1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-20 14:03:39 +03:00

41858 Commits

Author SHA1 Message Date
Kir Kolyshkin
936a33812c kernel-install/90-loaderentry: fix when /boot is not mountpoint
I happen to have a machine where /boot is not a separate mountpoint,
but rather just a directory under /. After upgrade to recent Fedora,
I found out that grub2 can't find any new kernels.

This happens because loadentry script generates kernel and initrd file
paths relative to /boot, while grub2 expects path to be relative to the
root of filesystem on which they are residing.

This commit fixes this issue by using stat's %m to find the mount point
of a partition holding the images, and using it as a prefix to be
removed from ENTRY_DIR_ABS.

Note that %m for stat requires coreutils 8.6, released in Oct 2010.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 1cdbff1c844ce46f1d84d8feeed426ebfd550988)
(cherry picked from commit 2ee1c57c4ff4fd3349cf03c2e89fbd18ca0b3a4a)
(cherry picked from commit 325edff51a8f03c8c777a6c2762e7891266cc9dc)
(cherry picked from commit 3ceaa81c61b654ebf562464d142675bd4d57d7b6)
v243.9
2020-09-20 12:51:37 +02:00
Lennart Poettering
6eecf08562 nspawn: fix fd leak on failure path
(cherry picked from commit 2fef50cd9eee59cea6145639f6bd464939fac624)
(cherry picked from commit f2763ff6cd9385e82171e17ed83a7698c7f561fd)
(cherry picked from commit 8bc7ff600f065106eed3cad5689ad5db6ab68583)
(cherry picked from commit ecbb5a4f6796cbb9d370ab881155ed1b29142c8f)
2020-09-20 12:51:32 +02:00
Lennart Poettering
7f0787e8fc nspawn: check return of setsid()
Let's verify that everything works the way we expect it to work, hence
check setsid() return code.

(cherry picked from commit efe426624046089b74b70708e61f304f3cd414a7)
(cherry picked from commit 6f9c8af500fd4362d656917703eab4f941e7e45a)
(cherry picked from commit a049ddfc61e20b19fbb64d59602e25e8ccad140e)
(cherry picked from commit a09947ddd473bd5d73789a92db6a09c128bb6db9)
2020-09-20 12:51:29 +02:00
Lennart Poettering
699f1c9ed2 dissect: is_loop_device() returns negative on error, don't mistake that is true
(cherry picked from commit 3afda7c7976c25db786948a961873fa5c2c8e0e9)
(cherry picked from commit 31875b3cb05a2de76054752d40a810e40c8dbe87)
(cherry picked from commit 0dccd1f82b8f8b30bd6b059eba9254a08fa54861)
(cherry picked from commit 334f8e2e8fe07e1034d8ae1f94a02312ff19c0ce)
2020-09-20 12:51:26 +02:00
Lennart Poettering
71ef5b6263 dissect: always invalidate secondary arch partitions if we found primary arch
Let's suppress the secondary arch data, since we never ever want to
mount it if we found the primary arch.

Previously we only suppressed in the Verity case, but there's little
reason to entertain the idea of a secondary arch in non-Verity
environments either, we are not going to use them, and should not do
decryption or anything like that.

(cherry picked from commit 74cb2db9f403dfe17cabc6dac48b0f49a84eb03f)
(cherry picked from commit 418cf0e78c067f7249f4769f78c8c199d907935f)
(cherry picked from commit 7f2b6a50d3c47da8a697f50c0bc191902ebec069)
(cherry picked from commit b6efbbfb001a41c4e74a716f73c67abe8250594e)
2020-09-20 12:51:22 +02:00
Yu Watanabe
3a9542a64e util: wireguard is merged into upstream kernel
(cherry picked from commit e29e5db7dff1442ef73cbcd0c898e11078e1042d)
(cherry picked from commit 1d17c00260a923188363fc32363ff8b6bae06230)
(cherry picked from commit bc321efb7a1c253f1bf584d97303c447db68a8e8)
(cherry picked from commit dc5c5cd5c864aaae8c2695c2b833d556d8df0f98)
2020-09-20 12:51:17 +02:00
Juergen Hoetzel
6773496d75 busctl: add missing shortopt -l
(cherry picked from commit 150c430fd499082164b6ddbd2f501e2333261a78)
(cherry picked from commit d08f6fddc0a04a212dff9da14f77e3923414c233)
(cherry picked from commit 277b8bb5981160b3cc6b0525414df6a5e1841b19)
(cherry picked from commit f4777883f987929a0c618355a9dec6649adebaed)
2020-09-20 12:51:08 +02:00
Lennart Poettering
1d59425025 bootctl: handle if LoaderSystemToken is invalid for some reason
This points to some firmware issue, but we should still be able to
correct things if this happens. Hence log about this and fix it.

Fixes: #17041
(cherry picked from commit ad0b610b0c1c2595c32b6235e7ac5ad7fba6e0aa)
(cherry picked from commit a06cf9a5bad917b9ac6016c940c5f0f0238f266f)
(cherry picked from commit 387881ae21acc1022c5c8c17f273ecc254fffe24)
(cherry picked from commit 9f6249eb7fe14ea975dd9d48681408005f598fe4)
2020-09-20 12:51:04 +02:00
Lennart Poettering
df14a16009 hashmap: make sure to initialize shared hash key atomically
if we allocate a bunch of hash tables all at the same time, with none
earlier than the other, there's a good chance we'll initialize the
shared hash key multiple times, so that some threads will see a
different shared hash key than others.

Let's fix that, and make sure really everyone sees the same hash key.

Fixes: #17007
(cherry picked from commit ae0b700a856c0ae460d271bb50dccfaae84dbcab)
(cherry picked from commit e662cf6d515daad19e70c3d85e244b213ac48997)
(cherry picked from commit 1557cfcf7ce1f2b9f2dbd28e1f9ee9fad606dec0)
(cherry picked from commit bda316cc0a2650f8bf1f1e8c60ef7a7e639189ec)
2020-09-20 12:50:55 +02:00
Yu Watanabe
9bd145495f backlight: do not claim that ID_BACKLIGHT_CLAMP= property is not set
(cherry picked from commit 06d98bdc81b233584d4b225892d358f324b7030b)
(cherry picked from commit 8758580ef561d9889990c89283acf82f8a9a66dc)
(cherry picked from commit 1c12ac48ad030aebfb473078a283ba262cc35549)
(cherry picked from commit b80ea9e3da726f6d545534d83e80c4271914b491)
2020-09-20 12:50:52 +02:00
Lennart Poettering
004eab49e3 coredump: don't convert s → µs twice
We already append 000000 early on when parsing the cmdline args, let's
not do that a second time.

Fixes: #16919
(cherry picked from commit 64a5384fd2cde9b66a778c318036e7771f273f17)
(cherry picked from commit 2239965c299e53db961f4294ccd5cbbda4f377df)
(cherry picked from commit a46a8189e370a5f1b58f0cf7158386cee4555fb4)
(cherry picked from commit c829f6e7ca5a3480c5995deb96ee77643128e546)
2020-09-20 12:50:48 +02:00
afg
0fe18a3235 firstboot: fill empty color if ansi_color unavailable from os-release
(cherry picked from commit ae0d36c161ef0b8bde08d37674eb500061245728)
(cherry picked from commit 61d29b7f8c57898ba1a15a8fab90fde7c95efbc6)
(cherry picked from commit fe01ff05031f58658b092f57c515a98956ebf218)
(cherry picked from commit bb9d872398f3d6d5dae4049d66669352c9d22e21)
2020-09-20 12:50:45 +02:00
Lennart Poettering
7d945cfe68 resolved: make sure we initialize t->answer_errno before completing the transaction
We must have the error number around when completing the transaction.
Let's hence make sure we always initialize it *first* (we accidentally
did it once after).

Fixes: #11626
(cherry picked from commit fd8a30170342cfe245ea6acac392c2b224f0ae1b)
(cherry picked from commit 38ae73fafd39915e7b40fe311165fcec79fc0ee8)
(cherry picked from commit 54948d498a7b0ad446907ff51ecd549484d517bb)
(cherry picked from commit 156570cc774bd129e889c6a44c094189ac0e8fb1)
2020-09-20 12:50:40 +02:00
Fabrice Fontaine
fe1457a878 src/shared/dissect-image.c: fix build without blkdid (#16901)
N_DEVICE_NODE_LIST_ATTEMPTS is unconditionally used since version 246 and
ac1f3ad05f

However, this variable is only defined if HAVE_BLKID is set resulting in
the following build failure if cryptsetup is enabled but not libblkid:

../src/shared/dissect-image.c:1336:34: error: 'N_DEVICE_NODE_LIST_ATTEMPTS' undeclared (first use in this function)
 1336 |         for (unsigned i = 0; i < N_DEVICE_NODE_LIST_ATTEMPTS; i++) {
      |

Fixes:
 - http://autobuild.buildroot.org/results/67782c225c08387c1bbcbea9eee3ca12bc6577cd
(cherry picked from commit 28e2641a1aa506c5df93c7a0cb107aed8297b45e)
(cherry picked from commit d6b1e659b366283fe7c7961c3d1e1550c6b1b1eb)
(cherry picked from commit 2cba282b0c0d0cae7903f9953220efe798f5c7ec)
(cherry picked from commit 02bba02fa699732881d4ac771dc5b11c00ec459c)
2020-09-20 12:50:35 +02:00
Lennart Poettering
741c8b763a analyze: fix error handling in one case
(cherry picked from commit 0f849d0af983922e1571b958c9ca42f51e799190)
(cherry picked from commit e42f9add21da833ce2d26d4763c022aceec20853)
(cherry picked from commit f1d740fdb177b912c8a600cd786258f992313f08)
(cherry picked from commit 13cb5986312bf877dd301087f72c13e4b4a620f9)
2020-09-20 12:50:31 +02:00
Kyle Russell
785af6f916 units: add missing usb-gadget.target
(cherry picked from commit dd050420390c6557354b0e3aaecd52abc4bf906c)
(cherry picked from commit 4804ce148812b0f682e2c0fe16b4677ba0fc556d)
(cherry picked from commit 4db76e17a469c8f15ac818263c145c1b66356e79)
(cherry picked from commit 6ab20e9f3b047dc24e2c2c35e8df2159eb4691ba)
2020-09-20 12:50:16 +02:00
Ikey Doherty
6f0f90430c login/logind: Include sys/stat.h for struct stat usage
We need to include `<sys/stat.h>` for usage of the `struct stat` in
the Manager struct, much as we already include `<stdbool.h>` for C99
booleans.

This helps alleviate another minor build failure on non-glibc systems.

(cherry picked from commit 97207ac85cb8f8cba9459694255ff0396f020279)
(cherry picked from commit 2fb612371dfec40a90be975f9110341cac42300d)
(cherry picked from commit e88aec2c30d1fafcca457489bf2ecb7075431992)
(cherry picked from commit 9ef259dd4d8bd38634628a503226835ff6c50e6e)
2020-09-20 12:50:12 +02:00
Michal Koutný
340200edef missing: Add new Linux capability
Yet another new capability coming in Linux kernel v5.9.
Make sure we can recongize them even when built with older kernel headers.

(cherry picked from commit 94d21c2ef6cd6bb035d4c21c98ab001c0abd4cbe)
(cherry picked from commit 23529212447e6a836440e0729c3562d8e0d4c891)
(cherry picked from commit 31d80185883792a9dad1519ee147a3c9e02f960c)
(cherry picked from commit 34b4dc64c6358c4dd5989778db86c4d90dadb4c9)
2020-09-20 12:49:51 +02:00
Chris Down
78a267e2e3 path: Improve $PATH search directory case
Previously:

1. last_error wouldn't be updated with errors from is_dir;
2. We'd always issue a stat(), even for binaries without execute;
3. We used stat() instead of access(), which is cheaper.

This change avoids all of those, by only checking inside X_OK-positive
case whether access() works on the path with an extra slash appended.
Thanks to Lennart for the suggestion.

(cherry picked from commit 33e1a5d8d3f792e1d98377fe439e123231032ec7)
(cherry picked from commit a4236a27644705e58836f5d547d5aef50d568c11)
(cherry picked from commit 6a30d4e98032575d385a09d15782be74cbef6dfe)
(cherry picked from commit 0783b4f8cecda4f21e9021495377e2c807a32a5e)
2020-09-20 12:49:19 +02:00
Chris Down
67d1efbc89 path: Skip directories when finalising $PATH search
Imagine $PATH /a:/b. There is an echo command at /b/echo. Under this
configuration, this works fine:

    % systemd-run --user --scope echo .
    Running scope as unit: run-rfe98e0574b424d63a641644af511ff30.scope
    .

However, if I do `mkdir /a/echo`, this happens:

    % systemd-run --user --scope echo .
    Running scope as unit: run-rcbe9369537ed47f282ee12ce9f692046.scope
    Failed to execute: Permission denied

We check whether the resulting file is executable for the performing
user, but of course, most directories are anyway, since that's needed to
list within it. As such, another is_dir() check is needed prior to
considering the search result final.

Another approach might be to check S_ISREG, but there may be more gnarly
edge cases there than just eliminating this obviously pathological
example, so let's just do this for now.

(cherry picked from commit 8b5cb69bc8b70d1dcc39ed2165907723099bd9d8)
(cherry picked from commit b7cef386bd1bc810f5bb12d84c2ec4d6428231e3)
(cherry picked from commit 0752452dc504be958c38af7d49ef5b729b28de5c)
(cherry picked from commit d0735d81d406d51d320b190e522979200f5b3a8e)
2020-09-20 12:49:16 +02:00
Alec Moskvin
c8033646de rules: don't install 80-drivers.rules when kmod is disabled
(cherry picked from commit dd47b25220f69f869679089da5cc848cf9cd0c78)
(cherry picked from commit 122945f315c8ccb1ecaf8384aff85931791d45d3)
(cherry picked from commit 7d250c485fe5c0974b226767b3744e0c543ae005)
(cherry picked from commit 436872f995d712736ca917aa903921448831bbe2)
2020-09-20 12:49:13 +02:00
Ronan Pigott
f22b83e088 zsh: correct journalctl command completion parsing
(cherry picked from commit 45b156c1559da468f1c12aa5170858574c9b5831)
(cherry picked from commit 42fab2d454a33f11d545db1d5e90d73deaf4dd9e)
(cherry picked from commit 2d0e391967ac53e1b011c63304c7ade98a3797c7)
(cherry picked from commit 342dc4c15f30d0c9ef4558e5245bccfe2077376b)
2020-09-20 12:49:10 +02:00
Zbigniew Jędrzejewski-Szmek
1b124055ad basic/missing_syscall: fix syscall numbers for arm64 :(
(cherry picked from commit b6ce3d2c0152a17210bb7fd31bb92a289f181a57)
(cherry picked from commit ed3f97f9625f6349045a4b80581bbf76cc4fcdbd)
(cherry picked from commit 77dddecfd0ca9200d8d241d3baf8a00cb640bd75)
(cherry picked from commit fec0bb6df444c8dd9067ec93e1398476a5fef858)
2020-09-20 12:49:04 +02:00
Zbigniew Jędrzejewski-Szmek
84f9f30c24 shared/install: fix preset operations for non-service instantiated units
Fixes https://github.com/coreos/ignition/issues/1064.

(cherry picked from commit 47ab95fe4315b3f7ee5a3694460a744bb88c52fd)
(cherry picked from commit ba6e7f7c46d916a7eacddc17edb8be3e4f4dd67e)
(cherry picked from commit 79638f63d6ddfe75f05d6936baff5de7f4253fe2)
(cherry picked from commit bea900bb318c094f2bc029a73afdfa02cc56911c)
2020-09-20 12:49:00 +02:00
Lennart Poettering
87852706ee user-runtime-dir: deal gracefully with missing logind properties
Fixes: #16685
(cherry picked from commit 5d1e68b49489574ef57947c5f1adfc761547eea9)
(cherry picked from commit 6cd058f305dce7aa6b20d88496b80a5dd25745d3)
(cherry picked from commit 590b9f585c77848b6df1d254dc51bb736cfc192d)
(cherry picked from commit 677fb2b663e25484e91f16ffad16c118c46e7879)
2020-09-20 12:48:56 +02:00
Zbigniew Jędrzejewski-Szmek
5be2841352 shared/seccomp: do not use ifdef guards around textual syscall names
It is possible that we will be running with an upgraded libseccomp, in which
case libseccomp might know the syscall name, even if the number is not known at
the time when systemd is being compiled. The guard only serves to break such
upgrades, by requiring that we also recompile systemd.

For s390-specific syscalls, use a define to exclude them, so that that we don't
try to filter them on other arches.

(cherry picked from commit 6da432fd542af5553742b905a0f87a825a28a399)
(cherry picked from commit 6a2d73638d8c710676107aedd7ad02abcb47975d)
(cherry picked from commit b92dbd67decb443cfc35b357fb6e627e4148aadf)
(cherry picked from commit 11a97bc230f62e8c94559ccf656d3e0236429561)
2020-09-20 12:48:52 +02:00
Lennart Poettering
d8ade6cd67 machine-id-setup: don't use KVM or container manager supplied uuid if in chroot env
Fixes: #16758
(cherry picked from commit 1f894e682cb34d8d713378d01dc0565b7b5a245f)
(cherry picked from commit 7355ac9689e9213e0d4a1f1ed7f41e736842ec5c)
(cherry picked from commit 52634dadb58d48527f758fe2604ca677e4fe5d3c)
(cherry picked from commit d411a4d6a629095bb234e8f8451c18c0a70fe3e2)
2020-09-20 12:48:48 +02:00
Zbigniew Jędrzejewski-Szmek
5562a16675 analyze-security: do not assign badness to filtered-out syscalls
Fixes #16451, https://bugzilla.redhat.com/show_bug.cgi?id=1856273.

(cherry picked from commit 01ecb3674ad3650bcbb14155b2dcbd4b9f4ed57e)
(cherry picked from commit 8b62cadf368cf017ad3c7921e6b39ddd664f74e2)
(cherry picked from commit 1997c2788855ab359abf7a1667164042e4936aa9)
(cherry picked from commit 9b078df0ba01f2bcfde54aee698500a3804ec71e)
2020-09-20 12:48:41 +02:00
Alyssa Ross
ba6cce0af1 load-fragment: fix grammar in error messages
(cherry picked from commit 556a7bbed607ec8cbbf4affc5d862ef92403418e)
(cherry picked from commit 76331f86f630bd884f2e16a36d66c55b2b22c8e1)
(cherry picked from commit 6cf2ec5da11488c31415f94180ad799a0187ce6c)
(cherry picked from commit da0cc77b520cc8b1f96ad8f5124d7a70c4001e74)
2020-09-20 12:48:37 +02:00
Lennart Poettering
861450434d test: accept that char device 0/0 can now be created witout privileges
Fixes: #16721
(cherry picked from commit 5b5ce6298e5a1c09beacd5c963e2350979cbf94a)
(cherry picked from commit f44ec1de15ca64babe4d6686765333b326036cb8)
(cherry picked from commit 9d3eb2111555a3a485db68cb331c08ab9fbeeb12)
(cherry picked from commit 74d7c53e5fd3edcd568b05197868714ac1a22e0c)
2020-09-20 12:48:33 +02:00
Haochen Tong
6dd2ab0a7d tools/make-man-index: fix purpose text that contains tags
(cherry picked from commit f3317336450e1145b97ae9e38bd626f3d4c88eb8)
(cherry picked from commit 946e4c43bb4ac189259b3cbc035400ca90a8148f)
(cherry picked from commit 31c85925a9c1de385be0a0bab3574bf3e2aa3987)
(cherry picked from commit 5c35bcf3291839f6223e5d3e123765164fce61bd)
2020-09-20 12:48:29 +02:00
Michael Scherer
c9a5522cd1 Newer Glibc use faccessat2 to implement faccessat
cf https://repo.or.cz/glibc.git/commit/3d3ab573a5f3071992cbc4f57d50d1d29d55bde2

This cause breakage on Fedora Rawhide: https://bugzilla.redhat.com/show_bug.cgi?id=1869030

(cherry picked from commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc)
(cherry picked from commit 0d026c9b0d2fbf62d0a69aa1715ccb4f7c6dc2fe)
(cherry picked from commit 458129fa078ef0128f0cc255293139efbe032417)
(cherry picked from commit da1eb548fbb674d9d11fb6137956fec2b155a066)
2020-09-20 12:48:24 +02:00
Kamil Dudka
5925fe6b81 _sd-common.h: avoid parsing errors with Coverity
The commit 1070d271fa8fa553d57dd5f74dd1e3f60732d0b9 which was supposed
too fix this does not seem to take effect any more.  We get again 34%
compilation success rate while scanning systemd itself.  Moreover, the
installed header file breaks compilation of programs that include it:

"/usr/include/systemd/_sd-common.h", line 23: error #35: #error directive: "Do
          not include _sd-common.h directly; it is a private header."
  #  error "Do not include _sd-common.h directly; it is a private header."
     ^

(cherry picked from commit 4191b3282afbca9f1ef333f91bb6566c374da1fe)
(cherry picked from commit 5aec8fe54e47dbffc9ed705e4211f935bdca1550)
(cherry picked from commit 42f329455667e48131c2a8d3d63f5ce2211d9a92)
(cherry picked from commit d091e19bbdceafa915e63f71e13bb1e1955a62f5)
2020-09-20 12:48:10 +02:00
Daan De Meyer
8504c6ee2a nspawn: Fix incorrect usage of putenv
strv_env_get only returns the environment variable value. putenv expects
KEY=VALUE format strings. Use setenv instead to fix the use.

(cherry picked from commit 6f646e01755df587bb33dae4ca78cdaad5721f5e)
(cherry picked from commit b81504a3c76bfb3afd339cb74988892f9dccedd1)
(cherry picked from commit 492a8b34178cf851ded4f23815d1182025bbbf8a)
(cherry picked from commit d56055f47f5ba86e0f56126e364b1939d035001f)
2020-09-20 12:48:07 +02:00
Amitanand.Chikorde
8ca6e3dc71 udev: fix codesonar warnings
Fixed below systemd codesonar warning.
isprint() is invoked here with an argument of signed
type char, but only has defined behavior for int arguments that are
either representable as unsigned char or equal to the value
of macro EOF(-1).

As per codesonar report, in a number of libc implementations, isprint()
function implemented using lookup tables (arrays): passing in a
negative value can result in a read underrun.

(cherry picked from commit e7e954243a17cceb5278aac6249ee0dcc119b1eb)
(cherry picked from commit 1b9c95bfbf7e5fc32e033851bf06f0a9f7f9f08b)
(cherry picked from commit 674a2beff0ac7b1cb0358401d6f64d726bca4e4f)
2020-09-20 12:48:03 +02:00
Yu Watanabe
2cdfcdf435 sd-boot: fix -Wpointer-sign warning
(cherry picked from commit efda8aebcb0e3731ba56fa11499f318a50ea4e30)
(cherry picked from commit 16477684d2922b17c63e6799225bf2b92a020a80)
2020-09-20 12:47:59 +02:00
Zbigniew Jędrzejewski-Szmek
07c610c407 network: fix static assertion on IPPROTO_MAX range
Builds with recent glibc would fail with:
../src/network/netdev/fou-tunnel.c: In function ‘config_parse_ip_protocol’:
../src/basic/macro.h:380:9: error: static assertion failed: "IPPROTO_MAX-1 <= UINT8_MAX"
  380 |         static_assert(expr, #expr)
      |         ^~~~~~~~~~~~~
../src/network/netdev/fou-tunnel.c:161:9: note: in expansion of macro ‘assert_cc’
  161 |         assert_cc(IPPROTO_MAX-1 <= UINT8_MAX);
      |         ^~~~~~~~~

This is because f9ac84f92f151e07586c55e14ed628d493a5929d (present in
glibc-2.31.9000-9.fc33.x86_64) added IPPROTO_MPTCP=262, following
v5.5-rc5-1002-gfaf391c382 in the kernel.

(cherry picked from commit 3d58d7328a6ecbc61d3494803d705edd8a108d72)
(cherry picked from commit c5e346905952fef0f163d91522dd43333f1f219d)
(cherry picked from commit cc8aeb9916ee5ea026bec4cec8543ecfd73ed458)
2020-09-20 12:47:55 +02:00
Daniel Fullmer
02a42a3ff1 sd-boot: fix menu ordering with boot counting
systemd-boot selects the last valid entry by default, not the first.

Fixes: #15256
(cherry picked from commit e6190e2882e1d6772a9e586fcc65c91d406e52fb)
(cherry picked from commit c5883bc08877d8bad10110434037a3c21950a71a)
(cherry picked from commit f047b0706c01f99c1b781f44b7b4d95ecdb8abe2)
2020-09-20 12:47:51 +02:00
Zbigniew Jędrzejewski-Szmek
aa923cab34 basic/user-util: always use base 10 for user/group numbers
We would parse numbers with base prefixes as user identifiers. For example,
"0x2b3bfa0" would be interpreted as UID==45334432 and "01750" would be
interpreted as UID==1000. This parsing was used also in cases where either a
user/group name or number may be specified. This means that names like
0x2b3bfa0 would be ambiguous: they are a valid user name according to our
documented relaxed rules, but they would also be parsed as numeric uids.

This behaviour is definitely not expected by users, since tools generally only
accept decimal numbers (e.g. id, getent passwd), while other tools only accept
user names and thus will interpret such strings as user names without even
attempting to convert them to numbers (su, ssh). So let's follow suit and only
accept numbers in decimal notation. Effectively this means that we will reject
such strings as a username/uid/groupname/gid where strict mode is used, and try
to look up a user/group with such a name in relaxed mode.

Since the function changed is fairly low-level and fairly widely used, this
affects multiple tools: loginctl show-user/enable-linger/disable-linger foo',
the third argument in sysusers.d, fourth and fifth arguments in tmpfiles.d,
etc.

Fixes #15985.

(cherry picked from commit 156a5fd297b61bce31630d7a52c15614bf784843)
(cherry picked from commit 9498903de6c1f7b0c3e5f1654d0ee451a304c59d)
(cherry picked from commit 1d1f5006cbe239b29092602f59baa062f4ef95c6)
2020-09-20 12:47:27 +02:00
Yu Watanabe
04eec49570 parse-util: backport safe_atou32_full()
We need this for a follow up security fix.

(cherry picked from commit b934ac3d6e7dcad114776ef30ee9098693e7ab7e)
(cherry picked from commit 64126925181809e7c0b8916471186c0bfa19d6ce)
(cherry picked from commit b07d782047fecfa29d9d94cc826ed70eb2a3ab13)
2020-09-20 12:47:23 +02:00
Zbigniew Jędrzejewski-Szmek
3120ad895b Fix build with µhttpd 0.9.71
The return type of callbacks was changed from int to an enum.

(cherry picked from commit d17eabb1052e7c8c432331a7a782845e36164f01)
(cherry picked from commit a91ed646aa698ff530770c836c174fb7b3a5e799)
(cherry picked from commit 7bc54463ced882ac31fd42b2e34a9e764330a31a)
2020-09-20 12:47:18 +02:00
Oliver Giles
b9a0681303 makefs: strdup arguments to mkfs
Don't pass values from argv[] directly to child process forked using
safe_fork, because it clears argv[]. strdup them first.

(cherry picked from commit c315b79fb43a4d921a533ba0c2cb303324887993)
(cherry picked from commit ec9fd71358d617d5f178d42b82cf20f89973f687)
2020-09-20 12:47:01 +02:00
Yu Watanabe
6d840ca77e network-generator: allow empty hostname
Fixes #14319.

(cherry picked from commit 21a925a4ac7955e7d7e6cfd477e96d3a2aaee7db)
(cherry picked from commit efd5b1d443fee81a48939e3f86e7feb338f26211)
2020-09-20 12:46:57 +02:00
Zbigniew Jędrzejewski-Szmek
165ae6edc6 kernel-install: strip BOOT_IMAGE= from kernel options
https://bugzilla.redhat.com/show_bug.cgi?id=1716164.
(cherry picked from commit e60228bf68427c0c0f96f816ee9124fd39585038)
(cherry picked from commit 2095b6a279cfe6e9688c5c357d550289dfcd8e8d)
2020-03-26 15:31:58 +01:00
pelzvieh
b754ff8b63 davfs is a network file system
(cherry picked from commit 137d4487511b3221d3c9165326bf55f297dcd5a6)
(cherry picked from commit 98a349465291801537b644ff1478ac2daeeeba21)
(cherry picked from commit cd7d8bb96291a33c510cb8f9e7c7494af3d1b0b5)
v243.8
2020-03-26 14:34:16 +01:00
Franck Bui
b61a575a5b logind: log a more accurate error when we failed at session creation
We used to log the following error:

  "Start job for unit user-1000.slice failed with 'canceled'"

which can be really misleading if the actual job failed at *stopping* a unit.

Indeed "Start" was hard coded but it was wrong since we can also fail with stop
jobs which are enqueued when a session is stopped.

(cherry picked from commit b39648ed47065202b343d1d4bde3232d81fdfecc)
(cherry picked from commit 8f0feac20f7d4c29a42839343308fcd602ec5b63)
(cherry picked from commit 6aae7f596afd62a72b18c92f464abc8bebbc8cba)
2020-03-26 14:34:10 +01:00
Joerg Behrmann
6127224ef9 docs: Add syntax for templated units to systemd.preset man page
This documents the syntax

     enable template@.service foo bar baz

that was introduced in #9901 to preset templated units.

(cherry picked from commit 1f667d8a7cff4355cd23ebebeb4d7179e3498eb8)
(cherry picked from commit d1d3f2aa1561a9a75ce58026ef0a6bd4c5b464ac)
(cherry picked from commit f4d5928122fe632b441145750a03d95fd8dd2cc6)
2020-03-26 14:34:04 +01:00
Zbigniew Jędrzejewski-Szmek
b431688238 man: add a tiny bit of markup
(cherry picked from commit 0b1b0a01ab22c088046634c46c496022e7e60673)
(cherry picked from commit 3c69813c69af90e75acf9a80047ecf5b075c138d)
(cherry picked from commit 148f7b147aaba46491cec23ec44e4e998a84900f)
2020-03-26 14:34:04 +01:00
Frantisek Sumsal
d021d69a77 test: wait a bit after starting the test service
otherwise we might end up being faster than the unit itself, causing
unexpected fails, like:

```
testsuite.sh[297]: + systemctl start issue_14566_test
testsuite.sh[297]: + systemctl status issue_14566_test
testsuite.sh[304]: ● issue_14566_test.service - Issue 14566 Repro
testsuite.sh[304]:      Loaded: loaded (/etc/systemd/system/issue_14566_test.service; static; vendor preset: enabled)
testsuite.sh[304]:      Active: active (running) since Sat 2020-03-14 02:02:23 UTC; 417ms ago
testsuite.sh[304]:    Main PID: 301 ((repro.sh))
testsuite.sh[304]:       Tasks: 1 (limit: 535)
testsuite.sh[304]:      Memory: 180.0K
testsuite.sh[304]:         CPU: 122ms
testsuite.sh[304]:      CGroup: /system.slice/issue_14566_test.service
testsuite.sh[304]:              └─301 [(repro.sh)]
testsuite.sh[307]: ++ cat /leakedtestpid
testsuite.sh[307]: cat: /leakedtestpid: No such file or directory
testsuite.sh[297]: + leaked_pid=
```

(cherry picked from commit 197298ff9fc930de450330095cc5b67d165d0801)
(cherry picked from commit e110f4dacb6d56fc9d99456422c2cff7e54ae7f0)
(cherry picked from commit dbe16df9cd50dc6c3662fb90295edebb37c2fdad)
2020-03-26 14:33:55 +01:00
Georg Müller
479d7a9035 fix journalctl regression (#15099)
This regression was introduced in #14913.

The current_file variable can be NULL, as, for example, with the
following commands:

* journalctl --list-boots
* journalctl -b -1 --no-pager

Since current_file is only checked for pointer equality with f, removing
the assertion is safe here.

(cherry picked from commit 8d0726fcd7b72f2a6f75dd731cbf7c8d4df107ef)
(cherry picked from commit e8df08cfdb20e31066559c53420d7fd56b31ec01)
(cherry picked from commit a713f52ddb09e8ef606c12e559d787355c67aa7e)
2020-03-26 14:32:43 +01:00