[systemd-devel] [PATCH] units: add SecureBits
No setuid programs are expected to be executed, so add SecureBits=no-setuid-fixup no-setuid-fixup-locked to unit files. --- units/systemd-hostnamed.service.in| 1 + units/systemd-importd.service.in | 1 + units/systemd-journal-gatewayd.service.in | 1 + units/systemd-journal-remote.service.in | 1 + units/systemd-journal-upload.service.in | 1 + units/systemd-journald.service.in | 1 + units/systemd-localed.service.in | 1 + units/systemd-logind.service.in | 1 + units/systemd-machined.service.in | 1 + units/systemd-networkd.service.in | 1 + units/systemd-resolved.service.in | 1 + units/systemd-timedated.service.in| 1 + units/systemd-timesyncd.service.in| 1 + 13 files changed, 13 insertions(+) diff --git a/units/systemd-hostnamed.service.in b/units/systemd-hostnamed.service.in index cc88ecd..ec13938 100644 --- a/units/systemd-hostnamed.service.in +++ b/units/systemd-hostnamed.service.in @@ -14,6 +14,7 @@ Documentation=http://www.freedesktop.org/wiki/Software/systemd/hostnamed ExecStart=@rootlibexecdir@/systemd-hostnamed BusName=org.freedesktop.hostname1 CapabilityBoundingSet=CAP_SYS_ADMIN +SecureBits=no-setuid-fixup no-setuid-fixup-locked WatchdogSec=1min PrivateTmp=yes PrivateDevices=yes diff --git a/units/systemd-importd.service.in b/units/systemd-importd.service.in index 26759ea..bb3fbea 100644 --- a/units/systemd-importd.service.in +++ b/units/systemd-importd.service.in @@ -14,6 +14,7 @@ ExecStart=@rootlibexecdir@/systemd-importd BusName=org.freedesktop.import1 CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_SETFCAP CAP_SYS_ADMIN CAP_SETPCAP NoNewPrivileges=yes +SecureBits=no-setuid-fixup no-setuid-fixup-locked WatchdogSec=1min PrivateTmp=yes ProtectSystem=full diff --git a/units/systemd-journal-gatewayd.service.in b/units/systemd-journal-gatewayd.service.in index 987220e..bfdb561 100644 --- a/units/systemd-journal-gatewayd.service.in +++ b/units/systemd-journal-gatewayd.service.in @@ -11,6 +11,7 @@ Requires=systemd-journal-gatewayd.socket [Service] ExecStart=@rootlibexecdir@/systemd-journal-gatewayd +SecureBits=no-setuid-fixup no-setuid-fixup-locked User=systemd-journal-gateway Group=systemd-journal-gateway SupplementaryGroups=systemd-journal diff --git a/units/systemd-journal-remote.service.in b/units/systemd-journal-remote.service.in index 4a898d6..4f25518 100644 --- a/units/systemd-journal-remote.service.in +++ b/units/systemd-journal-remote.service.in @@ -13,6 +13,7 @@ Requires=systemd-journal-remote.socket ExecStart=@rootlibexecdir@/systemd-journal-remote \ --listen-https=-3 \ --output=/var/log/journal/remote/ +SecureBits=no-setuid-fixup no-setuid-fixup-locked User=systemd-journal-remote Group=systemd-journal-remote PrivateTmp=yes diff --git a/units/systemd-journal-upload.service.in b/units/systemd-journal-upload.service.in index b2e3c76..ac776ac 100644 --- a/units/systemd-journal-upload.service.in +++ b/units/systemd-journal-upload.service.in @@ -12,6 +12,7 @@ After=network.target [Service] ExecStart=@rootlibexecdir@/systemd-journal-upload \ --save-state +SecureBits=no-setuid-fixup no-setuid-fixup-locked User=systemd-journal-upload PrivateTmp=yes PrivateDevices=yes diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in index a3540c6..01bf2a7 100644 --- a/units/systemd-journald.service.in +++ b/units/systemd-journald.service.in @@ -22,6 +22,7 @@ RestartSec=0 NotifyAccess=all StandardOutput=null CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE +SecureBits=no-setuid-fixup no-setuid-fixup-locked WatchdogSec=1min FileDescriptorStoreMax=1024 diff --git a/units/systemd-localed.service.in b/units/systemd-localed.service.in index bfa0978..f0c06aa 100644 --- a/units/systemd-localed.service.in +++ b/units/systemd-localed.service.in @@ -14,6 +14,7 @@ Documentation=http://www.freedesktop.org/wiki/Software/systemd/localed ExecStart=@rootlibexecdir@/systemd-localed BusName=org.freedesktop.locale1 CapabilityBoundingSet= +SecureBits=no-setuid-fixup no-setuid-fixup-locked WatchdogSec=1min PrivateTmp=yes PrivateDevices=yes diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in index f087e99..f6760c6 100644 --- a/units/systemd-logind.service.in +++ b/units/systemd-logind.service.in @@ -24,6 +24,7 @@ Restart=always RestartSec=0 BusName=org.freedesktop.login1 CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG +SecureBits=no-setuid-fixup no-setuid-fixup-locked WatchdogSec=1min # Increase the default a bit in order to allow many simultaneous diff --git a/units/systemd-machined.service.in
Re: [systemd-devel] [PATCH] bus-proxyd: fix 'ListQueuedOwners' call
On 02/06/2015 05:08 PM, Lukasz Skalski wrote: Set proper kdbus_cmd_list object size, otherwise: Applied, thanks! dbus-send --system --dest=org.freedesktop.DBus --type=method_call \ print-reply / org.freedesktop.DBus.ListQueuedOwners string:org.freedesktop.systemd1 Error org.freedesktop.DBus.Error.InvalidArgs: Invalid argument diff --git a/src/bus-proxyd/driver.c b/src/bus-proxyd/driver.c index 23911c6..b275839 100644 --- a/src/bus-proxyd/driver.c +++ b/src/bus-proxyd/driver.c @@ -350,6 +350,7 @@ int bus_proxy_process_driver(sd_bus *a, sd_bus *b, sd_bus_message *m, SharedPoli return synthetic_reply_method_errno(m, r, NULL); cmd.flags = KDBUS_LIST_QUEUED; +cmd.size = sizeof(cmd); r = ioctl(a-input_fd, KDBUS_CMD_LIST, cmd); if (r 0) return synthetic_reply_method_errno(m, -errno, NULL); ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Removing unnecessary includes
On 07/02/15 10:29, Thomas H.P. Andersen wrote: I am looking at ways to automatically trim the unnecessary includes. One way to do it is a script[1] which simply tests if the compile still works after removing each include one at a time. It does this in reverse order for all includes in the .c files. Using -Werror we catch any new warnings too. Hello Thomas, this approach is not correct: in this way each source file would not be required to include the headers included by other files included before. For example, if header file a.h includes shared.h and implementation file requires the definitions of a.h and shared.h, only the first dependency would be detected by this method. However, it is good practice to include all the required header files, whether those are already included by others or not. Cheers, Daniele ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCHv3] sysctl: consider --prefix while parsing the files
not while applying the parsed sysctl values. Otherwise info Overwriting earlier assignment of %s in file %s is visible many times even though the given --prefix doesn't try to set the overridden value. This also optimizes the startup tiny bit since we have udev rules running on network devices and setting sysctl through the rules. --- src/sysctl/sysctl.c | 30 ++ 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c index 973e67e..275a5b7 100644 --- a/src/sysctl/sysctl.c +++ b/src/sysctl/sysctl.c @@ -78,22 +78,6 @@ static int apply_sysctl(const char *property, const char *value) { n = stpcpy(p, /proc/sys/); strcpy(n, property); -if (!strv_isempty(arg_prefixes)) { -char **i; -bool good = false; - -STRV_FOREACH(i, arg_prefixes) -if (path_startswith(p, *i)) { -good = true; -break; -} - -if (!good) { -log_debug(Skipping %s, p); -return 0; -} -} - k = write_string_file(p, value); if (k 0) { log_full(k == -ENOENT ? LOG_DEBUG : LOG_WARNING, @@ -173,6 +157,20 @@ static int parse_file(Hashmap *sysctl_options, const char *path, bool ignore_eno p = normalize_sysctl(strstrip(p)); value = strstrip(value); +if (!strv_isempty(arg_prefixes)) { +char **i, *t; +STRV_FOREACH(i, arg_prefixes) { +t = path_startswith(*i, /proc/sys/); +if (t == NULL) +t = *i; +if (path_startswith(p, t)) +goto found; +} +/* not found */ +continue; +} + +found: existing = hashmap_get2(sysctl_options, p, v); if (existing) { if (streq(value, existing)) -- 2.1.1 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Removing unnecessary includes
2015-02-07 14:05 GMT+01:00 Daniele Nicolodi dani...@grinta.net: On 07/02/15 10:29, Thomas H.P. Andersen wrote: I am looking at ways to automatically trim the unnecessary includes. One way to do it is a script[1] which simply tests if the compile still works after removing each include one at a time. It does this in reverse order for all includes in the .c files. Using -Werror we catch any new warnings too. Hello Thomas, this approach is not correct: in this way each source file would not be required to include the headers included by other files included before. For example, if header file a.h includes shared.h and implementation file requires the definitions of a.h and shared.h, only the first dependency would be detected by this method. However, it is good practice to include all the required header files, whether those are already included by others or not. Hi, I agree with Daniele. If you want to include the proper headers in each file maybe you can use include-what-you-use [0], but this is a rather recent project with lots of issues that will force you to do a lots of manual review. [0] https://code.google.com/p/include-what-you-use/ Cheers, Daniele ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Removing unnecessary includes
On Sat, Feb 7, 2015 at 2:37 PM, Ronny Chevalier chevalier.ro...@gmail.com wrote: 2015-02-07 14:05 GMT+01:00 Daniele Nicolodi dani...@grinta.net: On 07/02/15 10:29, Thomas H.P. Andersen wrote: I am looking at ways to automatically trim the unnecessary includes. One way to do it is a script[1] which simply tests if the compile still works after removing each include one at a time. It does this in reverse order for all includes in the .c files. Using -Werror we catch any new warnings too. Hello Thomas, this approach is not correct: in this way each source file would not be required to include the headers included by other files included before. For example, if header file a.h includes shared.h and implementation file requires the definitions of a.h and shared.h, only the first dependency would be detected by this method. However, it is good practice to include all the required header files, whether those are already included by others or not. Hi, I agree with Daniele. If you want to include the proper headers in each file maybe you can use include-what-you-use [0], but this is a rather recent project with lots of issues that will force you to do a lots of manual review. [0] https://code.google.com/p/include-what-you-use/ Looks useful. Will take a look. Cheers, Daniele ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Removing unnecessary includes
On Sat, Feb 7, 2015 at 2:05 PM, Daniele Nicolodi dani...@grinta.net wrote: On 07/02/15 10:29, Thomas H.P. Andersen wrote: I am looking at ways to automatically trim the unnecessary includes. One way to do it is a script[1] which simply tests if the compile still works after removing each include one at a time. It does this in reverse order for all includes in the .c files. Using -Werror we catch any new warnings too. Hello Thomas, this approach is not correct: in this way each source file would not be required to include the headers included by other files included before. For example, if header file a.h includes shared.h and implementation file requires the definitions of a.h and shared.h, only the first dependency would be detected by this method. However, it is good practice to include all the required header files, whether those are already included by others or not. Oh, I did not mean to use the output of deheader directly. Only as a way to find potential targets for removal. Each removal should be reviewed manually of course. Cheers, Daniele ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] language fallback: it_CH (Italian, Swiss) - it_IT (Italian, Italy)
--- src/locale/language-fallback-map | 1 + 1 file changed, 1 insertion(+) diff --git a/src/locale/language-fallback-map b/src/locale/language-fallback-map index 6412b88..bd3a620 100644 --- a/src/locale/language-fallback-map +++ b/src/locale/language-fallback-map @@ -6,3 +6,4 @@ en_ZA en_ZA:en_GB mai_IN mai:hi nds_DE nds:de szl_PL szl:pl +it_CH it_CH:it_IT -- 2.1.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] sysusers: remove additional finger information from gecos
On 7 February 2015 at 23:50, Mantas Mikulėnas graw...@gmail.com wrote: On Sun, Feb 8, 2015 at 1:38 AM, Sami Kerola kerol...@iki.fi wrote: This change removes garbage from authentication messages if chfn(1) has been used. For example; $ timedatectl set-timezone Europe/London [...] Authenticating as: Sami Kerola,office,officephone,homephone, (kerolasa) --- src/sysusers/sysusers.c | 4 1 file changed, 4 insertions(+) This authentication prompt is part of polkit's pkttyagent (src/polkitagent), it has nothing to do with systemd-sysusers. (The systemd-sysusers tool is just for adding *new* accounts to /etc/passwd... As far as I can see, i-description is only used for filtering out duplicates.) Hi Mantas, Oh, I see. No wonder I found so few gecos references from systemd source tree. With your hint I found the following function that might be the one needing adjustment. http://cgit.freedesktop.org/polkit/tree/src/polkitagent/polkitagenttextlistener.c#n336 -- Sami Kerola http://www.iki.fi/kerolasa/ ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] sysusers: remove additional finger information from gecos
On Sun, Feb 8, 2015 at 1:38 AM, Sami Kerola kerol...@iki.fi wrote: This change removes garbage from authentication messages if chfn(1) has been used. For example; $ timedatectl set-timezone Europe/London [...] Authenticating as: Sami Kerola,office,officephone,homephone, (kerolasa) --- src/sysusers/sysusers.c | 4 1 file changed, 4 insertions(+) This authentication prompt is part of polkit's pkttyagent (src/polkitagent), it has nothing to do with systemd-sysusers. (The systemd-sysusers tool is just for adding *new* accounts to /etc/passwd... As far as I can see, i-description is only used for filtering out duplicates.) -- Mantas Mikulėnas graw...@gmail.com ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] sysusers: remove additional finger information from gecos
This change removes garbage from authentication messages if chfn(1) has been used. For example; $ timedatectl set-timezone Europe/London [...] Authenticating as: Sami Kerola,office,officephone,homephone, (kerolasa) --- src/sysusers/sysusers.c | 4 1 file changed, 4 insertions(+) diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index f25ece0..c94fe58 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -885,12 +885,16 @@ static int add_user(Item *i) { errno = 0; p = getpwnam(i-name); if (p) { +char *comma; + log_debug(User %s already exists., i-name); i-uid = p-pw_uid; i-uid_set = true; free(i-description); i-description = strdup(p-pw_gecos); +if ((comma = strchr(i-description, ','))) +*comma = '\0'; return 0; } if (!IN_SET(errno, 0, ENOENT)) -- 2.3.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel