upstart 0.3.2 "Could anybody have tampered with your luggage?"
The entire code has received a thorough review and clean-up in preparation for the merging of the planned new features for the 0.3 milestone.
Milestone information
- Project:
- upstart
- Series:
- 0.3
- Version:
- 0.3.2
- Code name:
- Could anybody have tampered with your luggage?
- Released:
- Registrant:
- Scott James Remnant (Canonical)
- Release registered:
- Active:
- No. Drivers cannot target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- No users assigned to blueprints and bugs.
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- No bugs are targeted to this milestone.
Download files for this release
Release notes
* Fix leak of inotify file descriptor that could allow any process on the system to remove upstart's watch on its configuration directory.
* New "emits" configuration stanza, used to list events that are emitted by the job itself. Intended for use by front-ends to draw event graphs and the like.
* Dropped "depends" configuration stanza and all related code. This will be replaced by the complex state mechanism.
* Rewritten IPC code to be significantly simpler, with the goal of having a stable interface once we hit the end of this milestone series.
* Rewritten configuration parser and inotify watch infrastructure to be more maintainable in future.
* Now supports systems where inotify is disabled.
* Duplicate configuration stanzas are no longer permitted.
* Bug fixes, especially concerning malloc failure
Changelog
2007-02-05 Scott James Remnant <email address hidden>
* NEWS: Update.
* init/process.c (process_spawn): Exit with 255 so we don't clash
with anything that uses 1 as a normal exit code. Note why we only
close 0..2 (everything else is FD_CLOEXEC).
* init/cfgfile.c (cfg_watch_dir): Mark the inotify watch descriptor
as FD_CLOEXEC.
* init/control.c (control_open): nih_io_set_cloexec can only ever
return EINVAL, so no point checking it.
2007-02-04 Scott James Remnant <email address hidden>
* init/tests/
2007-02-03 Scott James Remnant <email address hidden>
* init/control.c (control_open_sock, control_reopen)
(control_
sockets don't close -- so why try dealing with it?
(control_
it -- the socket should be fine, there's no remote end to be lost,
after all.
* init/tests/
(test_
* init/tests/
get unexpectedly opened anymore; so no need to close it.
* init/control.c (control_open): Remove the strange behaviour that
this can be called to get the socket. Instead make control_io
global; we're all adults after all.
* init/tests/
silly behaviour.
* init/notify.c (notify_job, notify_event): Use the control_io
pointer directly, and just do nothing if we lost it somehow.
* init/main.c (main): Being unable tp open the control socket, or
parse the configuration, should be a fatal error; stop being so
damned liberal! <g> Don't reset the signal state if we're
being restarted, as this loses any pending signals -- be happy
that our parent left them in a good state. Set SIGCHLD to the
standard handler, otherwise we might lose this before we start
the main loop (which does the same anyway).
(term_handler): Rework so we don't need to close and open the
control socket; instead we just close it in the child that's
going to send the state, and notify the parent that it's safe to
exec (which will cause it to be closed so the new init can open it).
* init/tests/
* init/tests/
* init/notify.c (notify_subscribe): Make safe against ENOMEM.
* init/tests/
* init/control.c: Add needed attributes; tidy up formatting.
(control_open): Don't let ENOMEM fail opening the control socket.
* init/control.h: Add needed attributes.
* init/tests/
* init/main.c (term_handler): Make sure we catch failure to open
the control socket again.
* TODO: Update
* init/cfgfile.c (cfg_watch_dir): Clean this up a bit; now we only
output a warning if inotify failed for any reason other than not
being supported AND walking worked.
* init/cfgfile.c (cfg_watch_dir): Update to even newer watch API;
our create_handler is now always called if inotify is successful,
so we just need to fall back to walking the directory when it
isn't -- if inotify isn't supported, don't even bother complaining.
(cfg_create_
make sure it's a regular file.
(cfg_visitor): Check the stat of the file visited to make sure it's
a regular file.
* init/cfgfile.c: Update include to upstart/enum.h
* init/job.c: Update include to upstart/enum.h
* init/job.h: Update include to upstart/enum.h
* logd/main.c: Add attribute to open_logging
* util/initctl.c: Split out the command functions into new files;
* util/jobs.c: This gets the job-related commands
* util/events.h: This gets the event-related commands
* util/initctl.h, util/jobs.h, util/events.h: Headers
* util/tests/
* util/tests/
* util/Makefile.am (initctl_SOURCES): Add new files.
(TESTS): Build new test suites.
(test_
Details for job-related commands test suite binary.
(test_
Details for event-related commands test suite binary.
* TODO: Remove item about splitting initctl now we've done it.
* TODO: Big update; strip anything we have a spec for.
* upstart/message.c (upstart_
fail to parse a message, we don't leave strings around in memory.
* upstart/
raised EADDRINUSE if we try an open a socket twice.
(test_handle): Add lots of checks for things like NULL names and
incomplete messages; as well as the obvious unknown message.
(test_reader): Make sure that errors while handling messages are
dealt with by logging it.
* upstart/job.c, upstart/job.h, upstart/
enum.c, enum.h and tests/test_enum.c; since this just includes enums
and convert functions really.
* upstart/
* upstart/
* upstart/
2007-02-01 Scott James Remnant <email address hidden>
* logd/main.c (main): Ensure we error if daemonise fails.
* compat/
are added, even if we run out of memory.
* upstart/
* upstart/
* init/tests/
* init/tests/
a value greater than zero.
* upstart/
the rationale here is that in test cases we just want to fail, not
try again repeatedly.
* upstart/
* init/tests/
return values of functions that raise errors.
* init/tests/
return values of functions that raise errors.
* init/cfgfile.c (cfg_watch_dir): Port to the new NihWatch API and
use nih_dir_walk(). This also fixes the long-standing bug where we
wouldn't watch the configuration directory if inotify was disabled.
Drop both the parent and prefix members for now, until we clean this
up later.
(cfg_create_
the job name.
(cfg_job_name): Function to figure out the job name from a path.
(cfg_visitor): Visitor function to handle initial parsing, figuring
out the job name; otherwise identical to the standard handler.
* init/cfgfile.h: Update prototype for cfg_watch_dir.
* init/main.c (main): Update call to cfg_watch_dir.
2007-01-31 Scott James Remnant <email address hidden>
* upstart/
allocations are handled properly.
2007-01-30 Scott James Remnant <email address hidden>
* upstart/wire.c: Note that if any of the push functions fail, the
entire buffer should be discarded.
* upstart/
(test_push_string, test_push_header, test_push_pack): Us
TEST_ALLOC_FAIL to ensure that failing to allocate memory is caught.
* upstart/
description after checking; they aren't otherwise.
* upstart/wire.c (upstart_
a copy of the va_list, so these can be called multiple times on the
same list without ill effect.
* upstart/message.h: Add warn_unused_result attributes to
upstart_
errors.
* upstart/wire.c: push functions return negative values to indicate
insufficient memory.
* upstart/wire.h: Add warn_unused_result attributes to push functions
* upstart/
nih_io_
* upstart/
* HACKING: Update from libnih with new Documentation,
Function Attributes and Test Cases sections.
2007-01-10 Scott James Remnant <email address hidden>
* init/main.c (crash_handler): s/SEGV/SIGSEGV/
* init/main.c (main): Rename variable
* TODO: Update.
* init/main.c (main): Change the way we clear the arguments; by
deleting just the final NULL terminator, we fool the kernel into
only returning one argument in cmdline.
* init/main.c (segv_handler): Rename to crash_handler and handle
SIGABRT as well, so we can catch assertion errors. Of course, in
theory, with our high test converage this should never happen in
practice <chortle>
2007-01-09 Scott James Remnant <email address hidden>
* init/main.c (main): Clear arguments so that upstart only ever
appears as /sbin/init in ps, top, etc.
* TODO: Update.
* util/initctl.c: Add data pointer to functions and handle calls.
* init/control.c: Add data pointer to all functions.
* init/tests/
upstart_
* init/tests/
upstart_
* upstart/message.c (upstart_
(upstart_
functions and pass it to the handler.
(upstart_
* upstart/message.h (UpstartMessage
the message handler.
* upstart/
Pass a data pointer to the function call and check it's passed
to the handler correctly.
(test_reader): Check that the io data pointer gets passed.
* init/tests/
(test_
the newer style test cases.
* init/cfgfile.c (cfg_stanza_
(cfg_stanza_nice, cfg_stanza_limit, cfg_stanza_chroot)
(cfg_stanza_
* init/tests/
(test_
exec if they have no arguments.
(test_
(test_
stanzas.
* init/cfgfile.c: Change remaining uses of nih_error_raise and
return to just nih_return_error.
* init/cfgfile.c (cfg_stanza_exec, cfg_stanza_daemon)
(cfg_stanza_
both of command strings, scripts, limits and of just the flags.
* init/tests/
(test_
Check the behaviour of these stanzas.
* init/cfgfile.c (cfg_stanza_start, cfg_stanza_stop): Disallow
duplicate values for the script.
* init/tests/
Test cases for those two functions.
* init/cfgfile.c (cfg_stanza_
(cfg_stanza_
* init/tests/
(test_
simple stanza; making sure duplication is not permitted.
(test_stanza_on): Add a test case for this stanza too.
* init/cfgfile.c (cfg_stanza_kill): Guard against duplicate uses
of the kill timeout stanza.
* init/tests/
kill stanza.
(test_stanza_pid): Check duplicate usage results in an error.
* init/job.h (Job): Rename pidfile to pid_file and binary to pid_binary
* init/job.c (job_new): Update names here too.
* init/errors.h: Add a new "duplicate value" error.
* init/cfgfile.c (cfg_read_job): Change name of variables, and catch
the duplicate value error to add the line number.
(cfg_stanza_pid): Change variable names, and clean this function up
a little. Make it an error to use a stanza more than once.
* init/tests/
case function for the pid stanza.
* init/cfgfile.c (cfg_stanza_
while, that we don't have to test has_token first as next_arg does
that for us.
* init/cfgfile.c (cfg_stanza_
token to see whether it's missing or not, and then just fetch each
next argument at a time. This is more efficient than parsing them
all in one go, and also means we can report the error in the right
place!
* init/tests/
changed the function that parses the stanza, add a proper test case
function for it, covering all the behaviours.
* init/job.c (job_new): Initialise the emits member to an empty list.
* init/job.h (Job): Add the emits member as a list.
* init/tests/
empty.
* init/tests/
stanza; this function will also serve as a prototype for cleaning up
the config tests.
* init/cfgfile.c (cfg_stanza_emits): Add function to parse the new
emits stanza.
* init/cfgfile.c (cfg_stanza_
from the configuration file. Dependency support has never been used,
and is to be replaced by a more flexible event/state configuration
and blocking on the starting/stopping events.
* init/tests/
depends stanza.
* init/job.h: Remove the depends list from the job structure.
* init/job.c (job_new): No depends list to initialise.
(job_change_
(job_start): No dependencies to iterate; this removes a particularly
hairy and complex interaction between state changes. Remove the
dependency event.
(job_release_
* init/tests/
these tests cases now we don't have dependencies to worry about.
(test_
2007-01-08 Scott James Remnant <email address hidden>
* init/cfgfile.c: Rewrite using the nih_config API, rather than one
huge function we now just have seperate handler functions for each
stanza. We can also use more fine-grained parsing than slurping
all args in and counting them.
(cfg_read_job): Catch exceptions from the configuration parser and
add the line number where the problem occurred to an output message.
Parser errors are now fatal, and not ignored.
* init/errors.h: Add a file containing errors raised within the init
daemon codebase.
* init/Makefile.am (init_SOURCES): Build with errors.h
* init/tests/
a job to be returned if there's a parser error.
* TODO: Update
2007-01-06 Scott James Remnant <email address hidden>
* logd/main.c (logging_reader): Fix inadvertent shadowing of the
len parameter.
* compat/
the messages in the new way.
* compat/
* TODO: Update.
* util/initctl.c (handle_
not the pid argument which contains the origin of the message.
* upstart/message.c (upstart_
message error if we don't have a handler and a new illegal message
error if the source is illegal.
* upstart/
for the new errors that we raise.
* upstart/errors.h: Define strings for new errors.
* util/initctl.c: Yet another makeover for this little program,
port it to the new message/control framework using handler functions
and NihIoMessage. This starts to make each action function look
very similar, so there's method to this madness.
2007-01-05 Scott James Remnant <email address hidden>
* logd/main.c (main): Make sure that we add the SIGTERM handler.
* init/tests/
on there only being one file descriptor watch, which won't be true
if the control socket has been opened because there's a message to
go out. Make sure it's closed first.
* init/init.supp: Update supressions file now that control_init
has been renamed to notify_init
* init/Makefile.am: Include notify.o from all tests.
* init/job.c (job_change_state, job_kill_process, job_start)
(job_stop): Use the new notify_job function name.
* init/event.c (event_queue_run): Use the new notify_event function
name.
* init/control.c (control_
that the process id is available to us.
* init/tests/
going away is handled properly.
* upstart/message.c (upstart_
the int_data message field.
* upstart/
is filled in.
* init/main.c (main): Guard against various things returning an error
that we weren't catching.
* init/tests/
* init/control.c (control_
(control_
to subscribe and unsubscribe from job and event notifications.
* init/tests/
(test_
and unsubscription messages work.
* init/Makefile.am (test_control_
* init/control.c: Drop unused include of upstart/errors.h
* init/notify.c: Move functions that handle subscription and
notification from control.c. Other than changing the names, we're
keeping the API the same for now; expect it to change later when we
add the ability to subscribe to individual jobs or events.
(notify_init): initialise the subscriptions list; we don't have a
separate send queue now that the control I/O is always asynchronous.
* init/notify.h: Moved notification enum, structure and prototypes
from control.h, changing the names so they match notify_* in the
process.
* init/Makefile.am (init_SOURCES): Build and link notify.c using
notify.h
(TESTS): Build the notify test suite binary.
(test_
for notify test suite binary.
* init/tests/
test_control.c so that we have one function for notify_job and
one for notify_event, each of which contains the child process that
receives the notification,
* init/control.c (control_open): Allow this to be called to obtain
the control socket, which means we can make it static.
* init/tests/
* init/control.c, init/control.h, init/tests/
functions that handle subscription and notification to new notify.c
(control_init): Drop completely, no need to maintain a send queue now
(control_open): Change to return an NihIo that uses the default
control watcher, and our error handler. Split socket opening into
(control_
(control_close): Use nih_io_close() to close the socket and free the
structure in one go.
(control_reopen): Close the open control socket and open it again
without destroying the NihIo structure, its queues or state.
(control_
(control_
including the connection refused error that indicates a client went
away.
(control_handle): Split this into a miriad of small functions with
a table to link them to the message type; this will make expanding
each message handler much easier in future.
* init/control.h: Update.
* init/tests/
handler functions; as a side-effect, this gets rid of the evil giant
child/parent functions in favour of one test function per handler
function.
* upstart/message.c (upstart_
around upstart_
a single function.
* upstart/message.h: Update.
* upstart/
calls the single function.
2007-01-04 Scott James Remnant <email address hidden>
* upstart/message.c (upstart_
that occurred while handling the message.
2007-01-02 Scott James Remnant <email address hidden>
* upstart/message.c (upstart_
argument is never NULL.
(upstart_
be associated with an I/O watch and handles each message received.
* upstart/message.h: Add prototype.
* upstart/
* upstart/control.c: Rename to upstart/message.c
* upstart/control.h: Rename to upstart/message.h
* upstart/
* upstart/
* upstart/wire.c: Include message.h
* upstart/wire.h: Update includes.
* upstart/
* upstart/errors.h: Rename UPSTART_
UPSTART_
* upstart/Makefile.am (libupstart_
(upstartinclud
* upstart/control.c (upstart_
creates an NihIoMessage directly from its arguments, which are a type
followed by a variable number of args depending on that type.
(upstart_
a particular message type and origin process.
(upstart_
and invokes a handler function with a variable number of args
depending on the message type.
(upstart_send_msg, upstart_
functions, leave it up to the caller to decide whether to send and
receive the messages synchronously or asynchronously; now that the
capability is in nih_io_*.
* upstart/control.h (UpstartMsgType): Rename to UpstartMessageType.
(UpstartMessag
that handles a message received.
(UpstartMsg): Drop this structure entirely, we'll encode or decode
the wire format directly from or into a function call, rather than
use an intermediate structure to marshal it.
(UpstartMessage): New structure to make a table that can be passed
to upstart_
* upstart/
* upstart/wire.c (upstart_
structure name for type parameter.
* upstart/wire.h: Update.
* upstart/
* configure.ac (AC_COPYRIGHT): Update copyright to 2007.
2006-12-29 Scott James Remnant <email address hidden>
* upstart/wire.c (upstart_write_int, upstart_
(upstart_
(upstart_
(upstart_read_int, upstart_
(upstart_
to *_pop_*.
All of the above modified to modify an NihIoMessage structure,
instead of trying to carry around buffers ourself.
* upstart/wire.h: Update to match above.
* upstart/
changes.
2006-12-21 Scott James Remnant <email address hidden>
* upstart/wire.c (upstart_
nih_assert_
* init/job.c (job_run_script): Open the NihIo structure in stream mode.
* logd/main.c (logging_watcher): Open the NihIo structure in
stream mode.
(logging_reader): Need to pass the length of the size_t as a pointer
so that it can be modified if less is read.
2006-12-17 Scott James Remnant <email address hidden>
* upstart/wire.c (upstart_
(upstart_
of different variables to the stream, or read them from it
* upstart/wire.h: Add prototypes.
* upstart/
Check we can read and write a pack of variables at once.
* upstart/wire.c (upstart_
the version from the header, we'll just keep the protocol always
backwards compatible.
* upstart/wire.h: Update.
* upstart/
Check that everything works.
* upstart/wire.c (upstart_
Transmit the length as an unsigned, and use 0xffffffff to mean NULL
instead of zero so we can still transmit the empty string.
* upstart/wire.h: Update.
* upstart/
Tests for the functions to make sure the wire is at it should be.
* upstart/wire.c (upstart_read_str, upstart_write_str): Rename to
upstart_
* upstart/wire.h: Update.
* upstart/wire.c (upstart_
Functions to send unsigned values over the wire, which we'll use
to get a bit extra for the string lengths.
* upstart/wire.h: Update.
* upstart/
(test_
* upstart/wire.c (upstart_
these functions, we'll go with something far more generic and
useful.
* upstart/wire.h: Remove prototypes.
* upstart/wire.c (upstart_write_int, upstart_read_int): Transmit
integers as signed 32-bit values in network byte order.
* upstart/
the functions to make sure the wire is at it should be,
* upstart/control.c (upstart_read_int, upstart_write_int)
(upstart_
(upstart_
functions to new wire.c file.
* upstart/wire.c: Source file to hold wire protocol functions.
* upstart/wire.h: Prototypes.
* upstart/
* upstart/
* upstart/Makefile.am (libupstart_
(upstartinclud
(TESTS): Build and run wire test suite.
(test_
wire test suite binary.
* upstart/control.c (MAGIC): Change to "upstart\n", the final
character was originally \0 and then was a " " for the 0.2 series.
* upstart/
2006-12-15 Scott James Remnant <email address hidden>
* util/initctl.c, compat/
Update all uses of the UpstartMsg structure to avoid the
intermediate union that no longer exists.
* init/control.c, init/tests/
the UpstartMsg structure to avoid the intermediate union that no
longer exists.
* upstart/control.h: Combine all the previous message structures
into just one that has all of the fields anyway.
* upstart/control.c, upstart/
the UpstartMsg structure to avoid the intermediate union that no
longer exists.
* upstart/control.h (UPSTART_
to be public.
* upstart/control.c (MSG_VERSION, upstart_
previous MSG_VERSION macro here.
* upstart/control.c (upstart_read_int, upstart_write_int)
(upstart_
(upstart_
New functions to replace the old "write a struct" protocol with
something a little more regimented and supportable.
(IOVEC_ADD, IOVEC_READ, WireHdr, WireJobPayload, WireJobStatusPa
(WireEventPayl
instead.
(upstart_
this makes the code somewhat neater.
(upstart_
again making the code somewhat neater.
* upstart/
tests to match new protocol, and thus actually work properly,
previously these were endian sensitive.
2006-12-14 Scott James Remnant <email address hidden>
* compat/
we don't put \r into a po file; for some reason, gettext hates that
and bitches about it. Someone's confusing internationalis
operating system portability, I expect.
* util/man/initctl.8: Drop reference to start(8), as that's just
a symlink to initctl now.
* init/man/init.8: Link to initctl.
* compat/
* HACKING: Correct some typos.
* configure.ac (AC_INIT): Correct bug reporting address.
2006-12-13 Scott James Remnant <email address hidden>
* configure.ac: Bump version to 0.3.2
0 blueprints and 0 bugs targeted
There are no feature specifications or bug tasks targeted to this milestone. The project's maintainer, driver, or bug supervisor can target specifications and bug tasks to this milestone to track the things that are expected to be completed for the release.