int(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_unsigned(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_long(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_uint8(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_uint16(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_uint32(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_uint64(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_double(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_iec_size(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_si_size(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_iec_uint64(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_bool(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_tristate(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_string(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_path(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_strv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_sec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_nsec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_log_facility(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_log_level(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_signal(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_personality(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_ifname(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); -int config_parse_ip_port(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); +#define GENERIC_PARSER_ARGS \ + const char *unit, \ + const char *filename, \ + unsigned line, \ + const char *section, \ + unsigned section_line, \ + const char *lvalue, \ + int ltype, \ + const char *rvalue, \ + void *data, \ + void *userdata +int config_parse_int(GENERIC_PARSER_ARGS); +int config_parse_unsigned(GENERIC_PARSER_ARGS); +int config_parse_long(GENERIC_PARSER_ARGS); +int config_parse_uint8(GENERIC_PARSER_ARGS); +int config_parse_uint16(GENERIC_PARSER_ARGS); +int config_parse_uint32(GENERIC_PARSER_ARGS); +int config_parse_uint64(GENERIC_PARSER_ARGS); +int config_parse_double(GENERIC_PARSER_ARGS); +int config_parse_iec_size(GENERIC_PARSER_ARGS); +int config_parse_si_size(GENERIC_PARSER_ARGS); +int config_parse_iec_uint64(GENERIC_PARSER_ARGS); +int config_parse_bool(GENERIC_PARSER_ARGS); +int config_parse_tristate(GENERIC_PARSER_ARGS); +int config_parse_string(GENERIC_PARSER_ARGS); +int config_parse_path(GENERIC_PARSER_ARGS); +int config_parse_strv(GENERIC_PARSER_ARGS); +int config_parse_sec(GENERIC_PARSER_ARGS); +int config_parse_nsec(GENERIC_PARSER_ARGS); +int config_parse_mode(GENERIC_PARSER_ARGS); +int config_parse_log_facility(GENERIC_PARSER_ARGS); +int config_parse_log_level(GENERIC_PARSER_ARGS); +int config_parse_signal(GENERIC_PARSER_ARGS); +int config_parse_personality(GENERIC_PARSER_ARGS); +int config_parse_ifname(GENERIC_PARSER_ARGS); +int config_parse_ip_port(GENERIC_PARSER_ARGS); +int config_parse_join_controllers(GENERIC_PARSER_ARGS); #define DEFINE_CONFIG_PARSE_ENUM(function,name,type,msg) \ - int function(const char *unit, \ - const char *filename, \ - unsigned line, \ - const char *section, \ - unsigned section_line, \ - const char *lvalue, \ - int ltype, \ - const char *rvalue, \ - void *data, \ - void *userdata) { \ - \ + int function(GENERIC_PARSER_ARGS) { \ type *i = data, x; \ \ assert(filename); \ @@ -177,17 +179,7 @@ int config_parse_ip_port(const char *unit, const char *filename, unsigned line, } #define DEFINE_CONFIG_PARSE_ENUMV(function,name,type,invalid,msg) \ - int function(const char *unit, \ - const char *filename, \ - unsigned line, \ - const char *section, \ - unsigned section_line, \ - const char *lvalue, \ - int ltype, \ - const char *rvalue, \ - void *data, \ - void *userdata) { \ - \ + int function(GENERIC_PARSER_ARGS) { \ type **enums = data, x, *ys; \ _cleanup_free_ type *xs = NULL; \ const char *word, *state; \ diff --git a/src/shared/install.c b/src/shared/install.c index 026aa32302..ed5f51cc46 100644 --- a/src/shared/install.c +++ b/src/shared/install.c @@ -311,7 +311,7 @@ int unit_file_changes_add( if (!changes) return 0; - c = realloc(*changes, (*n_changes + 1) * sizeof(UnitFileChange)); + c = reallocarray(*changes, *n_changes + 1, sizeof(UnitFileChange)); if (!c) return -ENOMEM; *changes = c; @@ -522,7 +522,7 @@ static int mark_symlink_for_removal( assert(p); - r = set_ensure_allocated(remove_symlinks_to, &string_hash_ops); + r = set_ensure_allocated(remove_symlinks_to, &path_hash_ops); if (r < 0) return r; @@ -1284,10 +1284,10 @@ static int unit_file_load( info->type = UNIT_FILE_TYPE_MASKED; return 0; } - if (S_ISDIR(st.st_mode)) - return -EISDIR; - if (!S_ISREG(st.st_mode)) - return -ENOTTY; + + r = stat_verify_regular(&st); + if (r < 0) + return r; f = fdopen(fd, "re"); if (!f) @@ -1461,6 +1461,9 @@ static int unit_file_search( return -ENOENT; } + if (info->type == UNIT_FILE_TYPE_MASKED) + return result; + /* Search for drop-in directories */ dropin_dir_name = strjoina(info->name, ".d"); @@ -2163,12 +2166,9 @@ int unit_file_link( if (lstat(full, &st) < 0) return -errno; - if (S_ISLNK(st.st_mode)) - return -ELOOP; - if (S_ISDIR(st.st_mode)) - return -EISDIR; - if (!S_ISREG(st.st_mode)) - return -ENOTTY; + r = stat_verify_regular(&st); + if (r < 0) + return r; q = in_search_path(&paths, *i); if (q < 0) diff --git a/src/shared/journal-util.c b/src/shared/journal-util.c index eb7a75295f..7d53f9dd56 100644 --- a/src/shared/journal-util.c +++ b/src/shared/journal-util.c @@ -28,7 +28,7 @@ #include "strv.h" #include "user-util.h" -static int access_check_var_log_journal(sd_journal *j) { +static int access_check_var_log_journal(sd_journal *j, bool want_other_users) { #if HAVE_ACL _cleanup_strv_free_ char **g = NULL; const char* dir; @@ -81,22 +81,25 @@ static int access_check_var_log_journal(sd_journal *j) { if (!s) return log_oom(); - log_notice("Hint: You are currently not seeing messages from other users and the system.\n" + log_notice("Hint: You are currently not seeing messages from %s.\n" " Users in groups '%s' can see all messages.\n" - " Pass -q to turn off this notice.", s); + " Pass -q to turn off this notice.", + want_other_users ? "other users and the system" : "the system", + s); return 1; } #endif /* If no ACLs were found, print a short version of the message. */ - log_notice("Hint: You are currently not seeing messages from other users and the system.\n" + log_notice("Hint: You are currently not seeing messages from %s.\n" " Users in the 'systemd-journal' group can see all messages. Pass -q to\n" - " turn off this notice."); + " turn off this notice.", + want_other_users ? "other users and the system" : "the system"); return 1; } -int journal_access_check_and_warn(sd_journal *j, bool quiet) { +int journal_access_check_and_warn(sd_journal *j, bool quiet, bool want_other_users) { Iterator it; void *code; char *path; @@ -113,7 +116,7 @@ int journal_access_check_and_warn(sd_journal *j, bool quiet) { if (hashmap_contains(j->errors, INT_TO_PTR(-EACCES))) { if (!quiet) - (void) access_check_var_log_journal(j); + (void) access_check_var_log_journal(j, want_other_users); if (ordered_hashmap_isempty(j->files)) r = log_error_errno(EACCES, "No journal files were opened due to insufficient permissions."); diff --git a/src/shared/journal-util.h b/src/shared/journal-util.h index ef5e314d37..f973729a32 100644 --- a/src/shared/journal-util.h +++ b/src/shared/journal-util.h @@ -26,4 +26,4 @@ bool journal_field_valid(const char *p, size_t l, bool allow_protected); -int journal_access_check_and_warn(sd_journal *j, bool quiet); +int journal_access_check_and_warn(sd_journal *j, bool quiet, bool want_other_users); diff --git a/src/shared/linux/bpf.h b/src/shared/linux/bpf.h index 8477b44609..1df9e7e3d0 100644 --- a/src/shared/linux/bpf.h +++ b/src/shared/linux/bpf.h @@ -1,11 +1,12 @@ +/* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ /* Copyright (c) 2011-2014 PLUMgrid, http://plumgrid.com * * This program is free software; you can redistribute it and/or * modify it under the terms of version 2 of the GNU General Public * License as published by the Free Software Foundation. */ -#ifndef __LINUX_BPF_H__ -#define __LINUX_BPF_H__ +#ifndef _UAPI__LINUX_BPF_H__ +#define _UAPI__LINUX_BPF_H__ #include <linux/types.h> #include <linux/bpf_common.h> @@ -16,7 +17,7 @@ #define BPF_ALU64 0x07 /* alu mode in double word width */ /* ld/ldx fields */ -#define BPF_DW 0x18 /* double word */ +#define BPF_DW 0x18 /* double word (64-bit) */ #define BPF_XADD 0xc0 /* exclusive add */ /* alu/jmp fields */ @@ -30,9 +31,14 @@ #define BPF_FROM_LE BPF_TO_LE #define BPF_FROM_BE BPF_TO_BE +/* jmp encodings */ #define BPF_JNE 0x50 /* jump != */ +#define BPF_JLT 0xa0 /* LT is unsigned, '<' */ +#define BPF_JLE 0xb0 /* LE is unsigned, '<=' */ #define BPF_JSGT 0x60 /* SGT is signed '>', GT in x86 */ #define BPF_JSGE 0x70 /* SGE is signed '>=', GE in x86 */ +#define BPF_JSLT 0xc0 /* SLT is signed, '<' */ +#define BPF_JSLE 0xd0 /* SLE is signed, '<=' */ #define BPF_CALL 0x80 /* function call */ #define BPF_EXIT 0x90 /* function return */ @@ -82,6 +88,12 @@ enum bpf_cmd { BPF_PROG_ATTACH, BPF_PROG_DETACH, BPF_PROG_TEST_RUN, + BPF_PROG_GET_NEXT_ID, + BPF_MAP_GET_NEXT_ID, + BPF_PROG_GET_FD_BY_ID, + BPF_MAP_GET_FD_BY_ID, + BPF_OBJ_GET_INFO_BY_FD, + BPF_PROG_QUERY, }; enum bpf_map_type { @@ -99,6 +111,9 @@ enum bpf_map_type { BPF_MAP_TYPE_LPM_TRIE, BPF_MAP_TYPE_ARRAY_OF_MAPS, BPF_MAP_TYPE_HASH_OF_MAPS, + BPF_MAP_TYPE_DEVMAP, + BPF_MAP_TYPE_SOCKMAP, + BPF_MAP_TYPE_CPUMAP, }; enum bpf_prog_type { @@ -115,22 +130,65 @@ enum bpf_prog_type { BPF_PROG_TYPE_LWT_IN, BPF_PROG_TYPE_LWT_OUT, BPF_PROG_TYPE_LWT_XMIT, + BPF_PROG_TYPE_SOCK_OPS, + BPF_PROG_TYPE_SK_SKB, + BPF_PROG_TYPE_CGROUP_DEVICE, }; enum bpf_attach_type { BPF_CGROUP_INET_INGRESS, BPF_CGROUP_INET_EGRESS, BPF_CGROUP_INET_SOCK_CREATE, + BPF_CGROUP_SOCK_OPS, + BPF_SK_SKB_STREAM_PARSER, + BPF_SK_SKB_STREAM_VERDICT, + BPF_CGROUP_DEVICE, __MAX_BPF_ATTACH_TYPE }; #define MAX_BPF_ATTACH_TYPE __MAX_BPF_ATTACH_TYPE -/* If BPF_F_ALLOW_OVERRIDE flag is used in BPF_PROG_ATTACH command - * to the given target_fd cgroup the descendent cgroup will be able to - * override effective bpf program that was inherited from this cgroup +/* cgroup-bpf attach flags used in BPF_PROG_ATTACH command + * + * NONE(default): No further bpf programs allowed in the subtree. + * + * BPF_F_ALLOW_OVERRIDE: If a sub-cgroup installs some bpf program, + * the program in this cgroup yields to sub-cgroup program. + * + * BPF_F_ALLOW_MULTI: If a sub-cgroup installs some bpf program, + * that cgroup program gets run in addition to the program in this cgroup. + * + * Only one program is allowed to be attached to a cgroup with + * NONE or BPF_F_ALLOW_OVERRIDE flag. + * Attaching another program on top of NONE or BPF_F_ALLOW_OVERRIDE will + * release old program and attach the new one. Attach flags has to match. + * + * Multiple programs are allowed to be attached to a cgroup with + * BPF_F_ALLOW_MULTI flag. They are executed in FIFO order + * (those that were attached first, run first) + * The programs of sub-cgroup are executed first, then programs of + * this cgroup and then programs of parent cgroup. + * When children program makes decision (like picking TCP CA or sock bind) + * parent program has a chance to override it. + * + * A cgroup with MULTI or OVERRIDE flag allows any attach flags in sub-cgroups. + * A cgroup with NONE doesn't allow any programs in sub-cgroups. + * Ex1: + * cgrp1 (MULTI progs A, B) -> + * cgrp2 (OVERRIDE prog C) -> + * cgrp3 (MULTI prog D) -> + * cgrp4 (OVERRIDE prog E) -> + * cgrp5 (NONE prog F) + * the event in cgrp5 triggers execution of F,D,A,B in that order. + * if prog F is detached, the execution is E,D,A,B + * if prog F and D are detached, the execution is E,A,B + * if prog F, E and D are detached, the execution is C,A,B + * + * All eligible programs are executed regardless of return code from + * earlier programs. */ #define BPF_F_ALLOW_OVERRIDE (1U << 0) +#define BPF_F_ALLOW_MULTI (1U << 1) /* If BPF_F_STRICT_ALIGNMENT is used in BPF_PROG_LOAD command, the * verifier will perform strict alignment checking as if the kernel @@ -139,13 +197,20 @@ enum bpf_attach_type { */ #define BPF_F_STRICT_ALIGNMENT (1U << 0) +/* when bpf_ldimm64->src_reg == BPF_PSEUDO_MAP_FD, bpf_ldimm64->imm == fd */ #define BPF_PSEUDO_MAP_FD 1 +/* when bpf_call->src_reg == BPF_PSEUDO_CALL, bpf_call->imm == pc-relative + * offset to another bpf function + */ +#define BPF_PSEUDO_CALL 1 + /* flags for BPF_MAP_UPDATE_ELEM command */ #define BPF_ANY 0 /* create new element or update existing */ #define BPF_NOEXIST 1 /* create new element if it didn't exist */ #define BPF_EXIST 2 /* update existing element */ +/* flags for BPF_MAP_CREATE command */ #define BPF_F_NO_PREALLOC (1U << 0) /* Instead of having one common LRU list in the * BPF_MAP_TYPE_LRU_[PERCPU_]HASH map, use a percpu LRU list @@ -154,6 +219,17 @@ enum bpf_attach_type { * across different LRU lists. */ #define BPF_F_NO_COMMON_LRU (1U << 1) +/* Specify numa node during map creation */ +#define BPF_F_NUMA_NODE (1U << 2) + +/* flags for BPF_PROG_QUERY */ +#define BPF_F_QUERY_EFFECTIVE (1U << 0) + +#define BPF_OBJ_NAME_LEN 16U + +/* Flags for accessing BPF object */ +#define BPF_F_RDONLY (1U << 3) +#define BPF_F_WRONLY (1U << 4) union bpf_attr { struct { /* anonymous struct used by BPF_MAP_CREATE command */ @@ -161,8 +237,15 @@ union bpf_attr { __u32 key_size; /* size of key in bytes */ __u32 value_size; /* size of value in bytes */ __u32 max_entries; /* max number of entries in a map */ - __u32 map_flags; /* prealloc or not */ + __u32 map_flags; /* BPF_MAP_CREATE related + * flags defined above. + */ __u32 inner_map_fd; /* fd pointing to the inner map */ + __u32 numa_node; /* numa node (effective only if + * BPF_F_NUMA_NODE is set). + */ + char map_name[BPF_OBJ_NAME_LEN]; + __u32 map_ifindex; /* ifindex of netdev to create on */ }; struct { /* anonymous struct used by BPF_MAP_*_ELEM commands */ @@ -185,11 +268,14 @@ union bpf_attr { __aligned_u64 log_buf; /* user supplied buffer */ __u32 kern_version; /* checked when prog_type=kprobe */ __u32 prog_flags; + char prog_name[BPF_OBJ_NAME_LEN]; + __u32 prog_ifindex; /* ifindex of netdev to prep for */ }; struct { /* anonymous struct used by BPF_OBJ_* commands */ __aligned_u64 pathname; __u32 bpf_fd; + __u32 file_flags; }; struct { /* anonymous struct used by BPF_PROG_ATTACH/DETACH commands */ @@ -209,6 +295,31 @@ union bpf_attr { __u32 repeat; __u32 duration; } test; + + struct { /* anonymous struct used by BPF_*_GET_*_ID */ + union { + __u32 start_id; + __u32 prog_id; + __u32 map_id; + }; + __u32 next_id; + __u32 open_flags; + }; + + struct { /* anonymous struct used by BPF_OBJ_GET_INFO_BY_FD */ + __u32 bpf_fd; + __u32 info_len; + __aligned_u64 info; + } info; + + struct { /* anonymous struct used by BPF_PROG_QUERY command */ + __u32 target_fd; /* container object to query */ + __u32 attach_type; + __u32 query_flags; + __u32 attach_flags; + __aligned_u64 prog_ids; + __u32 prog_cnt; + } query; } __attribute__((aligned(8))); /* BPF helper function descriptions: @@ -272,7 +383,7 @@ union bpf_attr { * jump into another BPF program * @ctx: context pointer passed to next program * @prog_array_map: pointer to map which type is BPF_MAP_TYPE_PROG_ARRAY - * @index: index inside array that selects specific program to run + * @index: 32-bit index inside array that selects specific program to run * Return: 0 on success or negative error * * int bpf_clone_redirect(skb, ifindex, flags) @@ -313,26 +424,40 @@ union bpf_attr { * @flags: room for future extensions * Return: 0 on success or negative error * - * u64 bpf_perf_event_read(&map, index) - * Return: Number events read or error code + * u64 bpf_perf_event_read(map, flags) + * read perf event counter value + * @map: pointer to perf_event_array map + * @flags: index of event in the map or bitmask flags + * Return: value of perf event counter read or error code * * int bpf_redirect(ifindex, flags) * redirect to another netdev * @ifindex: ifindex of the net device - * @flags: bit 0 - if set, redirect to ingress instead of egress - * other bits - reserved - * Return: TC_ACT_REDIRECT + * @flags: + * cls_bpf: + * bit 0 - if set, redirect to ingress instead of egress + * other bits - reserved + * xdp_bpf: + * all bits - reserved + * Return: cls_bpf: TC_ACT_REDIRECT on success or TC_ACT_SHOT on error + * xdp_bfp: XDP_REDIRECT on success or XDP_ABORT on error + * int bpf_redirect_map(map, key, flags) + * redirect to endpoint in map + * @map: pointer to dev map + * @key: index in map to lookup + * @flags: -- + * Return: XDP_REDIRECT on success or XDP_ABORT on error * * u32 bpf_get_route_realm(skb) * retrieve a dst's tclassid * @skb: pointer to skb * Return: realm if != 0 * - * int bpf_perf_event_output(ctx, map, index, data, size) + * int bpf_perf_event_output(ctx, map, flags, data, size) * output perf raw sample * @ctx: struct pt_regs* * @map: pointer to perf_event_array map - * @index: index of event in the map + * @flags: index of event in the map or bitmask flags * @data: data on stack to be output as raw data * @size: size of data * Return: 0 on success or negative error @@ -490,6 +615,87 @@ union bpf_attr { * Get the owner uid of the socket stored inside sk_buff. * @skb: pointer to skb * Return: uid of the socket owner on success or overflowuid if failed. + * + * u32 bpf_set_hash(skb, hash) + * Set full skb->hash. + * @skb: pointer to skb + * @hash: hash to set + * + * int bpf_setsockopt(bpf_socket, level, optname, optval, optlen) + * Calls setsockopt. Not all opts are available, only those with + * integer optvals plus TCP_CONGESTION. + * Supported levels: SOL_SOCKET and IPPROTO_TCP + * @bpf_socket: pointer to bpf_socket + * @level: SOL_SOCKET or IPPROTO_TCP + * @optname: option name + * @optval: pointer to option value + * @optlen: length of optval in bytes + * Return: 0 or negative error + * + * int bpf_getsockopt(bpf_socket, level, optname, optval, optlen) + * Calls getsockopt. Not all opts are available. + * Supported levels: IPPROTO_TCP + * @bpf_socket: pointer to bpf_socket + * @level: IPPROTO_TCP + * @optname: option name + * @optval: pointer to option value + * @optlen: length of optval in bytes + * Return: 0 or negative error + * + * int bpf_sock_ops_cb_flags_set(bpf_sock_ops, flags) + * Set callback flags for sock_ops + * @bpf_sock_ops: pointer to bpf_sock_ops_kern struct + * @flags: flags value + * Return: 0 for no error + * -EINVAL if there is no full tcp socket + * bits in flags that are not supported by current kernel + * + * int bpf_skb_adjust_room(skb, len_diff, mode, flags) + * Grow or shrink room in sk_buff. + * @skb: pointer to skb + * @len_diff: (signed) amount of room to grow/shrink + * @mode: operation mode (enum bpf_adj_room_mode) + * @flags: reserved for future use + * Return: 0 on success or negative error code + * + * int bpf_sk_redirect_map(map, key, flags) + * Redirect skb to a sock in map using key as a lookup key for the + * sock in map. + * @map: pointer to sockmap + * @key: key to lookup sock in map + * @flags: reserved for future use + * Return: SK_PASS + * + * int bpf_sock_map_update(skops, map, key, flags) + * @skops: pointer to bpf_sock_ops + * @map: pointer to sockmap to update + * @key: key to insert/update sock in map + * @flags: same flags as map update elem + * + * int bpf_xdp_adjust_meta(xdp_md, delta) + * Adjust the xdp_md.data_meta by delta + * @xdp_md: pointer to xdp_md + * @delta: An positive/negative integer to be added to xdp_md.data_meta + * Return: 0 on success or negative on error + * + * int bpf_perf_event_read_value(map, flags, buf, buf_size) + * read perf event counter value and perf event enabled/running time + * @map: pointer to perf_event_array map + * @flags: index of event in the map or bitmask flags + * @buf: buf to fill + * @buf_size: size of the buf + * Return: 0 on success or negative error code + * + * int bpf_perf_prog_read_value(ctx, buf, buf_size) + * read perf prog attached perf event counter and enabled/running time + * @ctx: pointer to ctx + * @buf: buf to fill + * @buf_size: size of the buf + * Return : 0 on success or negative error code + * + * int bpf_override_return(pt_regs, rc) + * @pt_regs: pointer to struct pt_regs + * @rc: the return value to set */ #define __BPF_FUNC_MAPPER(FN) \ FN(unspec), \ @@ -539,7 +745,19 @@ union bpf_attr { FN(xdp_adjust_head), \ FN(probe_read_str), \ FN(get_socket_cookie), \ - FN(get_socket_uid), + FN(get_socket_uid), \ + FN(set_hash), \ + FN(setsockopt), \ + FN(skb_adjust_room), \ + FN(redirect_map), \ + FN(sk_redirect_map), \ + FN(sock_map_update), \ + FN(xdp_adjust_meta), \ + FN(perf_event_read_value), \ + FN(perf_prog_read_value), \ + FN(getsockopt), \ + FN(override_return), \ + FN(sock_ops_cb_flags_set), /* integer value in 'imm' field of BPF_CALL instruction selects which helper * function eBPF program intends to call @@ -583,12 +801,19 @@ enum bpf_func_id { #define BPF_F_ZERO_CSUM_TX (1ULL << 1) #define BPF_F_DONT_FRAGMENT (1ULL << 2) -/* BPF_FUNC_perf_event_output and BPF_FUNC_perf_event_read flags. */ +/* BPF_FUNC_perf_event_output, BPF_FUNC_perf_event_read and + * BPF_FUNC_perf_event_read_value flags. + */ #define BPF_F_INDEX_MASK 0xffffffffULL #define BPF_F_CURRENT_CPU BPF_F_INDEX_MASK /* BPF_FUNC_perf_event_output for sk_buff input context. */ #define BPF_F_CTXLEN_MASK (0xfffffULL << 32) +/* Mode for BPF_FUNC_skb_adjust_room helper. */ +enum bpf_adj_room_mode { + BPF_ADJ_ROOM_NET, +}; + /* user accessible mirror of in-kernel sk_buff. * new fields can only be added to the end of this structure */ @@ -611,6 +836,18 @@ struct __sk_buff { __u32 data; __u32 data_end; __u32 napi_id; + + /* Accessed by BPF_PROG_TYPE_sk_skb types from here to ... */ + __u32 family; + __u32 remote_ip4; /* Stored in network byte order */ + __u32 local_ip4; /* Stored in network byte order */ + __u32 remote_ip6[4]; /* Stored in network byte order */ + __u32 local_ip6[4]; /* Stored in network byte order */ + __u32 remote_port; /* Stored in network byte order */ + __u32 local_port; /* stored in host byte order */ + /* ... here. */ + + __u32 data_meta; }; struct bpf_tunnel_key { @@ -646,20 +883,23 @@ struct bpf_sock { __u32 family; __u32 type; __u32 protocol; + __u32 mark; + __u32 priority; }; #define XDP_PACKET_HEADROOM 256 /* User return codes for XDP prog type. * A valid XDP program must return one of these defined values. All other - * return codes are reserved for future use. Unknown return codes will result - * in packet drop. + * return codes are reserved for future use. Unknown return codes will + * result in packet drops and a warning via bpf_warn_invalid_xdp_action(). */ enum xdp_action { XDP_ABORTED = 0, XDP_DROP, XDP_PASS, XDP_TX, + XDP_REDIRECT, }; /* user accessible metadata for XDP packet hook @@ -668,6 +908,202 @@ enum xdp_action { struct xdp_md { __u32 data; __u32 data_end; + __u32 data_meta; + /* Below access go through struct xdp_rxq_info */ + __u32 ingress_ifindex; /* rxq->dev->ifindex */ + __u32 rx_queue_index; /* rxq->queue_index */ +}; + +enum sk_action { + SK_DROP = 0, + SK_PASS, +}; + +#define BPF_TAG_SIZE 8 + +struct bpf_prog_info { + __u32 type; + __u32 id; + __u8 tag[BPF_TAG_SIZE]; + __u32 jited_prog_len; + __u32 xlated_prog_len; + __aligned_u64 jited_prog_insns; + __aligned_u64 xlated_prog_insns; + __u64 load_time; /* ns since boottime */ + __u32 created_by_uid; + __u32 nr_map_ids; + __aligned_u64 map_ids; + char name[BPF_OBJ_NAME_LEN]; + __u32 ifindex; + __u64 netns_dev; + __u64 netns_ino; +} __attribute__((aligned(8))); + +struct bpf_map_info { + __u32 type; + __u32 id; + __u32 key_size; + __u32 value_size; + __u32 max_entries; + __u32 map_flags; + char name[BPF_OBJ_NAME_LEN]; + __u32 ifindex; + __u64 netns_dev; + __u64 netns_ino; +} __attribute__((aligned(8))); + +/* User bpf_sock_ops struct to access socket values and specify request ops + * and their replies. + * Some of this fields are in network (bigendian) byte order and may need + * to be converted before use (bpf_ntohl() defined in samples/bpf/bpf_endian.h). + * New fields can only be added at the end of this structure + */ +struct bpf_sock_ops { + __u32 op; + union { + __u32 args[4]; /* Optionally passed to bpf program */ + __u32 reply; /* Returned by bpf program */ + __u32 replylong[4]; /* Optionally returned by bpf prog */ + }; + __u32 family; + __u32 remote_ip4; /* Stored in network byte order */ + __u32 local_ip4; /* Stored in network byte order */ + __u32 remote_ip6[4]; /* Stored in network byte order */ + __u32 local_ip6[4]; /* Stored in network byte order */ + __u32 remote_port; /* Stored in network byte order */ + __u32 local_port; /* stored in host byte order */ + __u32 is_fullsock; /* Some TCP fields are only valid if + * there is a full socket. If not, the + * fields read as zero. + */ + __u32 snd_cwnd; + __u32 srtt_us; /* Averaged RTT << 3 in usecs */ + __u32 bpf_sock_ops_cb_flags; /* flags defined in uapi/linux/tcp.h */ + __u32 state; + __u32 rtt_min; + __u32 snd_ssthresh; + __u32 rcv_nxt; + __u32 snd_nxt; + __u32 snd_una; + __u32 mss_cache; + __u32 ecn_flags; + __u32 rate_delivered; + __u32 rate_interval_us; + __u32 packets_out; + __u32 retrans_out; + __u32 total_retrans; + __u32 segs_in; + __u32 data_segs_in; + __u32 segs_out; + __u32 data_segs_out; + __u32 lost_out; + __u32 sacked_out; + __u32 sk_txhash; + __u64 bytes_received; + __u64 bytes_acked; +}; + +/* Definitions for bpf_sock_ops_cb_flags */ +#define BPF_SOCK_OPS_RTO_CB_FLAG (1<<0) +#define BPF_SOCK_OPS_RETRANS_CB_FLAG (1<<1) +#define BPF_SOCK_OPS_STATE_CB_FLAG (1<<2) +#define BPF_SOCK_OPS_ALL_CB_FLAGS 0x7 /* Mask of all currently + * supported cb flags + */ + +/* List of known BPF sock_ops operators. + * New entries can only be added at the end + */ +enum { + BPF_SOCK_OPS_VOID, + BPF_SOCK_OPS_TIMEOUT_INIT, /* Should return SYN-RTO value to use or + * -1 if default value should be used + */ + BPF_SOCK_OPS_RWND_INIT, /* Should return initial advertized + * window (in packets) or -1 if default + * value should be used + */ + BPF_SOCK_OPS_TCP_CONNECT_CB, /* Calls BPF program right before an + * active connection is initialized + */ + BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB, /* Calls BPF program when an + * active connection is + * established + */ + BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB, /* Calls BPF program when a + * passive connection is + * established + */ + BPF_SOCK_OPS_NEEDS_ECN, /* If connection's congestion control + * needs ECN + */ + BPF_SOCK_OPS_BASE_RTT, /* Get base RTT. The correct value is + * based on the path and may be + * dependent on the congestion control + * algorithm. In general it indicates + * a congestion threshold. RTTs above + * this indicate congestion + */ + BPF_SOCK_OPS_RTO_CB, /* Called when an RTO has triggered. + * Arg1: value of icsk_retransmits + * Arg2: value of icsk_rto + * Arg3: whether RTO has expired + */ + BPF_SOCK_OPS_RETRANS_CB, /* Called when skb is retransmitted. + * Arg1: sequence number of 1st byte + * Arg2: # segments + * Arg3: return value of + * tcp_transmit_skb (0 => success) + */ + BPF_SOCK_OPS_STATE_CB, /* Called when TCP changes state. + * Arg1: old_state + * Arg2: new_state + */ +}; + +/* List of TCP states. There is a build check in net/ipv4/tcp.c to detect + * changes between the TCP and BPF versions. Ideally this should never happen. + * If it does, we need to add code to convert them before calling + * the BPF sock_ops function. + */ +enum { + BPF_TCP_ESTABLISHED = 1, + BPF_TCP_SYN_SENT, + BPF_TCP_SYN_RECV, + BPF_TCP_FIN_WAIT1, + BPF_TCP_FIN_WAIT2, + BPF_TCP_TIME_WAIT, + BPF_TCP_CLOSE, + BPF_TCP_CLOSE_WAIT, + BPF_TCP_LAST_ACK, + BPF_TCP_LISTEN, + BPF_TCP_CLOSING, /* Now a valid state */ + BPF_TCP_NEW_SYN_RECV, + + BPF_TCP_MAX_STATES /* Leave at the end! */ +}; + +#define TCP_BPF_IW 1001 /* Set TCP initial congestion window */ +#define TCP_BPF_SNDCWND_CLAMP 1002 /* Set sndcwnd_clamp */ + +struct bpf_perf_event_value { + __u64 counter; + __u64 enabled; + __u64 running; +}; + +#define BPF_DEVCG_ACC_MKNOD (1ULL << 0) +#define BPF_DEVCG_ACC_READ (1ULL << 1) +#define BPF_DEVCG_ACC_WRITE (1ULL << 2) + +#define BPF_DEVCG_DEV_BLOCK (1ULL << 0) +#define BPF_DEVCG_DEV_CHAR (1ULL << 1) + +struct bpf_cgroup_dev_ctx { + /* access_type encoded as (BPF_DEVCG_ACC_* << 16) | BPF_DEVCG_DEV_* */ + __u32 access_type; + __u32 major; + __u32 minor; }; -#endif /* __LINUX_BPF_H__ */ +#endif /* _UAPI__LINUX_BPF_H__ */ diff --git a/src/shared/loop-util.c b/src/shared/loop-util.c index 37b8479f88..0f3defd581 100644 --- a/src/shared/loop-util.c +++ b/src/shared/loop-util.c @@ -27,6 +27,7 @@ #include "alloc-util.h" #include "fd-util.h" #include "loop-util.h" +#include "stat-util.h" int loop_device_make(int fd, int open_flags, LoopDevice **ret) { const struct loop_info64 info = { @@ -37,7 +38,7 @@ int loop_device_make(int fd, int open_flags, LoopDevice **ret) { _cleanup_free_ char *loopdev = NULL; struct stat st; LoopDevice *d; - int nr; + int nr, r; assert(fd >= 0); assert(ret); @@ -69,8 +70,9 @@ int loop_device_make(int fd, int open_flags, LoopDevice **ret) { return 0; } - if (!S_ISREG(st.st_mode)) - return -EINVAL; + r = stat_verify_regular(&st); + if (r < 0) + return r; control = open("/dev/loop-control", O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK); if (control < 0) diff --git a/src/shared/path-lookup.c b/src/shared/path-lookup.c index d57c78a8b1..5f31831c99 100644 --- a/src/shared/path-lookup.c +++ b/src/shared/path-lookup.c @@ -169,6 +169,8 @@ int xdg_user_dirs(char ***ret_config_dirs, char ***ret_data_dirs) { static char** user_dirs( const char *persistent_config, const char *runtime_config, + const char *global_persistent_config, + const char *global_runtime_config, const char *generator, const char *generator_early, const char *generator_late, @@ -209,12 +211,19 @@ static char** user_dirs( if (strv_extend(&res, persistent_config) < 0) return NULL; + /* global config has lower priority than the user config of the same type */ + if (strv_extend(&res, global_persistent_config) < 0) + return NULL; + if (strv_extend_strv(&res, (char**) user_config_unit_paths, false) < 0) return NULL; if (strv_extend(&res, runtime_config) < 0) return NULL; + if (strv_extend(&res, global_runtime_config) < 0) + return NULL; + if (strv_extend(&res, generator) < 0) return NULL; @@ -411,11 +420,11 @@ static int acquire_control_dirs(UnitFileScope scope, char **persistent, char **r } case UNIT_FILE_USER: - r = xdg_user_config_dir(&a, "/systemd/system.control"); + r = xdg_user_config_dir(&a, "/systemd/user.control"); if (r < 0 && r != -ENXIO) return r; - r = xdg_user_runtime_dir(runtime, "/systemd/system.control"); + r = xdg_user_runtime_dir(runtime, "/systemd/user.control"); if (r < 0) { if (r != -ENXIO) return r; @@ -484,6 +493,7 @@ int lookup_paths_init( _cleanup_free_ char *root = NULL, *persistent_config = NULL, *runtime_config = NULL, + *global_persistent_config = NULL, *global_runtime_config = NULL, *generator = NULL, *generator_early = NULL, *generator_late = NULL, *transient = NULL, *persistent_control = NULL, *runtime_control = NULL; @@ -522,6 +532,12 @@ int lookup_paths_init( if (r < 0) return r; + if (scope == UNIT_FILE_USER) { + r = acquire_config_dirs(UNIT_FILE_GLOBAL, &global_persistent_config, &global_runtime_config); + if (r < 0) + return r; + } + if ((flags & LOOKUP_PATHS_EXCLUDE_GENERATED) == 0) { /* Note: if XDG_RUNTIME_DIR is not set, this will fail completely with ENXIO */ r = acquire_generator_dirs(scope, tempdir, @@ -610,20 +626,21 @@ int lookup_paths_init( runtime_config, "/run/systemd/user", STRV_IFNOTNULL(generator), - "/usr/local/lib/systemd/user", "/usr/local/share/systemd/user", + "/usr/share/systemd/user", + "/usr/local/lib/systemd/user", USER_DATA_UNIT_PATH, "/usr/lib/systemd/user", - "/usr/share/systemd/user", STRV_IFNOTNULL(generator_late), NULL); break; case UNIT_FILE_USER: add = user_dirs(persistent_config, runtime_config, + global_persistent_config, global_runtime_config, generator, generator_early, generator_late, transient, - persistent_config, runtime_control); + persistent_control, runtime_control); break; default: diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c index fbb232cd45..220658b3ad 100644 --- a/src/shared/seccomp-util.c +++ b/src/shared/seccomp-util.c @@ -935,7 +935,7 @@ int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, u /* If the system call is not known on this architecture, then that's fine, let's ignore it */ _cleanup_free_ char *n = NULL; - n = seccomp_syscall_resolve_num_arch(arch, PTR_TO_INT(id) - 1); + n = seccomp_syscall_resolve_num_arch(SCMP_ARCH_NATIVE, PTR_TO_INT(id) - 1); log_debug_errno(r, "Failed to add rule for system call %s() / %d, ignoring: %m", strna(n), PTR_TO_INT(id) - 1); } } @@ -950,13 +950,11 @@ int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, u return 0; } -int seccomp_parse_syscall_filter_internal( - bool invert, +int seccomp_parse_syscall_filter_full( const char *name, int errno_num, Hashmap *filter, - bool whitelist, - bool warn, + SeccompParseFlags flags, const char *unit, const char *filename, unsigned line) { @@ -972,15 +970,20 @@ int seccomp_parse_syscall_filter_internal( set = syscall_filter_set_find(name); if (!set) { - if (warn) { - log_syntax(unit, LOG_WARNING, filename, line, 0, "Unknown system call group, ignoring: %s", name); - return 0; - } else + if (!(flags & SECCOMP_PARSE_PERMISSIVE)) return -EINVAL; + + log_syntax(unit, flags & SECCOMP_PARSE_LOG ? LOG_WARNING : LOG_DEBUG, filename, line, 0, + "Unknown system call group, ignoring: %s", name); + return 0; } NULSTR_FOREACH(i, set->value) { - r = seccomp_parse_syscall_filter_internal(invert, i, errno_num, filter, whitelist, warn, unit, filename, line); + /* Call ourselves again, for the group to parse. Note that we downgrade logging here (i.e. take + * away the SECCOMP_PARSE_LOG flag) since any issues in the group table are our own problem, + * not a problem in user configuration data and we shouldn't pretend otherwise by complaining + * about them. */ + r = seccomp_parse_syscall_filter_full(i, errno_num, filter, flags &~ SECCOMP_PARSE_LOG, unit, filename, line); if (r < 0) return r; } @@ -989,19 +992,20 @@ int seccomp_parse_syscall_filter_internal( id = seccomp_syscall_resolve_name(name); if (id == __NR_SCMP_ERROR) { - if (warn) { - log_syntax(unit, LOG_WARNING, filename, line, 0, "Failed to parse system call, ignoring: %s", name); - return 0; - } else + if (!(flags & SECCOMP_PARSE_PERMISSIVE)) return -EINVAL; + + log_syntax(unit, flags & SECCOMP_PARSE_LOG ? LOG_WARNING : LOG_DEBUG, filename, line, 0, + "Failed to parse system call, ignoring: %s", name); + return 0; } /* If we previously wanted to forbid a syscall and now * we want to allow it, then remove it from the list. */ - if (!invert == whitelist) { + if (!(flags & SECCOMP_PARSE_INVERT) == !!(flags & SECCOMP_PARSE_WHITELIST)) { r = hashmap_put(filter, INT_TO_PTR(id + 1), INT_TO_PTR(errno_num)); if (r < 0) - return warn ? log_oom() : -ENOMEM; + return flags & SECCOMP_PARSE_LOG ? log_oom() : -ENOMEM; } else (void) hashmap_remove(filter, INT_TO_PTR(id + 1)); } @@ -1534,17 +1538,35 @@ int seccomp_restrict_archs(Set *archs) { int r; /* This installs a filter with no rules, but that restricts the system call architectures to the specified - * list. */ + * list. + * + * There are some qualifications. However the most important use is to stop processes from bypassing + * system call restrictions, in case they used a broader (multiplexing) syscall which is only available + * in a non-native architecture. There are no holes in this use case, at least so far. */ + /* Note libseccomp includes our "native" (current) architecture in the filter by default. + * We do not remove it. For example, our callers expect to be able to call execve() afterwards + * to run a program with the restrictions applied. */ seccomp = seccomp_init(SCMP_ACT_ALLOW); if (!seccomp) return -ENOMEM; SET_FOREACH(id, archs, i) { r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1); - if (r == -EEXIST) - continue; - if (r < 0) + if (r < 0 && r != -EEXIST) + return r; + } + + /* The vdso for x32 assumes that x86-64 syscalls are available. Let's allow them, since x32 + * x32 syscalls should basically match x86-64 for everything except the pointer type. + * The important thing is that you can block the old 32-bit x86 syscalls. + * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850047 */ + + if (seccomp_arch_native() == SCMP_ARCH_X32 || + set_contains(archs, UINT32_TO_PTR(SCMP_ARCH_X32 + 1))) { + + r = seccomp_arch_add(seccomp, SCMP_ARCH_X86_64); + if (r < 0 && r != -EEXIST) return r; } diff --git a/src/shared/seccomp-util.h b/src/shared/seccomp-util.h index 0b30cdf388..5915ceb9a3 100644 --- a/src/shared/seccomp-util.h +++ b/src/shared/seccomp-util.h @@ -81,22 +81,19 @@ int seccomp_add_syscall_filter_item(scmp_filter_ctx *ctx, const char *name, uint int seccomp_load_syscall_filter_set(uint32_t default_action, const SyscallFilterSet *set, uint32_t action); int seccomp_load_syscall_filter_set_raw(uint32_t default_action, Hashmap* set, uint32_t action); -int seccomp_parse_syscall_filter_internal( - bool invert, const char *name, int errno_num, Hashmap *filter, bool whitelist, - bool warn, const char *unit, const char *filename, unsigned line); - -static inline int seccomp_parse_syscall_filter_and_warn( - bool invert, const char *name, int errno_num, Hashmap *filter, bool whitelist, - const char *unit, const char *filename, unsigned line) { - assert(unit); - assert(filename); - - return seccomp_parse_syscall_filter_internal(invert, name, errno_num, filter, whitelist, true, unit, filename, line); -} - -static inline int seccomp_parse_syscall_filter( - bool invert, const char *name, int errno_num, Hashmap *filter, bool whitelist) { - return seccomp_parse_syscall_filter_internal(invert, name, errno_num, filter, whitelist, false, NULL, NULL, 0); +typedef enum SeccompParseFlags { + SECCOMP_PARSE_INVERT = 1U << 0, + SECCOMP_PARSE_WHITELIST = 1U << 1, + SECCOMP_PARSE_LOG = 1U << 2, + SECCOMP_PARSE_PERMISSIVE = 1U << 3, +} SeccompParseFlags; + +int seccomp_parse_syscall_filter_full( + const char *name, int errno_num, Hashmap *filter, SeccompParseFlags flags, + const char *unit, const char *filename, unsigned line); + +static inline int seccomp_parse_syscall_filter(const char *name, int errno_num, Hashmap *filter, SeccompParseFlags flags) { + return seccomp_parse_syscall_filter_full(name, errno_num, filter, flags, NULL, NULL, 0); } int seccomp_restrict_archs(Set *archs); diff --git a/src/shared/uid-range.c b/src/shared/uid-range.c index c38b7cc984..37d7c981f2 100644 --- a/src/shared/uid-range.c +++ b/src/shared/uid-range.c @@ -22,6 +22,7 @@ #include <stdlib.h> #include <string.h> +#include "alloc-util.h" #include "macro.h" #include "uid-range.h" #include "user-util.h" @@ -109,7 +110,7 @@ int uid_range_add(UidRange **p, unsigned *n, uid_t start, uid_t nr) { } else { UidRange *t; - t = realloc(*p, sizeof(UidRange) * (*n + 1)); + t = reallocarray(*p, *n + 1, sizeof(UidRange)); if (!t) return -ENOMEM; diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c index a1dc95b2bb..d97656d6fe 100644 --- a/src/sysctl/sysctl.c +++ b/src/sysctl/sysctl.c @@ -110,19 +110,19 @@ static int parse_file(OrderedHashmap *sysctl_options, const char *path, bool ign _cleanup_free_ char *l = NULL; void *v; int k; + k = read_line(f, LONG_LINE_MAX, &l); if (k == 0) break; - if (k < 0) return log_error_errno(k, "Failed to read file '%s', ignoring: %m", path); c++; p = strstrip(l); - if (!*p) - continue; + if (isempty(p)) + continue; if (strchr(COMMENTS "\n", *p)) continue; @@ -261,7 +261,7 @@ int main(int argc, char *argv[]) { umask(0022); - sysctl_options = ordered_hashmap_new(&string_hash_ops); + sysctl_options = ordered_hashmap_new(&path_hash_ops); if (!sysctl_options) { r = log_oom(); goto finish; diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c index 5732d88a17..1e975a5f2f 100644 --- a/src/systemctl/systemctl.c +++ b/src/systemctl/systemctl.c @@ -22,7 +22,6 @@ #include <errno.h> #include <fcntl.h> #include <getopt.h> -#include <linux/reboot.h> #include <locale.h> #include <stdbool.h> #include <stddef.h> @@ -57,8 +56,8 @@ #include "format-util.h" #include "fs-util.h" #include "glob-util.h" -#include "hostname-util.h" #include "hexdecoct.h" +#include "hostname-util.h" #include "initreq.h" #include "install.h" #include "io-util.h" @@ -73,6 +72,7 @@ #include "path-lookup.h" #include "path-util.h" #include "process-util.h" +#include "reboot-util.h" #include "rlimit-util.h" #include "set.h" #include "sigbus.h" @@ -2942,7 +2942,8 @@ static int start_unit_one( log_error("Failed to %s %s: %s", verb, name, bus_error_message(error, r)); if (!sd_bus_error_has_name(error, BUS_ERROR_NO_SUCH_UNIT) && - !sd_bus_error_has_name(error, BUS_ERROR_UNIT_MASKED)) + !sd_bus_error_has_name(error, BUS_ERROR_UNIT_MASKED) && + !sd_bus_error_has_name(error, BUS_ERROR_JOB_TYPE_NOT_APPLICABLE)) log_error("See %s logs and 'systemctl%s status%s %s' for details.", arg_scope == UNIT_FILE_SYSTEM ? "system" : "user", arg_scope == UNIT_FILE_SYSTEM ? "" : " --user", @@ -4870,7 +4871,7 @@ static int print_property(const char *name, sd_bus_message *m, const char *conte return bus_log_parse_error(r); while ((r = sd_bus_message_read(m, "(sb)", &path, &ignore)) > 0) - print_prop("EnvironmentFile", "%s (ignore_errors=%s)", path, yes_no(ignore)); + print_prop(name, "%s (ignore_errors=%s)", path, yes_no(ignore)); if (r < 0) return bus_log_parse_error(r); @@ -4889,7 +4890,7 @@ static int print_property(const char *name, sd_bus_message *m, const char *conte return bus_log_parse_error(r); while ((r = sd_bus_message_read(m, "(ss)", &type, &path)) > 0) - print_prop(type, "%s", path); + print_prop(name, "%s (%s)", path, type); if (r < 0) return bus_log_parse_error(r); @@ -4907,10 +4908,7 @@ static int print_property(const char *name, sd_bus_message *m, const char *conte return bus_log_parse_error(r); while ((r = sd_bus_message_read(m, "(ss)", &type, &path)) > 0) - if (arg_value) - puts(path); - else - printf("Listen%s=%s\n", type, path); + print_prop(name, "%s (%s)", path, type); if (r < 0) return bus_log_parse_error(r); @@ -4920,7 +4918,7 @@ static int print_property(const char *name, sd_bus_message *m, const char *conte return 0; - } else if (contents[1] == SD_BUS_TYPE_STRUCT_BEGIN && streq(name, "Timers")) { + } else if (contents[1] == SD_BUS_TYPE_STRUCT_BEGIN && streq(name, "TimersMonotonic")) { const char *base; uint64_t value, next_elapse; @@ -4931,7 +4929,7 @@ static int print_property(const char *name, sd_bus_message *m, const char *conte while ((r = sd_bus_message_read(m, "(stt)", &base, &value, &next_elapse)) > 0) { char timespan1[FORMAT_TIMESPAN_MAX], timespan2[FORMAT_TIMESPAN_MAX]; - print_prop(base, "{ value=%s ; next_elapse=%s }", + print_prop(name, "{ %s=%s ; next_elapse=%s }", base, format_timespan(timespan1, sizeof(timespan1), value, 0), format_timespan(timespan2, sizeof(timespan2), next_elapse, 0)); } @@ -4944,6 +4942,29 @@ static int print_property(const char *name, sd_bus_message *m, const char *conte return 0; + } else if (contents[1] == SD_BUS_TYPE_STRUCT_BEGIN && streq(name, "TimersCalendar")) { + const char *base, *spec; + uint64_t next_elapse; + + r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, "(sst)"); + if (r < 0) + return bus_log_parse_error(r); + + while ((r = sd_bus_message_read(m, "(sst)", &base, &spec, &next_elapse)) > 0) { + char timestamp[FORMAT_TIMESTAMP_MAX]; + + print_prop(name, "{ %s=%s ; next_elapse=%s }", base, spec, + format_timestamp(timestamp, sizeof(timestamp), next_elapse)); + } + if (r < 0) + return bus_log_parse_error(r); + + r = sd_bus_message_exit_container(m); + if (r < 0) + return bus_log_parse_error(r); + + return 0; + } else if (contents[1] == SD_BUS_TYPE_STRUCT_BEGIN && startswith(name, "Exec")) { ExecStatusInfo info = {}; @@ -7227,85 +7248,85 @@ static void systemctl_help(void) { " --firmware-setup Tell the firmware to show the setup menu on next boot\n" " --plain Print unit dependencies as a list instead of a tree\n\n" "Unit Commands:\n" - " list-units [PATTERN...] List units currently in memory\n" - " list-sockets [PATTERN...] List socket units currently in memory, ordered\n" - " by address\n" - " list-timers [PATTERN...] List timer units currently in memory, ordered\n" - " by next elapse\n" - " start NAME... Start (activate) one or more units\n" - " stop NAME... Stop (deactivate) one or more units\n" - " reload NAME... Reload one or more units\n" - " restart NAME... Start or restart one or more units\n" - " try-restart NAME... Restart one or more units if active\n" - " reload-or-restart NAME... Reload one or more units if possible,\n" - " otherwise start or restart\n" - " try-reload-or-restart NAME... If active, reload one or more units,\n" - " if supported, otherwise restart\n" - " isolate NAME Start one unit and stop all others\n" - " kill NAME... Send signal to processes of a unit\n" - " is-active PATTERN... Check whether units are active\n" - " is-failed PATTERN... Check whether units are failed\n" - " status [PATTERN...|PID...] Show runtime status of one or more units\n" - " show [PATTERN...|JOB...] Show properties of one or more\n" - " units/jobs or the manager\n" - " cat PATTERN... Show files and drop-ins of one or more units\n" - " set-property NAME ASSIGNMENT... Sets one or more properties of a unit\n" - " help PATTERN...|PID... Show manual for one or more units\n" - " reset-failed [PATTERN...] Reset failed state for all, one, or more\n" - " units\n" - " list-dependencies [NAME] Recursively show units which are required\n" - " or wanted by this unit or by which this\n" - " unit is required or wanted\n\n" + " list-units [PATTERN...] List units currently in memory\n" + " list-sockets [PATTERN...] List socket units currently in memory,\n" + " ordered by address\n" + " list-timers [PATTERN...] List timer units currently in memory,\n" + " ordered by next elapse\n" + " start UNIT... Start (activate) one or more units\n" + " stop UNIT... Stop (deactivate) one or more units\n" + " reload UNIT... Reload one or more units\n" + " restart UNIT... Start or restart one or more units\n" + " try-restart UNIT... Restart one or more units if active\n" + " reload-or-restart UNIT... Reload one or more units if possible,\n" + " otherwise start or restart\n" + " try-reload-or-restart UNIT... If active, reload one or more units,\n" + " if supported, otherwise restart\n" + " isolate UNIT Start one unit and stop all others\n" + " kill UNIT... Send signal to processes of a unit\n" + " is-active PATTERN... Check whether units are active\n" + " is-failed PATTERN... Check whether units are failed\n" + " status [PATTERN...|PID...] Show runtime status of one or more units\n" + " show [PATTERN...|JOB...] Show properties of one or more\n" + " units/jobs or the manager\n" + " cat PATTERN... Show files and drop-ins of specified units\n" + " set-property UNIT PROPERTY=VALUE... Sets one or more properties of a unit\n" + " help PATTERN...|PID... Show manual for one or more units\n" + " reset-failed [PATTERN...] Reset failed state for all, one, or more\n" + " units\n" + " list-dependencies [UNIT] Recursively show units which are required\n" + " or wanted by this unit or by which this\n" + " unit is required or wanted\n\n" "Unit File Commands:\n" - " list-unit-files [PATTERN...] List installed unit files\n" - " enable [NAME...|PATH...] Enable one or more unit files\n" - " disable NAME... Disable one or more unit files\n" - " reenable NAME... Reenable one or more unit files\n" - " preset NAME... Enable/disable one or more unit files\n" - " based on preset configuration\n" - " preset-all Enable/disable all unit files based on\n" - " preset configuration\n" - " is-enabled NAME... Check whether unit files are enabled\n" - " mask NAME... Mask one or more units\n" - " unmask NAME... Unmask one or more units\n" - " link PATH... Link one or more units files into\n" - " the search path\n" - " revert NAME... Revert one or more unit files to vendor\n" - " version\n" - " add-wants TARGET NAME... Add 'Wants' dependency for the target\n" - " on specified one or more units\n" - " add-requires TARGET NAME... Add 'Requires' dependency for the target\n" - " on specified one or more units\n" - " edit NAME... Edit one or more unit files\n" - " get-default Get the name of the default target\n" - " set-default NAME Set the default target\n\n" + " list-unit-files [PATTERN...] List installed unit files\n" + " enable [UNIT...|PATH...] Enable one or more unit files\n" + " disable UNIT... Disable one or more unit files\n" + " reenable UNIT... Reenable one or more unit files\n" + " preset UNIT... Enable/disable one or more unit files\n" + " based on preset configuration\n" + " preset-all Enable/disable all unit files based on\n" + " preset configuration\n" + " is-enabled UNIT... Check whether unit files are enabled\n" + " mask UNIT... Mask one or more units\n" + " unmask UNIT... Unmask one or more units\n" + " link PATH... Link one or more units files into\n" + " the search path\n" + " revert UNIT... Revert one or more unit files to vendor\n" + " version\n" + " add-wants TARGET UNIT... Add 'Wants' dependency for the target\n" + " on specified one or more units\n" + " add-requires TARGET UNIT... Add 'Requires' dependency for the target\n" + " on specified one or more units\n" + " edit UNIT... Edit one or more unit files\n" + " get-default Get the name of the default target\n" + " set-default TARGET Set the default target\n\n" "Machine Commands:\n" - " list-machines [PATTERN...] List local containers and host\n\n" + " list-machines [PATTERN...] List local containers and host\n\n" "Job Commands:\n" - " list-jobs [PATTERN...] List jobs\n" - " cancel [JOB...] Cancel all, one, or more jobs\n\n" + " list-jobs [PATTERN...] List jobs\n" + " cancel [JOB...] Cancel all, one, or more jobs\n\n" "Environment Commands:\n" - " show-environment Dump environment\n" - " set-environment NAME=VALUE... Set one or more environment variables\n" - " unset-environment NAME... Unset one or more environment variables\n" - " import-environment [NAME...] Import all or some environment variables\n\n" + " show-environment Dump environment\n" + " set-environment VARIABLE=VALUE... Set one or more environment variables\n" + " unset-environment VARIABLE... Unset one or more environment variables\n" + " import-environment [VARIABLE...] Import all or some environment variables\n\n" "Manager Lifecycle Commands:\n" - " daemon-reload Reload systemd manager configuration\n" - " daemon-reexec Reexecute systemd manager\n\n" + " daemon-reload Reload systemd manager configuration\n" + " daemon-reexec Reexecute systemd manager\n\n" "System Commands:\n" - " is-system-running Check whether system is fully running\n" - " default Enter system default mode\n" - " rescue Enter system rescue mode\n" - " emergency Enter system emergency mode\n" - " halt Shut down and halt the system\n" - " poweroff Shut down and power-off the system\n" - " reboot [ARG] Shut down and reboot the system\n" - " kexec Shut down and reboot the system with kexec\n" - " exit [EXIT_CODE] Request user instance or container exit\n" - " switch-root ROOT [INIT] Change to a different root file system\n" - " suspend Suspend the system\n" - " hibernate Hibernate the system\n" - " hybrid-sleep Hibernate and suspend the system\n", + " is-system-running Check whether system is fully running\n" + " default Enter system default mode\n" + " rescue Enter system rescue mode\n" + " emergency Enter system emergency mode\n" + " halt Shut down and halt the system\n" + " poweroff Shut down and power-off the system\n" + " reboot [ARG] Shut down and reboot the system\n" + " kexec Shut down and reboot the system with kexec\n" + " exit [EXIT_CODE] Request user instance or container exit\n" + " switch-root ROOT [INIT] Change to a different root file system\n" + " suspend Suspend the system\n" + " hibernate Hibernate the system\n" + " hybrid-sleep Hibernate and suspend the system\n", program_invocation_short_name); } @@ -7467,7 +7488,6 @@ static int systemctl_parse_argv(int argc, char *argv[]) { ARG_NO_ASK_PASSWORD, ARG_FAILED, ARG_RUNTIME, - ARG_FORCE, ARG_PLAIN, ARG_STATE, ARG_JOB_MODE, @@ -7507,7 +7527,7 @@ static int systemctl_parse_argv(int argc, char *argv[]) { { "dry-run", no_argument, NULL, ARG_DRY_RUN }, { "quiet", no_argument, NULL, 'q' }, { "root", required_argument, NULL, ARG_ROOT }, - { "force", no_argument, NULL, ARG_FORCE }, + { "force", no_argument, NULL, 'f' }, { "no-reload", no_argument, NULL, ARG_NO_RELOAD }, { "kill-who", required_argument, NULL, ARG_KILL_WHO }, { "signal", required_argument, NULL, 's' }, @@ -7722,10 +7742,6 @@ static int systemctl_parse_argv(int argc, char *argv[]) { arg_quiet = true; break; - case ARG_FORCE: - arg_force++; - break; - case 'f': arg_force++; break; @@ -8252,28 +8268,43 @@ static int parse_argv(int argc, char *argv[]) { if (strstr(program_invocation_short_name, "halt")) { arg_action = ACTION_HALT; return halt_parse_argv(argc, argv); + } else if (strstr(program_invocation_short_name, "poweroff")) { arg_action = ACTION_POWEROFF; return halt_parse_argv(argc, argv); + } else if (strstr(program_invocation_short_name, "reboot")) { if (kexec_loaded()) arg_action = ACTION_KEXEC; else arg_action = ACTION_REBOOT; return halt_parse_argv(argc, argv); + } else if (strstr(program_invocation_short_name, "shutdown")) { arg_action = ACTION_POWEROFF; return shutdown_parse_argv(argc, argv); + } else if (strstr(program_invocation_short_name, "init")) { + /* Matches invocations as "init" as well as "telinit", which are synonymous when run as PID != + * 1 on SysV. + * + * On SysV "telinit" was the official command to communicate with PID 1, but "init" would + * redirect itself to "telinit" if called with PID != 1. We follow the same logic here still, + * though we add one level of indirection, as we implement "telinit" in "systemctl". Hence, for + * us if you invoke "init" you get "systemd", but it will execve() "systemctl" immediately with + * argv[] unmodified if PID is != 1. If you invoke "telinit" you directly get "systemctl". In + * both cases we shall do the same thing, which is why we do strstr(p_i_s_n, "init") here, as a + * quick way to match both. + * + * Also see redirect_telinit() in src/core/main.c. */ + if (sd_booted() > 0) { arg_action = _ACTION_INVALID; return telinit_parse_argv(argc, argv); } else { - /* Hmm, so some other init system is - * running, we need to forward this - * request to it. For now we simply - * guess that it is Upstart. */ + /* Hmm, so some other init system is running, we need to forward this request to + * it. For now we simply guess that it is Upstart. */ execv(TELINIT, argv); @@ -8452,11 +8483,9 @@ static int start_with_fallback(void) { } static int halt_now(enum action a) { - int r; - /* The kernel will automaticall flush ATA disks and suchlike - * on reboot(), but the file systems need to be synce'd - * explicitly in advance. */ + /* The kernel will automatically flush ATA disks and suchlike on reboot(), but the file systems need to be + * synce'd explicitly in advance. */ if (!arg_no_sync && !arg_dry_run) (void) sync(); @@ -8483,30 +8512,10 @@ static int halt_now(enum action a) { return -errno; case ACTION_KEXEC: - case ACTION_REBOOT: { - _cleanup_free_ char *param = NULL; - - r = read_one_line_file("/run/systemd/reboot-param", ¶m); - if (r < 0 && r != -ENOENT) - log_warning_errno(r, "Failed to read reboot parameter file: %m"); - - if (!isempty(param)) { - if (!arg_quiet) - log_info("Rebooting with argument '%s'.", param); - if (!arg_dry_run) { - (void) syscall(SYS_reboot, LINUX_REBOOT_MAGIC1, LINUX_REBOOT_MAGIC2, - LINUX_REBOOT_CMD_RESTART2, param); - log_warning_errno(errno, "Failed to reboot with parameter, retrying without: %m"); - } - } - - if (!arg_quiet) - log_info("Rebooting."); - if (arg_dry_run) - return 0; - (void) reboot(RB_AUTOBOOT); - return -errno; - } + case ACTION_REBOOT: + return reboot_with_parameter(REBOOT_FALLBACK | + (arg_quiet ? 0 : REBOOT_LOG) | + (arg_dry_run ? REBOOT_DRY_RUN : 0)); default: assert_not_reached("Unknown action."); diff --git a/src/systemctl/systemd-sysv-install.SKELETON b/src/systemctl/systemd-sysv-install.SKELETON index a53a3e6221..8c16cf9991 100755 --- a/src/systemctl/systemd-sysv-install.SKELETON +++ b/src/systemctl/systemd-sysv-install.SKELETON @@ -11,6 +11,8 @@ usage() { exit 1 } +unset ROOT + # parse options eval set -- "$(getopt -o r: --long root: -- "$@")" while true; do diff --git a/src/systemd/sd-bus.h b/src/systemd/sd-bus.h index 82e7d445d2..fff6798d0f 100644 --- a/src/systemd/sd-bus.h +++ b/src/systemd/sd-bus.h @@ -202,6 +202,9 @@ int sd_bus_attach_event(sd_bus *bus, sd_event *e, int priority); int sd_bus_detach_event(sd_bus *bus); sd_event *sd_bus_get_event(sd_bus *bus); +int sd_bus_get_n_queued_read(sd_bus *bus, uint64_t *ret); +int sd_bus_get_n_queued_write(sd_bus *bus, uint64_t *ret); + int sd_bus_add_filter(sd_bus *bus, sd_bus_slot **slot, sd_bus_message_handler_t callback, void *userdata); int sd_bus_add_match(sd_bus *bus, sd_bus_slot **slot, const char *match, sd_bus_message_handler_t callback, void *userdata); int sd_bus_add_match_async(sd_bus *bus, sd_bus_slot **slot, const char *match, sd_bus_message_handler_t callback, sd_bus_message_handler_t install_callback, void *userdata); diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index e06b4b6d5b..cd273ef2c9 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -59,12 +59,18 @@ typedef struct Item { char *gid_path; char *description; char *home; + char *shell; gid_t gid; uid_t uid; bool gid_set:1; - bool gid_must_exist:1; + + /* When set the group with the specified gid must exist + * and the check if a uid clashes with the gid is skipped. + */ + bool id_set_strict:1; + bool uid_set:1; bool todo_user:1; @@ -72,6 +78,8 @@ typedef struct Item { } Item; static char *arg_root = NULL; +static const char *arg_replace = NULL; +static bool arg_inline = false; static const char conf_file_dirs[] = CONF_PATHS_NULSTR("sysusers.d"); @@ -381,6 +389,10 @@ static int rename_and_apply_smack(const char *temp_path, const char *dest_path) return r; } +static const char* default_shell(uid_t uid) { + return uid == 0 ? "/bin/sh" : "/sbin/nologin"; +} + static int write_temporary_passwd(const char *passwd_path, FILE **tmpfile, char **tmpfile_path) { _cleanup_fclose_ FILE *original = NULL, *passwd = NULL; _cleanup_(unlink_and_freep) char *passwd_tmp = NULL; @@ -448,7 +460,7 @@ static int write_temporary_passwd(const char *passwd_path, FILE **tmpfile, char /* Initialize the shell to nologin, with one exception: * for root we patch in something special */ - .pw_shell = i->uid == 0 ? (char*) "/bin/sh" : (char*) "/sbin/nologin", + .pw_shell = i->shell ?: (char*) default_shell(i->uid), }; errno = 0; @@ -801,7 +813,7 @@ static int write_files(void) { return 0; } -static int uid_is_ok(uid_t uid, const char *name) { +static int uid_is_ok(uid_t uid, const char *name, bool check_with_gid) { struct passwd *p; struct group *g; const char *n; @@ -813,17 +825,21 @@ static int uid_is_ok(uid_t uid, const char *name) { /* Try to avoid using uids that are already used by a group * that doesn't have the same name as our new user. */ - i = ordered_hashmap_get(todo_gids, GID_TO_PTR(uid)); - if (i && !streq(i->name, name)) - return 0; + if (check_with_gid) { + i = ordered_hashmap_get(todo_gids, GID_TO_PTR(uid)); + if (i && !streq(i->name, name)) + return 0; + } /* Let's check the files directly */ if (hashmap_contains(database_uid, UID_TO_PTR(uid))) return 0; - n = hashmap_get(database_gid, GID_TO_PTR(uid)); - if (n && !streq(n, name)) - return 0; + if (check_with_gid) { + n = hashmap_get(database_gid, GID_TO_PTR(uid)); + if (n && !streq(n, name)) + return 0; + } /* Let's also check via NSS, to avoid UID clashes over LDAP and such, just in case */ if (!arg_root) { @@ -834,13 +850,15 @@ static int uid_is_ok(uid_t uid, const char *name) { if (!IN_SET(errno, 0, ENOENT)) return -errno; - errno = 0; - g = getgrgid((gid_t) uid); - if (g) { - if (!streq(g->gr_name, name)) - return 0; - } else if (!IN_SET(errno, 0, ENOENT)) - return -errno; + if (check_with_gid) { + errno = 0; + g = getgrgid((gid_t) uid); + if (g) { + if (!streq(g->gr_name, name)) + return 0; + } else if (!IN_SET(errno, 0, ENOENT)) + return -errno; + } } return 1; @@ -952,7 +970,7 @@ static int add_user(Item *i) { /* Try to use the suggested numeric uid */ if (i->uid_set) { - r = uid_is_ok(i->uid, i->name); + r = uid_is_ok(i->uid, i->name, !i->id_set_strict); if (r < 0) return log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid); if (r == 0) { @@ -970,7 +988,7 @@ static int add_user(Item *i) { if (c <= 0 || !uid_range_contains(uid_range, n_uid_range, c)) log_debug("User ID " UID_FMT " of file not suitable for %s.", c, i->name); else { - r = uid_is_ok(c, i->name); + r = uid_is_ok(c, i->name, true); if (r < 0) return log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid); else if (r > 0) { @@ -984,7 +1002,7 @@ static int add_user(Item *i) { /* Otherwise, try to reuse the group ID */ if (!i->uid_set && i->gid_set) { - r = uid_is_ok((uid_t) i->gid, i->name); + r = uid_is_ok((uid_t) i->gid, i->name, true); if (r < 0) return log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid); if (r > 0) { @@ -1002,7 +1020,7 @@ static int add_user(Item *i) { return r; } - r = uid_is_ok(search_uid, i->name); + r = uid_is_ok(search_uid, i->name, true); if (r < 0) return log_error_errno(r, "Failed to verify uid " UID_FMT ": %m", i->uid); else if (r > 0) @@ -1099,7 +1117,7 @@ static int add_group(Item *i) { r = gid_is_ok(i->gid); if (r < 0) return log_error_errno(r, "Failed to verify gid " GID_FMT ": %m", i->gid); - if (i->gid_must_exist) { + if (i->id_set_strict) { /* If we require the gid to already exist we can return here: * r > 0: means the gid does not exist -> fail * r == 0: means the gid exists -> nothing more to do. @@ -1191,12 +1209,25 @@ static int process_item(Item *i) { switch (i->type) { - case ADD_USER: - r = add_group(i); - if (r < 0) - return r; + case ADD_USER: { + Item *j; + + j = ordered_hashmap_get(groups, i->name); + if (j && j->todo_group) { + /* When the group with the same name is already in queue, + * use the information about the group and do not create + * duplicated group entry. */ + i->gid_set = j->gid_set; + i->gid = j->gid; + i->id_set_strict = true; + } else { + r = add_group(i); + if (r < 0) + return r; + } return add_user(i); + } case ADD_GROUP: return add_group(i); @@ -1216,6 +1247,7 @@ static void item_free(Item *i) { free(i->gid_path); free(i->description); free(i->home); + free(i->shell); free(i); } @@ -1227,40 +1259,11 @@ static int add_implicit(void) { int r; /* Implicitly create additional users and groups, if they were listed in "m" lines */ - ORDERED_HASHMAP_FOREACH_KEY(l, g, members, iterator) { - Item *i; char **m; - i = ordered_hashmap_get(groups, g); - if (!i) { - _cleanup_(item_freep) Item *j = NULL; - - r = ordered_hashmap_ensure_allocated(&groups, &string_hash_ops); - if (r < 0) - return log_oom(); - - j = new0(Item, 1); - if (!j) - return log_oom(); - - j->type = ADD_GROUP; - j->name = strdup(g); - if (!j->name) - return log_oom(); - - r = ordered_hashmap_put(groups, j->name, j); - if (r < 0) - return log_oom(); - - log_debug("Adding implicit group '%s' due to m line", j->name); - j = NULL; - } - - STRV_FOREACH(m, l) { - - i = ordered_hashmap_get(users, *m); - if (!i) { + STRV_FOREACH(m, l) + if (!ordered_hashmap_get(users, *m)) { _cleanup_(item_freep) Item *j = NULL; r = ordered_hashmap_ensure_allocated(&users, &string_hash_ops); @@ -1283,6 +1286,30 @@ static int add_implicit(void) { log_debug("Adding implicit user '%s' due to m line", j->name); j = NULL; } + + if (!(ordered_hashmap_get(users, g) || + ordered_hashmap_get(groups, g))) { + _cleanup_(item_freep) Item *j = NULL; + + r = ordered_hashmap_ensure_allocated(&groups, &string_hash_ops); + if (r < 0) + return log_oom(); + + j = new0(Item, 1); + if (!j) + return log_oom(); + + j->type = ADD_GROUP; + j->name = strdup(g); + if (!j->name) + return log_oom(); + + r = ordered_hashmap_put(groups, j->name, j); + if (r < 0) + return log_oom(); + + log_debug("Adding implicit group '%s' due to m line", j->name); + j = NULL; } } @@ -1323,6 +1350,9 @@ static bool item_equal(Item *a, Item *b) { if (!streq_ptr(a->home, b->home)) return false; + if (!streq_ptr(a->shell, b->shell)) + return false; + return true; } @@ -1336,7 +1366,12 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { {} }; - _cleanup_free_ char *action = NULL, *name = NULL, *id = NULL, *resolved_name = NULL, *resolved_id = NULL, *description = NULL, *home = NULL; + _cleanup_free_ char *action = NULL, + *name = NULL, *resolved_name = NULL, + *id = NULL, *resolved_id = NULL, + *description = NULL, + *home = NULL, + *shell, *resolved_shell = NULL; _cleanup_(item_freep) Item *i = NULL; Item *existing; OrderedHashmap *h; @@ -1349,7 +1384,8 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { /* Parse columns */ p = buffer; - r = extract_many_words(&p, NULL, EXTRACT_QUOTES, &action, &name, &id, &description, &home, NULL); + r = extract_many_words(&p, NULL, EXTRACT_QUOTES, + &action, &name, &id, &description, &home, &shell, NULL); if (r < 0) { log_error("[%s:%u] Syntax error.", fname, line); return r; @@ -1425,6 +1461,24 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { } } + /* Verify shell */ + if (isempty(shell) || streq(shell, "-")) + shell = mfree(shell); + + if (shell) { + r = specifier_printf(shell, specifier_table, NULL, &resolved_shell); + if (r < 0) { + log_error("[%s:%u] Failed to replace specifiers: %s", fname, line, shell); + return r; + } + + if (!valid_shell(resolved_shell)) { + log_error("[%s:%u] '%s' is not a valid login shell field.", fname, line, resolved_shell); + return -EINVAL; + } + } + + switch (action[0]) { case ADD_RANGE: @@ -1438,13 +1492,10 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { return -EINVAL; } - if (description) { - log_error("[%s:%u] Lines of type 'r' don't take a GECOS field.", fname, line); - return -EINVAL; - } - - if (home) { - log_error("[%s:%u] Lines of type 'r' don't take a home directory field.", fname, line); + if (description || home || shell) { + log_error("[%s:%u] Lines of type '%c' don't take a %s field.", + fname, line, action[0], + description ? "GECOS" : home ? "home directory" : "login shell"); return -EINVAL; } @@ -1475,13 +1526,10 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { return -EINVAL; } - if (description) { - log_error("[%s:%u] Lines of type 'm' don't take a GECOS field.", fname, line); - return -EINVAL; - } - - if (home) { - log_error("[%s:%u] Lines of type 'm' don't take a home directory field.", fname, line); + if (description || home || shell) { + log_error("[%s:%u] Lines of type '%c' don't take a %s field.", + fname, line, action[0], + description ? "GECOS" : home ? "home directory" : "login shell"); return -EINVAL; } @@ -1548,14 +1596,15 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { if (r < 0) return log_error_errno(r, "Failed to parse GID: '%s': %m", id); i->gid_set = true; - i->gid_must_exist = true; + i->id_set_strict = true; free_and_replace(resolved_id, uid); } - r = parse_uid(resolved_id, &i->uid); - if (r < 0) - return log_error_errno(r, "Failed to parse UID: '%s': %m", id); - - i->uid_set = true; + if (!streq(resolved_id, "-")) { + r = parse_uid(resolved_id, &i->uid); + if (r < 0) + return log_error_errno(r, "Failed to parse UID: '%s': %m", id); + i->uid_set = true; + } } } @@ -1565,6 +1614,9 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { i->home = home; home = NULL; + i->shell = resolved_shell; + resolved_shell = NULL; + h = users; break; @@ -1574,13 +1626,10 @@ static int parse_line(const char *fname, unsigned line, const char *buffer) { return -EINVAL; } - if (description) { - log_error("[%s:%u] Lines of type 'g' don't take a GECOS field.", fname, line); - return -EINVAL; - } - - if (home) { - log_error("[%s:%u] Lines of type 'g' don't take a home directory field.", fname, line); + if (description || home || shell) { + log_error("[%s:%u] Lines of type '%c' don't take a %s field.", + fname, line, action[0], + description ? "GECOS" : home ? "home directory" : "login shell"); return -EINVAL; } @@ -1710,6 +1759,8 @@ static void help(void) { " -h --help Show this help\n" " --version Show package version\n" " --root=PATH Operate on an alternate filesystem root\n" + " --replace=PATH Treat arguments as replacement for PATH\n" + " --inline Treat arguments as configuration lines\n" , program_invocation_short_name); } @@ -1718,12 +1769,16 @@ static int parse_argv(int argc, char *argv[]) { enum { ARG_VERSION = 0x100, ARG_ROOT, + ARG_REPLACE, + ARG_INLINE, }; static const struct option options[] = { { "help", no_argument, NULL, 'h' }, { "version", no_argument, NULL, ARG_VERSION }, { "root", required_argument, NULL, ARG_ROOT }, + { "replace", required_argument, NULL, ARG_REPLACE }, + { "inline", no_argument, NULL, ARG_INLINE }, {} }; @@ -1749,6 +1804,20 @@ static int parse_argv(int argc, char *argv[]) { return r; break; + case ARG_REPLACE: + if (!path_is_absolute(optarg) || + !endswith(optarg, ".conf")) { + log_error("The argument to --replace= must an absolute path to a config file"); + return -EINVAL; + } + + arg_replace = optarg; + break; + + case ARG_INLINE: + arg_inline = true; + break; + case '?': return -EINVAL; @@ -1756,14 +1825,76 @@ static int parse_argv(int argc, char *argv[]) { assert_not_reached("Unhandled option"); } + if (arg_replace && optind >= argc) { + log_error("When --replace= is given, some configuration items must be specified"); + return -EINVAL; + } + return 1; } +static int parse_arguments(char **args) { + char **arg; + unsigned pos = 1; + int r; + + STRV_FOREACH(arg, args) { + if (arg_inline) + /* Use (argument):n, where n==1 for the first positional arg */ + r = parse_line("(argument)", pos, *arg); + else + r = read_config_file(*arg, false); + if (r < 0) + return r; + + pos++; + } + + return 0; +} + +static int read_config_files(const char* dirs, char **args) { + _cleanup_strv_free_ char **files = NULL; + _cleanup_free_ char *p = NULL; + char **f; + int r; + + r = conf_files_list_nulstr(&files, ".conf", arg_root, 0, dirs); + if (r < 0) + return log_error_errno(r, "Failed to enumerate sysusers.d files: %m"); + + if (arg_replace) { + r = conf_files_insert_nulstr(&files, arg_root, dirs, arg_replace); + if (r < 0) + return log_error_errno(r, "Failed to extend sysusers.d file list: %m"); + + p = path_join(arg_root, arg_replace, NULL); + if (!p) + return log_oom(); + } + + STRV_FOREACH(f, files) + if (p && path_equal(*f, p)) { + log_debug("Parsing arguments at position \"%s\"…", *f); + + r = parse_arguments(args); + if (r < 0) + return r; + } else { + log_debug("Reading config file \"%s\"…", *f); + + /* Just warn, ignore result otherwise */ + (void) read_config_file(*f, true); + } + + return 0; +} + int main(int argc, char *argv[]) { _cleanup_close_ int lock = -1; Iterator iterator; - int r, k; + int r; Item *i; char *n; @@ -1783,30 +1914,18 @@ int main(int argc, char *argv[]) { goto finish; } - if (optind < argc) { - int j; - - for (j = optind; j < argc; j++) { - k = read_config_file(argv[j], false); - if (k < 0 && r == 0) - r = k; - } - } else { - _cleanup_strv_free_ char **files = NULL; - char **f; - - r = conf_files_list_nulstr(&files, ".conf", arg_root, 0, conf_file_dirs); - if (r < 0) { - log_error_errno(r, "Failed to enumerate sysusers.d files: %m"); - goto finish; - } - - STRV_FOREACH(f, files) { - k = read_config_file(*f, true); - if (k < 0 && r == 0) - r = k; - } - } + /* If command line arguments are specified along with --replace, read all + * configuration files and insert the positional arguments at the specified + * place. Otherwise, if command line arguments are specified, execute just + * them, and finally, without --replace= or any positional arguments, just + * read configuration and execute it. + */ + if (arg_replace || optind >= argc) + r = read_config_files(conf_file_dirs, argv + optind); + else + r = parse_arguments(argv + optind); + if (r < 0) + goto finish; /* Let's tell nss-systemd not to synthesize the "root" and "nobody" entries for it, so that our detection * whether the names or UID/GID area already used otherwise doesn't get confused. After all, even though @@ -1819,7 +1938,7 @@ int main(int argc, char *argv[]) { } if (!uid_range) { - /* Default to default range of 1..SYSTEMD_UID_MAX */ + /* Default to default range of 1..SYSTEM_UID_MAX */ r = uid_range_add(&uid_range, &n_uid_range, 1, SYSTEM_UID_MAX); if (r < 0) { log_oom(); @@ -1833,7 +1952,7 @@ int main(int argc, char *argv[]) { lock = take_etc_passwd_lock(arg_root); if (lock < 0) { - log_error_errno(lock, "Failed to take lock: %m"); + log_error_errno(lock, "Failed to take /etc/passwd lock: %m"); goto finish; } diff --git a/src/test/meson.build b/src/test/meson.build index 1db8aa107d..4f28ef8722 100644 --- a/src/test/meson.build +++ b/src/test/meson.build @@ -643,6 +643,11 @@ tests += [ [], []], + [['src/test/test-gcrypt-util.c'], + [], + [], + 'HAVE_GCRYPT'], + [['src/test/test-nss.c'], [], [libdl], diff --git a/src/test/test-ask-password-api.c b/src/test/test-ask-password-api.c index da44465821..562a774531 100644 --- a/src/test/test-ask-password-api.c +++ b/src/test/test-ask-password-api.c @@ -26,7 +26,7 @@ static void ask_password(void) { int r; _cleanup_free_ char *ret; - r = ask_password_tty("hello?", "da key", 0, 0, NULL, &ret); + r = ask_password_tty(-1, "hello?", "da key", 0, 0, NULL, &ret); assert(r >= 0); log_info("Got %s", ret); diff --git a/src/test/test-bpf.c b/src/test/test-bpf.c index 361cf100be..6ca2be41b0 100644 --- a/src/test/test-bpf.c +++ b/src/test/test-bpf.c @@ -71,12 +71,17 @@ int main(int argc, char *argv[]) { } r = bpf_firewall_supported(); - if (r == 0) { + if (r == BPF_FIREWALL_UNSUPPORTED) { log_notice("BPF firewalling not supported, skipping"); return EXIT_TEST_SKIP; } assert_se(r > 0); + if (r == BPF_FIREWALL_SUPPORTED_WITH_MULTI) + log_notice("BPF firewalling with BPF_F_ALLOW_MULTI supported. Yay!"); + else + log_notice("BPF firewalling (though without BPF_F_ALLOW_MULTI) supported. Good."); + r = bpf_program_load_kernel(p, log_buf, ELEMENTSOF(log_buf)); assert(r >= 0); diff --git a/src/test/test-cgroup-util.c b/src/test/test-cgroup-util.c index 2248a30635..c4163fc3a9 100644 --- a/src/test/test-cgroup-util.c +++ b/src/test/test-cgroup-util.c @@ -30,6 +30,7 @@ #include "special.h" #include "stat-util.h" #include "string-util.h" +#include "strv.h" #include "test-helper.h" #include "user-util.h" #include "util.h" @@ -404,6 +405,45 @@ static void test_cg_tests(void) { assert_se(!systemd); } +static void test_cg_get_keyed_attribute(void) { + _cleanup_free_ char *val = NULL; + char *vals3[3] = {}, *vals3a[3] = {}; + int i; + + assert_se(cg_get_keyed_attribute("cpu", "/init.scope", "no_such_file", STRV_MAKE("no_such_attr"), &val) == -ENOENT); + assert_se(val == NULL); + + if (access("/sys/fs/cgroup/init.scope/cpu.stat", R_OK) < 0) { + log_info_errno(errno, "Skipping most of %s, /init.scope/cpu.stat not accessible: %m", __func__); + return; + } + + assert_se(cg_get_keyed_attribute("cpu", "/init.scope", "cpu.stat", STRV_MAKE("no_such_attr"), &val) == -ENXIO); + assert_se(val == NULL); + + assert_se(cg_get_keyed_attribute("cpu", "/init.scope", "cpu.stat", STRV_MAKE("usage_usec"), &val) == 0); + log_info("cpu /init.scope cpu.stat [usage_usec] → \"%s\"", val); + + assert_se(cg_get_keyed_attribute("cpu", "/init.scope", "cpu.stat", STRV_MAKE("usage_usec", "no_such_attr"), vals3) == -ENXIO); + + assert_se(cg_get_keyed_attribute("cpu", "/init.scope", "cpu.stat", STRV_MAKE("usage_usec", "usage_usec"), vals3) == -ENXIO); + + assert_se(cg_get_keyed_attribute("cpu", "/init.scope", "cpu.stat", + STRV_MAKE("usage_usec", "user_usec", "system_usec"), vals3) == 0); + log_info("cpu /init.scope cpu.stat [usage_usec user_usec system_usec] → \"%s\", \"%s\", \"%s\"", + vals3[0], vals3[1], vals3[2]); + + assert_se(cg_get_keyed_attribute("cpu", "/init.scope", "cpu.stat", + STRV_MAKE("system_usec", "user_usec", "usage_usec"), vals3a) == 0); + log_info("cpu /init.scope cpu.stat [system_usec user_usec usage_usec] → \"%s\", \"%s\", \"%s\"", + vals3a[0], vals3a[1], vals3a[2]); + + for (i = 0; i < 3; i++) { + free(vals3[i]); + free(vals3a[i]); + } +} + int main(void) { log_set_max_level(LOG_DEBUG); log_parse_environment(); @@ -429,6 +469,7 @@ int main(void) { test_is_wanted_print(false); /* run twice to test caching */ test_is_wanted(); test_cg_tests(); + test_cg_get_keyed_attribute(); return 0; } diff --git a/src/test/test-conf-parser.c b/src/test/test-conf-parser.c index 770bb9600f..72c53ab6a0 100644 --- a/src/test/test-conf-parser.c +++ b/src/test/test-conf-parser.c @@ -226,6 +226,45 @@ static void test_config_parse_iec_uint64(void) { assert_se(config_parse_iec_uint64(NULL, "/this/file", 11, "Section", 22, "Size", 0, "4.5M", &offset, NULL) == 0); } +static void test_config_parse_join_controllers(void) { + int r; + _cleanup_(strv_free_freep) char ***c = NULL; + char ***c2; + + /* Test normal operation */ + r = config_parse_join_controllers(NULL, "example.conf", 11, "Section", 10, "JoinControllers", 0, "cpu,cpuacct net_cls,netprio", &c, NULL); + assert_se(r == 0); + assert_se(c); + assert_se(strv_length(c[0]) == 2); + assert_se(strv_equal(c[0], STRV_MAKE("cpu", "cpuacct"))); + assert_se(strv_length(c[1]) == 2); + assert_se(strv_equal(c[1], STRV_MAKE("net_cls", "netprio"))); + assert_se(c[2] == NULL); + + /* Test special case of no mounted controllers */ + r = config_parse_join_controllers(NULL, "example.conf", 12, "Section", 10, "JoinControllers", 0, "", &c, NULL); + assert_se(r == 0); + assert_se(c); + assert_se(strv_equal(c[0], STRV_MAKE_EMPTY)); + assert_se(c[1] == NULL); + + /* Test merging of overlapping lists */ + r = config_parse_join_controllers(NULL, "example.conf", 13, "Section", 10, "JoinControllers", 0, "a,b b,c", &c, NULL); + assert_se(r == 0); + assert_se(c); + assert_se(strv_length(c[0]) == 3); + assert_se(strv_contains(c[0], "a")); + assert_se(strv_contains(c[0], "b")); + assert_se(strv_contains(c[0], "c")); + assert_se(c[1] == NULL); + + /* Test ignoring of bad lines */ + c2 = c; + r = config_parse_join_controllers(NULL, "example.conf", 14, "Section", 10, "JoinControllers", 0, "a,\"b ", &c, NULL); + assert_se(r < 0); + assert_se(c == c2); +} + #define x10(x) x x x x x x x x x x #define x100(x) x10(x10(x)) #define x1000(x) x10(x100(x)) @@ -365,6 +404,7 @@ int main(int argc, char **argv) { test_config_parse_sec(); test_config_parse_nsec(); test_config_parse_iec_uint64(); + test_config_parse_join_controllers(); for (i = 0; i < ELEMENTSOF(config_file); i++) test_config_parse(i, config_file[i]); diff --git a/src/test/test-copy.c b/src/test/test-copy.c index d277b78c5b..1dde878a9e 100644 --- a/src/test/test-copy.c +++ b/src/test/test-copy.c @@ -146,7 +146,7 @@ static void test_copy_tree(void) { assert_se((f = strjoin(original_dir, *p))); assert_se((l = strjoin(copy_dir, *link))); - assert_se(readlink_and_canonicalize(l, NULL, &target) == 0); + assert_se(chase_symlinks(l, NULL, 0, &target) == 1); assert_se(path_equal(f, target)); } diff --git a/src/test/test-execute.c b/src/test/test-execute.c index fba798e22b..645e0b3d47 100644 --- a/src/test/test-execute.c +++ b/src/test/test-execute.c @@ -24,6 +24,7 @@ #include <sys/prctl.h> #include <sys/types.h> +#include "capability-util.h" #include "cpu-set-util.h" #include "errno-list.h" #include "fileio.h" @@ -40,6 +41,7 @@ #include "test-helper.h" #include "tests.h" #include "unit.h" +#include "user-util.h" #include "util.h" #include "virt.h" @@ -75,6 +77,51 @@ static void check(Manager *m, Unit *unit, int status_expected, int code_expected assert_se(service->main_exec_status.code == code_expected); } +static bool check_nobody_user_and_group(void) { + static int cache = -1; + struct passwd *p; + struct group *g; + + if (cache >= 0) + return !!cache; + + if (!synthesize_nobody()) + goto invalid; + + p = getpwnam(NOBODY_USER_NAME); + if (!p || + !streq(p->pw_name, NOBODY_USER_NAME) || + p->pw_uid != UID_NOBODY || + p->pw_gid != GID_NOBODY) + goto invalid; + + p = getpwuid(UID_NOBODY); + if (!p || + !streq(p->pw_name, NOBODY_USER_NAME) || + p->pw_uid != UID_NOBODY || + p->pw_gid != GID_NOBODY) + goto invalid; + + g = getgrnam(NOBODY_GROUP_NAME); + if (!g || + !streq(g->gr_name, NOBODY_GROUP_NAME) || + g->gr_gid != GID_NOBODY) + goto invalid; + + g = getgrgid(GID_NOBODY); + if (!g || + !streq(g->gr_name, NOBODY_GROUP_NAME) || + g->gr_gid != GID_NOBODY) + goto invalid; + + cache = 1; + return true; + +invalid: + cache = 0; + return false; +} + static bool is_inaccessible_available(void) { char *p; @@ -202,7 +249,7 @@ static void test_exec_privatedevices(Manager *m) { * properly set, so be sure that it exists */ r = find_binary("capsh", NULL); if (r < 0) { - log_error_errno(r, "Could not find capsh binary, skipping remaining tests in %s: %m", __func__); + log_notice_errno(r, "Could not find capsh binary, skipping remaining tests in %s: %m", __func__); return; } @@ -226,7 +273,7 @@ static void test_exec_protectkernelmodules(Manager *m) { r = find_binary("capsh", NULL); if (r < 0) { - log_error_errno(r, "Skipping %s, could not find capsh binary: %m", __func__); + log_notice_errno(r, "Skipping %s, could not find capsh binary: %m", __func__); return; } @@ -276,6 +323,14 @@ static void test_exec_inaccessiblepaths(Manager *m) { test(m, "exec-inaccessiblepaths-mount-propagation.service", 0, CLD_EXITED); } +static void test_exec_temporaryfilesystem(Manager *m) { + + test(m, "exec-temporaryfilesystem-options.service", 0, CLD_EXITED); + test(m, "exec-temporaryfilesystem-ro.service", 0, CLD_EXITED); + test(m, "exec-temporaryfilesystem-rw.service", 0, CLD_EXITED); + test(m, "exec-temporaryfilesystem-usr.service", 0, CLD_EXITED); +} + static void test_exec_systemcallfilter(Manager *m) { #if HAVE_SECCOMP if (!is_seccomp_available()) { @@ -324,33 +379,53 @@ static void test_exec_systemcallfilter_system(Manager *m) { log_notice("Seccomp not available, skipping %s", __func__); return; } - if (getpwnam("nobody")) - test(m, "exec-systemcallfilter-system-user.service", 0, CLD_EXITED); - else if (getpwnam("nfsnobody")) - test(m, "exec-systemcallfilter-system-user-nfsnobody.service", 0, CLD_EXITED); - else - log_error_errno(errno, "Skipping %s, could not find nobody/nfsnobody user: %m", __func__); + + test(m, "exec-systemcallfilter-system-user.service", 0, CLD_EXITED); + + if (!check_nobody_user_and_group()) { + log_notice("nobody user/group is not synthesized or may conflict to other entries, skipping remaining tests in %s", __func__); + return; + } + + if (!STR_IN_SET(NOBODY_USER_NAME, "nobody", "nfsnobody")) { + log_notice("Unsupported nobody user name '%s', skipping remaining tests in %s", NOBODY_USER_NAME, __func__); + return; + } + + test(m, "exec-systemcallfilter-system-user-" NOBODY_USER_NAME ".service", 0, CLD_EXITED); #endif } static void test_exec_user(Manager *m) { - if (getpwnam("nobody")) - test(m, "exec-user.service", 0, CLD_EXITED); - else if (getpwnam("nfsnobody")) - test(m, "exec-user-nfsnobody.service", 0, CLD_EXITED); - else - log_error_errno(errno, "Skipping %s, could not find nobody/nfsnobody user: %m", __func__); + test(m, "exec-user.service", 0, CLD_EXITED); + + if (!check_nobody_user_and_group()) { + log_notice("nobody user/group is not synthesized or may conflict to other entries, skipping remaining tests in %s", __func__); + return; + } + + if (!STR_IN_SET(NOBODY_USER_NAME, "nobody", "nfsnobody")) { + log_notice("Unsupported nobody user name '%s', skipping remaining tests in %s", NOBODY_USER_NAME, __func__); + return; + } + + test(m, "exec-user-" NOBODY_USER_NAME ".service", 0, CLD_EXITED); } static void test_exec_group(Manager *m) { - if (getgrnam("nobody")) - test(m, "exec-group.service", 0, CLD_EXITED); - else if (getgrnam("nfsnobody")) - test(m, "exec-group-nfsnobody.service", 0, CLD_EXITED); - else if (getgrnam("nogroup")) - test(m, "exec-group-nogroup.service", 0, CLD_EXITED); - else - log_error_errno(errno, "Skipping %s, could not find nobody/nfsnobody/nogroup group: %m", __func__); + test(m, "exec-group.service", 0, CLD_EXITED); + + if (!check_nobody_user_and_group()) { + log_notice("nobody user/group is not synthesized or may conflict to other entries, skipping remaining tests in %s", __func__); + return; + } + + if (!STR_IN_SET(NOBODY_GROUP_NAME, "nobody", "nfsnobody", "nogroup")) { + log_notice("Unsupported nobody group name '%s', skipping remaining tests in %s", NOBODY_GROUP_NAME, __func__); + return; + } + + test(m, "exec-group-" NOBODY_GROUP_NAME ".service", 0, CLD_EXITED); } static void test_exec_supplementarygroups(Manager *m) { @@ -434,12 +509,19 @@ static void test_exec_umask(Manager *m) { static void test_exec_runtimedirectory(Manager *m) { test(m, "exec-runtimedirectory.service", 0, CLD_EXITED); test(m, "exec-runtimedirectory-mode.service", 0, CLD_EXITED); - if (getgrnam("nobody")) - test(m, "exec-runtimedirectory-owner.service", 0, CLD_EXITED); - else if (getgrnam("nfsnobody")) - test(m, "exec-runtimedirectory-owner-nfsnobody.service", 0, CLD_EXITED); - else - log_error_errno(errno, "Skipping %s, could not find nobody/nfsnobody group: %m", __func__); + test(m, "exec-runtimedirectory-owner.service", 0, CLD_EXITED); + + if (!check_nobody_user_and_group()) { + log_notice("nobody user/group is not synthesized or may conflict to other entries, skipping remaining tests in %s", __func__); + return; + } + + if (!STR_IN_SET(NOBODY_GROUP_NAME, "nobody", "nfsnobody", "nogroup")) { + log_notice("Unsupported nobody group name '%s', skipping remaining tests in %s", NOBODY_GROUP_NAME, __func__); + return; + } + + test(m, "exec-runtimedirectory-owner-" NOBODY_GROUP_NAME ".service", 0, CLD_EXITED); } static void test_exec_capabilityboundingset(Manager *m) { @@ -447,7 +529,14 @@ static void test_exec_capabilityboundingset(Manager *m) { r = find_binary("capsh", NULL); if (r < 0) { - log_error_errno(r, "Skipping %s, could not find capsh binary: %m", __func__); + log_notice_errno(r, "Skipping %s, could not find capsh binary: %m", __func__); + return; + } + + if (have_effective_cap(CAP_CHOWN) <= 0 || + have_effective_cap(CAP_FOWNER) <= 0 || + have_effective_cap(CAP_KILL) <= 0) { + log_notice("Skipping %s, this process does not have enough capabilities", __func__); return; } @@ -457,7 +546,7 @@ static void test_exec_capabilityboundingset(Manager *m) { test(m, "exec-capabilityboundingset-invert.service", 0, CLD_EXITED); } -static void test_exec_capabilityambientset(Manager *m) { +static void test_exec_ambientcapabilities(Manager *m) { int r; /* Check if the kernel has support for ambient capabilities. Run @@ -466,18 +555,31 @@ static void test_exec_capabilityambientset(Manager *m) { * in the first place for the tests. */ r = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0); if (r < 0 && IN_SET(errno, EINVAL, EOPNOTSUPP, ENOSYS)) { - log_error("Skipping %s, the kernel does not support ambient capabilities", __func__); + log_notice("Skipping %s, the kernel does not support ambient capabilities", __func__); + return; + } + + if (have_effective_cap(CAP_CHOWN) <= 0 || + have_effective_cap(CAP_NET_RAW) <= 0) { + log_notice("Skipping %s, this process does not have enough capabilities", __func__); + return; + } + + test(m, "exec-ambientcapabilities.service", 0, CLD_EXITED); + test(m, "exec-ambientcapabilities-merge.service", 0, CLD_EXITED); + + if (!check_nobody_user_and_group()) { + log_notice("nobody user/group is not synthesized or may conflict to other entries, skipping remaining tests in %s", __func__); + return; + } + + if (!STR_IN_SET(NOBODY_USER_NAME, "nobody", "nfsnobody")) { + log_notice("Unsupported nobody user name '%s', skipping remaining tests in %s", NOBODY_USER_NAME, __func__); return; } - if (getpwnam("nobody")) { - test(m, "exec-capabilityambientset.service", 0, CLD_EXITED); - test(m, "exec-capabilityambientset-merge.service", 0, CLD_EXITED); - } else if (getpwnam("nfsnobody")) { - test(m, "exec-capabilityambientset-nfsnobody.service", 0, CLD_EXITED); - test(m, "exec-capabilityambientset-merge-nfsnobody.service", 0, CLD_EXITED); - } else - log_error_errno(errno, "Skipping %s, could not find nobody/nfsnobody user: %m", __func__); + test(m, "exec-ambientcapabilities-" NOBODY_USER_NAME ".service", 0, CLD_EXITED); + test(m, "exec-ambientcapabilities-merge-" NOBODY_USER_NAME ".service", 0, CLD_EXITED); } static void test_exec_privatenetwork(Manager *m) { @@ -485,7 +587,7 @@ static void test_exec_privatenetwork(Manager *m) { r = find_binary("ip", NULL); if (r < 0) { - log_error_errno(r, "Skipping %s, could not find ip binary: %m", __func__); + log_notice_errno(r, "Skipping %s, could not find ip binary: %m", __func__); return; } @@ -543,9 +645,10 @@ static int run_tests(UnitFileScope scope, const test_function_t *tests) { } int main(int argc, char *argv[]) { + _cleanup_(rm_rf_physical_and_freep) char *runtime_dir = NULL; static const test_function_t user_tests[] = { + test_exec_ambientcapabilities, test_exec_bindpaths, - test_exec_capabilityambientset, test_exec_capabilityboundingset, test_exec_cpuaffinity, test_exec_environment, @@ -569,6 +672,7 @@ int main(int argc, char *argv[]) { test_exec_supplementarygroups, test_exec_systemcallerrornumber, test_exec_systemcallfilter, + test_exec_temporaryfilesystem, test_exec_umask, test_exec_unsetenvironment, test_exec_user, @@ -602,7 +706,7 @@ int main(int argc, char *argv[]) { return EXIT_TEST_SKIP; } - assert_se(setenv("XDG_RUNTIME_DIR", "/tmp/", 1) == 0); + assert_se(runtime_dir = setup_fake_runtime_dir()); assert_se(set_unit_path(get_testdata_dir("/test-execute")) >= 0); /* Unset VAR1, VAR2 and VAR3 which are used in the PassEnvironment test diff --git a/src/test/test-fd-util.c b/src/test/test-fd-util.c index e5a0e9d51b..3f94df2eee 100644 --- a/src/test/test-fd-util.c +++ b/src/test/test-fd-util.c @@ -25,6 +25,8 @@ #include "fd-util.h" #include "fileio.h" #include "macro.h" +#include "path-util.h" +#include "process-util.h" #include "random-util.h" #include "string-util.h" #include "util.h" @@ -155,12 +157,98 @@ static void test_acquire_data_fd(void) { test_acquire_data_fd_one(ACQUIRE_NO_DEV_NULL|ACQUIRE_NO_MEMFD|ACQUIRE_NO_PIPE|ACQUIRE_NO_TMPFILE); } +static void test_fd_move_above_stdio(void) { + int original_stdin, new_fd; + + original_stdin = fcntl(0, F_DUPFD, 3); + assert_se(original_stdin >= 3); + assert_se(close_nointr(0) != EBADF); + + new_fd = open("/dev/null", O_RDONLY); + assert_se(new_fd == 0); + + new_fd = fd_move_above_stdio(new_fd); + assert_se(new_fd >= 3); + + assert_se(dup(original_stdin) == 0); + assert_se(close_nointr(original_stdin) != EBADF); + assert_se(close_nointr(new_fd) != EBADF); +} + +static void test_rearrange_stdio(void) { + pid_t pid; + int r; + + r = safe_fork("rearrange", FORK_WAIT|FORK_LOG, &pid); + assert_se(r >= 0); + + if (r == 0) { + _cleanup_free_ char *path = NULL; + char buffer[10]; + + /* Child */ + + safe_close(STDERR_FILENO); /* Let's close an fd < 2, to make it more interesting */ + + assert_se(rearrange_stdio(-1, -1, -1) >= 0); + + assert_se(fd_get_path(STDIN_FILENO, &path) >= 0); + assert_se(path_equal(path, "/dev/null")); + path = mfree(path); + + assert_se(fd_get_path(STDOUT_FILENO, &path) >= 0); + assert_se(path_equal(path, "/dev/null")); + path = mfree(path); + + assert_se(fd_get_path(STDOUT_FILENO, &path) >= 0); + assert_se(path_equal(path, "/dev/null")); + path = mfree(path); + + safe_close(STDIN_FILENO); + safe_close(STDOUT_FILENO); + safe_close(STDERR_FILENO); + + { + int pair[2]; + assert_se(pipe(pair) >= 0); + assert_se(pair[0] == 0); + assert_se(pair[1] == 1); + assert_se(fd_move_above_stdio(0) == 3); + } + assert_se(open("/dev/full", O_WRONLY|O_CLOEXEC) == 0); + assert_se(acquire_data_fd("foobar", 6, 0) == 2); + + assert_se(rearrange_stdio(2, 0, 1) >= 0); + + assert_se(write(1, "x", 1) < 0 && errno == ENOSPC); + assert_se(write(2, "z", 1) == 1); + assert_se(read(3, buffer, sizeof(buffer)) == 1); + assert_se(buffer[0] == 'z'); + assert_se(read(0, buffer, sizeof(buffer)) == 6); + assert_se(memcmp(buffer, "foobar", 6) == 0); + + assert_se(rearrange_stdio(-1, 1, 2) >= 0); + assert_se(write(1, "a", 1) < 0 && errno == ENOSPC); + assert_se(write(2, "y", 1) == 1); + assert_se(read(3, buffer, sizeof(buffer)) == 1); + assert_se(buffer[0] == 'y'); + + assert_se(fd_get_path(0, &path) >= 0); + assert_se(path_equal(path, "/dev/null")); + path = mfree(path); + + _exit(EXIT_SUCCESS); + } +} + int main(int argc, char *argv[]) { test_close_many(); test_close_nointr(); test_same_fd(); test_open_serialization_fd(); test_acquire_data_fd(); + test_fd_move_above_stdio(); + test_rearrange_stdio(); return 0; } diff --git a/src/test/test-fs-util.c b/src/test/test-fs-util.c index 9f3a500080..ebcec4fcc5 100644 --- a/src/test/test-fs-util.c +++ b/src/test/test-fs-util.c @@ -527,6 +527,40 @@ static void test_touch_file(void) { assert_se(timespec_load(&st.st_mtim) == test_mtime); } +static void test_unlinkat_deallocate(void) { + _cleanup_free_ char *p = NULL; + _cleanup_close_ int fd = -1; + struct stat st; + + assert_se(tempfn_random_child(NULL, "unlink-deallocation", &p) >= 0); + + fd = open(p, O_WRONLY|O_CLOEXEC|O_CREAT|O_EXCL, 0600); + assert_se(fd >= 0); + + assert_se(write(fd, "hallo\n", 6) == 6); + + assert_se(fstat(fd, &st) >= 0); + assert_se(st.st_size == 6); + assert_se(st.st_blocks > 0); + assert_se(st.st_nlink == 1); + + assert_se(unlinkat_deallocate(AT_FDCWD, p, 0) >= 0); + + assert_se(fstat(fd, &st) >= 0); + assert_se(IN_SET(st.st_size, 0, 6)); /* depending on whether hole punching worked the size will be 6 (it worked) or 0 (we had to resort to truncation) */ + assert_se(st.st_blocks == 0); + assert_se(st.st_nlink == 0); +} + +static void test_fsync_directory_of_file(void) { + _cleanup_close_ int fd = -1; + + fd = open_tmpfile_unlinkable(NULL, O_RDWR); + assert_se(fd >= 0); + + assert_se(fsync_directory_of_file(fd) >= 0); +} + int main(int argc, char *argv[]) { test_unlink_noerrno(); test_get_files_in_directory(); @@ -536,6 +570,8 @@ int main(int argc, char *argv[]) { test_dot_or_dot_dot(); test_access_fd(); test_touch_file(); + test_unlinkat_deallocate(); + test_fsync_directory_of_file(); return 0; } diff --git a/src/test/test-gcrypt-util.c b/src/test/test-gcrypt-util.c new file mode 100644 index 0000000000..d7d13a1303 --- /dev/null +++ b/src/test/test-gcrypt-util.c @@ -0,0 +1,34 @@ +/* SPDX-License-Identifier: LGPL-2.1+ + * Copyright 2018 Zbigniew Jędrzejewski-Szmek + */ + +#include "alloc-util.h" +#include "gcrypt-util.h" +#include "macro.h" +#include "string-util.h" + +static void test_string_hashsum(void) { + _cleanup_free_ char *out1 = NULL, *out2 = NULL, *out3 = NULL, *out4 = NULL; + + assert_se(string_hashsum("asdf", 4, GCRY_MD_SHA224, &out1) == 0); + /* echo -n 'asdf' | sha224sum - */ + assert_se(streq(out1, "7872a74bcbf298a1e77d507cd95d4f8d96131cbbd4cdfc571e776c8a")); + + assert_se(string_hashsum("asdf", 4, GCRY_MD_SHA256, &out2) == 0); + /* echo -n 'asdf' | sha256sum - */ + assert_se(streq(out2, "f0e4c2f76c58916ec258f246851bea091d14d4247a2fc3e18694461b1816e13b")); + + assert_se(string_hashsum("", 0, GCRY_MD_SHA224, &out3) == 0); + /* echo -n '' | sha224sum - */ + assert_se(streq(out3, "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f")); + + assert_se(string_hashsum("", 0, GCRY_MD_SHA256, &out4) == 0); + /* echo -n '' | sha256sum - */ + assert_se(streq(out4, "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")); +} + +int main(int argc, char **argv) { + test_string_hashsum(); + + return 0; +} diff --git a/src/test/test-glob-util.c b/src/test/test-glob-util.c index bd2f8fcfde..a30e04016f 100644 --- a/src/test/test-glob-util.c +++ b/src/test/test-glob-util.c @@ -49,12 +49,16 @@ static void test_glob_exists(void) { assert_se(r == 0); } +static void closedir_wrapper(void* v) { + (void) closedir(v); +} + static void test_glob_no_dot(void) { char template[] = "/tmp/test-glob-util.XXXXXXX"; const char *fn; _cleanup_globfree_ glob_t g = { - .gl_closedir = (void (*)(void *)) closedir, + .gl_closedir = closedir_wrapper, .gl_readdir = (struct dirent *(*)(void *)) readdir_no_dot, .gl_opendir = (void *(*)(const char *)) opendir, .gl_lstat = lstat, diff --git a/src/test/test-hash.c b/src/test/test-hash.c index 0366727476..d84a6a8859 100644 --- a/src/test/test-hash.c +++ b/src/test/test-hash.c @@ -35,12 +35,15 @@ int main(int argc, char *argv[]) { assert_se(khash_new(&h, NULL) == -EINVAL); assert_se(khash_new(&h, "") == -EINVAL); - r = khash_new(&h, "foobar"); - if (r == -EAFNOSUPPORT) { + + r = khash_supported(); + assert_se(r >= 0); + if (r == 0) { puts("khash not supported on this kernel, skipping"); return EXIT_TEST_SKIP; } - assert_se(r == -EOPNOTSUPP); + + assert_se(khash_new(&h, "foobar") == -EOPNOTSUPP); /* undefined hash function */ assert_se(khash_new(&h, "sha256") >= 0); assert_se(khash_get_size(h) == 32); diff --git a/src/test/test-hashmap.c b/src/test/test-hashmap.c index dd9195425e..ad0b7390e9 100644 --- a/src/test/test-hashmap.c +++ b/src/test/test-hashmap.c @@ -80,6 +80,91 @@ static void test_string_compare_func(void) { assert_se(string_compare_func("fred", "fred") == 0); } +static void compare_cache(Hashmap *map, IteratedCache *cache) { + const void **keys = NULL, **values = NULL; + unsigned num, idx; + Iterator iter; + void *k, *v; + + assert_se(iterated_cache_get(cache, &keys, &values, &num) == 0); + assert_se(num == 0 || keys); + assert_se(num == 0 || values); + + idx = 0; + HASHMAP_FOREACH_KEY(v, k, map, iter) { + assert_se(v == values[idx]); + assert_se(k == keys[idx]); + + idx++; + } + + assert_se(idx == num); +} + +static void test_iterated_cache(void) { + Hashmap *m; + IteratedCache *c; + + assert_se(m = hashmap_new(NULL)); + assert_se(c = hashmap_iterated_cache_new(m)); + compare_cache(m, c); + + for (int stage = 0; stage < 100; stage++) { + + for (int i = 0; i < 100; i++) { + int foo = stage * 1000 + i; + + assert_se(hashmap_put(m, INT_TO_PTR(foo), INT_TO_PTR(foo + 777)) == 1); + } + + compare_cache(m, c); + + if (!(stage % 10)) { + for (int i = 0; i < 100; i++) { + int foo = stage * 1000 + i; + + assert_se(hashmap_remove(m, INT_TO_PTR(foo)) == INT_TO_PTR(foo + 777)); + } + + compare_cache(m, c); + } + } + + hashmap_clear(m); + compare_cache(m, c); + + assert_se(hashmap_free(m) == NULL); + assert_se(iterated_cache_free(c) == NULL); +} + +static void test_path_hashmap(void) { + _cleanup_(hashmap_freep) Hashmap *h = NULL; + + assert_se(h = hashmap_new(&path_hash_ops)); + + assert_se(hashmap_put(h, "foo", INT_TO_PTR(1)) >= 0); + assert_se(hashmap_put(h, "/foo", INT_TO_PTR(2)) >= 0); + assert_se(hashmap_put(h, "//foo", INT_TO_PTR(3)) == -EEXIST); + assert_se(hashmap_put(h, "//foox/", INT_TO_PTR(4)) >= 0); + assert_se(hashmap_put(h, "/foox////", INT_TO_PTR(5)) == -EEXIST); + assert_se(hashmap_put(h, "foo//////bar/quux//", INT_TO_PTR(6)) >= 0); + assert_se(hashmap_put(h, "foo/bar//quux/", INT_TO_PTR(8)) == -EEXIST); + + assert_se(hashmap_get(h, "foo") == INT_TO_PTR(1)); + assert_se(hashmap_get(h, "foo/") == INT_TO_PTR(1)); + assert_se(hashmap_get(h, "foo////") == INT_TO_PTR(1)); + assert_se(hashmap_get(h, "/foo") == INT_TO_PTR(2)); + assert_se(hashmap_get(h, "//foo") == INT_TO_PTR(2)); + assert_se(hashmap_get(h, "/////foo////") == INT_TO_PTR(2)); + assert_se(hashmap_get(h, "/////foox////") == INT_TO_PTR(4)); + assert_se(hashmap_get(h, "/foox/") == INT_TO_PTR(4)); + assert_se(hashmap_get(h, "/foox") == INT_TO_PTR(4)); + assert_se(!hashmap_get(h, "foox")); + assert_se(hashmap_get(h, "foo/bar/quux") == INT_TO_PTR(6)); + assert_se(hashmap_get(h, "foo////bar////quux/////") == INT_TO_PTR(6)); + assert_se(!hashmap_get(h, "/foo////bar////quux/////")); +} + int main(int argc, const char *argv[]) { test_hashmap_funcs(); test_ordered_hashmap_funcs(); @@ -89,4 +174,8 @@ int main(int argc, const char *argv[]) { test_uint64_compare_func(); test_trivial_compare_func(); test_string_compare_func(); + test_iterated_cache(); + test_path_hashmap(); + + return 0; } diff --git a/src/test/test-id128.c b/src/test/test-id128.c index b7fca1540c..dba7283769 100644 --- a/src/test/test-id128.c +++ b/src/test/test-id128.c @@ -156,9 +156,9 @@ int main(int argc, char *argv[]) { assert_se(sd_id128_equal(id, id2)); r = sd_id128_get_machine_app_specific(SD_ID128_MAKE(f0,3d,aa,eb,1c,33,4b,43,a7,32,17,29,44,bf,77,2e), &id); - if (r == -EAFNOSUPPORT) { + if (r == -EOPNOTSUPP) log_info("khash not supported on this kernel, skipping sd_id128_get_machine_app_specific() checks"); - } else { + else { assert_se(r >= 0); assert_se(sd_id128_get_machine_app_specific(SD_ID128_MAKE(f0,3d,aa,eb,1c,33,4b,43,a7,32,17,29,44,bf,77,2e), &id2) >= 0); assert_se(sd_id128_equal(id, id2)); diff --git a/src/test/test-libudev.c b/src/test/test-libudev.c index 408d14133b..f748fbc878 100644 --- a/src/test/test-libudev.c +++ b/src/test/test-libudev.c @@ -372,7 +372,7 @@ int main(int argc, char *argv[]) { return 1; } - while ((c = getopt_long(argc, argv, "p:s:dhV", options, NULL)) >= 0) + while ((c = getopt_long(argc, argv, "p:s:dhVm", options, NULL)) >= 0) switch (c) { case 'p': diff --git a/src/test/test-log.c b/src/test/test-log.c index fd19899480..4a3c8955e3 100644 --- a/src/test/test-log.c +++ b/src/test/test-log.c @@ -35,19 +35,18 @@ assert_cc((LOG_REALM_PLUS_LEVEL(LOG_REALM_SYSTEMD, LOG_LOCAL3 | LOG_DEBUG) & LOG assert_cc((LOG_REALM_PLUS_LEVEL(LOG_REALM_UDEV, LOG_USER | LOG_INFO) & LOG_PRIMASK) == LOG_INFO); -int main(int argc, char* argv[]) { - - log_set_target(LOG_TARGET_CONSOLE); - log_open(); +#define X10(x) x x x x x x x x x x +#define X100(x) X10(X10(x)) +#define X1000(x) X100(X10(x)) +static void test_log_console(void) { log_struct(LOG_INFO, "MESSAGE=Waldo PID="PID_FMT, getpid_cached(), "SERVICE=piepapo", NULL); +} - log_set_target(LOG_TARGET_JOURNAL); - log_open(); - +static void test_log_journal(void) { log_struct(LOG_INFO, "MESSAGE=Foobar PID="PID_FMT, getpid_cached(), "SERVICE=foobar", @@ -59,6 +58,32 @@ int main(int argc, char* argv[]) { (int) 1, 'A', (short) 2, (long int) 3, (long long int) 4, (void*) 1, "foo", (float) 2.5f, (double) 3.5, (long double) 4.5, "SUFFIX=GOT IT", NULL); +} + +static void test_long_lines(void) { + log_object_internal(LOG_NOTICE, + EUCLEAN, + X1000("abcd_") ".txt", + 1000000, + X1000("fff") "unc", + "OBJECT=", + X1000("obj_") "ect", + "EXTRA=", + X1000("ext_") "tra", + "asdfasdf %s asdfasdfa", "foobar"); +} + +int main(int argc, char* argv[]) { + int target; + + for (target = 0; target < _LOG_TARGET_MAX; target++) { + log_set_target(target); + log_open(); + + test_log_console(); + test_log_journal(); + test_long_lines(); + } return 0; } diff --git a/src/test/test-mount-util.c b/src/test/test-mount-util.c index 09a624842c..c95baa81a7 100644 --- a/src/test/test-mount-util.c +++ b/src/test/test-mount-util.c @@ -261,6 +261,60 @@ static void test_path_is_mount_point(void) { assert_se(rm_rf(tmp_dir, REMOVE_ROOT|REMOVE_PHYSICAL) == 0); } +static void test_mount_option_mangle(void) { + char *opts = NULL; + unsigned long f; + + assert_se(mount_option_mangle(NULL, MS_RDONLY|MS_NOSUID, &f, &opts) == 0); + assert_se(f == (MS_RDONLY|MS_NOSUID)); + assert_se(opts == NULL); + + assert_se(mount_option_mangle("", MS_RDONLY|MS_NOSUID, &f, &opts) == 0); + assert_se(f == (MS_RDONLY|MS_NOSUID)); + assert_se(opts == NULL); + + assert_se(mount_option_mangle("ro,nosuid,nodev,noexec", 0, &f, &opts) == 0); + assert_se(f == (MS_RDONLY|MS_NOSUID|MS_NODEV|MS_NOEXEC)); + assert_se(opts == NULL); + + assert_se(mount_option_mangle("ro,nosuid,nodev,noexec,mode=755", 0, &f, &opts) == 0); + assert_se(f == (MS_RDONLY|MS_NOSUID|MS_NODEV|MS_NOEXEC)); + assert_se(streq(opts, "mode=755")); + opts = mfree(opts); + + assert_se(mount_option_mangle("rw,nosuid,foo,hogehoge,nodev,mode=755", 0, &f, &opts) == 0); + assert_se(f == (MS_NOSUID|MS_NODEV)); + assert_se(streq(opts, "foo,hogehoge,mode=755")); + opts = mfree(opts); + + assert_se(mount_option_mangle("rw,nosuid,nodev,noexec,relatime,net_cls,net_prio", MS_RDONLY, &f, &opts) == 0); + assert_se(f == (MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_RELATIME)); + assert_se(streq(opts, "net_cls,net_prio")); + opts = mfree(opts); + + assert_se(mount_option_mangle("rw,nosuid,nodev,relatime,size=1630748k,mode=700,uid=1000,gid=1000", MS_RDONLY, &f, &opts) == 0); + assert_se(f == (MS_NOSUID|MS_NODEV|MS_RELATIME)); + assert_se(streq(opts, "size=1630748k,mode=700,uid=1000,gid=1000")); + opts = mfree(opts); + + assert_se(mount_option_mangle("size=1630748k,rw,gid=1000,,,nodev,relatime,,mode=700,nosuid,uid=1000", MS_RDONLY, &f, &opts) == 0); + assert_se(f == (MS_NOSUID|MS_NODEV|MS_RELATIME)); + assert_se(streq(opts, "size=1630748k,gid=1000,mode=700,uid=1000")); + opts = mfree(opts); + + assert_se(mount_option_mangle("rw,exec,size=8143984k,nr_inodes=2035996,mode=755", MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV, &f, &opts) == 0); + assert_se(f == (MS_NOSUID|MS_NODEV)); + assert_se(streq(opts, "size=8143984k,nr_inodes=2035996,mode=755")); + opts = mfree(opts); + + assert_se(mount_option_mangle("rw,relatime,fmask=0022,,,dmask=0022", MS_RDONLY, &f, &opts) == 0); + assert_se(f == MS_RELATIME); + assert_se(streq(opts, "fmask=0022,dmask=0022")); + opts = mfree(opts); + + assert_se(mount_option_mangle("rw,relatime,fmask=0022,dmask=0022,\"hogehoge", MS_RDONLY, &f, &opts) < 0); +} + int main(int argc, char *argv[]) { log_set_max_level(LOG_DEBUG); @@ -275,6 +329,7 @@ int main(int argc, char *argv[]) { test_mnt_id(); test_path_is_mount_point(); + test_mount_option_mangle(); return 0; } diff --git a/src/test/test-ns.c b/src/test/test-ns.c index 87b4facb85..3ab3c1ab95 100644 --- a/src/test/test-ns.c +++ b/src/test/test-ns.c @@ -86,6 +86,7 @@ int main(int argc, char *argv[]) { (char **) inaccessible, NULL, &(BindMount) { .source = (char*) "/usr/bin", .destination = (char*) "/etc/systemd", .read_only = true }, 1, + &(TemporaryFileSystem) { .path = (char*) "/var", .options = (char*) "ro" }, 1, tmp_dir, var_tmp_dir, PROTECT_HOME_NO, diff --git a/src/test/test-parse-util.c b/src/test/test-parse-util.c index 9375002133..a99cea5a14 100644 --- a/src/test/test-parse-util.c +++ b/src/test/test-parse-util.c @@ -468,6 +468,44 @@ static void test_safe_atoi16(void) { assert_se(r == -EINVAL); } +static void test_safe_atoux16(void) { + int r; + uint16_t l; + + r = safe_atoux16("1234", &l); + assert_se(r == 0); + assert_se(l == 0x1234); + + r = safe_atoux16("abcd", &l); + assert_se(r == 0); + assert_se(l == 0xabcd); + + r = safe_atoux16(" 1234", &l); + assert_se(r == 0); + assert_se(l == 0x1234); + + r = safe_atoux16("12345", &l); + assert_se(r == -ERANGE); + + r = safe_atoux16("-1", &l); + assert_se(r == -ERANGE); + + r = safe_atoux16(" -1", &l); + assert_se(r == -ERANGE); + + r = safe_atoux16("junk", &l); + assert_se(r == -EINVAL); + + r = safe_atoux16("123x", &l); + assert_se(r == -EINVAL); + + r = safe_atoux16("12.3", &l); + assert_se(r == -EINVAL); + + r = safe_atoux16("", &l); + assert_se(r == -EINVAL); +} + static void test_safe_atou64(void) { int r; uint64_t l; @@ -745,6 +783,7 @@ int main(int argc, char *argv[]) { test_safe_atolli(); test_safe_atou16(); test_safe_atoi16(); + test_safe_atoux16(); test_safe_atou64(); test_safe_atoi64(); test_safe_atod(); diff --git a/src/test/test-path-lookup.c b/src/test/test-path-lookup.c index 834b061980..0541033d77 100644 --- a/src/test/test-path-lookup.c +++ b/src/test/test-path-lookup.c @@ -52,6 +52,36 @@ static void test_paths(UnitFileScope scope) { assert_se(rm_rf(template, REMOVE_ROOT|REMOVE_PHYSICAL) >= 0); } +static void test_user_and_global_paths(void) { + _cleanup_lookup_paths_free_ LookupPaths lp_global = {}, lp_user = {}; + char **u, **g, **p; + unsigned k = 0; + + assert_se(unsetenv("SYSTEMD_UNIT_PATH") == 0); + + assert_se(lookup_paths_init(&lp_global, UNIT_FILE_GLOBAL, 0, NULL) == 0); + assert_se(lookup_paths_init(&lp_user, UNIT_FILE_USER, 0, NULL) == 0); + g = lp_global.search_path; + u = lp_user.search_path; + + /* Go over all entries in global search path, and verify + * that they also exist in the user search path. Skip any + * entries in user search path which don't exist in the global + * one, but not vice versa. */ + log_info("/* %s */", __func__); + STRV_FOREACH(p, g) { + while (u[k] && !streq(*p, u[k])) { + log_info("+ %s", u[k]); + k++; + } + log_info(" %s", *p); + assert(u[k]); /* If NULL, we didn't find a matching entry */ + k++; + } + STRV_FOREACH(p, u + k) + log_info("+ %s", *p); +} + static void print_generator_binary_paths(UnitFileScope scope) { _cleanup_strv_free_ char **paths; char **dir; @@ -72,6 +102,8 @@ int main(int argc, char **argv) { test_paths(UNIT_FILE_USER); test_paths(UNIT_FILE_GLOBAL); + test_user_and_global_paths(); + print_generator_binary_paths(UNIT_FILE_SYSTEM); print_generator_binary_paths(UNIT_FILE_USER); diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c index 72edcbb7d6..0e5a9d811d 100644 --- a/src/test/test-process-util.c +++ b/src/test/test-process-util.c @@ -100,7 +100,7 @@ static void test_get_process_comm(pid_t pid) { if (!detect_container()) assert_se(get_ctty_devnr(pid, &h) == -ENXIO || pid != 1); - getenv_for_pid(pid, "PATH", &i); + (void) getenv_for_pid(pid, "PATH", &i); log_info("PID"PID_FMT" $PATH: '%s'", pid, strna(i)); } diff --git a/src/test/test-procfs-util.c b/src/test/test-procfs-util.c index a253182517..10229de4e8 100644 --- a/src/test/test-procfs-util.c +++ b/src/test/test-procfs-util.c @@ -3,15 +3,24 @@ #include <errno.h> #include "log.h" +#include "parse-util.h" #include "procfs-util.h" int main(int argc, char *argv[]) { + char buf[CONST_MAX(FORMAT_TIMESPAN_MAX, FORMAT_BYTES_MAX)]; + nsec_t nsec; uint64_t v; int r; log_parse_environment(); log_open(); + assert_se(procfs_cpu_get_usage(&nsec) >= 0); + log_info("Current sytem CPU time: %s", format_timespan(buf, sizeof(buf), nsec/NSEC_PER_USEC, 1)); + + assert_se(procfs_memory_get_current(&v) >= 0); + log_info("Current memory usage: %s", format_bytes(buf, sizeof(buf), v)); + assert_se(procfs_tasks_get_current(&v) >= 0); log_info("Current number of tasks: %" PRIu64, v); diff --git a/src/test/test-socket-util.c b/src/test/test-socket-util.c index d1ab7486ed..e35a27fa61 100644 --- a/src/test/test-socket-util.c +++ b/src/test/test-socket-util.c @@ -360,58 +360,6 @@ static void test_in_addr_ifindex_from_string_auto(void) { assert_se(in_addr_ifindex_from_string_auto("fe80::19%thisinterfacecantexist", &family, &ua, &ifindex) == -ENODEV); } -static void *connect_thread(void *arg) { - union sockaddr_union *sa = arg; - _cleanup_close_ int fd = -1; - - fd = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0); - assert_se(fd >= 0); - - assert_se(connect(fd, &sa->sa, sizeof(sa->in)) == 0); - - return NULL; -} - -static void test_nameinfo_pretty(void) { - _cleanup_free_ char *stdin_name = NULL, *localhost = NULL; - - union sockaddr_union s = { - .in.sin_family = AF_INET, - .in.sin_port = 0, - .in.sin_addr.s_addr = htobe32(INADDR_ANY), - }; - int r; - - union sockaddr_union c = {}; - socklen_t slen = sizeof(c.in), clen = sizeof(c.in); - - _cleanup_close_ int sfd = -1, cfd = -1; - r = getnameinfo_pretty(STDIN_FILENO, &stdin_name); - log_info_errno(r, "No connection remote: %m"); - - assert_se(r < 0); - - sfd = socket(AF_INET, SOCK_STREAM|SOCK_CLOEXEC, 0); - assert_se(sfd >= 0); - - assert_se(bind(sfd, &s.sa, sizeof(s.in)) == 0); - - /* find out the port number */ - assert_se(getsockname(sfd, &s.sa, &slen) == 0); - - assert_se(listen(sfd, 1) == 0); - - assert_se(asynchronous_job(connect_thread, &s) == 0); - - log_debug("Accepting new connection on fd:%d", sfd); - cfd = accept4(sfd, &c.sa, &clen, SOCK_CLOEXEC); - assert_se(cfd >= 0); - - r = getnameinfo_pretty(cfd, &localhost); - log_info("Connection from %s", localhost); - assert_se(r == 0); -} - static void test_sockaddr_equal(void) { union sockaddr_union a = { .in.sin_family = AF_INET, @@ -561,8 +509,6 @@ int main(int argc, char *argv[]) { test_in_addr_ifindex_to_string(); test_in_addr_ifindex_from_string_auto(); - test_nameinfo_pretty(); - test_sockaddr_equal(); test_sockaddr_un_len(); diff --git a/src/test/test-strv.c b/src/test/test-strv.c index aec00eb817..c6698f4396 100644 --- a/src/test/test-strv.c +++ b/src/test/test-strv.c @@ -22,6 +22,7 @@ #include <string.h> #include "alloc-util.h" +#include "escape.h" #include "specifier.h" #include "string-util.h" #include "strv.h" @@ -102,36 +103,6 @@ static const char* const input_table_one_empty[] = { }; -static const char* const input_table_quotes[] = { - "\"", - "'", - "\"\"", - "\\", - "\\\\", - NULL, -}; -#define QUOTES_STRING \ - "\"\\\"\" " \ - "\"\\\'\" " \ - "\"\\\"\\\"\" " \ - "\"\\\\\" " \ - "\"\\\\\\\\\"" - -static const char * const input_table_spaces[] = { - " ", - "' '", - "\" ", - " \"", - " \\\\ ", - NULL, -}; -#define SPACES_STRING \ - "\" \" " \ - "\"\\' \\'\" " \ - "\"\\\" \" " \ - "\" \\\"\" " \ - "\" \\\\\\\\ \"" - static void test_strv_find(void) { assert_se(strv_find((char **)input_table_multiple, "three")); assert_se(!strv_find((char **)input_table_multiple, "four")); @@ -193,28 +164,6 @@ static void test_strv_join(void) { assert_se(streq(w, "")); } -static void test_strv_quote_unquote(const char* const *split, const char *quoted) { - _cleanup_free_ char *p; - _cleanup_strv_free_ char **s = NULL; - char **t; - int r; - - p = strv_join_quoted((char **)split); - assert_se(p); - printf("-%s- --- -%s-\n", p, quoted); /* fprintf deals with NULL, puts does not */ - assert_se(p); - assert_se(streq(p, quoted)); - - r = strv_split_extract(&s, quoted, WHITESPACE, EXTRACT_QUOTES); - assert_se(r == (int) strv_length(s)); - assert_se(s); - STRV_FOREACH(t, s) { - assert_se(*t); - assert_se(streq(*t, *split)); - split++; - } -} - static void test_strv_unquote(const char *quoted, char **list) { _cleanup_strv_free_ char **s; _cleanup_free_ char *j; @@ -498,6 +447,36 @@ static void test_strv_from_stdarg_alloca(void) { test_strv_from_stdarg_alloca_one(STRV_MAKE_EMPTY, NULL); } +static void test_strv_insert(void) { + _cleanup_strv_free_ char **a = NULL; + + assert_se(strv_insert(&a, 0, strdup("first")) == 0); + assert_se(streq(a[0], "first")); + assert_se(!a[1]); + + assert_se(strv_insert(&a, 0, NULL) == 0); + assert_se(streq(a[0], "first")); + assert_se(!a[1]); + + assert_se(strv_insert(&a, 1, strdup("two")) == 0); + assert_se(streq(a[0], "first")); + assert_se(streq(a[1], "two")); + assert_se(!a[2]); + + assert_se(strv_insert(&a, 4, strdup("tri")) == 0); + assert_se(streq(a[0], "first")); + assert_se(streq(a[1], "two")); + assert_se(streq(a[2], "tri")); + assert_se(!a[3]); + + assert_se(strv_insert(&a, 1, strdup("duo")) == 0); + assert_se(streq(a[0], "first")); + assert_se(streq(a[1], "duo")); + assert_se(streq(a[2], "two")); + assert_se(streq(a[3], "tri")); + assert_se(!a[4]); +} + static void test_strv_push_prepend(void) { _cleanup_strv_free_ char **a = NULL; @@ -697,6 +676,17 @@ static void test_strv_make_nulstr(void) { test_strv_make_nulstr_one(STRV_MAKE("foo", "bar", "quuux")); } +static void test_strv_free_free(void) { + char ***t; + + assert_se(t = new(char**, 3)); + assert_se(t[0] = strv_new("a", "b", NULL)); + assert_se(t[1] = strv_new("c", "d", "e", NULL)); + t[2] = NULL; + + t = strv_free_free(t); +} + static void test_foreach_string(void) { const char * const t[] = { "foo", @@ -738,14 +728,6 @@ int main(int argc, char *argv[]) { test_strv_find_startswith(); test_strv_join(); - test_strv_quote_unquote(input_table_multiple, "\"one\" \"two\" \"three\""); - test_strv_quote_unquote(input_table_one, "\"one\""); - test_strv_quote_unquote(input_table_none, ""); - test_strv_quote_unquote(input_table_one_empty, "\"\""); - test_strv_quote_unquote(input_table_two_empties, "\"\" \"\""); - test_strv_quote_unquote(input_table_quotes, QUOTES_STRING); - test_strv_quote_unquote(input_table_spaces, SPACES_STRING); - test_strv_unquote(" foo=bar \"waldo\" zzz ", STRV_MAKE("foo=bar", "waldo", "zzz")); test_strv_unquote("", STRV_MAKE_EMPTY); test_strv_unquote(" ", STRV_MAKE_EMPTY); @@ -782,6 +764,7 @@ int main(int argc, char *argv[]) { test_strv_extend(); test_strv_extendf(); test_strv_from_stdarg_alloca(); + test_strv_insert(); test_strv_push_prepend(); test_strv_push(); test_strv_equal(); @@ -791,6 +774,7 @@ int main(int argc, char *argv[]) { test_strv_skip(); test_strv_extend_n(); test_strv_make_nulstr(); + test_strv_free_free(); test_foreach_string(); test_strv_fnmatch(); diff --git a/src/test/test-user-util.c b/src/test/test-user-util.c index 17a8520741..3a943bf10f 100644 --- a/src/test/test-user-util.c +++ b/src/test/test-user-util.c @@ -19,6 +19,7 @@ ***/ #include "alloc-util.h" +#include "log.h" #include "macro.h" #include "string-util.h" #include "user-util.h" @@ -28,14 +29,26 @@ static void test_uid_to_name_one(uid_t uid, const char *name) { _cleanup_free_ char *t = NULL; + log_info("/* %s("UID_FMT", \"%s\") */", __func__, uid, name); + assert_se(t = uid_to_name(uid)); + if (!synthesize_nobody() && streq(name, NOBODY_USER_NAME)) { + log_info("(skipping detailed tests because nobody is not synthesized)"); + return; + } assert_se(streq_ptr(t, name)); } static void test_gid_to_name_one(gid_t gid, const char *name) { _cleanup_free_ char *t = NULL; + log_info("/* %s("GID_FMT", \"%s\") */", __func__, gid, name); + assert_se(t = gid_to_name(gid)); + if (!synthesize_nobody() && streq(name, NOBODY_GROUP_NAME)) { + log_info("(skipping detailed tests because nobody is not synthesized)"); + return; + } assert_se(streq_ptr(t, name)); } @@ -43,6 +56,8 @@ static void test_parse_uid(void) { int r; uid_t uid; + log_info("/* %s */", __func__); + r = parse_uid("100", &uid); assert_se(r == 0); assert_se(uid == 100); @@ -55,6 +70,7 @@ static void test_parse_uid(void) { } static void test_uid_ptr(void) { + log_info("/* %s */", __func__); assert_se(UID_TO_PTR(0) != NULL); assert_se(UID_TO_PTR(1000) != NULL); @@ -64,6 +80,8 @@ static void test_uid_ptr(void) { } static void test_valid_user_group_name(void) { + log_info("/* %s */", __func__); + assert_se(!valid_user_group_name(NULL)); assert_se(!valid_user_group_name("")); assert_se(!valid_user_group_name("1")); @@ -90,6 +108,8 @@ static void test_valid_user_group_name(void) { } static void test_valid_user_group_name_or_id(void) { + log_info("/* %s */", __func__); + assert_se(!valid_user_group_name_or_id(NULL)); assert_se(!valid_user_group_name_or_id("")); assert_se(valid_user_group_name_or_id("0")); @@ -119,6 +139,7 @@ static void test_valid_user_group_name_or_id(void) { } static void test_valid_gecos(void) { + log_info("/* %s */", __func__); assert_se(!valid_gecos(NULL)); assert_se(valid_gecos("")); @@ -129,6 +150,7 @@ static void test_valid_gecos(void) { } static void test_valid_home(void) { + log_info("/* %s */", __func__); assert_se(!valid_home(NULL)); assert_se(!valid_home("")); @@ -146,12 +168,23 @@ static void test_valid_home(void) { } static void test_get_user_creds_one(const char *id, const char *name, uid_t uid, gid_t gid, const char *home, const char *shell) { - const char *rhome; - const char *rshell; - uid_t ruid; - gid_t rgid; + const char *rhome = NULL; + const char *rshell = NULL; + uid_t ruid = UID_INVALID; + gid_t rgid = GID_INVALID; + int r; - assert_se(get_user_creds(&id, &ruid, &rgid, &rhome, &rshell) >= 0); + log_info("/* %s(\"%s\", \"%s\", "UID_FMT", "GID_FMT", \"%s\", \"%s\") */", + __func__, id, name, uid, gid, home, shell); + + r = get_user_creds(&id, &ruid, &rgid, &rhome, &rshell); + log_info_errno(r, "got \"%s\", "UID_FMT", "GID_FMT", \"%s\", \"%s\": %m", + id, ruid, rgid, strnull(rhome), strnull(rshell)); + if (!synthesize_nobody() && streq(name, NOBODY_USER_NAME)) { + log_info("(skipping detailed tests because nobody is not synthesized)"); + return; + } + assert_se(r == 0); assert_se(streq_ptr(id, name)); assert_se(ruid == uid); assert_se(rgid == gid); @@ -160,15 +193,23 @@ static void test_get_user_creds_one(const char *id, const char *name, uid_t uid, } static void test_get_group_creds_one(const char *id, const char *name, gid_t gid) { - gid_t rgid; + gid_t rgid = GID_INVALID; + int r; - assert_se(get_group_creds(&id, &rgid) >= 0); + log_info("/* %s(\"%s\", \"%s\", "GID_FMT") */", __func__, id, name, gid); + + r = get_group_creds(&id, &rgid); + log_info_errno(r, "got \"%s\", "GID_FMT": %m", id, rgid); + if (!synthesize_nobody() && streq(name, NOBODY_GROUP_NAME)) { + log_info("(skipping detailed tests because nobody is not synthesized)"); + return; + } + assert_se(r == 0); assert_se(streq_ptr(id, name)); assert_se(rgid == gid); } int main(int argc, char*argv[]) { - test_uid_to_name_one(0, "root"); test_uid_to_name_one(UID_NOBODY, NOBODY_USER_NAME); test_uid_to_name_one(0xFFFF, "65535"); diff --git a/src/test/test-utf8.c b/src/test/test-utf8.c index 1ea0901f69..c04c99dcad 100644 --- a/src/test/test-utf8.c +++ b/src/test/test-utf8.c @@ -106,6 +106,15 @@ static void test_utf16_to_utf8(void) { free(a); } +static void test_utf8_n_codepoints(void) { + assert_se(utf8_n_codepoints("abc") == 3); + assert_se(utf8_n_codepoints("zażółcić gęślą jaźń") == 19); + assert_se(utf8_n_codepoints("串") == 1); + assert_se(utf8_n_codepoints("") == 0); + assert_se(utf8_n_codepoints("…👊🔪💐…") == 5); + assert_se(utf8_n_codepoints("\xF1") == (size_t) -1); +} + int main(int argc, char *argv[]) { test_utf8_is_valid(); test_utf8_is_printable(); @@ -114,6 +123,7 @@ int main(int argc, char *argv[]) { test_utf8_escaping(); test_utf8_escaping_printable(); test_utf16_to_utf8(); + test_utf8_n_codepoints(); return 0; } diff --git a/src/test/test-xattr-util.c b/src/test/test-xattr-util.c index 01c371a39c..36b6480219 100644 --- a/src/test/test-xattr-util.c +++ b/src/test/test-xattr-util.c @@ -26,6 +26,7 @@ #include "alloc-util.h" #include "fd-util.h" +#include "fileio.h" #include "fs-util.h" #include "macro.h" #include "string-util.h" @@ -35,8 +36,9 @@ static void test_fgetxattrat_fake(void) { char t[] = "/var/tmp/xattrtestXXXXXX"; _cleanup_close_ int fd = -1; const char *x; - char v[3] = {}; + char v[3]; int r; + size_t size; assert_se(mkdtemp(t)); x = strjoina(t, "/test"); @@ -50,21 +52,56 @@ static void test_fgetxattrat_fake(void) { fd = open(t, O_RDONLY|O_DIRECTORY|O_CLOEXEC|O_NOCTTY); assert_se(fd >= 0); - assert_se(fgetxattrat_fake(fd, "test", "user.foo", v, 3, 0) >= 0); + assert_se(fgetxattrat_fake(fd, "test", "user.foo", v, 3, 0, &size) >= 0); + assert_se(size == 3); assert_se(memcmp(v, "bar", 3) == 0); safe_close(fd); fd = open("/", O_RDONLY|O_DIRECTORY|O_CLOEXEC|O_NOCTTY); assert_se(fd >= 0); - assert_se(fgetxattrat_fake(fd, "usr", "user.idontexist", v, 3, 0) == -ENODATA); + assert_se(fgetxattrat_fake(fd, "usr", "user.idontexist", v, 3, 0, &size) == -ENODATA); cleanup: assert_se(unlink(x) >= 0); assert_se(rmdir(t) >= 0); } +static void test_getcrtime(void) { + + _cleanup_close_ int fd = -1; + char ts[FORMAT_TIMESTAMP_MAX]; + const char *vt; + usec_t usec, k; + int r; + + assert_se(tmp_dir(&vt) >= 0); + + fd = open_tmpfile_unlinkable(vt, O_RDWR); + assert_se(fd >= 0); + + r = fd_getcrtime(fd, &usec); + if (r < 0) + log_debug_errno(r, "btime: %m"); + else + log_debug("btime: %s", format_timestamp(ts, sizeof(ts), usec)); + + k = now(CLOCK_REALTIME); + + r = fd_setcrtime(fd, 1519126446UL * USEC_PER_SEC); + if (!IN_SET(r, -EOPNOTSUPP, -ENOTTY)) { + assert_se(fd_getcrtime(fd, &usec) >= 0); + assert_se(k < 1519126446UL * USEC_PER_SEC || + usec == 1519126446UL * USEC_PER_SEC); + } +} + int main(void) { + log_set_max_level(LOG_DEBUG); + log_parse_environment(); + log_open(); + test_fgetxattrat_fake(); + test_getcrtime(); return 0; } diff --git a/src/timedate/meson.build b/src/timedate/meson.build index 80e5cd21be..87482c04e5 100644 --- a/src/timedate/meson.build +++ b/src/timedate/meson.build @@ -20,13 +20,6 @@ if conf.get('ENABLE_TIMEDATED') == 1 install_dir : dbuspolicydir) install_data('org.freedesktop.timedate1.service', install_dir : dbussystemservicedir) - - i18n.merge_file( - 'org.freedesktop.timedate1.policy', - input : 'org.freedesktop.timedate1.policy.in', - output : 'org.freedesktop.timedate1.policy', - po_dir : po_dir, - data_dirs : po_dir, - install : install_polkit, - install_dir : polkitpolicydir) + install_data('org.freedesktop.timedate1.policy', + install_dir : polkitpolicydir) endif diff --git a/src/timedate/org.freedesktop.timedate1.policy.in b/src/timedate/org.freedesktop.timedate1.policy index cc2e1652da..d488572ae3 100644 --- a/src/timedate/org.freedesktop.timedate1.policy.in +++ b/src/timedate/org.freedesktop.timedate1.policy @@ -19,8 +19,8 @@ <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url> <action id="org.freedesktop.timedate1.set-time"> - <description>Set system time</description> - <message>Authentication is required to set the system time.</message> + <description gettext-domain="systemd">Set system time</description> + <message gettext-domain="systemd">Authentication is required to set the system time.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -30,8 +30,8 @@ </action> <action id="org.freedesktop.timedate1.set-timezone"> - <description>Set system timezone</description> - <message>Authentication is required to set the system timezone.</message> + <description gettext-domain="systemd">Set system timezone</description> + <message gettext-domain="systemd">Authentication is required to set the system timezone.</message> <defaults> <allow_any>auth_admin_keep</allow_any> <allow_inactive>auth_admin_keep</allow_inactive> @@ -40,8 +40,8 @@ </action> <action id="org.freedesktop.timedate1.set-local-rtc"> - <description>Set RTC to local timezone or UTC</description> - <message>Authentication is required to control whether + <description gettext-domain="systemd">Set RTC to local timezone or UTC</description> + <message gettext-domain="systemd">Authentication is required to control whether the RTC stores the local or UTC time.</message> <defaults> <allow_any>auth_admin_keep</allow_any> @@ -51,8 +51,8 @@ </action> <action id="org.freedesktop.timedate1.set-ntp"> - <description>Turn network time synchronization on or off</description> - <message>Authentication is required to control whether + <description gettext-domain="systemd">Turn network time synchronization on or off</description> + <message gettext-domain="systemd">Authentication is required to control whether network time synchronization shall be enabled.</message> <defaults> <allow_any>auth_admin_keep</allow_any> diff --git a/src/timedate/timedatectl.c b/src/timedate/timedatectl.c index 19a382c1b2..d0a510468e 100644 --- a/src/timedate/timedatectl.c +++ b/src/timedate/timedatectl.c @@ -136,7 +136,7 @@ static void print_status_info(const StatusInfo *i) { if (i->rtc_local) printf("\n%s" "Warning: The system is configured to read the RTC time in the local time zone.\n" - " This mode can not be fully supported. It will create various problems\n" + " This mode cannot be fully supported. It will create various problems\n" " with time zone changes and daylight saving time adjustments. The RTC\n" " time is never updated, it relies on external facilities to maintain it.\n" " If at all possible, use RTC in UTC by calling\n" diff --git a/src/timesync/timesyncd.c b/src/timesync/timesyncd.c index bea800171b..3d7cfd5be5 100644 --- a/src/timesync/timesyncd.c +++ b/src/timesync/timesyncd.c @@ -147,7 +147,7 @@ int main(int argc, char *argv[]) { if (clock_is_localtime(NULL) > 0) { log_info("The system is configured to read the RTC time in the local time zone. " - "This mode can not be fully supported. All system time to RTC updates are disabled."); + "This mode cannot be fully supported. All system time to RTC updates are disabled."); m->rtc_local_time = true; } diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c index 38cbb739c0..f1890f3261 100644 --- a/src/tmpfiles/tmpfiles.c +++ b/src/tmpfiles/tmpfiles.c @@ -171,6 +171,7 @@ static bool arg_boot = false; static char **arg_include_prefixes = NULL; static char **arg_exclude_prefixes = NULL; static char *arg_root = NULL; +static char *arg_replace = NULL; #define MAX_DEPTH 256 @@ -382,9 +383,11 @@ static void load_unix_sockets(void) { /* We maintain a cache of the sockets we found in /proc/net/unix to speed things up a little. */ - unix_sockets = set_new(&string_hash_ops); - if (!unix_sockets) + unix_sockets = set_new(&path_hash_ops); + if (!unix_sockets) { + log_oom(); return; + } f = fopen("/proc/net/unix", "re"); if (!f) { @@ -567,12 +570,6 @@ static int dir_cleanup( continue; } - /* Do not delete read-only files owned by root */ - if (s.st_uid == 0 && !(s.st_mode & S_IWUSR)) { - log_debug("Ignoring \"%s/%s\": read-only and owner by root.", p, dent->d_name); - continue; - } - sub_path = strjoin(p, "/", dent->d_name); if (!sub_path) { r = log_oom(); @@ -780,100 +777,111 @@ static bool dangerous_hardlinks(void) { return cached; } -static bool hardlink_vulnerable(struct stat *st) { +static bool hardlink_vulnerable(const struct stat *st) { assert(st); return !S_ISDIR(st->st_mode) && st->st_nlink > 1 && dangerous_hardlinks(); } -static int path_set_perms(Item *i, const char *path) { - char fn[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; - _cleanup_close_ int fd = -1; - struct stat st; +static int fd_set_perms(Item *i, int fd, const struct stat *st) { + _cleanup_free_ char *path = NULL; + int r; assert(i); - assert(path); - - if (!i->mode_set && !i->uid_set && !i->gid_set) - goto shortcut; + assert(fd); - /* We open the file with O_PATH here, to make the operation - * somewhat atomic. Also there's unfortunately no fchmodat() - * with AT_SYMLINK_NOFOLLOW, hence we emulate it here via - * O_PATH. */ - - fd = open(path, O_NOFOLLOW|O_CLOEXEC|O_PATH); - if (fd < 0) { - int level = LOG_ERR, r = -errno; - - /* Option "e" operates only on existing objects. Do not - * print errors about non-existent files or directories */ - if (i->type == EMPTY_DIRECTORY && errno == ENOENT) { - level = LOG_DEBUG; - r = 0; - } - - log_full_errno(level, errno, "Adjusting owner and mode for %s failed: %m", path); + r = fd_get_path(fd, &path); + if (r < 0) return r; - } - if (fstatat(fd, "", &st, AT_EMPTY_PATH) < 0) - return log_error_errno(errno, "Failed to fstat() file %s: %m", path); + if (!i->mode_set && !i->uid_set && !i->gid_set) + goto shortcut; - if (hardlink_vulnerable(&st)) { + if (hardlink_vulnerable(st)) { log_error("Refusing to set permissions on hardlinked file %s while the fs.protected_hardlinks sysctl is turned off.", path); return -EPERM; } - xsprintf(fn, "/proc/self/fd/%i", fd); - if (i->mode_set) { - if (S_ISLNK(st.st_mode)) + if (S_ISLNK(st->st_mode)) log_debug("Skipping mode fix for symlink %s.", path); else { mode_t m = i->mode; if (i->mask_perms) { - if (!(st.st_mode & 0111)) + if (!(st->st_mode & 0111)) m &= ~0111; - if (!(st.st_mode & 0222)) + if (!(st->st_mode & 0222)) m &= ~0222; - if (!(st.st_mode & 0444)) + if (!(st->st_mode & 0444)) m &= ~0444; - if (!S_ISDIR(st.st_mode)) + if (!S_ISDIR(st->st_mode)) m &= ~07000; /* remove sticky/sgid/suid bit, unless directory */ } - if (m == (st.st_mode & 07777)) - log_debug("\"%s\" has correct mode %o already.", path, st.st_mode); + if (m == (st->st_mode & 07777)) + log_debug("\"%s\" has correct mode %o already.", path, st->st_mode); else { + char procfs_path[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; + log_debug("Changing \"%s\" to mode %o.", path, m); - if (chmod(fn, m) < 0) - return log_error_errno(errno, "chmod() of %s via %s failed: %m", path, fn); + /* fchmodat() still doesn't have AT_EMPTY_PATH flag. */ + xsprintf(procfs_path, "/proc/self/fd/%i", fd); + + if (chmod(procfs_path, m) < 0) + return log_error_errno(errno, "chmod() of %s via %s failed: %m", path, procfs_path); } } } - if ((i->uid_set && i->uid != st.st_uid) || - (i->gid_set && i->gid != st.st_gid)) { + if ((i->uid_set && i->uid != st->st_uid) || + (i->gid_set && i->gid != st->st_gid)) { log_debug("Changing \"%s\" to owner "UID_FMT":"GID_FMT, path, i->uid_set ? i->uid : UID_INVALID, i->gid_set ? i->gid : GID_INVALID); - if (chown(fn, - i->uid_set ? i->uid : UID_INVALID, - i->gid_set ? i->gid : GID_INVALID) < 0) - return log_error_errno(errno, "chown() of %s via %s failed: %m", path, fn); + if (fchownat(fd, + "", + i->uid_set ? i->uid : UID_INVALID, + i->gid_set ? i->gid : GID_INVALID, + AT_EMPTY_PATH) < 0) + return log_error_errno(errno, "fchownat() of %s failed: %m", path); } - fd = safe_close(fd); - shortcut: return label_fix(path, false, false); } +static int path_set_perms(Item *i, const char *path) { + _cleanup_close_ int fd = -1; + struct stat st; + + assert(i); + assert(path); + + fd = open(path, O_NOFOLLOW|O_CLOEXEC|O_PATH); + if (fd < 0) { + int level = LOG_ERR, r = -errno; + + /* Option "e" operates only on existing objects. Do not + * print errors about non-existent files or directories */ + if (i->type == EMPTY_DIRECTORY && errno == ENOENT) { + level = LOG_DEBUG; + r = 0; + } + + log_full_errno(level, errno, "Adjusting owner and mode for %s failed: %m", path); + return r; + } + + if (fstat(fd, &st) < 0) + return log_error_errno(errno, "Failed to fstat() file %s: %m", path); + + return fd_set_perms(i, fd, &st); +} + static int parse_xattrs_from_arg(Item *i) { const char *p; int r; @@ -912,21 +920,43 @@ static int parse_xattrs_from_arg(Item *i) { return 0; } -static int path_set_xattrs(Item *i, const char *path) { +static int fd_set_xattrs(Item *i, int fd, const struct stat *st) { + char procfs_path[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; + _cleanup_free_ char *path = NULL; char **name, **value; + int r; assert(i); - assert(path); + assert(fd); + + r = fd_get_path(fd, &path); + if (r < 0) + return r; + + xsprintf(procfs_path, "/proc/self/fd/%i", fd); STRV_FOREACH_PAIR(name, value, i->xattrs) { log_debug("Setting extended attribute '%s=%s' on %s.", *name, *value, path); - if (lsetxattr(path, *name, *value, strlen(*value), 0) < 0) + if (setxattr(procfs_path, *name, *value, strlen(*value), 0) < 0) return log_error_errno(errno, "Setting extended attribute %s=%s on %s failed: %m", *name, *value, path); } return 0; } +static int path_set_xattrs(Item *i, const char *path) { + _cleanup_close_ int fd = -1; + + assert(i); + assert(path); + + fd = open(path, O_CLOEXEC|O_NOFOLLOW|O_PATH); + if (fd < 0) + return log_error_errno(errno, "Cannot open '%s': %m", path); + + return fd_set_xattrs(i, fd, NULL); +} + static int parse_acls_from_arg(Item *item) { #if HAVE_ACL int r; @@ -992,52 +1022,71 @@ static int path_set_acl(const char *path, const char *pretty, acl_type_t type, a } #endif -static int path_set_acls(Item *item, const char *path) { +static int fd_set_acls(Item *item, int fd, const struct stat *st) { int r = 0; #if HAVE_ACL - char fn[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; - _cleanup_close_ int fd = -1; - struct stat st; + char procfs_path[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; + _cleanup_free_ char *path = NULL; assert(item); - assert(path); - - fd = open(path, O_NOFOLLOW|O_CLOEXEC|O_PATH); - if (fd < 0) - return log_error_errno(errno, "Adjusting ACL of %s failed: %m", path); + assert(fd); + assert(st); - if (fstatat(fd, "", &st, AT_EMPTY_PATH) < 0) - return log_error_errno(errno, "Failed to fstat() file %s: %m", path); + r = fd_get_path(fd, &path); + if (r < 0) + return r; - if (hardlink_vulnerable(&st)) { + if (hardlink_vulnerable(st)) { log_error("Refusing to set ACLs on hardlinked file %s while the fs.protected_hardlinks sysctl is turned off.", path); return -EPERM; } - if (S_ISLNK(st.st_mode)) { + if (S_ISLNK(st->st_mode)) { log_debug("Skipping ACL fix for symlink %s.", path); return 0; } - xsprintf(fn, "/proc/self/fd/%i", fd); + xsprintf(procfs_path, "/proc/self/fd/%i", fd); if (item->acl_access) - r = path_set_acl(fn, path, ACL_TYPE_ACCESS, item->acl_access, item->force); + r = path_set_acl(procfs_path, path, ACL_TYPE_ACCESS, item->acl_access, item->force); if (r == 0 && item->acl_default) - r = path_set_acl(fn, path, ACL_TYPE_DEFAULT, item->acl_default, item->force); + r = path_set_acl(procfs_path, path, ACL_TYPE_DEFAULT, item->acl_default, item->force); if (r > 0) return -r; /* already warned */ - else if (r == -EOPNOTSUPP) { + if (r == -EOPNOTSUPP) { log_debug_errno(r, "ACLs not supported by file system at %s", path); return 0; - } else if (r < 0) - log_error_errno(r, "ACL operation on \"%s\" failed: %m", path); + } + if (r < 0) + return log_error_errno(r, "ACL operation on \"%s\" failed: %m", path); #endif return r; } +static int path_set_acls(Item *item, const char *path) { + int r = 0; +#ifdef HAVE_ACL + _cleanup_close_ int fd = -1; + struct stat st; + + assert(item); + assert(path); + + fd = open(path, O_NOFOLLOW|O_CLOEXEC|O_PATH); + if (fd < 0) + return log_error_errno(errno, "Adjusting ACL of %s failed: %m", path); + + if (fstat(fd, &st) < 0) + return log_error_errno(errno, "Failed to fstat() file %s: %m", path); + + r = fd_set_acls(item, fd, &st); + #endif + return r; + } + #define ATTRIBUTES_ALL \ (FS_NOATIME_FL | \ FS_SYNC_FL | \ @@ -1137,30 +1186,24 @@ static int parse_attribute_from_arg(Item *item) { return 0; } -static int path_set_attribute(Item *item, const char *path) { - _cleanup_close_ int fd = -1; - struct stat st; +static int fd_set_attribute(Item *item, int fd, const struct stat *st) { + char procfs_path[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; + _cleanup_close_ int procfs_fd = -1; + _cleanup_free_ char *path = NULL; unsigned f; int r; if (!item->attribute_set || item->attribute_mask == 0) return 0; - fd = open(path, O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_NOATIME|O_NOFOLLOW); - if (fd < 0) { - if (errno == ELOOP) - return log_error_errno(errno, "Skipping file attributes adjustment on symlink %s.", path); - - return log_error_errno(errno, "Cannot open '%s': %m", path); - } - - if (fstat(fd, &st) < 0) - return log_error_errno(errno, "Cannot stat '%s': %m", path); + r = fd_get_path(fd, &path); + if (r < 0) + return r; /* Issuing the file attribute ioctls on device nodes is not * safe, as that will be delivered to the drivers, not the * file system containing the device node. */ - if (!S_ISREG(st.st_mode) && !S_ISDIR(st.st_mode)) { + if (!S_ISREG(st->st_mode) && !S_ISDIR(st->st_mode)) { log_error("Setting file flags is only supported on regular files and directories, cannot set on '%s'.", path); return -EINVAL; } @@ -1168,10 +1211,16 @@ static int path_set_attribute(Item *item, const char *path) { f = item->attribute_value & item->attribute_mask; /* Mask away directory-specific flags */ - if (!S_ISDIR(st.st_mode)) + if (!S_ISDIR(st->st_mode)) f &= ~FS_DIRSYNC_FL; - r = chattr_fd(fd, f, item->attribute_mask); + xsprintf(procfs_path, "/proc/self/fd/%i", fd); + + procfs_fd = open(procfs_path, O_RDONLY|O_CLOEXEC|O_NOATIME); + if (procfs_fd < 0) + return -errno; + + r = chattr_fd(procfs_fd, f, item->attribute_mask); if (r < 0) log_full_errno(IN_SET(r, -ENOTTY, -EOPNOTSUPP) ? LOG_DEBUG : LOG_WARNING, r, @@ -1181,6 +1230,23 @@ static int path_set_attribute(Item *item, const char *path) { return 0; } +static int path_set_attribute(Item *item, const char *path) { + _cleanup_close_ int fd = -1; + struct stat st; + + if (!item->attribute_set || item->attribute_mask == 0) + return 0; + + fd = open(path, O_CLOEXEC|O_NOFOLLOW|O_PATH); + if (fd < 0) + return log_error_errno(errno, "Cannot open '%s': %m", path); + + if (fstat(fd, &st) < 0) + return log_error_errno(errno, "Cannot stat '%s': %m", path); + + return fd_set_attribute(item, fd, &st); +} + static int write_one_file(Item *i, const char *path) { _cleanup_close_ int fd = -1; int flags, r = 0; @@ -1245,48 +1311,58 @@ done: } typedef int (*action_t)(Item *, const char *); +typedef int (*fdaction_t)(Item *, int fd, const struct stat *st); -static int item_do_children(Item *i, const char *path, action_t action) { - _cleanup_closedir_ DIR *d; - struct dirent *de; - int r = 0; +static int item_do(Item *i, int fd, const struct stat *st, fdaction_t action) { + int r = 0, q; assert(i); - assert(path); + assert(fd >= 0); + assert(st); /* This returns the first error we run into, but nevertheless * tries to go on */ + r = action(i, fd, st); - d = opendir_nomod(path); - if (!d) - return IN_SET(errno, ENOENT, ENOTDIR, ELOOP) ? 0 : -errno; + if (S_ISDIR(st->st_mode)) { + char procfs_path[strlen("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; + _cleanup_closedir_ DIR *d = NULL; + struct dirent *de; - FOREACH_DIRENT_ALL(de, d, r = -errno) { - _cleanup_free_ char *p = NULL; - int q; + /* The passed 'fd' was opened with O_PATH. We need to convert + * it into a 'regular' fd before reading the directory content. */ + xsprintf(procfs_path, "/proc/self/fd/%i", fd); - if (dot_or_dot_dot(de->d_name)) - continue; + d = opendir(procfs_path); + if (!d) { + r = r ?: -errno; + goto finish; + } - p = strjoin(path, "/", de->d_name); - if (!p) - return -ENOMEM; + FOREACH_DIRENT_ALL(de, d, q = -errno; goto finish) { + struct stat de_st; + int de_fd; - q = action(i, p); - if (q < 0 && q != -ENOENT && r == 0) - r = q; + if (dot_or_dot_dot(de->d_name)) + continue; + + de_fd = openat(fd, de->d_name, O_NOFOLLOW|O_CLOEXEC|O_PATH); + if (de_fd >= 0 && fstat(de_fd, &de_st) >= 0) + /* pass ownership of dirent fd over */ + q = item_do(i, de_fd, &de_st, action); + else + q = -errno; - if (IN_SET(de->d_type, DT_UNKNOWN, DT_DIR)) { - q = item_do_children(i, p, action); if (q < 0 && r == 0) r = q; } } - +finish: + safe_close(fd); return r; } -static int glob_item(Item *i, action_t action, bool recursive) { +static int glob_item(Item *i, action_t action) { _cleanup_globfree_ glob_t g = { .gl_opendir = (void *(*)(const char *)) opendir_nomod, }; @@ -1301,12 +1377,48 @@ static int glob_item(Item *i, action_t action, bool recursive) { k = action(i, *fn); if (k < 0 && r == 0) r = k; + } - if (recursive) { - k = item_do_children(i, *fn, action); - if (k < 0 && r == 0) - r = k; + return r; +} + +static int glob_item_recursively(Item *i, fdaction_t action) { + _cleanup_globfree_ glob_t g = { + .gl_opendir = (void *(*)(const char *)) opendir_nomod, + }; + int r = 0, k; + char **fn; + + k = safe_glob(i->path, GLOB_NOSORT|GLOB_BRACE, &g); + if (k < 0 && k != -ENOENT) + return log_error_errno(k, "glob(%s) failed: %m", i->path); + + STRV_FOREACH(fn, g.gl_pathv) { + _cleanup_close_ int fd = -1; + struct stat st; + + /* Make sure we won't trigger/follow file object (such as + * device nodes, automounts, ...) pointed out by 'fn' with + * O_PATH. Note, when O_PATH is used, flags other than + * O_CLOEXEC, O_DIRECTORY, and O_NOFOLLOW are ignored. */ + + fd = open(*fn, O_CLOEXEC|O_NOFOLLOW|O_PATH); + if (fd < 0) { + r = r ?: -errno; + continue; } + + if (fstat(fd, &st) < 0) { + r = r ?: -errno; + continue; + } + + k = item_do(i, fd, &st, action); + if (k < 0 && r == 0) + r = k; + + /* we passed fd ownership to the previous call */ + fd = -1; } return r; @@ -1395,7 +1507,7 @@ static int create_item(Item *i) { break; case WRITE_FILE: - r = glob_item(i, write_one_file, false); + r = glob_item(i, write_one_file); if (r < 0) return r; @@ -1654,49 +1766,49 @@ static int create_item(Item *i) { case ADJUST_MODE: case RELABEL_PATH: - r = glob_item(i, path_set_perms, false); + r = glob_item(i, path_set_perms); if (r < 0) return r; break; case RECURSIVE_RELABEL_PATH: - r = glob_item(i, path_set_perms, true); + r = glob_item_recursively(i, fd_set_perms); if (r < 0) return r; break; case SET_XATTR: - r = glob_item(i, path_set_xattrs, false); + r = glob_item(i, path_set_xattrs); if (r < 0) return r; break; case RECURSIVE_SET_XATTR: - r = glob_item(i, path_set_xattrs, true); + r = glob_item_recursively(i, fd_set_xattrs); if (r < 0) return r; break; case SET_ACL: - r = glob_item(i, path_set_acls, false); + r = glob_item(i, path_set_acls); if (r < 0) return r; break; case RECURSIVE_SET_ACL: - r = glob_item(i, path_set_acls, true); + r = glob_item_recursively(i, fd_set_acls); if (r < 0) return r; break; case SET_ATTRIBUTE: - r = glob_item(i, path_set_attribute, false); + r = glob_item(i, path_set_attribute); if (r < 0) return r; break; case RECURSIVE_SET_ATTRIBUTE: - r = glob_item(i, path_set_attribute, true); + r = glob_item_recursively(i, fd_set_attribute); if (r < 0) return r; break; @@ -1746,7 +1858,7 @@ static int remove_item(Item *i) { case REMOVE_PATH: case TRUNCATE_DIRECTORY: case RECURSIVE_REMOVE_PATH: - return glob_item(i, remove_item_instance, false); + return glob_item(i, remove_item_instance); default: return 0; @@ -1820,7 +1932,7 @@ static int clean_item(Item *i) { return 0; case EMPTY_DIRECTORY: case IGNORE_DIRECTORY_PATH: - return glob_item(i, clean_item_instance, false); + return glob_item(i, clean_item_instance); default: return 0; } @@ -2364,6 +2476,7 @@ static void help(void) { " --prefix=PATH Only apply rules with the specified prefix\n" " --exclude-prefix=PATH Ignore rules with the specified prefix\n" " --root=PATH Operate on an alternate filesystem root\n" + " --replace=PATH Treat arguments as replacement for PATH\n" , program_invocation_short_name); } @@ -2379,6 +2492,7 @@ static int parse_argv(int argc, char *argv[]) { ARG_PREFIX, ARG_EXCLUDE_PREFIX, ARG_ROOT, + ARG_REPLACE, }; static const struct option options[] = { @@ -2392,6 +2506,7 @@ static int parse_argv(int argc, char *argv[]) { { "prefix", required_argument, NULL, ARG_PREFIX }, { "exclude-prefix", required_argument, NULL, ARG_EXCLUDE_PREFIX }, { "root", required_argument, NULL, ARG_ROOT }, + { "replace", required_argument, NULL, ARG_REPLACE }, {} }; @@ -2447,6 +2562,16 @@ static int parse_argv(int argc, char *argv[]) { return r; break; + case ARG_REPLACE: + if (!path_is_absolute(optarg) || + !endswith(optarg, ".conf")) { + log_error("The argument to --replace= must an absolute path to a config file"); + return -EINVAL; + } + + arg_replace = optarg; + break; + case '?': return -EINVAL; @@ -2459,10 +2584,15 @@ static int parse_argv(int argc, char *argv[]) { return -EINVAL; } + if (arg_replace && optind >= argc) { + log_error("When --replace= is given, some configuration items must be specified"); + return -EINVAL; + } + return 1; } -static int read_config_file(const char **config_dirs, const char *fn, bool ignore_enoent, bool *invalid_config) { +static int read_config_file(char **config_dirs, const char *fn, bool ignore_enoent, bool *invalid_config) { _cleanup_fclose_ FILE *_f = NULL; FILE *f; char line[LINE_MAX]; @@ -2474,11 +2604,11 @@ static int read_config_file(const char **config_dirs, const char *fn, bool ignor assert(fn); if (streq(fn, "-")) { - log_debug("Reading config from stdin."); + log_debug("Reading config from stdin…"); fn = "<stdin>"; f = stdin; } else { - r = search_and_fopen(fn, "re", arg_root, config_dirs, &_f); + r = search_and_fopen(fn, "re", arg_root, (const char**) config_dirs, &_f); if (r < 0) { if (ignore_enoent && r == -ENOENT) { log_debug_errno(r, "Failed to open \"%s\", ignoring: %m", fn); @@ -2487,7 +2617,7 @@ static int read_config_file(const char **config_dirs, const char *fn, bool ignor return log_error_errno(r, "Failed to open '%s': %m", fn); } - log_debug("Reading config file \"%s\".", fn); + log_debug("Reading config file \"%s\"…", fn); f = _f; } @@ -2550,13 +2680,60 @@ static int read_config_file(const char **config_dirs, const char *fn, bool ignor return r; } +static int parse_arguments(char **config_dirs, char **args, bool *invalid_config) { + char **arg; + int r; + + STRV_FOREACH(arg, args) { + r = read_config_file(config_dirs, *arg, false, invalid_config); + if (r < 0) + return r; + } + + return 0; +} + +static int read_config_files(char **config_dirs, char **args, bool *invalid_config) { + _cleanup_strv_free_ char **files = NULL; + _cleanup_free_ char *p = NULL; + char **f; + int r; + + r = conf_files_list_strv(&files, ".conf", arg_root, 0, (const char* const*) config_dirs); + if (r < 0) + return log_error_errno(r, "Failed to enumerate tmpfiles.d files: %m"); + + if (arg_replace) { + r = conf_files_insert(&files, arg_root, config_dirs, arg_replace); + if (r < 0) + return log_error_errno(r, "Failed to extend tmpfiles.d file list: %m"); + + p = path_join(arg_root, arg_replace, NULL); + if (!p) + return log_oom(); + } + + STRV_FOREACH(f, files) + if (p && path_equal(*f, p)) { + log_debug("Parsing arguments at position \"%s\"…", *f); + + r = parse_arguments(config_dirs, args, invalid_config); + if (r < 0) + return r; + } else + /* Just warn, ignore result otherwise. + * read_config_file() has some debug output, so no need to print anything. */ + (void) read_config_file(config_dirs, *f, true, invalid_config); + + return 0; +} + int main(int argc, char *argv[]) { int r, k; ItemArray *a; Iterator iterator; _cleanup_strv_free_ char **config_dirs = NULL; bool invalid_config = false; - char **f; r = parse_argv(argc, argv); if (r <= 0) @@ -2602,30 +2779,20 @@ int main(int argc, char *argv[]) { log_debug("Looking for configuration files in (higher priority first:\n\t%s", t); } - if (optind < argc) { - int j; - - for (j = optind; j < argc; j++) { - k = read_config_file((const char**) config_dirs, argv[j], false, &invalid_config); - if (k < 0 && r == 0) - r = k; - } - - } else { - _cleanup_strv_free_ char **files = NULL; + /* If command line arguments are specified along with --replace, read all + * configuration files and insert the positional arguments at the specified + * place. Otherwise, if command line arguments are specified, execute just + * them, and finally, without --replace= or any positional arguments, just + * read configuration and execute it. + */ + if (arg_replace || optind >= argc) + r = read_config_files(config_dirs, argv + optind, &invalid_config); + else + r = parse_arguments(config_dirs, argv + optind, &invalid_config); + if (r < 0) + goto finish; - r = conf_files_list_strv(&files, ".conf", arg_root, 0, (const char* const*) config_dirs); - if (r < 0) { - log_error_errno(r, "Failed to enumerate tmpfiles.d files: %m"); - goto finish; - } - STRV_FOREACH(f, files) { - k = read_config_file((const char**) config_dirs, *f, true, &invalid_config); - if (k < 0 && r == 0) - r = k; - } - } /* The non-globbing ones usually create things, hence we apply * them first */ diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c index 9dfb0d80de..74a10bb175 100644 --- a/src/tty-ask-password-agent/tty-ask-password-agent.c +++ b/src/tty-ask-password-agent/tty-ask-password-agent.c @@ -254,6 +254,7 @@ static int send_passwords(const char *socket_name, char **passwords) { union sockaddr_union sa = { .un.sun_family = AF_UNIX }; size_t packet_length = 1; char **p, *d; + ssize_t n; int r; assert(socket_name); @@ -279,9 +280,13 @@ static int send_passwords(const char *socket_name, char **passwords) { strncpy(sa.un.sun_path, socket_name, sizeof(sa.un.sun_path)); - r = sendto(socket_fd, packet, packet_length, MSG_NOSIGNAL, &sa.sa, SOCKADDR_UN_LEN(sa.un)); - if (r < 0) + n = sendto(socket_fd, packet, packet_length, MSG_NOSIGNAL, &sa.sa, SOCKADDR_UN_LEN(sa.un)); + if (n < 0) { r = log_debug_errno(errno, "sendto(): %m"); + goto finish; + } + + r = (int) n; finish: explicit_bzero(packet, packet_length); @@ -363,18 +368,21 @@ static int parse_password(const char *filename, char **wall) { int tty_fd = -1; if (arg_console) { - const char *con = arg_device ? arg_device : "/dev/console"; + const char *con = arg_device ?: "/dev/console"; - tty_fd = acquire_terminal(con, false, false, false, USEC_INFINITY); + tty_fd = acquire_terminal(con, ACQUIRE_TERMINAL_WAIT, USEC_INFINITY); if (tty_fd < 0) - return log_error_errno(tty_fd, "Failed to acquire /dev/console: %m"); + return log_error_errno(tty_fd, "Failed to acquire %s: %m", con); r = reset_terminal_fd(tty_fd, true); if (r < 0) log_warning_errno(r, "Failed to reset terminal, ignoring: %m"); } - r = ask_password_tty(message, NULL, not_after, echo ? ASK_PASSWORD_ECHO : 0, filename, &password); + r = ask_password_tty(tty_fd, message, NULL, not_after, + (echo ? ASK_PASSWORD_ECHO : 0) | + (arg_console ? ASK_PASSWORD_CONSOLE_COLOR : 0), + filename, &password); if (arg_console) { tty_fd = safe_close(tty_fd); @@ -460,7 +468,7 @@ static bool wall_tty_match(const char *path, void *userdata) { fd = open(p, O_WRONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY); if (fd < 0) { - log_debug_errno(errno, "Failed top open the wall pipe: %m"); + log_debug_errno(errno, "Failed to open the wall pipe: %m"); return 1; } diff --git a/src/udev/cdrom_id/cdrom_id.c b/src/udev/cdrom_id/cdrom_id.c index 9644861adc..5e7bebeb16 100644 --- a/src/udev/cdrom_id/cdrom_id.c +++ b/src/udev/cdrom_id/cdrom_id.c @@ -566,7 +566,7 @@ static int cd_profiles(struct udev *udev, int fd) log_debug("GET CONFIGURATION: size of features buffer 0x%04x", len); if (len > sizeof(features)) { - log_debug("can not get features in a single query, truncating"); + log_debug("cannot get features in a single query, truncating"); len = sizeof(features); } else if (len <= 8) len = sizeof(features); @@ -588,7 +588,7 @@ static int cd_profiles(struct udev *udev, int fd) log_debug("GET CONFIGURATION: size of features buffer 0x%04x", len); if (len > sizeof(features)) { - log_debug("can not get features in a single query, truncating"); + log_debug("cannot get features in a single query, truncating"); len = sizeof(features); } diff --git a/src/udev/collect/collect.c b/src/udev/collect/collect.c index 3e278bd637..2821640e93 100644 --- a/src/udev/collect/collect.c +++ b/src/udev/collect/collect.c @@ -94,7 +94,7 @@ static int prepare(char *dir, char *filename) if (r < 0 && errno != EEXIST) return -errno; - xsprintf(buf, "%s/%s", dir, filename); + snprintf(buf, sizeof buf, "%s/%s", dir, filename); fd = open(buf, O_RDWR|O_CREAT|O_CLOEXEC, S_IRUSR|S_IWUSR); if (fd < 0) diff --git a/src/udev/udev-builtin-blkid.c b/src/udev/udev-builtin-blkid.c index 6ff244e96c..eeed803f57 100644 --- a/src/udev/udev-builtin-blkid.c +++ b/src/udev/udev-builtin-blkid.c @@ -35,6 +35,7 @@ #include "efivars.h" #include "fd-util.h" #include "gpt.h" +#include "parse-util.h" #include "string-util.h" #include "udev.h" @@ -236,7 +237,7 @@ static int builtin_blkid(struct udev_device *dev, int argc, char *argv[], bool t bool is_gpt = false; static const struct option options[] = { - { "offset", optional_argument, NULL, 'o' }, + { "offset", required_argument, NULL, 'o' }, { "noraid", no_argument, NULL, 'R' }, {} }; @@ -244,13 +245,19 @@ static int builtin_blkid(struct udev_device *dev, int argc, char *argv[], bool t for (;;) { int option; - option = getopt_long(argc, argv, "oR", options, NULL); + option = getopt_long(argc, argv, "o:R", options, NULL); if (option == -1) break; switch (option) { case 'o': - offset = strtoull(optarg, NULL, 0); + err = safe_atoi64(optarg, &offset); + if (err < 0) + goto out; + if (offset < 0) { + err = -ERANGE; + goto out; + } break; case 'R': noraid = true; diff --git a/src/udev/udev-builtin-hwdb.c b/src/udev/udev-builtin-hwdb.c index ca7f7c2304..dbfe024298 100644 --- a/src/udev/udev-builtin-hwdb.c +++ b/src/udev/udev-builtin-hwdb.c @@ -27,6 +27,7 @@ #include "alloc-util.h" #include "hwdb-util.h" +#include "parse-util.h" #include "string-util.h" #include "udev-util.h" #include "udev.h" @@ -63,7 +64,7 @@ int udev_builtin_hwdb_lookup(struct udev_device *dev, static const char *modalias_usb(struct udev_device *dev, char *s, size_t size) { const char *v, *p; - int vn, pn; + uint16_t vn, pn; v = udev_device_get_sysattr_value(dev, "idVendor"); if (!v) @@ -71,12 +72,10 @@ static const char *modalias_usb(struct udev_device *dev, char *s, size_t size) { p = udev_device_get_sysattr_value(dev, "idProduct"); if (!p) return NULL; - vn = strtol(v, NULL, 16); - if (vn <= 0) - return NULL; - pn = strtol(p, NULL, 16); - if (pn <= 0) - return NULL; + if (safe_atoux16(v, &vn) < 0) + return NULL; + if (safe_atoux16(p, &pn) < 0) + return NULL; snprintf(s, size, "usb:v%04Xp%04X*", vn, pn); return s; } diff --git a/src/udev/udev-builtin-input_id.c b/src/udev/udev-builtin-input_id.c index fa830213ff..02b86cce23 100644 --- a/src/udev/udev-builtin-input_id.c +++ b/src/udev/udev-builtin-input_id.c @@ -233,7 +233,8 @@ static bool test_pointers(struct udev_device *dev, is_touchscreen = true; } - if (has_mouse_button && + if (!is_tablet && !is_touchpad && !is_joystick && + has_mouse_button && (has_rel_coordinates || !has_abs_coordinates)) /* mouse buttons and no axis */ is_mouse = true; diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c index 945585d82a..36994360c7 100644 --- a/src/udev/udev-builtin-net_id.c +++ b/src/udev/udev-builtin-net_id.c @@ -115,6 +115,7 @@ #include "stdio-util.h" #include "string-util.h" #include "udev.h" +#include "udev-util.h" #define ONBOARD_INDEX_MAX (16*1024-1) @@ -236,11 +237,11 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) { size_t l; char *s; const char *attr, *port_name; - struct udev_device *pci = NULL; + _cleanup_udev_device_unref_ struct udev_device *pci = NULL; char slots[PATH_MAX]; _cleanup_closedir_ DIR *dir = NULL; struct dirent *dent; - int hotplug_slot = 0, err = 0; + int hotplug_slot = 0; if (sscanf(udev_device_get_sysname(names->pcidev), "%x:%x:%x.%u", &domain, &bus, &slot, &func) != 4) return -ENOENT; @@ -270,21 +271,20 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) { /* ACPI _SUN — slot user number */ pci = udev_device_new_from_subsystem_sysname(udev, "subsystem", "pci"); - if (!pci) { - err = -ENOENT; - goto out; - } + if (!pci) + return -ENOENT; + + if (!snprintf_ok(slots, sizeof slots, "%s/slots", udev_device_get_syspath(pci))) + return -ENAMETOOLONG; - xsprintf(slots, "%s/slots", udev_device_get_syspath(pci)); dir = opendir(slots); - if (!dir) { - err = -errno; - goto out; - } + if (!dir) + return -errno; FOREACH_DIRENT_ALL(dent, dir, break) { int i; - char *rest, *address, str[PATH_MAX]; + char *rest, str[PATH_MAX]; + _cleanup_free_ char *address = NULL; if (dent->d_name[0] == '.') continue; @@ -294,13 +294,11 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) { if (i < 1) continue; - xsprintf(str, "%s/%s/address", slots, dent->d_name); - if (read_one_line_file(str, &address) >= 0) { + if (snprintf_ok(str, sizeof str, "%s/%s/address", slots, dent->d_name) && + read_one_line_file(str, &address) >= 0) /* match slot address with device by stripping the function */ - if (strneq(address, udev_device_get_sysname(names->pcidev), strlen(address))) + if (streq(address, udev_device_get_sysname(names->pcidev))) hotplug_slot = i; - free(address); - } if (hotplug_slot > 0) break; @@ -321,9 +319,8 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) { if (l == 0) names->pci_slot[0] = '\0'; } -out: - udev_device_unref(pci); - return err; + + return 0; } static int names_vio(struct udev_device *dev, struct netnames *names) { @@ -517,7 +514,6 @@ static int names_ccw(struct udev_device *dev, struct netnames *names) { const char *bus_id, *subsys; size_t bus_id_len; size_t bus_id_start; - int rc; assert(dev); assert(names); @@ -559,9 +555,9 @@ static int names_ccw(struct udev_device *dev, struct netnames *names) { bus_id += bus_id_start < bus_id_len ? bus_id_start : bus_id_len - 1; /* Store the CCW bus-ID for use as network device name */ - rc = snprintf(names->ccw_busid, sizeof(names->ccw_busid), "c%s", bus_id); - if (rc >= 0 && rc < (int)sizeof(names->ccw_busid)) + if (snprintf_ok(names->ccw_busid, sizeof(names->ccw_busid), "c%s", bus_id)) names->type = NET_CCW; + return 0; } @@ -674,7 +670,7 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool if (err >= 0 && names.type == NET_CCW) { char str[IFNAMSIZ]; - if (snprintf(str, sizeof(str), "%s%s", prefix, names.ccw_busid) < (int)sizeof(str)) + if (snprintf_ok(str, sizeof str, "%s%s", prefix, names.ccw_busid)) udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str); goto out; } @@ -684,7 +680,7 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool if (err >= 0 && names.type == NET_VIO) { char str[IFNAMSIZ]; - if (snprintf(str, sizeof(str), "%s%s", prefix, names.vio_slot) < (int)sizeof(str)) + if (snprintf_ok(str, sizeof str, "%s%s", prefix, names.vio_slot)) udev_builtin_add_property(dev, test, "ID_NET_NAME_SLOT", str); goto out; } @@ -694,7 +690,7 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool if (err >= 0 && names.type == NET_PLATFORM) { char str[IFNAMSIZ]; - if (snprintf(str, sizeof(str), "%s%s", prefix, names.platform_path) < (int)sizeof(str)) + if (snprintf_ok(str, sizeof str, "%s%s", prefix, names.platform_path)) udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str); goto out; } @@ -708,21 +704,21 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool if (names.type == NET_PCI) { char str[IFNAMSIZ]; - if (names.pci_onboard[0]) - if (snprintf(str, sizeof(str), "%s%s", prefix, names.pci_onboard) < (int)sizeof(str)) - udev_builtin_add_property(dev, test, "ID_NET_NAME_ONBOARD", str); + if (names.pci_onboard[0] && + snprintf_ok(str, sizeof str, "%s%s", prefix, names.pci_onboard)) + udev_builtin_add_property(dev, test, "ID_NET_NAME_ONBOARD", str); - if (names.pci_onboard_label) - if (snprintf(str, sizeof(str), "%s%s", prefix, names.pci_onboard_label) < (int)sizeof(str)) - udev_builtin_add_property(dev, test, "ID_NET_LABEL_ONBOARD", str); + if (names.pci_onboard_label && + snprintf_ok(str, sizeof str, "%s%s", prefix, names.pci_onboard_label)) + udev_builtin_add_property(dev, test, "ID_NET_LABEL_ONBOARD", str); - if (names.pci_path[0]) - if (snprintf(str, sizeof(str), "%s%s", prefix, names.pci_path) < (int)sizeof(str)) - udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str); + if (names.pci_path[0] && + snprintf_ok(str, sizeof str, "%s%s", prefix, names.pci_path)) + udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str); - if (names.pci_slot[0]) - if (snprintf(str, sizeof(str), "%s%s", prefix, names.pci_slot) < (int)sizeof(str)) - udev_builtin_add_property(dev, test, "ID_NET_NAME_SLOT", str); + if (names.pci_slot[0] && + snprintf_ok(str, sizeof str, "%s%s", prefix, names.pci_slot)) + udev_builtin_add_property(dev, test, "ID_NET_NAME_SLOT", str); goto out; } @@ -731,13 +727,13 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool if (err >= 0 && names.type == NET_USB) { char str[IFNAMSIZ]; - if (names.pci_path[0]) - if (snprintf(str, sizeof(str), "%s%s%s", prefix, names.pci_path, names.usb_ports) < (int)sizeof(str)) - udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str); + if (names.pci_path[0] && + snprintf_ok(str, sizeof str, "%s%s%s", prefix, names.pci_path, names.usb_ports)) + udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str); - if (names.pci_slot[0]) - if (snprintf(str, sizeof(str), "%s%s%s", prefix, names.pci_slot, names.usb_ports) < (int)sizeof(str)) - udev_builtin_add_property(dev, test, "ID_NET_NAME_SLOT", str); + if (names.pci_slot[0] && + snprintf_ok(str, sizeof str, "%s%s%s", prefix, names.pci_slot, names.usb_ports)) + udev_builtin_add_property(dev, test, "ID_NET_NAME_SLOT", str); goto out; } @@ -746,13 +742,13 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool if (err >= 0 && names.type == NET_BCMA) { char str[IFNAMSIZ]; - if (names.pci_path[0]) - if (snprintf(str, sizeof(str), "%s%s%s", prefix, names.pci_path, names.bcma_core) < (int)sizeof(str)) - udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str); + if (names.pci_path[0] && + snprintf_ok(str, sizeof str, "%s%s%s", prefix, names.pci_path, names.bcma_core)) + udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str); - if (names.pci_slot[0]) - if (snprintf(str, sizeof(str), "%s%s%s", prefix, names.pci_slot, names.bcma_core) < (int)sizeof(str)) - udev_builtin_add_property(dev, test, "ID_NET_NAME_SLOT", str); + if (names.pci_slot[0] && + snprintf(str, sizeof str, "%s%s%s", prefix, names.pci_slot, names.bcma_core)) + udev_builtin_add_property(dev, test, "ID_NET_NAME_SLOT", str); goto out; } out: diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c index bb845889cc..6a3ee93ca2 100644 --- a/src/udev/udev-node.c +++ b/src/udev/udev-node.c @@ -265,7 +265,7 @@ static int node_permissions_apply(struct udev_device *dev, bool apply, mode |= S_IFCHR; if (lstat(devnode, &stats) != 0) { - err = log_debug_errno(errno, "can not stat() node '%s' (%m)", devnode); + err = log_debug_errno(errno, "cannot stat() node '%s' (%m)", devnode); goto out; } diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c index f4708bb066..635811c59f 100644 --- a/src/udev/udev-rules.c +++ b/src/udev/udev-rules.c @@ -465,7 +465,7 @@ static int add_token(struct udev_rules *rules, struct token *token) { if (add < 8) add = 8; - tokens = realloc(rules->tokens, (rules->token_max + add ) * sizeof(struct token)); + tokens = reallocarray(rules->tokens, rules->token_max + add, sizeof(struct token)); if (tokens == NULL) return -1; rules->tokens = tokens; @@ -511,7 +511,7 @@ static uid_t add_uid(struct udev_rules *rules, const char *owner) { if (add < 1) add = 8; - uids = realloc(rules->uids, (rules->uids_max + add ) * sizeof(struct uid_gid)); + uids = reallocarray(rules->uids, rules->uids_max + add, sizeof(struct uid_gid)); if (uids == NULL) return uid; rules->uids = uids; @@ -554,7 +554,7 @@ static gid_t add_gid(struct udev_rules *rules, const char *group) { if (add < 1) add = 8; - gids = realloc(rules->gids, (rules->gids_max + add ) * sizeof(struct uid_gid)); + gids = reallocarray(rules->gids, rules->gids_max + add, sizeof(struct uid_gid)); if (gids == NULL) return gid; rules->gids = gids; @@ -1544,7 +1544,7 @@ struct udev_rules *udev_rules_new(struct udev *udev, int resolve_names) { udev_list_init(udev, &file_list, true); /* init token array and string buffer */ - rules->tokens = malloc(PREALLOC_TOKEN * sizeof(struct token)); + rules->tokens = malloc_multiply(PREALLOC_TOKEN, sizeof(struct token)); if (rules->tokens == NULL) return udev_rules_unref(rules); rules->token_max = PREALLOC_TOKEN; diff --git a/src/udev/udev-watch.c b/src/udev/udev-watch.c index 351cb6345a..61179ce03d 100644 --- a/src/udev/udev-watch.c +++ b/src/udev/udev-watch.c @@ -79,7 +79,7 @@ void udev_watch_restore(struct udev *udev) { udev_watch_begin(udev, dev); udev_device_unref(dev); unlink: - unlinkat(dirfd(dir), ent->d_name, 0); + (void) unlinkat(dirfd(dir), ent->d_name, 0); } closedir(dir); diff --git a/src/udev/udev.conf b/src/udev/udev.conf index 47d1433002..0d812d4a65 100644 --- a/src/udev/udev.conf +++ b/src/udev/udev.conf @@ -1,3 +1,6 @@ # see udev.conf(5) for details +# +# udevd is also started in the initrd. When this file is modified you might +# also want to rebuild the initrd, so that it will include the modified configuration. #udev_log="info" diff --git a/src/udev/udevadm-hwdb.c b/src/udev/udevadm-hwdb.c index ab5dc7ab64..dc3ae7484d 100644 --- a/src/udev/udevadm-hwdb.c +++ b/src/udev/udevadm-hwdb.c @@ -94,7 +94,7 @@ static int node_add_child(struct trie *trie, struct trie_node *node, struct trie struct trie_child_entry *child; /* extend array, add new entry, sort for bisection */ - child = realloc(node->children, (node->children_count + 1) * sizeof(struct trie_child_entry)); + child = reallocarray(node->children, node->children_count + 1, sizeof(struct trie_child_entry)); if (!child) return -ENOMEM; @@ -166,7 +166,7 @@ static int trie_node_add_value(struct trie *trie, struct trie_node *node, } /* extend array, add new entry, sort for bisection */ - val = realloc(node->values, (node->values_count + 1) * sizeof(struct trie_value_entry)); + val = reallocarray(node->values, node->values_count + 1, sizeof(struct trie_value_entry)); if (!val) return -ENOMEM; trie->values_count++; diff --git a/src/udev/udevadm-trigger.c b/src/udev/udevadm-trigger.c index f78a2ba437..d979c1bc24 100644 --- a/src/udev/udevadm-trigger.c +++ b/src/udev/udevadm-trigger.c @@ -24,6 +24,8 @@ #include <string.h> #include <unistd.h> +#include "fd-util.h" +#include "set.h" #include "string-util.h" #include "udev-util.h" #include "udev.h" @@ -33,25 +35,37 @@ static int verbose; static int dry_run; -static void exec_list(struct udev_enumerate *udev_enumerate, const char *action) { +static int exec_list(struct udev_enumerate *udev_enumerate, const char *action, Set *settle_set) { struct udev_list_entry *entry; + int r; udev_list_entry_foreach(entry, udev_enumerate_get_list_entry(udev_enumerate)) { char filename[UTIL_PATH_SIZE]; - int fd; + const char *syspath; + _cleanup_close_ int fd = -1; + syspath = udev_list_entry_get_name(entry); if (verbose) - printf("%s\n", udev_list_entry_get_name(entry)); + printf("%s\n", syspath); if (dry_run) continue; - strscpyl(filename, sizeof(filename), udev_list_entry_get_name(entry), "/uevent", NULL); + + strscpyl(filename, sizeof(filename), syspath, "/uevent", NULL); fd = open(filename, O_WRONLY|O_CLOEXEC); if (fd < 0) continue; + + if (settle_set) { + r = set_put_strdup(settle_set, syspath); + if (r < 0) + return log_oom(); + } + if (write(fd, action, strlen(action)) < 0) log_debug_errno(errno, "error writing '%s' to '%s': %m", action, filename); - close(fd); } + + return 0; } static const char *keyval(const char *str, const char **val, char *buf, size_t size) { @@ -87,6 +101,7 @@ static void help(void) { " -y --sysname-match=NAME Trigger devices with this /sys path\n" " --name-match=NAME Trigger devices with this /dev name\n" " -b --parent-match=NAME Trigger devices with that parent device\n" + " -w --settle Wait for the triggered events to complete\n" , program_invocation_short_name); } @@ -109,6 +124,7 @@ static int adm_trigger(struct udev *udev, int argc, char *argv[]) { { "sysname-match", required_argument, NULL, 'y' }, { "name-match", required_argument, NULL, ARG_NAME }, { "parent-match", required_argument, NULL, 'b' }, + { "settle", no_argument, NULL, 'w' }, { "version", no_argument, NULL, 'V' }, { "help", no_argument, NULL, 'h' }, {} @@ -119,13 +135,19 @@ static int adm_trigger(struct udev *udev, int argc, char *argv[]) { } device_type = TYPE_DEVICES; const char *action = "change"; _cleanup_udev_enumerate_unref_ struct udev_enumerate *udev_enumerate = NULL; + _cleanup_udev_monitor_unref_ struct udev_monitor *udev_monitor = NULL; + _cleanup_close_ int fd_ep = -1; + int fd_udev = -1; + struct epoll_event ep_udev; + bool settle = false; + _cleanup_set_free_free_ Set *settle_set = NULL; int c, r; udev_enumerate = udev_enumerate_new(udev); - if (udev_enumerate == NULL) + if (!udev_enumerate) return 1; - while ((c = getopt_long(argc, argv, "vnt:c:s:S:a:A:p:g:y:b:Vh", options, NULL)) >= 0) { + while ((c = getopt_long(argc, argv, "vnt:c:s:S:a:A:p:g:y:b:wVh", options, NULL)) >= 0) { const char *key; const char *val; char buf[UTIL_PATH_SIZE]; @@ -211,7 +233,7 @@ static int adm_trigger(struct udev *udev, int argc, char *argv[]) { _cleanup_udev_device_unref_ struct udev_device *dev; dev = find_device(udev, optarg, "/sys"); - if (dev == NULL) { + if (!dev) { log_error("unable to open the device '%s'", optarg); return 2; } @@ -223,12 +245,15 @@ static int adm_trigger(struct udev *udev, int argc, char *argv[]) { } break; } + case 'w': + settle = true; + break; case ARG_NAME: { _cleanup_udev_device_unref_ struct udev_device *dev; dev = find_device(udev, optarg, "/dev/"); - if (dev == NULL) { + if (!dev) { log_error("unable to open the device '%s'", optarg); return 2; } @@ -258,7 +283,7 @@ static int adm_trigger(struct udev *udev, int argc, char *argv[]) { _cleanup_udev_device_unref_ struct udev_device *dev; dev = find_device(udev, argv[optind], NULL); - if (dev == NULL) { + if (!dev) { log_error("unable to open the device '%s'", argv[optind]); return 2; } @@ -270,18 +295,83 @@ static int adm_trigger(struct udev *udev, int argc, char *argv[]) { } } + if (settle) { + fd_ep = epoll_create1(EPOLL_CLOEXEC); + if (fd_ep < 0) { + log_error_errno(errno, "error creating epoll fd: %m"); + return 1; + } + + udev_monitor = udev_monitor_new_from_netlink(udev, "udev"); + if (!udev_monitor) { + log_error("error: unable to create netlink socket"); + return 3; + } + fd_udev = udev_monitor_get_fd(udev_monitor); + + if (udev_monitor_enable_receiving(udev_monitor) < 0) { + log_error("error: unable to subscribe to udev events"); + return 4; + } + + ep_udev = (struct epoll_event) { .events = EPOLLIN, .data.fd = fd_udev }; + if (epoll_ctl(fd_ep, EPOLL_CTL_ADD, fd_udev, &ep_udev) < 0) { + log_error_errno(errno, "fail to add fd to epoll: %m"); + return 5; + } + + settle_set = set_new(&string_hash_ops); + if (!settle_set) { + log_oom(); + return 1; + } + } + switch (device_type) { case TYPE_SUBSYSTEMS: udev_enumerate_scan_subsystems(udev_enumerate); - exec_list(udev_enumerate, action); - return 0; + break; case TYPE_DEVICES: udev_enumerate_scan_devices(udev_enumerate); - exec_list(udev_enumerate, action); - return 0; + break; default: assert_not_reached("device_type"); } + r = exec_list(udev_enumerate, action, settle_set); + if (r < 0) + return 1; + + while (!set_isempty(settle_set)) { + int fdcount; + struct epoll_event ev[4]; + int i; + + fdcount = epoll_wait(fd_ep, ev, ELEMENTSOF(ev), -1); + if (fdcount < 0) { + if (errno != EINTR) + log_error_errno(errno, "error receiving uevent message: %m"); + continue; + } + + for (i = 0; i < fdcount; i++) { + if (ev[i].data.fd == fd_udev && ev[i].events & EPOLLIN) { + _cleanup_udev_device_unref_ struct udev_device *device; + const char *syspath = NULL; + + device = udev_monitor_receive_device(udev_monitor); + if (!device) + continue; + + syspath = udev_device_get_syspath(device); + if (verbose) + printf("settle %s\n", syspath); + if (!set_remove(settle_set, syspath)) + log_debug("Got epoll event on syspath %s not present in syspath set", syspath); + } + } + } + + return 0; } const struct udevadm_cmd udevadm_trigger = { diff --git a/src/udev/udevd.c b/src/udev/udevd.c index 5c757d513f..615c4ed3e2 100644 --- a/src/udev/udevd.c +++ b/src/udev/udevd.c @@ -648,7 +648,7 @@ static bool is_devpath_busy(Manager *manager, struct event *event) { /* check if queue contains events we depend on */ LIST_FOREACH(event, loop_event, manager->events) { - /* we already found a later event, earlier can not block us, no need to check again */ + /* we already found a later event, earlier cannot block us, no need to check again */ if (loop_event->seqnum < event->delaying_seqnum) continue; diff --git a/src/user-sessions/user-sessions.c b/src/user-sessions/user-sessions.c index 795766a657..8e8d43e1d4 100644 --- a/src/user-sessions/user-sessions.c +++ b/src/user-sessions/user-sessions.c @@ -23,12 +23,14 @@ #include "fileio.h" #include "fileio-label.h" +#include "fs-util.h" #include "log.h" #include "selinux-util.h" #include "string-util.h" #include "util.h" int main(int argc, char*argv[]) { + int r, k; if (argc != 2) { log_error("This program requires one argument."); @@ -44,42 +46,18 @@ int main(int argc, char*argv[]) { mac_selinux_init(); if (streq(argv[1], "start")) { - int r = 0; - - if (unlink("/run/nologin") < 0 && errno != ENOENT) - r = log_error_errno(errno, - "Failed to remove /run/nologin file: %m"); - - if (unlink("/etc/nologin") < 0 && errno != ENOENT) { - /* If the file doesn't exist and /etc simply - * was read-only (in which case unlink() - * returns EROFS even if the file doesn't - * exist), don't complain */ - - if (errno != EROFS || access("/etc/nologin", F_OK) >= 0) { - log_error_errno(errno, "Failed to remove /etc/nologin file: %m"); - return EXIT_FAILURE; - } - } - - if (r < 0) - return EXIT_FAILURE; - - } else if (streq(argv[1], "stop")) { - int r; - - r = write_string_file_atomic_label("/run/nologin", "System is going down."); - if (r < 0) { - log_error_errno(r, "Failed to create /run/nologin: %m"); - return EXIT_FAILURE; - } - - } else { - log_error("Unknown verb %s.", argv[1]); - return EXIT_FAILURE; + r = unlink_or_warn("/run/nologin"); + k = unlink_or_warn("/etc/nologin"); + if (k < 0 && r >= 0) + r = k; + + } else if (streq(argv[1], "stop")) + r = create_shutdown_run_nologin_or_warn(); + else { + log_error("Unknown verb '%s'.", argv[1]); + r = -EINVAL; } mac_selinux_finish(); - - return EXIT_SUCCESS; + return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; } diff --git a/src/vconsole/vconsole-setup.c b/src/vconsole/vconsole-setup.c index 2e0e09d843..a9cc2bf63c 100644 --- a/src/vconsole/vconsole-setup.c +++ b/src/vconsole/vconsole-setup.c @@ -248,7 +248,7 @@ static void setup_remaining_vcs(int src_fd, unsigned src_idx, bool utf8) { * requries 32 per glyph, regardless of the actual height - see the comment above #define * max_font_size 65536 in drivers/tty/vt/vt.c for more details. */ - fontbuf = malloc((cfo.width + 7) / 8 * 32 * cfo.charcount); + fontbuf = malloc_multiply((cfo.width + 7) / 8 * 32, cfo.charcount); if (!fontbuf) { log_oom(); return; diff --git a/sysctl.d/50-coredump.conf.in b/sysctl.d/50-coredump.conf.in index 5a25de4512..ccd5c2cc56 100644 --- a/sysctl.d/50-coredump.conf.in +++ b/sysctl.d/50-coredump.conf.in @@ -9,4 +9,4 @@ # and systemd-coredump(8) and core(5) for the explanation of the # setting below. -kernel.core_pattern=|@rootlibexecdir@/systemd-coredump %P %u %g %s %t %c %e +kernel.core_pattern=|@rootlibexecdir@/systemd-coredump %P %u %g %s %t %c %h %e diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in index 8e358c02d6..33e513a368 100644 --- a/sysusers.d/basic.conf.in +++ b/sysusers.d/basic.conf.in @@ -24,14 +24,14 @@ g utmp - - - # Hardware access groups g audio - - - -g cdrom - - - -g dialout - - - g disk - - - g input - - - g kvm - - - g lp - - - +g optical - - - g render - - - -g tape - - - +g storage - - - +g uucp - - - g video - - - # Default group for normal users diff --git a/test/TEST-15-DROPIN/test-dropin.sh b/test/TEST-15-DROPIN/test-dropin.sh index 9d8af99ac4..ab0a58caea 100755 --- a/test/TEST-15-DROPIN/test-dropin.sh +++ b/test/TEST-15-DROPIN/test-dropin.sh @@ -179,6 +179,16 @@ test_masked_dropins () { ln -sf ../b.service /usr/lib/systemd/system/a.service.wants/b.service check_ko a Wants b.service + # 'a' is masked but has an override config file + echo "*** test a is masked but has an override" + create_services a b + ln -sf /dev/null /etc/systemd/system/a.service + cat >/usr/lib/systemd/system/a.service.d/override.conf <<EOF +[Unit] +After=b.service +EOF + check_ok a UnitFileState masked + # 'b1' is an alias for 'b': masking 'b' dep should not influence 'b1' dep echo "*** test a wants b, b1, and one is masked" create_services a b diff --git a/test/TEST-21-SYSUSERS/inline.expected-group b/test/TEST-21-SYSUSERS/inline.expected-group new file mode 100644 index 0000000000..cc9093f807 --- /dev/null +++ b/test/TEST-21-SYSUSERS/inline.expected-group @@ -0,0 +1,2 @@ +g1:x:111: +u1:x:222: diff --git a/test/TEST-21-SYSUSERS/inline.expected-passwd b/test/TEST-21-SYSUSERS/inline.expected-passwd new file mode 100644 index 0000000000..f50f25c7d7 --- /dev/null +++ b/test/TEST-21-SYSUSERS/inline.expected-passwd @@ -0,0 +1 @@ +u1:x:222:222::/:/bin/zsh diff --git a/test/TEST-21-SYSUSERS/test-1.input b/test/TEST-21-SYSUSERS/test-1.input index bffc2cd7ea..297bbe3503 100644 --- a/test/TEST-21-SYSUSERS/test-1.input +++ b/test/TEST-21-SYSUSERS/test-1.input @@ -1,3 +1,5 @@ +# Trivial smoke test that covers the most basic functionality +# #Type Name ID GECOS HOMEDIR u u1 222 - - g g1 111 - - diff --git a/test/TEST-21-SYSUSERS/test-10.expected-group b/test/TEST-21-SYSUSERS/test-10.expected-group new file mode 100644 index 0000000000..1c92158720 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-10.expected-group @@ -0,0 +1,2 @@ +u1:x:300:u2 +u2:x:SYSTEM_UID_MAX: diff --git a/test/TEST-21-SYSUSERS/test-10.expected-passwd b/test/TEST-21-SYSUSERS/test-10.expected-passwd new file mode 100644 index 0000000000..222334bf70 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-10.expected-passwd @@ -0,0 +1,2 @@ +u1:x:300:300::/:/sbin/nologin +u2:x:SYSTEM_UID_MAX:SYSTEM_UID_MAX::/:/sbin/nologin diff --git a/test/TEST-21-SYSUSERS/test-10.input b/test/TEST-21-SYSUSERS/test-10.input new file mode 100644 index 0000000000..8e18a00a63 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-10.input @@ -0,0 +1,5 @@ +# check that 'm' lines do not conflicts 'u' line +# +#Type Name ID GECOS HOMEDIR +u u1 300 - - +m u2 u1 diff --git a/test/TEST-21-SYSUSERS/test-2.expected-group b/test/TEST-21-SYSUSERS/test-2.expected-group index f98e85fcf4..8fcc03f4e9 100644 --- a/test/TEST-21-SYSUSERS/test-2.expected-group +++ b/test/TEST-21-SYSUSERS/test-2.expected-group @@ -1 +1,4 @@ -u1:x:999: +u1:x:SYSTEM_UID_MAX: +u2:x:777: +u3:x:778: +u4:x:779: diff --git a/test/TEST-21-SYSUSERS/test-2.expected-passwd b/test/TEST-21-SYSUSERS/test-2.expected-passwd index d907e483f7..9eeee5d387 100644 --- a/test/TEST-21-SYSUSERS/test-2.expected-passwd +++ b/test/TEST-21-SYSUSERS/test-2.expected-passwd @@ -1 +1,4 @@ -u1:x:999:999:some gecos:/random/dir:/sbin/nologin +u1:x:SYSTEM_UID_MAX:SYSTEM_UID_MAX:some gecos:/random/dir:/sbin/nologin +u2:x:777:777:some gecos:/random/dir:/bin/zsh +u3:x:778:778::/random/dir2:/bin/bash +u4:x:779:779::/:/bin/csh diff --git a/test/TEST-21-SYSUSERS/test-2.input b/test/TEST-21-SYSUSERS/test-2.input index d8f31347a1..cedea9e401 100644 --- a/test/TEST-21-SYSUSERS/test-2.input +++ b/test/TEST-21-SYSUSERS/test-2.input @@ -1,2 +1,8 @@ -#Type Name ID GECOS HOMEDIR -u u1 - "some gecos" /random/dir +# Test generation of ID dynamically based on SYSTEM_UID_MAX and +# replacement of all fields up to the login shell. +# +#Type Name ID GECOS homedir shell +u u1 - "some gecos" /random/dir - +u u2 777 "some gecos" /random/dir /bin/zsh +u u3 778 - /random/dir2 /bin/bash +u u4 779 - - /bin/csh diff --git a/test/TEST-21-SYSUSERS/test-3.input b/test/TEST-21-SYSUSERS/test-3.input index b4f86a69f1..3257082cee 100644 --- a/test/TEST-21-SYSUSERS/test-3.input +++ b/test/TEST-21-SYSUSERS/test-3.input @@ -1,3 +1,6 @@ +# Ensure that the semantic for the uid:gid syntax is correct +# +#Type Name ID GECOS HOMEDIR g hoge 300 - - u foo 301 - - diff --git a/test/TEST-21-SYSUSERS/test-4.input b/test/TEST-21-SYSUSERS/test-4.input index 620423eab4..557f61c42b 100644 --- a/test/TEST-21-SYSUSERS/test-4.input +++ b/test/TEST-21-SYSUSERS/test-4.input @@ -1,3 +1,6 @@ +# Ensure that already created groups are used when using the uid:gid syntax +# +#Type Name ID GECOS HOMEDIR g xxx 310 u yyy 311:310 u xxx 312:310 diff --git a/test/TEST-21-SYSUSERS/test-5.expected-group b/test/TEST-21-SYSUSERS/test-5.expected-group new file mode 100644 index 0000000000..e9ef0a7999 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-5.expected-group @@ -0,0 +1,39 @@ +adm:x:4: +tty:x:5: +disk:x:6: +man:x:12: +kmem:x:15: +dialout:x:20: +fax:x:21: +voice:x:22: +cdrom:x:24: +floppy:x:25: +tape:x:26: +sudo:x:27: +audio:x:29: +dip:x:30: +operator:x:37: +src:x:40: +shadow:x:42: +utmp:x:43: +video:x:44: +sasl:x:45: +plugdev:x:46: +staff:x:50: +games:x:60: +users:x:100: +nogroup:x:65534: +root:x:0: +daemon:x:1: +bin:x:2: +sys:x:3: +lp:x:7: +mail:x:8: +news:x:9: +uucp:x:10: +proxy:x:13: +www-data:x:33: +backup:x:34: +list:x:38: +irc:x:39: +gnats:x:41: diff --git a/test/TEST-21-SYSUSERS/test-5.expected-passwd b/test/TEST-21-SYSUSERS/test-5.expected-passwd new file mode 100644 index 0000000000..116b126129 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-5.expected-passwd @@ -0,0 +1,18 @@ +root:x:0:0::/root:/bin/sh +daemon:x:1:1::/usr/sbin:/sbin/nologin +bin:x:2:2::/bin:/sbin/nologin +sys:x:3:3::/dev:/sbin/nologin +sync:x:4:65534::/bin:/sbin/nologin +games:x:5:60::/usr/games:/sbin/nologin +man:x:6:12::/var/cache/man:/sbin/nologin +lp:x:7:7::/var/spool/lpd:/sbin/nologin +mail:x:8:8::/var/mail:/sbin/nologin +news:x:9:9::/var/spool/news:/sbin/nologin +uucp:x:10:10::/var/spool/uucp:/sbin/nologin +proxy:x:13:13::/bin:/sbin/nologin +www-data:x:33:33::/var/www:/sbin/nologin +backup:x:34:34::/var/backups:/sbin/nologin +list:x:38:38::/var/list:/sbin/nologin +irc:x:39:39::/var/run/ircd:/sbin/nologin +gnats:x:41:41::/var/lib/gnats:/sbin/nologin +nobody:x:65534:65534::/nonexistent:/sbin/nologin diff --git a/test/TEST-21-SYSUSERS/test-5.input b/test/TEST-21-SYSUSERS/test-5.input new file mode 100644 index 0000000000..57519d7c9d --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-5.input @@ -0,0 +1,47 @@ +# Reproduce the base-passwd master.{passwd,group} from Debian +# +#Type Name ID GECOS Home directory +g adm 4 - +g tty 5 - +g disk 6 - +g man 12 - +g kmem 15 - +g dialout 20 - +g fax 21 - +g voice 22 - +g cdrom 24 - +g floppy 25 - +g tape 26 - +g sudo 27 - +g audio 29 - +g dip 30 - +g operator 37 - +g src 40 - +g shadow 42 - +g utmp 43 - +g video 44 - +g sasl 45 - +g plugdev 46 - +g staff 50 - +g games 60 - +g users 100 - +g nogroup 65534 - + +u root 0 - /root +u daemon 1 - /usr/sbin +u bin 2 - /bin +u sys 3 - /dev +u sync 4:65534 - /bin +u games 5:60 - /usr/games +u man 6:12 - /var/cache/man +u lp 7 - /var/spool/lpd +u mail 8 - /var/mail +u news 9 - /var/spool/news +u uucp 10 - /var/spool/uucp +u proxy 13 - /bin +u www-data 33 - /var/www +u backup 34 - /var/backups +u list 38 - /var/list +u irc 39 - /var/run/ircd +u gnats 41 - /var/lib/gnats +u nobody 65534:65534 - /nonexistent diff --git a/test/TEST-21-SYSUSERS/test-6.expected-group b/test/TEST-21-SYSUSERS/test-6.expected-group new file mode 100644 index 0000000000..499c9008ce --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-6.expected-group @@ -0,0 +1,2 @@ +g1:x:111: +u1:x:SYSTEM_UID_MAX: diff --git a/test/TEST-21-SYSUSERS/test-6.expected-passwd b/test/TEST-21-SYSUSERS/test-6.expected-passwd new file mode 100644 index 0000000000..5af9d1142d --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-6.expected-passwd @@ -0,0 +1 @@ +u1:x:SYSTEM_UID_MAX:SYSTEM_UID_MAX::/:/sbin/nologin diff --git a/test/TEST-21-SYSUSERS/test-6.input b/test/TEST-21-SYSUSERS/test-6.input new file mode 100644 index 0000000000..764f57e825 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-6.input @@ -0,0 +1,7 @@ +# Ensure that existing IDs are not reused by default. I.e. the existing +# ID 111 from g1 will cause u1 to get a new and different ID (999 on most +# systems). +# +#Type Name ID GECOS HOMEDIR +g g1 111 - - +u u1 111 - - diff --git a/test/TEST-21-SYSUSERS/test-7.expected-group b/test/TEST-21-SYSUSERS/test-7.expected-group new file mode 100644 index 0000000000..ae9539c9a1 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-7.expected-group @@ -0,0 +1,16 @@ +sys:x:3: +mem:x:8: +ftp:x:11: +mail:x:12: +log:x:19: +smmsp:x:25: +proc:x:26: +games:x:50: +lock:x:54: +network:x:90: +floppy:x:94: +scanner:x:96: +power:x:98: +bin:x:1: +daemon:x:2: +http:x:33: diff --git a/test/TEST-21-SYSUSERS/test-7.expected-passwd b/test/TEST-21-SYSUSERS/test-7.expected-passwd new file mode 100644 index 0000000000..79668c0654 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-7.expected-passwd @@ -0,0 +1,5 @@ +bin:x:1:1::/:/sbin/nologin +daemon:x:2:2::/:/sbin/nologin +mail:x:8:12::/var/spool/mail:/sbin/nologin +ftp:x:14:11::/srv/ftp:/sbin/nologin +http:x:33:33::/srv/http:/sbin/nologin diff --git a/test/TEST-21-SYSUSERS/test-7.input b/test/TEST-21-SYSUSERS/test-7.input new file mode 100644 index 0000000000..4e10b74227 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-7.input @@ -0,0 +1,26 @@ +# Issue #8315 +# +#Type Name ID GECOS HOMEDIR + +# default arch groups +# groups first, because we have user/group id mismatch on ftp and mail +g sys 3 - - +g mem 8 - - +g ftp 11 - - +g mail 12 - - +g log 19 - - +g smmsp 25 - - +g proc 26 - - +g games 50 - - +g lock 54 - - +g network 90 - - +g floppy 94 - - +g scanner 96 - - +g power 98 - - + +# default arch users +u bin 1 - - +u daemon 2 - - +u mail 8 - /var/spool/mail +u ftp 14 - /srv/ftp +u http 33 - /srv/http diff --git a/test/TEST-21-SYSUSERS/test-8.expected-group b/test/TEST-21-SYSUSERS/test-8.expected-group new file mode 100644 index 0000000000..f09b2b6426 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-8.expected-group @@ -0,0 +1 @@ +groupname:x:300: diff --git a/test/TEST-21-SYSUSERS/test-8.expected-passwd b/test/TEST-21-SYSUSERS/test-8.expected-passwd new file mode 100644 index 0000000000..727b8197ef --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-8.expected-passwd @@ -0,0 +1 @@ +username:x:SYSTEM_UID_MAX:300::/:/sbin/nologin diff --git a/test/TEST-21-SYSUSERS/test-8.input b/test/TEST-21-SYSUSERS/test-8.input new file mode 100644 index 0000000000..b76dd3e20c --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-8.input @@ -0,0 +1,2 @@ +g groupname 300 +u username -:300 diff --git a/test/TEST-21-SYSUSERS/test-9.expected-group b/test/TEST-21-SYSUSERS/test-9.expected-group new file mode 100644 index 0000000000..33335d4eaa --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-9.expected-group @@ -0,0 +1 @@ +user1:x:300: diff --git a/test/TEST-21-SYSUSERS/test-9.expected-passwd b/test/TEST-21-SYSUSERS/test-9.expected-passwd new file mode 100644 index 0000000000..a23260f56e --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-9.expected-passwd @@ -0,0 +1,2 @@ +user1:x:300:300::/:/sbin/nologin +user2:x:SYSTEM_UID_MAX:300::/:/sbin/nologin diff --git a/test/TEST-21-SYSUSERS/test-9.input b/test/TEST-21-SYSUSERS/test-9.input new file mode 100644 index 0000000000..4d536472c2 --- /dev/null +++ b/test/TEST-21-SYSUSERS/test-9.input @@ -0,0 +1,2 @@ +u user1 300 +u user2 -:300 diff --git a/test/TEST-21-SYSUSERS/test.sh b/test/TEST-21-SYSUSERS/test.sh index 14f2b4ae07..bebbab9d23 100755 --- a/test/TEST-21-SYSUSERS/test.sh +++ b/test/TEST-21-SYSUSERS/test.sh @@ -7,34 +7,98 @@ TEST_DESCRIPTION="Sysuser-related tests" . $TEST_BASE_DIR/test-functions test_setup() { - mkdir -p $TESTDIR/etc $TESTDIR/usr/lib/sysusers.d $TESTDIR/tmp + mkdir -p $TESTDIR/etc/sysusers.d $TESTDIR/usr/lib/sysusers.d $TESTDIR/tmp +} + +preprocess() { + in="$1" + + # see meson.build how to extract this. gcc -E was used before to + # get this value from config.h, however the autopkgtest fails with + # it + SYSTEM_UID_MAX=$(awk 'BEGIN { uid=999 } /^\s*SYS_UID_MAX\s+/ { uid=$2 } END { print uid }' /etc/login.defs) + sed "s/SYSTEM_UID_MAX/${SYSTEM_UID_MAX}/g" "$in" +} + +compare() { + if ! diff -u $TESTDIR/etc/passwd <(preprocess ${1%.*}.expected-passwd); then + echo "**** Unexpected output for $f" + exit 1 + fi + + if ! diff -u $TESTDIR/etc/group <(preprocess ${1%.*}.expected-group); then + echo "**** Unexpected output for $f $2" + exit 1 + fi } test_run() { # ensure our build of systemd-sysusers is run PATH=${BUILD_DIR}:$PATH + rm -f $TESTDIR/etc/sysusers.d/* $TESTDIR/usr/lib/sysusers.d/* + # happy tests for f in test-*.input; do echo "*** Running $f" - rm -f $TESTDIR/etc/* + rm -f $TESTDIR/etc/*{passwd,group,shadow} cp $f $TESTDIR/usr/lib/sysusers.d/test.conf systemd-sysusers --root=$TESTDIR - if ! diff -u $TESTDIR/etc/passwd ${f%.*}.expected-passwd; then - echo "**** Unexpected output for $f" - exit 1 - fi - if ! diff -u $TESTDIR/etc/group ${f%.*}.expected-group; then - echo "**** Unexpected output for $f" - exit 1 - fi + compare $f "" + done + + for f in test-*.input; do + echo "*** Running $f on stdin" + rm -f $TESTDIR/etc/*{passwd,group,shadow} + touch $TESTDIR/etc/sysusers.d/test.conf + cat $f | systemd-sysusers --root=$TESTDIR - + + compare $f "on stdin" + done + + for f in test-*.input; do + echo "*** Running $f on stdin with --replace" + rm -f $TESTDIR/etc/*{passwd,group,shadow} + touch $TESTDIR/etc/sysusers.d/test.conf + # this overrides test.conf which is masked on disk + cat $f | systemd-sysusers --root=$TESTDIR --replace=/etc/sysusers.d/test.conf - + # this should be ignored + cat test-1.input | systemd-sysusers --root=$TESTDIR --replace=/usr/lib/sysusers.d/test.conf - + + compare $f "on stdin with --replace" done + # test --inline + echo "*** Testing --inline" + rm -f $TESTDIR/etc/*{passwd,group,shadow} + # copy a random file to make sure it is ignored + cp $f $TESTDIR/etc/sysusers.d/confuse.conf + systemd-sysusers --root=$TESTDIR --inline \ + "u u1 222 - - /bin/zsh" \ + "g g1 111" + + compare inline "(--inline)" + + # test --replace + echo "*** Testing --inline with --replace" + rm -f $TESTDIR/etc/*{passwd,group,shadow} + # copy a random file to make sure it is ignored + cp $f $TESTDIR/etc/sysusers.d/confuse.conf + systemd-sysusers --root=$TESTDIR \ + --inline \ + --replace=/etc/sysusers.d/confuse.conf \ + "u u1 222 - - /bin/zsh" \ + "g g1 111" + + compare inline "(--inline --replace=…)" + + rm -f $TESTDIR/etc/sysusers.d/* $TESTDIR/usr/lib/sysusers.d/* + # tests for error conditions for f in unhappy-*.input; do echo "*** Running test $f" - rm -f $TESTDIR/etc/* + rm -f $TESTDIR/etc/*{passwd,group,shadow} cp $f $TESTDIR/usr/lib/sysusers.d/test.conf systemd-sysusers --root=$TESTDIR 2> /dev/null journalctl -t systemd-sysusers -o cat | tail -n1 > $TESTDIR/tmp/err diff --git a/test/TEST-21-SYSUSERS/unhappy-1.input b/test/TEST-21-SYSUSERS/unhappy-1.input index 77390371de..b8ed85525b 100644 --- a/test/TEST-21-SYSUSERS/unhappy-1.input +++ b/test/TEST-21-SYSUSERS/unhappy-1.input @@ -1 +1,4 @@ -u u1 9999999999 - -
\ No newline at end of file +# Ensure invalid uids are detected +# +#Type Name ID GECOS HOMEDIR +u u1 9999999999 - - diff --git a/test/TEST-21-SYSUSERS/unhappy-2.input b/test/TEST-21-SYSUSERS/unhappy-2.input index 521c741cb5..5be0e6d187 100644 --- a/test/TEST-21-SYSUSERS/unhappy-2.input +++ b/test/TEST-21-SYSUSERS/unhappy-2.input @@ -1,2 +1,4 @@ -# it is not allowed to create groups implicitely in the uid:gid syntax -u u1 100:100 -
\ No newline at end of file +# Ensure it is not allowed to create groups implicitely in the uid:gid syntax +# +#Type Name ID GECOS HOMEDIR +u u1 100:100 - diff --git a/test/TEST-22-TMPFILES/Makefile b/test/TEST-22-TMPFILES/Makefile new file mode 100644 index 0000000000..34d7cc6cdf --- /dev/null +++ b/test/TEST-22-TMPFILES/Makefile @@ -0,0 +1,4 @@ +BUILD_DIR=$(shell ../../tools/find-build-dir.sh) + +all setup clean run: + @basedir=../.. TEST_BASE_DIR=../ BUILD_DIR=$(BUILD_DIR) ./test.sh --$@ diff --git a/test/TEST-22-TMPFILES/run-tmpfiles-tests.sh b/test/TEST-22-TMPFILES/run-tmpfiles-tests.sh new file mode 100755 index 0000000000..3ad652f4ed --- /dev/null +++ b/test/TEST-22-TMPFILES/run-tmpfiles-tests.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +set -x +set -e + +>/failed + +for t in test-*.sh; do + echo "Running $t"; ./$t +done + +touch /testok +rm /failed diff --git a/test/TEST-22-TMPFILES/test-01.sh b/test/TEST-22-TMPFILES/test-01.sh new file mode 100755 index 0000000000..d233e37fb2 --- /dev/null +++ b/test/TEST-22-TMPFILES/test-01.sh @@ -0,0 +1,13 @@ +#! /bin/bash +# +# With "e" don't attempt to set permissions when file doesn't exist, see +# https://github.com/systemd/systemd/pull/6682. +# + +set -e + +rm -fr /tmp/test + +echo "e /tmp/test - root root 1d" | systemd-tmpfiles --create - + +! test -e /tmp/test diff --git a/test/TEST-22-TMPFILES/test.sh b/test/TEST-22-TMPFILES/test.sh new file mode 100755 index 0000000000..ca78933380 --- /dev/null +++ b/test/TEST-22-TMPFILES/test.sh @@ -0,0 +1,38 @@ +#!/bin/bash +# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- +# ex: ts=8 sw=4 sts=4 et filetype=sh +set -e +TEST_DESCRIPTION="Tmpfiles related tests" +TEST_NO_QEMU=1 + +. $TEST_BASE_DIR/test-functions + +test_setup() { + # create the basic filesystem layout + setup_basic_environment >/dev/null + inst_binary mv + inst_binary stat + inst_binary seq + inst_binary xargs + + # mask some services that we do not want to run in these tests + ln -fs /dev/null $initdir/etc/systemd/system/systemd-hwdb-update.service + ln -fs /dev/null $initdir/etc/systemd/system/systemd-journal-catalog-update.service + ln -fs /dev/null $initdir/etc/systemd/system/systemd-networkd.service + ln -fs /dev/null $initdir/etc/systemd/system/systemd-networkd.socket + ln -fs /dev/null $initdir/etc/systemd/system/systemd-resolved.service + ln -fs /dev/null $initdir/etc/systemd/system/systemd-machined.service + + # setup the testsuite service + cp testsuite.service $initdir/etc/systemd/system/ + setup_testsuite + + mkdir -p $initdir/testsuite + cp run-tmpfiles-tests.sh $initdir/testsuite/ + cp test-*.sh $initdir/testsuite/ + + # create dedicated rootfs for nspawn (located in $TESTDIR/nspawn-root) + setup_nspawn_root +} + +do_test "$@" diff --git a/test/TEST-22-TMPFILES/testsuite.service b/test/TEST-22-TMPFILES/testsuite.service new file mode 100644 index 0000000000..3a44b41989 --- /dev/null +++ b/test/TEST-22-TMPFILES/testsuite.service @@ -0,0 +1,8 @@ +[Unit] +Description=Testsuite service +After=multi-user.target + +[Service] +WorkingDirectory=/testsuite +ExecStart=/testsuite/run-tmpfiles-tests.sh +Type=oneshot diff --git a/test/meson.build b/test/meson.build index 4667628b24..f86cf388e0 100644 --- a/test/meson.build +++ b/test/meson.build @@ -45,11 +45,13 @@ test_data_files = ''' sockets.target son.service sysinit.target + test-execute/exec-ambientcapabilities-merge-nfsnobody.service + test-execute/exec-ambientcapabilities-merge-nobody.service + test-execute/exec-ambientcapabilities-merge.service + test-execute/exec-ambientcapabilities-nfsnobody.service + test-execute/exec-ambientcapabilities-nobody.service + test-execute/exec-ambientcapabilities.service test-execute/exec-bindpaths.service - test-execute/exec-capabilityambientset-merge-nfsnobody.service - test-execute/exec-capabilityambientset-merge.service - test-execute/exec-capabilityambientset-nfsnobody.service - test-execute/exec-capabilityambientset.service test-execute/exec-capabilityboundingset-invert.service test-execute/exec-capabilityboundingset-merge.service test-execute/exec-capabilityboundingset-reset.service @@ -68,6 +70,7 @@ test_data_files = ''' test-execute/exec-environment.service test-execute/exec-environmentfile.service test-execute/exec-group-nfsnobody.service + test-execute/exec-group-nobody.service test-execute/exec-group-nogroup.service test-execute/exec-group.service test-execute/exec-ignoresigpipe-no.service @@ -113,6 +116,8 @@ test_data_files = ''' test-execute/exec-restrictnamespaces-yes.service test-execute/exec-runtimedirectory-mode.service test-execute/exec-runtimedirectory-owner-nfsnobody.service + test-execute/exec-runtimedirectory-owner-nobody.service + test-execute/exec-runtimedirectory-owner-nogroup.service test-execute/exec-runtimedirectory-owner.service test-execute/exec-runtimedirectory.service test-execute/exec-specifier-interpolation.service @@ -133,13 +138,19 @@ test_data_files = ''' test-execute/exec-systemcallfilter-not-failing.service test-execute/exec-systemcallfilter-not-failing2.service test-execute/exec-systemcallfilter-system-user-nfsnobody.service + test-execute/exec-systemcallfilter-system-user-nobody.service test-execute/exec-systemcallfilter-system-user.service test-execute/exec-systemcallfilter-with-errno-name.service test-execute/exec-systemcallfilter-with-errno-number.service + test-execute/exec-temporaryfilesystem-options.service + test-execute/exec-temporaryfilesystem-ro.service + test-execute/exec-temporaryfilesystem-rw.service + test-execute/exec-temporaryfilesystem-usr.service test-execute/exec-umask-0177.service test-execute/exec-umask-default.service test-execute/exec-unsetenvironment.service test-execute/exec-user-nfsnobody.service + test-execute/exec-user-nobody.service test-execute/exec-user.service test-execute/exec-workingdirectory.service test-path/basic.target diff --git a/test/networkd-test.py b/test/networkd-test.py index 860c9f1898..3f917f0d9c 100755 --- a/test/networkd-test.py +++ b/test/networkd-test.py @@ -33,13 +33,13 @@ import errno import os +import shutil +import socket +import subprocess import sys +import tempfile import time import unittest -import tempfile -import subprocess -import shutil -import socket HAVE_DNSMASQ = shutil.which('dnsmasq') is not None @@ -93,8 +93,8 @@ class NetworkdTestingUtilities: def write_network_dropin(self, unit_name, dropin_name, contents): """Write a network unit drop-in, and queue it to be removed.""" - dropin_dir = os.path.join(NETWORK_UNITDIR, "%s.d" % unit_name) - dropin_path = os.path.join(dropin_dir, "%s.conf" % dropin_name) + dropin_dir = os.path.join(NETWORK_UNITDIR, "{}.d".format(unit_name)) + dropin_path = os.path.join(dropin_dir, "{}.conf".format(dropin_name)) os.makedirs(dropin_dir, exist_ok=True) self.addCleanup(os.rmdir, dropin_dir) @@ -130,7 +130,7 @@ class NetworkdTestingUtilities: # Wait for the requested interfaces, but don't fail for them. subprocess.call([NETWORKD_WAIT_ONLINE, '--timeout=5'] + - ['--interface=%s' % iface for iface in kwargs]) + ['--interface={}'.format(iface) for iface in kwargs]) # Validate each link state found in the networkctl output. out = subprocess.check_output(['networkctl', '--no-legend']).rstrip() @@ -142,13 +142,12 @@ class NetworkdTestingUtilities: actual = fields[-1] if (actual != expected and not (expected == 'managed' and actual != 'unmanaged')): - self.fail("Link %s expects state %s, found %s" % - (iface, expected, actual)) + self.fail("Link {} expects state {}, found {}".format(iface, expected, actual)) interfaces.remove(iface) # Ensure that all requested interfaces have been covered. if interfaces: - self.fail("Missing links in status output: %s" % interfaces) + self.fail("Missing links in status output: {}".format(interfaces)) class BridgeTest(NetworkdTestingUtilities, unittest.TestCase): @@ -257,7 +256,7 @@ class ClientTestBase(NetworkdTestingUtilities): def show_journal(self, unit): '''Show journal of given unit since start of the test''' - print('---- %s ----' % unit) + print('---- {} ----'.format(unit)) subprocess.check_output(['journalctl', '--sync']) sys.stdout.flush() subprocess.call(['journalctl', '-b', '--no-pager', '--quiet', @@ -287,10 +286,10 @@ class ClientTestBase(NetworkdTestingUtilities): raise self.write_network(self.config, '''\ [Match] -Name=%s +Name={} [Network] -DHCP=%s -%s''' % (self.iface, dhcp_mode, extra_opts)) +DHCP={} +{}'''.format(self.iface, dhcp_mode, extra_opts)) if coldplug: # create interface first, then start networkd @@ -335,8 +334,8 @@ DHCP=%s # check networkctl state out = subprocess.check_output(['networkctl']) - self.assertRegex(out, (r'%s\s+ether\s+[a-z-]+\s+unmanaged' % self.if_router).encode()) - self.assertRegex(out, (r'%s\s+ether\s+routable\s+configured' % self.iface).encode()) + self.assertRegex(out, (r'{}\s+ether\s+[a-z-]+\s+unmanaged'.format(self.if_router)).encode()) + self.assertRegex(out, (r'{}\s+ether\s+routable\s+configured'.format(self.iface)).encode()) out = subprocess.check_output(['networkctl', 'status', self.iface]) self.assertRegex(out, br'Type:\s+ether') @@ -352,11 +351,11 @@ DHCP=%s except (AssertionError, subprocess.CalledProcessError): # show networkd status, journal, and DHCP server log on failure with open(os.path.join(NETWORK_UNITDIR, self.config)) as f: - print('\n---- %s ----\n%s' % (self.config, f.read())) + print('\n---- {} ----\n{}'.format(self.config, f.read())) print('---- interface status ----') sys.stdout.flush() subprocess.call(['ip', 'a', 'show', 'dev', self.iface]) - print('---- networkctl status %s ----' % self.iface) + print('---- networkctl status {} ----'.format(self.iface)) sys.stdout.flush() subprocess.call(['networkctl', 'status', self.iface]) self.show_journal('systemd-networkd.service') @@ -513,7 +512,7 @@ class DnsmasqClientTest(ClientTestBase, unittest.TestCase): '''Print DHCP server log for debugging failures''' with open(self.dnsmasq_log) as f: - sys.stdout.write('\n\n---- dnsmasq log ----\n%s\n------\n\n' % f.read()) + sys.stdout.write('\n\n---- dnsmasq log ----\n{}\n------\n\n'.format(f.read())) def test_resolved_domain_restricted_dns(self): '''resolved: domain-restricted DNS servers''' @@ -523,10 +522,10 @@ class DnsmasqClientTest(ClientTestBase, unittest.TestCase): self.create_iface(dnsmasq_opts=['--address=/#/192.168.42.1']) self.write_network('general.network', '''\ [Match] -Name=%s +Name={} [Network] DHCP=ipv4 -IPv6AcceptRA=False''' % self.iface) +IPv6AcceptRA=False'''.format(self.iface)) # create second device/dnsmasq for a .company/.lab VPN interface # static IPs for simplicity @@ -653,7 +652,7 @@ Domains= ~company ~lab''') self.addCleanup(subprocess.call, ['umount', '/etc/hostname']) subprocess.check_call(['systemctl', 'stop', 'systemd-hostnamed.service']) - self.create_iface(dnsmasq_opts=['--dhcp-host=%s,192.168.5.210,testgreen' % self.iface_mac]) + self.create_iface(dnsmasq_opts=['--dhcp-host={},192.168.5.210,testgreen'.format(self.iface_mac)]) self.do_test(coldplug=None, extra_opts='IPv6AcceptRA=False', dhcp_mode='ipv4') try: @@ -670,7 +669,7 @@ Domains= ~company ~lab''') sys.stdout.write('[retry %i] ' % retry) sys.stdout.flush() else: - self.fail('Transient hostname not found in hostnamectl:\n%s' % out.decode()) + self.fail('Transient hostname not found in hostnamectl:\n{}'.format(out.decode())) # and also applied to the system self.assertEqual(socket.gethostname(), 'testgreen') except AssertionError: @@ -688,7 +687,7 @@ Domains= ~company ~lab''') self.writeConfig('/etc/hostname', orig_hostname) subprocess.check_call(['systemctl', 'stop', 'systemd-hostnamed.service']) - self.create_iface(dnsmasq_opts=['--dhcp-host=%s,192.168.5.210,testgreen' % self.iface_mac]) + self.create_iface(dnsmasq_opts=['--dhcp-host={},192.168.5.210,testgreen'.format(self.iface_mac)]) self.do_test(coldplug=None, extra_opts='IPv6AcceptRA=False', dhcp_mode='ipv4') try: @@ -942,9 +941,9 @@ class MatchClientTest(unittest.TestCase, NetworkdTestingUtilities): ['addr', mac], ['addr', mac]) self.write_network('no-veth.network', """\ [Match] -MACAddress=%s +MACAddress={} Name=!nonexistent *peer* -[Network]""" % mac) +[Network]""".format(mac)) subprocess.check_call(['systemctl', 'start', 'systemd-networkd']) self.assert_link_states(test_veth='managed', test_peer='unmanaged') diff --git a/test/rule-syntax-check.py b/test/rule-syntax-check.py index e053b027ca..a245432b62 100755 --- a/test/rule-syntax-check.py +++ b/test/rule-syntax-check.py @@ -28,10 +28,15 @@ rules_files = sys.argv[1:] if not rules_files: sys.exit('Specify files to test as arguments') -no_args_tests = re.compile(r'(ACTION|DEVPATH|KERNELS?|NAME|SYMLINK|SUBSYSTEMS?|DRIVERS?|TAG|RESULT|TEST)\s*(?:=|!)=\s*"([^"]*)"$') -args_tests = re.compile(r'(ATTRS?|ENV|TEST){([a-zA-Z0-9/_.*%-]+)}\s*(?:=|!)=\s*"([^"]*)"$') -no_args_assign = re.compile(r'(NAME|SYMLINK|OWNER|GROUP|MODE|TAG|PROGRAM|RUN|LABEL|GOTO|OPTIONS|IMPORT)\s*(?:\+=|:=|=)\s*"([^"]*)"$') -args_assign = re.compile(r'(ATTR|ENV|IMPORT|RUN){([a-zA-Z0-9/_.*%-]+)}\s*(=|\+=)\s*"([^"]*)"$') +quoted_string_re = r'"(?:[^\\"]|\\.)*"' +no_args_tests = re.compile(r'(ACTION|DEVPATH|KERNELS?|NAME|SYMLINK|SUBSYSTEMS?|DRIVERS?|TAG|PROGRAM|RESULT|TEST)\s*(?:=|!)=\s*' + quoted_string_re + '$') +args_tests = re.compile(r'(ATTRS?|ENV|TEST){([a-zA-Z0-9/_.*%-]+)}\s*(?:=|!)=\s*' + quoted_string_re + '$') +no_args_assign = re.compile(r'(NAME|SYMLINK|OWNER|GROUP|MODE|TAG|RUN|LABEL|GOTO|OPTIONS|IMPORT)\s*(?:\+=|:=|=)\s*' + quoted_string_re + '$') +args_assign = re.compile(r'(ATTR|ENV|IMPORT|RUN){([a-zA-Z0-9/_.*%-]+)}\s*(=|\+=)\s*' + quoted_string_re + '$') +# Find comma-separated groups, but allow commas that are inside quoted strings. +# Using quoted_string_re + '?' so that strings missing the last double quote +# will still match for this part that splits on commas. +comma_separated_group_re = re.compile(r'(?:[^,"]|' + quoted_string_re + '?)+') result = 0 buffer = '' @@ -54,8 +59,10 @@ for path in rules_files: if not line or line.startswith('#'): continue - for clause in line.split(','): - clause = clause.strip() + # Separator ',' is normally optional but we make it mandatory here as + # it generally improves the readability of the rules. + for clause_match in comma_separated_group_re.finditer(line): + clause = clause_match.group().strip() if not (no_args_tests.match(clause) or args_tests.match(clause) or no_args_assign.match(clause) or args_assign.match(clause)): diff --git a/test/sysv-generator-test.py b/test/sysv-generator-test.py index 0b4710aeab..463ee3c555 100755 --- a/test/sysv-generator-test.py +++ b/test/sysv-generator-test.py @@ -19,15 +19,16 @@ # You should have received a copy of the GNU Lesser General Public License # along with systemd; If not, see <http://www.gnu.org/licenses/>. -import unittest -import sys +import collections import os +import shutil import subprocess +import sys import tempfile -import shutil -from glob import glob -import collections +import unittest + from configparser import RawConfigParser +from glob import glob sysv_generator = './systemd-sysv-generator' @@ -112,22 +113,20 @@ class SysvGeneratorTest(unittest.TestCase): keys.setdefault('Required-Stop', keys['Required-Start']) keys.setdefault('Default-Start', '2 3 4 5') keys.setdefault('Default-Stop', '0 1 6') - keys.setdefault('Short-Description', 'test %s service' % - name_without_sh) - keys.setdefault('Description', 'long description for test %s service' % - name_without_sh) + keys.setdefault('Short-Description', 'test {} service'.format(name_without_sh)) + keys.setdefault('Description', 'long description for test {} service'.format(name_without_sh)) script = os.path.join(self.init_d_dir, fname) with open(script, 'w') as f: f.write('#!/bin/init-d-interpreter\n### BEGIN INIT INFO\n') for k, v in keys.items(): if v is not None: - f.write('#%20s %s\n' % (k + ':', v)) + f.write('#{:>20} {}\n'.format(k + ':', v)) f.write('### END INIT INFO\ncode --goes here\n') os.chmod(script, 0o755) if enable: def make_link(prefix, runlevel): - d = os.path.join(self.rcnd_dir, 'rc%s.d' % runlevel) + d = os.path.join(self.rcnd_dir, 'rc{}.d'.format(runlevel)) if not os.path.isdir(d): os.mkdir(d) os.symlink('../init.d/' + fname, os.path.join(d, prefix + fname)) @@ -146,7 +145,7 @@ class SysvGeneratorTest(unittest.TestCase): # should be enabled for target in all_targets: - link = os.path.join(self.out_dir, '%s.target.wants' % target, unit) + link = os.path.join(self.out_dir, '{}.target.wants'.format(target), unit) if target in targets: unit_file = os.readlink(link) # os.path.exists() will fail on a dangling symlink @@ -154,7 +153,7 @@ class SysvGeneratorTest(unittest.TestCase): self.assertEqual(os.path.basename(unit_file), unit) else: self.assertFalse(os.path.exists(link), - '%s unexpectedly exists' % link) + '{} unexpectedly exists'.format(link)) # # test cases @@ -188,9 +187,9 @@ class SysvGeneratorTest(unittest.TestCase): self.assertEqual(s.get('Service', 'Type'), 'forking') init_script = os.path.join(self.init_d_dir, 'foo') self.assertEqual(s.get('Service', 'ExecStart'), - '%s start' % init_script) + '{} start'.format(init_script)) self.assertEqual(s.get('Service', 'ExecStop'), - '%s stop' % init_script) + '{} stop'.format(init_script)) self.assertNotIn('Overwriting', err) @@ -276,7 +275,7 @@ class SysvGeneratorTest(unittest.TestCase): d = os.path.join(self.rcnd_dir, 'rc2.d') if not os.path.isdir(d): os.mkdir(d) - os.symlink('../init.d/' + name, os.path.join(d, 'S%02i%s' % (prio, name))) + os.symlink('../init.d/' + name, os.path.join(d, 'S{:>2}{}'.format(prio, name))) err, results = self.run_generator() self.assertEqual(sorted(results), ['consumer.service', 'provider.service']) @@ -351,9 +350,9 @@ class SysvGeneratorTest(unittest.TestCase): # calls correct script with .sh init_script = os.path.join(self.init_d_dir, 'foo.sh') self.assertEqual(s.get('Service', 'ExecStart'), - '%s start' % init_script) + '{} start'.format(init_script)) self.assertEqual(s.get('Service', 'ExecStop'), - '%s stop' % init_script) + '{} stop'.format(init_script)) self.assert_enabled('foo.service', ['multi-user', 'graphical']) diff --git a/test/test-execute/exec-capabilityambientset-merge-nfsnobody.service b/test/test-execute/exec-ambientcapabilities-merge-nfsnobody.service index 00bec581b5..d2cadebde4 100644 --- a/test/test-execute/exec-capabilityambientset-merge-nfsnobody.service +++ b/test/test-execute/exec-ambientcapabilities-merge-nfsnobody.service @@ -2,8 +2,8 @@ Description=Test for AmbientCapabilities [Service] -ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000003000"' +ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"' Type=oneshot User=nfsnobody -AmbientCapabilities=CAP_NET_ADMIN +AmbientCapabilities=CAP_CHOWN AmbientCapabilities=CAP_NET_RAW diff --git a/test/test-execute/exec-capabilityambientset-merge.service b/test/test-execute/exec-ambientcapabilities-merge-nobody.service index 64964380e2..545081d629 100644 --- a/test/test-execute/exec-capabilityambientset-merge.service +++ b/test/test-execute/exec-ambientcapabilities-merge-nobody.service @@ -2,8 +2,8 @@ Description=Test for AmbientCapabilities [Service] -ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000003000"' +ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"' Type=oneshot User=nobody -AmbientCapabilities=CAP_NET_ADMIN +AmbientCapabilities=CAP_CHOWN AmbientCapabilities=CAP_NET_RAW diff --git a/test/test-execute/exec-ambientcapabilities-merge.service b/test/test-execute/exec-ambientcapabilities-merge.service new file mode 100644 index 0000000000..2e3fe59124 --- /dev/null +++ b/test/test-execute/exec-ambientcapabilities-merge.service @@ -0,0 +1,9 @@ +[Unit] +Description=Test for AmbientCapabilities (daemon) + +[Service] +ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"' +Type=oneshot +User=daemon +AmbientCapabilities=CAP_CHOWN +AmbientCapabilities=CAP_NET_RAW diff --git a/test/test-execute/exec-capabilityambientset-nfsnobody.service b/test/test-execute/exec-ambientcapabilities-nfsnobody.service index 614cfdd584..9377ee16b2 100644 --- a/test/test-execute/exec-capabilityambientset-nfsnobody.service +++ b/test/test-execute/exec-ambientcapabilities-nfsnobody.service @@ -2,7 +2,7 @@ Description=Test for AmbientCapabilities [Service] -ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000003000"' +ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"' Type=oneshot User=nfsnobody -AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW +AmbientCapabilities=CAP_CHOWN CAP_NET_RAW diff --git a/test/test-execute/exec-capabilityambientset.service b/test/test-execute/exec-ambientcapabilities-nobody.service index d63f884ef8..07a6c7511d 100644 --- a/test/test-execute/exec-capabilityambientset.service +++ b/test/test-execute/exec-ambientcapabilities-nobody.service @@ -2,7 +2,7 @@ Description=Test for AmbientCapabilities [Service] -ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000003000"' +ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"' Type=oneshot User=nobody -AmbientCapabilities=CAP_NET_ADMIN CAP_NET_RAW +AmbientCapabilities=CAP_CHOWN CAP_NET_RAW diff --git a/test/test-execute/exec-ambientcapabilities.service b/test/test-execute/exec-ambientcapabilities.service new file mode 100644 index 0000000000..d91cc09a48 --- /dev/null +++ b/test/test-execute/exec-ambientcapabilities.service @@ -0,0 +1,8 @@ +[Unit] +Description=Test for AmbientCapabilities (daemon) + +[Service] +ExecStart=/bin/sh -x -c 'c=$$(grep "CapAmb:" /proc/self/status); test "$$c" = "CapAmb: 0000000000002001"' +Type=oneshot +User=daemon +AmbientCapabilities=CAP_CHOWN CAP_NET_RAW diff --git a/test/test-execute/exec-dynamicuser-statedir.service b/test/test-execute/exec-dynamicuser-statedir.service index cc09c938cf..5ea6d9da42 100644 --- a/test/test-execute/exec-dynamicuser-statedir.service +++ b/test/test-execute/exec-dynamicuser-statedir.service @@ -12,7 +12,7 @@ ExecStart=/bin/sh -c 'test -f /var/lib/private/waldo/yay' ExecStart=/bin/sh -c 'test -f /var/lib/private/quux/pief/yayyay' # Make sure that /var/lib/private/waldo is really the only writable directory besides the obvious candidates -ExecStart=/bin/sh -x -c 'test $$(find / -type d -writable 2> /dev/null | egrep -v -e \'^(/var/tmp$$|/tmp$$|/proc/|/dev/mqueue$$|/dev/shm$$)\' | sort -u | tr -d '\\\\n') = /var/lib/private/quux/pief/var/lib/private/waldo' +ExecStart=/bin/sh -x -c 'test $$(find / -type d -writable 2> /dev/null | egrep -v -e \'^(/var/tmp$$|/tmp$$|/proc/|/dev/mqueue$$|/dev/shm$$|/sys/fs/bpf$$)\' | sort -u | tr -d '\\\\n') = /var/lib/private/quux/pief/var/lib/private/waldo' Type=oneshot DynamicUser=yes diff --git a/test/test-execute/exec-group-nobody.service b/test/test-execute/exec-group-nobody.service new file mode 100644 index 0000000000..be7c796912 --- /dev/null +++ b/test/test-execute/exec-group-nobody.service @@ -0,0 +1,7 @@ +[Unit] +Description=Test for Group + +[Service] +ExecStart=/bin/sh -x -c 'test "$$(id -n -g)" = "nobody"' +Type=oneshot +Group=nobody diff --git a/test/test-execute/exec-group.service b/test/test-execute/exec-group.service index be7c796912..be55992395 100644 --- a/test/test-execute/exec-group.service +++ b/test/test-execute/exec-group.service @@ -1,7 +1,7 @@ [Unit] -Description=Test for Group +Description=Test for Group (daemon) [Service] -ExecStart=/bin/sh -x -c 'test "$$(id -n -g)" = "nobody"' +ExecStart=/bin/sh -x -c 'test "$$(id -n -g)" = "daemon"' Type=oneshot -Group=nobody +Group=daemon diff --git a/test/test-execute/exec-runtimedirectory-mode.service b/test/test-execute/exec-runtimedirectory-mode.service index 842721d5c2..480f904155 100644 --- a/test/test-execute/exec-runtimedirectory-mode.service +++ b/test/test-execute/exec-runtimedirectory-mode.service @@ -2,7 +2,7 @@ Description=Test for RuntimeDirectoryMode [Service] -ExecStart=/bin/sh -x -c 'mode=$$(stat -c %%a /tmp/test-exec_runtimedirectory-mode); test "$$mode" = "750"' +ExecStart=/bin/sh -x -c 'mode=$$(stat -c %%a %t/test-exec_runtimedirectory-mode); test "$$mode" = "750"' Type=oneshot RuntimeDirectory=test-exec_runtimedirectory-mode RuntimeDirectoryMode=0750 diff --git a/test/test-execute/exec-runtimedirectory-owner-nfsnobody.service b/test/test-execute/exec-runtimedirectory-owner-nfsnobody.service index e962af8a4b..1e3b6b4151 100644 --- a/test/test-execute/exec-runtimedirectory-owner-nfsnobody.service +++ b/test/test-execute/exec-runtimedirectory-owner-nfsnobody.service @@ -2,7 +2,7 @@ Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set) [Service] -ExecStart=/bin/sh -x -c 'group=$$(stat -c %%G /tmp/test-exec_runtimedirectory-owner); test "$$group" = "nfsnobody"' +ExecStart=/bin/sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nfsnobody"' Type=oneshot Group=nfsnobody User=root diff --git a/test/test-execute/exec-runtimedirectory-owner-nobody.service b/test/test-execute/exec-runtimedirectory-owner-nobody.service new file mode 100644 index 0000000000..54782f9bbd --- /dev/null +++ b/test/test-execute/exec-runtimedirectory-owner-nobody.service @@ -0,0 +1,9 @@ +[Unit] +Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set) + +[Service] +ExecStart=/bin/sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nobody"' +Type=oneshot +Group=nobody +User=root +RuntimeDirectory=test-exec_runtimedirectory-owner diff --git a/test/test-execute/exec-runtimedirectory-owner-nogroup.service b/test/test-execute/exec-runtimedirectory-owner-nogroup.service new file mode 100644 index 0000000000..663afe1188 --- /dev/null +++ b/test/test-execute/exec-runtimedirectory-owner-nogroup.service @@ -0,0 +1,9 @@ +[Unit] +Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set) + +[Service] +ExecStart=/bin/sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner); test "$$group" = "nogroup"' +Type=oneshot +Group=nogroup +User=root +RuntimeDirectory=test-exec_runtimedirectory-owner diff --git a/test/test-execute/exec-runtimedirectory-owner.service b/test/test-execute/exec-runtimedirectory-owner.service index 1f438c182e..07dd7ca3af 100644 --- a/test/test-execute/exec-runtimedirectory-owner.service +++ b/test/test-execute/exec-runtimedirectory-owner.service @@ -2,8 +2,8 @@ Description=Test for RuntimeDirectory owner (must not be the default group of the user if Group is set) [Service] -ExecStart=/bin/sh -x -c 'group=$$(stat -c %%G /tmp/test-exec_runtimedirectory-owner); test "$$group" = "nobody"' +ExecStart=/bin/sh -x -c 'group=$$(stat -c %%G %t/test-exec_runtimedirectory-owner-daemon); test "$$group" = "daemon"' Type=oneshot -Group=nobody +Group=daemon User=root -RuntimeDirectory=test-exec_runtimedirectory-owner +RuntimeDirectory=test-exec_runtimedirectory-owner-daemon diff --git a/test/test-execute/exec-runtimedirectory.service b/test/test-execute/exec-runtimedirectory.service index ec46c9d49b..d8f242fde2 100644 --- a/test/test-execute/exec-runtimedirectory.service +++ b/test/test-execute/exec-runtimedirectory.service @@ -2,6 +2,6 @@ Description=Test for RuntimeDirectory [Service] -ExecStart=/bin/sh -x -c 'test -d /tmp/test-exec_runtimedirectory' +ExecStart=/bin/sh -x -c 'test -d %t/test-exec_runtimedirectory' Type=oneshot RuntimeDirectory=test-exec_runtimedirectory diff --git a/test/test-execute/exec-systemcallfilter-system-user-nobody.service b/test/test-execute/exec-systemcallfilter-system-user-nobody.service new file mode 100644 index 0000000000..da129a30e4 --- /dev/null +++ b/test/test-execute/exec-systemcallfilter-system-user-nobody.service @@ -0,0 +1,11 @@ +[Unit] +Description=Test for SystemCallFilter in system mode with User set + +[Service] +ExecStart=/bin/sh -c 'echo "Foo bar"' +Type=oneshot +User=nobody +SystemCallFilter=~read write open execve ioperm +SystemCallFilter=ioctl +SystemCallFilter=read write open execve +SystemCallFilter=~ioperm diff --git a/test/test-execute/exec-systemcallfilter-system-user.service b/test/test-execute/exec-systemcallfilter-system-user.service index da129a30e4..488a3bb79e 100644 --- a/test/test-execute/exec-systemcallfilter-system-user.service +++ b/test/test-execute/exec-systemcallfilter-system-user.service @@ -1,10 +1,10 @@ [Unit] -Description=Test for SystemCallFilter in system mode with User set +Description=Test for SystemCallFilter in system mode with User set (daemon) [Service] ExecStart=/bin/sh -c 'echo "Foo bar"' Type=oneshot -User=nobody +User=daemon SystemCallFilter=~read write open execve ioperm SystemCallFilter=ioctl SystemCallFilter=read write open execve diff --git a/test/test-execute/exec-temporaryfilesystem-options.service b/test/test-execute/exec-temporaryfilesystem-options.service new file mode 100644 index 0000000000..b7a5baf93a --- /dev/null +++ b/test/test-execute/exec-temporaryfilesystem-options.service @@ -0,0 +1,17 @@ +[Unit] +Description=Test for TemporaryFileSystem with mount options + +[Service] +Type=oneshot + +# The mount options default to "mode=0755,nodev,strictatime". +# Let's override some of them, and test the behaviour of "ro". +TemporaryFileSystem=/var:ro,mode=0700,nostrictatime + +# Check /proc/self/mountinfo +ExecStart=/bin/sh -x -c 'test "$$(awk \'$$5 == "/var" && $$11 !~ /(^|,)ro(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""' +ExecStart=/bin/sh -x -c 'test "$$(awk \'$$5 == "/var" && $$11 !~ /(^|,)mode=700(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""' + +ExecStart=/bin/sh -x -c 'test "$$(awk \'$$5 == "/var" && $$6 !~ /(^|,)ro(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""' +ExecStart=/bin/sh -x -c 'test "$$(awk \'$$5 == "/var" && $$6 !~ /(^|,)nodev(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""' +ExecStart=/bin/sh -x -c 'test "$$(awk \'$$5 == "/var" && $$6 ~ /(^|,)strictatime(,|$$)/ { print $$6 }\' /proc/self/mountinfo)" = ""' diff --git a/test/test-execute/exec-temporaryfilesystem-ro.service b/test/test-execute/exec-temporaryfilesystem-ro.service new file mode 100644 index 0000000000..c0e3721a01 --- /dev/null +++ b/test/test-execute/exec-temporaryfilesystem-ro.service @@ -0,0 +1,33 @@ +[Unit] +Description=Test for TemporaryFileSystem with read-only mode + +[Service] +Type=oneshot + +# Check directories exist +ExecStart=/bin/sh -c 'test -d /var/test-exec-temporaryfilesystem/rw && test -d /var/test-exec-temporaryfilesystem/ro' + +# Check TemporaryFileSystem= are empty +ExecStart=/bin/sh -c 'for i in $$(ls -A /var); do test $$i = test-exec-temporaryfilesystem || false; done' + +# Cannot create a file in /var +ExecStart=/bin/sh -c '! touch /var/hoge' + +# Create a file in /var/test-exec-temporaryfilesystem/rw +ExecStart=/bin/sh -c 'touch /var/test-exec-temporaryfilesystem/rw/thisisasimpletest-temporaryfilesystem' + +# Then, the file can be access through /tmp +ExecStart=/bin/sh -c 'test -f /tmp/thisisasimpletest-temporaryfilesystem' + +# Also, through /var/test-exec-temporaryfilesystem/ro +ExecStart=/bin/sh -c 'test -f /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem' + +# The file cannot modify through /var/test-exec-temporaryfilesystem/ro +ExecStart=/bin/sh -c '! touch /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem' + +# Cleanup +ExecStart=/bin/sh -c 'rm /tmp/thisisasimpletest-temporaryfilesystem' + +TemporaryFileSystem=/var:ro +BindPaths=/tmp:/var/test-exec-temporaryfilesystem/rw +BindReadOnlyPaths=/tmp:/var/test-exec-temporaryfilesystem/ro diff --git a/test/test-execute/exec-temporaryfilesystem-rw.service b/test/test-execute/exec-temporaryfilesystem-rw.service new file mode 100644 index 0000000000..fc02ceab1c --- /dev/null +++ b/test/test-execute/exec-temporaryfilesystem-rw.service @@ -0,0 +1,33 @@ +[Unit] +Description=Test for TemporaryFileSystem + +[Service] +Type=oneshot + +# Check directories exist +ExecStart=/bin/sh -c 'test -d /var/test-exec-temporaryfilesystem/rw && test -d /var/test-exec-temporaryfilesystem/ro' + +# Check TemporaryFileSystem= are empty +ExecStart=/bin/sh -c 'for i in $$(ls -A /var); do test $$i = test-exec-temporaryfilesystem || false; done' + +# Create a file in /var +ExecStart=/bin/sh -c 'touch /var/hoge' + +# Create a file in /var/test-exec-temporaryfilesystem/rw +ExecStart=/bin/sh -c 'touch /var/test-exec-temporaryfilesystem/rw/thisisasimpletest-temporaryfilesystem' + +# Then, the file can be access through /tmp +ExecStart=/bin/sh -c 'test -f /tmp/thisisasimpletest-temporaryfilesystem' + +# Also, through /var/test-exec-temporaryfilesystem/ro +ExecStart=/bin/sh -c 'test -f /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem' + +# The file cannot modify through /var/test-exec-temporaryfilesystem/ro +ExecStart=/bin/sh -c '! touch /var/test-exec-temporaryfilesystem/ro/thisisasimpletest-temporaryfilesystem' + +# Cleanup +ExecStart=/bin/sh -c 'rm /tmp/thisisasimpletest-temporaryfilesystem' + +TemporaryFileSystem=/var +BindPaths=/tmp:/var/test-exec-temporaryfilesystem/rw +BindReadOnlyPaths=/tmp:/var/test-exec-temporaryfilesystem/ro diff --git a/test/test-execute/exec-temporaryfilesystem-usr.service b/test/test-execute/exec-temporaryfilesystem-usr.service new file mode 100644 index 0000000000..05c1ec0694 --- /dev/null +++ b/test/test-execute/exec-temporaryfilesystem-usr.service @@ -0,0 +1,15 @@ +[Unit] +Description=Test for TemporaryFileSystem on /usr + +[Service] +Type=oneshot + +# Check TemporaryFileSystem= are empty +ExecStart=/bin/sh -c 'for i in $$(ls -A /usr); do test $$i = lib -o $$i = lib64 -o $$i = bin -o $$i = sbin || false; done' + +# Cannot create files under /usr +ExecStart=/bin/sh -c '! touch /usr/hoge' +ExecStart=/bin/sh -c '! touch /usr/bin/hoge' + +TemporaryFileSystem=/usr:ro +BindReadOnlyPaths=-/usr/lib -/usr/lib64 /usr/bin /usr/sbin diff --git a/test/test-execute/exec-user-nobody.service b/test/test-execute/exec-user-nobody.service new file mode 100644 index 0000000000..0a00c1abc4 --- /dev/null +++ b/test/test-execute/exec-user-nobody.service @@ -0,0 +1,7 @@ +[Unit] +Description=Test for User + +[Service] +ExecStart=/bin/sh -x -c 'test "$$USER" = "nobody"' +Type=oneshot +User=nobody diff --git a/test/test-execute/exec-user.service b/test/test-execute/exec-user.service index 0a00c1abc4..d315a828d4 100644 --- a/test/test-execute/exec-user.service +++ b/test/test-execute/exec-user.service @@ -1,7 +1,7 @@ [Unit] -Description=Test for User +Description=Test for User (daemon) [Service] -ExecStart=/bin/sh -x -c 'test "$$USER" = "nobody"' +ExecStart=/bin/sh -x -c 'test "$$USER" = "daemon"' Type=oneshot -User=nobody +User=daemon diff --git a/test/test-functions b/test/test-functions index 018bdca888..17e83ccf3f 100644 --- a/test/test-functions +++ b/test/test-functions @@ -313,8 +313,9 @@ install_dmevent() { inst_libdir_file "libdevmapper-event.so*" if [[ "$LOOKS_LIKE_DEBIAN" ]]; then # dmsetup installs 55-dm and 60-persistent-storage-dm on Debian/Ubuntu - # see https://anonscm.debian.org/cgit/pkg-lvm/lvm2.git/tree/debian/patches/0007-udev.patch - inst_rules 55-dm.rules 60-persistent-storage-dm.rules + # and since buster/bionic 95-dm-notify.rules + # see https://gitlab.com/debian-lvm/lvm2/blob/master/debian/patches/udev.patch + inst_rules 55-dm.rules 60-persistent-storage-dm.rules 95-dm-notify.rules else inst_rules 10-dm.rules 13-dm-disk.rules 95-dm-notify.rules fi @@ -1057,6 +1058,7 @@ inst_rules() { fi done [[ $_found ]] || dinfo "Skipping udev rule: $_rule" + _found= done } @@ -1381,8 +1383,8 @@ inst_libdir_file() { } setup_suse() { - ln -s ../usr/bin/systemctl $initdir/bin/systemctl - ln -s ../usr/lib/systemd $initdir/lib/systemd + ln -fs ../usr/bin/systemctl $initdir/bin/ + ln -fs ../usr/lib/systemd $initdir/lib/ inst_simple "/usr/lib/systemd/system/haveged.service" } diff --git a/test/udev-test.pl b/test/udev-test.pl index 20f662eb3b..9e7cc94638 100755 --- a/test/udev-test.pl +++ b/test/udev-test.pl @@ -606,9 +606,9 @@ EOF desc => "textual user id", devpath => "/devices/pci0000:00/0000:00:1f.2/host0/target0:0:0/0:0:0:0/block/sda", exp_name => "node", - exp_perms => "nobody::0600", + exp_perms => "daemon::0600", rules => <<EOF -SUBSYSTEMS=="scsi", KERNEL=="sda", SYMLINK+="node", OWNER="nobody" +SUBSYSTEMS=="scsi", KERNEL=="sda", SYMLINK+="node", OWNER="daemon" EOF }, { diff --git a/tmpfiles.d/systemd-nologin.conf b/tmpfiles.d/systemd-nologin.conf index a30a8da604..df4dd63272 100644 --- a/tmpfiles.d/systemd-nologin.conf +++ b/tmpfiles.d/systemd-nologin.conf @@ -8,4 +8,4 @@ # See tmpfiles.d(5), systemd-user-session.service(5) and pam_nologin(8). # This file has special suffix so it is not run by mistake. -F! /run/nologin 0644 - - - "System is booting up. See pam_nologin(8)" +F! /run/nologin 0644 - - - "System is booting up. Unprivileged users are not permitted to log in yet. Please come back later. For technical details, see pam_nologin(8)." diff --git a/tools/meson-hwdb-update.sh b/tools/meson-hwdb-update.sh index 275d54cd17..d4ec555beb 100755 --- a/tools/meson-hwdb-update.sh +++ b/tools/meson-hwdb-update.sh @@ -3,7 +3,16 @@ set -eu cd "$1" -if [ "${2:-}" != "-n" ]; then +unset permissive +if [ "$2" = "-p" ]; then + permissive=1 + shift +fi + +if [ "${2:-}" != "-n" ]; then ( + [ -z "$permissive" ] || set +e + set -x + curl -L -o usb.ids 'http://www.linux-usb.org/usb.ids' curl -L -o pci.ids 'http://pci-ids.ucw.cz/v2.2/pci.ids' curl -L -o ma-large.txt 'http://standards-oui.ieee.org/oui/oui.txt' @@ -11,8 +20,9 @@ if [ "${2:-}" != "-n" ]; then curl -L -o ma-small.txt 'http://standards-oui.ieee.org/oui36/oui36.txt' curl -L -o pnp_id_registry.html 'http://www.uefi.org/uefi-pnp-export' curl -L -o acpi_id_registry.html 'http://www.uefi.org/uefi-acpi-export' -fi +) fi +set -x ./acpi-update.py >20-acpi-vendor.hwdb.base patch -p0 -o- 20-acpi-vendor.hwdb.base <20-acpi-vendor.hwdb.patch >20-acpi-vendor.hwdb ! diff -u 20-acpi-vendor.hwdb.base 20-acpi-vendor.hwdb >20-acpi-vendor.hwdb.patch diff --git a/units/meson.build b/units/meson.build index 814ee7885b..7f40464190 100644 --- a/units/meson.build +++ b/units/meson.build @@ -91,7 +91,6 @@ units = [ ['sysinit.target', ''], ['syslog.socket', ''], ['system-update.target', ''], - ['system.slice', ''], ['systemd-ask-password-console.path', '', 'sysinit.target.wants/'], ['systemd-ask-password-wall.path', '', diff --git a/units/system-update-cleanup.service.in b/units/system-update-cleanup.service.in index 51399f1c07..84d16f608e 100644 --- a/units/system-update-cleanup.service.in +++ b/units/system-update-cleanup.service.in @@ -32,4 +32,4 @@ ConditionPathIsSymbolicLink=|/system-update [Service] Type=oneshot ExecStart=/bin/rm -fv /system-update -ExecStart=@SYSTEMCTL@ reboot +SuccessAction=reboot diff --git a/units/system.slice b/units/system.slice deleted file mode 100644 index a4d5edfae8..0000000000 --- a/units/system.slice +++ /dev/null @@ -1,14 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1+ -# -# This file is part of systemd. -# -# systemd is free software; you can redistribute it and/or modify it -# under the terms of the GNU Lesser General Public License as published by -# the Free Software Foundation; either version 2.1 of the License, or -# (at your option) any later version. - -[Unit] -Description=System Slice -Documentation=man:systemd.special(7) -DefaultDependencies=no -Before=slices.target diff --git a/units/user@.service.in b/units/user@.service.in index e8195acbb6..372ffa56d3 100644 --- a/units/user@.service.in +++ b/units/user@.service.in @@ -18,6 +18,6 @@ Type=notify ExecStart=-@rootlibexecdir@/systemd --user Slice=user-%i.slice KillMode=mixed -Delegate=pids cpu +Delegate=pids memory TasksMax=infinity TimeoutStopSec=120s diff --git a/zanata.xml b/zanata.xml new file mode 100644 index 0000000000..02fe72f1ce --- /dev/null +++ b/zanata.xml @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8" standalone="yes"?> +<config xmlns="http://zanata.org/namespace/config/"> + <url>https://fedora.zanata.org/</url> + <project>systemd</project> + <project-version>master</project-version> + <project-type>gettext</project-type> + <src-dir>po</src-dir> + <trans-dir>po</trans-dir> +</config> |