- Make fd_is_namespace() take NamespaceType
- Drop support for kernel without NS_GET_NSTYPE (< 4.11)
- Port is_our_namespace() to namespace_open_by_type()
(preparation for later commits, where the latter
would go by pidfd if available, avoiding procfs)
Plus, linux/random.h never defined getrandom(), hence remove
the custom machinery for sys/random.h vs linux/random.h
in favor of single HAVE_GETRANDOM.
We assume its existence in basic/build-path.c, shared/userdb.c,
and coredump/coredump.c already, for which nothing has been reported
so far. So this seems safe to drop.
Prior to this commit, if no Exec*= is defined for socket,
and the unit was in SOCKET_FAILED state, failure of socket_open_fds()
would induce state transition SOCKET_FAILED -> SOCKET_FAILED,
and OnFailure= deps get unexpectedly skipped. Let's introduce
an intermediate state, so that during unit start we enter
UNIT_ACTIVATING at least once.
Fixes#35635
We carry our own definitions in missing_mman.h, and otherwise
sys/mman.h is employed. Let's drop the unneeded detection/inclusion
of linux/memfd.h hence.
This generalizes and modernizes the code to acquire set of local caps,
based on the code for this in the condition logic. Uses PidRef, and
acquires the full quintuplet of caps.
This can be considered preparation to one day maybe build without
libcap.
This generalizes and modernizes the code to acquire set of local caps,
based on the code for this in the condition logic. Uses PidRef, and
acquires the full quintuplet of caps.
This can be considered preparation to one day maybe build without
libcap.
This is just like memfd_new(), but allows fine grained control of the
sealing flags.
This switches over all uses of memfd_new() where we actually want
sealing to use memfd_new_full().
This then allows use to use memfd_new() for two further calls, where we
previously used the more lowlevel memfd_create_wrapper().
Let's use pwrite() to write the contents of the memfd. This has the
benefit of not moving the file offset, which means we don't have to
reset it after at all.
Let's drop support systems lacking memfds, i.e. pre kernel 3.17 systems.
This allows us to drastically simplify the "data fd" concept, so far
that we can remove it entirely.
This replaces acquire_data_fd() with a specialized call to
memfd_new_and_seal(), not that memfds can be the only implementation of
the concept.
Let's bump the kernel baseline a bit to 4.3 and thus require ambient
caps.
This allows us to remove support for a variety of special casing, most
importantly the ExecStart=!! hack.
We never know, maybe there's some spurious POLLIN and read() will fail
with EAGAIN even though we saw POLLIN. Handle that.
(this can happen if we area not the only process reading from the tty,
or in case of hups and such).
Fixes: #35499
