tree-wide: remove Emacs lines from all files This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.

tree-wide: check if errno is greater than zero (2) Compare errno with zero in a way that tells gcc that (if the condition is true) errno is positive.

tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.

parse-util: introduce parse_ifindex() and make use of it everywhere We have enough places where we parse an ifindex, hence introduce a proper parsing function for it, that verifies all parameters.

util-lib: split out allocation calls into alloc-util.[ch]

util-lib: move a number of fs operations into fs-util.[ch]

util-lib: introduce dirent-util.[ch] for directory entry calls Also, move a couple of more path-related functions to path-util.c.

util: move filename_is_valid() and path_is_safe() to path-util.[ch]

util-lib: split string parsing related calls from util.[ch] into parse-util.[ch]

socket-util: move remaining socket-related calls from util.[ch] to socket-util.[ch]

util-lib: split out user/group/uid/gid calls into user-util.[ch]

util-lib: split out IO related calls to io-util.[ch]

util-lib: split out fd-related operations into fd-util.[ch] There are more than enough to deserve their own .c file, hence move them over.

util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.

util: split out escaping code into escape.[ch] This really deserves its own file, given how much code this is now.

sd-login: fix sd_seat_get_active() to return ENODATA This seems to be an oversight from: 707b66c66381c899d7ef640e158ffdd5bcff4deb We have to return ENODATA instead of ENOENT if a requested entry is non-present. Also fix the call-site in udev to check for these errors.

sd-login: add new sd_pid_get_cgroup() API This adds a new sd_pid_get_cgroup() call to sd-login which may be used to query the control path of a process. This is useful for programs when making use of delegation units, in order to figure out which subtree has been delegated. In light of the unified control group hierarchy this is finally safe to do, hence let's add a proper API for it, to make it easier to use this.

sd-login: rework error handling Makre sure we always return sensible errors for the various, following the same rules, and document them in a comment in sd-login.c. Also, update all relevant man pages accordingly.

util: add new uid_is_valid() call This simply factors out the uid validation checks from parse_uid() and uses them everywhere. This simply verifies that the passed UID is neither 64bit -1 nor 32bit -1.

sd-login: improve error handling let's return ENXIO whenever we don't know something rather than ENOENT. ENOENT suggests this was really about a file or directory, while ENXIO is a more generic "not found" indicator.

machined: validate machine names at more places When enumerating machines from /run, and when accepting machine names for operations, be more strict and always validate. Note that these checks are strictly speaking unnecessary, since enumeration happens only on the trusted /run...

util: make machine_name_is_valid() a macro and move it to hostname-util.h As it turns out machine_name_is_valid() does the exact same thing as hostname_is_valid() these days, as it just invoked that and checked the name length was < 64. However, hostname_is_valid() checks the length against HOST_NAME_MAX anyway (which is 64 on Linux), hence any additional check is redundant. We hence replace machine_name_is_valid() by a macro that simply maps it to hostname_is_valid() but sets the allow_trailing_dot parameter to false. We also move this this call to hostname-util.h, to the same place as the hostname_is_valid() declaration.

tree-wide: generate EBADF when we get invalid fds This is a follow-up to #907, and makes the same change for all our other public APIs.

build-sys: split internal basic/ library from shared/ basic/ can be used by everything cannot use anything outside of basic/ libsystemd/ can use basic/ cannot use shared/ shared/ can use libsystemd/

sd-bus,sd-login: add api for querying the slice within the the user systemd instance of a process units are organized in slice trees, not only for the system instance, but also for user systemd instances, expose this properly.

shared: add formats-util.h

util: rework cunescape(), improve error handling Change cunescape() to return a normal error code, so that we can distuingish OOM errors from parse errors. This also adds a flags parameter to control whether "relaxed" or normal parsing shall be done. If set no parse failures are generated, and the only reason why cunescape() can fail is OOM.

fix gcc warnings about uninitialized variables like: src/shared/install.c: In function ‘unit_file_lookup_state’: src/shared/install.c:1861:16: warning: ‘r’ may be used uninitialized in this function [-Wmaybe-uninitialized] return r < 0 ? r : state; ^ src/shared/install.c:1796:13: note: ‘r’ was declared here int r; ^

include <poll.h> instead of <sys/poll.h> include-what-you-use automatically does this and it makes finding unnecessary harder to spot. The only content of poll.h is a include of sys/poll.h so should be harmless.

util: rework strappenda(), and rename it strjoina() After all it is now much more like strjoin() than strappend(). At the same time, add support for NULL sentinels, even if they are normally not necessary.

login: add public sd_session_get_desktop() API The desktop brand is stored as DESKTOP variable for sessions. It can be set arbitrarily by the session owner and identifies the desktop environment that is running on that session.

Reject invalid quoted strings String which ended in an unfinished quote were accepted, potentially with bad memory accesses. Reject anything which ends in a unfished quote, or contains non-whitespace characters right after the closing quote. _FOREACH_WORD now returns the invalid character in *state. But this return value is not checked anywhere yet. Also, make 'word' and 'state' variables const pointers, and rename 'w' to 'word' in various places. Things are easier to read if the same name is used consistently. mbiebl_> am I correct that something like this doesn't work mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"' mbiebl_> systemd seems to strip of the quotes mbiebl_> systemctl status shows mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint mbiebl_> which is pretty weird

sd-login: always use "indices" as plural of "index" So far both "indexes" and "indices" was used. Let's clean this up, and stick to indices, since it appears to be used more frequently.

nss-mymachines: add new NSS module for automatically resolving addresses of all local containers

sd-login: use the same code for verfiying machine names everywhere

sd-login: add C API to query primary session of a user

Remove unnecessary casts in printfs No functional change expected :)

util: replace close_nointr_nofail() by a more useful safe_close() safe_close() automatically becomes a NOP when a negative fd is passed, and returns -1 unconditionally. This makes it easy to write lines like this: fd = safe_close(fd); Which will close an fd if it is open, and reset the fd variable correctly. By making use of this new scheme we can drop a > 200 lines of code that was required to test for non-negative fds or to reset the closed fd variable afterwards.

build-sys: move sd-login src/login → src/libsystemd/sd-login After all, it is ultimately linked to libsystems.so anyway, thus belongs there and shares very little with the rest of logind, hence let's move this away.