1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-18 06:03:42 +03:00

55215 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
ed0e6f0f71
Merge pull request #21307 from medhefgo/boot-alloc
sd-boot: Non-failing allocators
2021-12-07 08:20:07 +01:00
Yu Watanabe
543240f593 network/netdev: drop spurious state from the condition to create stacked netdevs
Stacked netdevs are requested when the underlying interface is in
configuring state.
2021-12-07 15:58:25 +09:00
Yu Watanabe
f7144e7b0f network/netdev: create stacked netdevs after all set-link operations are finished
E.g. setting MAC address must be done before creating VLAN interface.
2021-12-07 15:58:25 +09:00
Yu Watanabe
879377cad5 network: do not block configuring addresses by creating stacked netdevs
`link_is_ready_to_configure()` is used to judge we can configure
addresses, routes, and etc. And they can be configured independently of
stacked netdevs.
2021-12-07 15:58:25 +09:00
Yu Watanabe
5329a37935 network: set MAC address before enslaving to bond or bridge interface
As the master interface may inherit the slave MAC address.
2021-12-07 15:58:25 +09:00
Maciek Borzecki
0ddd608a6d units/systemd-udevd: allow bpf() syscall
Programs run by udev triggers may need to execute the bpf() syscall. Even more
so, since on a cgroup v2 system, the only way to set up device access filtering
is to install a BPF program on the cgroup in question and one way of passing
data to such program is through BPF maps, which can only be access using the
bpf() syscall. One such use case was identified in RHBZ#2025264 related to
snap-device-helper, and led to RHBZ#2027627 being filed.

Unfortunately there is no finer grained control over what gets passed in the
syscall, so just enable bpf() and leave fine grained mediation to other
security layers (eg. SELinux).

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2027627

Signed-off-by: Maciek Borzecki <maciek.borzecki@gmail.com>
2021-12-07 07:37:54 +01:00
Zbigniew Jędrzejewski-Szmek
f66d548c1a
Merge pull request #21598 from DaanDeMeyer/journald-file
journal: Fix re-enabling COW for archived journal files on BTRFS
2021-12-07 07:35:34 +01:00
Yu Watanabe
45aa0e841b network,udev: do not adjust local assignment bit of specified MAC address
People often assigns the MAC address of the enslaved interface to e.g.
bridge interface. So, the local assignment bit should not be adjusted.

Fixes #21649.
2021-12-07 15:01:04 +09:00
Yu Watanabe
f836390fa7
Merge pull request #21642 from yuwata/network-state-file-ignore-dynamic-when-dbus-entry-exists
network: state-file: ignore dynamic entries when specified by DBus method
2021-12-07 09:51:38 +09:00
Luca Boccassi
5328f80e92
Merge pull request #21646 from mrc0mmand/lgtm-followups
LGTM follow-ups
2021-12-07 00:14:45 +00:00
Luca Boccassi
3f88d5046f
Merge pull request #21639 from yuwata/network-dhcp6pd-use-dhcp6_pd_prefix_acquired
network: dhcp6pd: use dhcp6 pd prefix acquired() and drop dhcp6_pd_distribute_prefix()
2021-12-07 00:14:04 +00:00
Yu Watanabe
a0af85e02c
Merge pull request #21196 from yuwata/process-util-nulstr
process-util: handle double NUL as the end of command line
2021-12-07 08:29:34 +09:00
Franck Bui
051ea718f2 TEST-10: don't attempt to write a byte to the socket
Writing a byte to test10.socket is actually the root cause of issue #19154:
depending on the timing, it's possible that PID1 closes the socket before socat
(or nc, it doesn't matter which tool is actually used) tries to write that one
byte to the socket. In this case writing to the socket returns EPIPE, which
causes socat to exit(1) and subsequently make the test fail.

Since we're only interested in connecting to the socket and triggering the rate
limit of the socket, this patch removes the parts that write the single byte to
the socket, which should remove the race for good.

Since it shouldn't matter whether the test uses socat or nc, let's switch back
to nc and hence remove the sole user of socat. The exit status of nc is however
ignored because some versions might choke when the socket is closed
unexpectedly.
2021-12-07 08:29:09 +09:00
dependabot[bot]
7285145dfc build(deps): bump github/codeql-action from 1.0.24 to 1.0.25
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.0.24 to 1.0.25.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](e095058bfa...546b30f35a)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-12-07 02:20:53 +03:00
Yu Watanabe
56437e33a6 network: state-file: do not append dynamic entries when specified by DBus method
Fixes #21515.
2021-12-07 06:43:14 +09:00
Daan De Meyer
d71ece3f0b journal: Fix disabling NO_COW on btrfs filesystems
Disabling NOCOW when data has been written to a file doesn't work.
Instead, when we're done writing to a journal file (after archiving),
let's rewrite the file with COW enabled. This also takes care of
properly defragmenting the file.

With zstd compression level 3, journal files are compressed to 12%
of their original size with default journal settings.

As rewriting the file might take a while since we also do an fsync()
after the rewrite, this work is done in the offline thread to avoid
blocking the journald event loop.
2021-12-06 22:17:41 +01:00
Daan De Meyer
5a980196ab basic: Make sure we're extra paranoid in chattr_full
On btrfs, trying to disable FS_NOCOW_FL on a file that has data
already written will fail silently without reporting an error. To
catch such cases, let's query the flags again if the IOC_SETFLAGS
ioctl() succeeds to make sure the flags we tried to configure we're
actually accepted by the kernel.
2021-12-06 22:17:40 +01:00
Daan De Meyer
461955ef4c journal: Update the JournalFile path when archiving
When we archive a path, we rename the file to indicate this. However,
until now, we didn't actually update the path member of the corresponding
JournalFile instance. Let's make sure we also update this to avoid
misuse of the old path later on.

This change also requires we save the previous path in journal_file_rotate()
since we need to open a new file at the previous path.
2021-12-06 22:17:40 +01:00
Daan De Meyer
bea29a4296 mkosi: Add compsize to list of installed packages on Fedora
compsize is useful to check the compression ratio of journal files
on filesystems that support compression such as BTRFS.
2021-12-06 22:17:40 +01:00
Daan De Meyer
e5f14b1eb8 mkosi: Add e2fsprogs to installed packages for Fedora
lsattr is useful to check chattr flags on files.
2021-12-06 22:17:40 +01:00
Daan De Meyer
764721cc07 journal: Move offlining logic to journald-file.c
With this change, the logic to write the final tag, emit the final
change notification and to offline the file moves from journal_file_close()
to journald_file_close(). Since all this logic is only executed when
the journal file is writable and all code that writes journal files
already uses journald_file_close() instead of journal_file_close(), this
change should not introduce any changes in behaviour.

Moving the offline related logic to journald-file.c allows us to use
code from src/shared in the offlining logic, more specifically, we can
use the file copying logic from copy.h to fix BTRFS filesystem compression
for journal files when archiving.
2021-12-06 22:17:40 +01:00
Daan De Meyer
035b0f8fe8 journal: Introduce journald-file.c for journal file write related logic
Currently, all the logic related to writing journal files lives in
journal-file.c which is part of libsystemd (sd-journal). Because it's
part of libsystemd, we can't depend on any code from src/shared.

To allow using code from src/shared when writing journal files, let's
gradually move the write related logic from journal-file.c to
journald-file.c in src/journal. This directory is not part of libsystemd
and as such can use code from src/shared.

We can safely remove any journal write related logic from libsystemd as
it's not used by any public APIs in libsystemd.

This commit introduces the new file along with the JournaldFile struct
which wraps an instance of JournalFile. The goal is to gradually move
more functions from journal-file.c and fields from JournalFile to
journald-file.c and JournaldFile respectively.

This commit also modifies all call sites that write journal files to
use JournaldFile instead of JournalFile. All sd-journal tests that
write journal files are moved to src/journal so they can make use of
journald-file.c.

Because the deferred closes logic is only used by journald, we move it
out of journal-file.c as well. In journal_file_open(), we would wait for
any remaining deferred closes for the file we're about to open to complete
before continuing if the file was not newly created. In journald_file_open(),
we call this logic unconditionally since it stands that if a file is newly
created, it can't have any outstanding deferred closes.

No changes in behavior are introduced aside from the earlier execution
of waiting for any deferred closes to complete when opening a new journal
file.
2021-12-06 22:17:38 +01:00
Christian Göttsche
ef6bb4dd3e core: use correct level for CPU time log message
raise_level() takes the info condition as second argument and the notice
one as third. For the consumed CPU time these conditions are swapped.

Fixes: 37109b856aeb ("pid1: use LOG_DEBUG/INFO/NOTICE for unit resource consumption message")
2021-12-06 20:55:22 +01:00
Zbigniew Jędrzejewski-Szmek
ea599435a7
Merge pull request #21372 from DaanDeMeyer/journal-truncate
journal-file: truncate archived journals
2021-12-06 20:52:19 +01:00
Yu Watanabe
de1253e4c6
Merge pull request #21638 from yuwata/network-dhcp6pd-prefix-lost
network: dhcp6pd: fix prefix lost handling
2021-12-07 02:54:10 +09:00
Yu Watanabe
2756fb24ee network: state-file: honor dhcp6_use_domains flag 2021-12-07 01:58:35 +09:00
Frantisek Sumsal
33b7988d2e analyze,resolve: suppress a couple of false-positive alerts 2021-12-06 17:45:37 +01:00
Frantisek Sumsal
7fd2b742c9 core: check for NULL in one more place 2021-12-06 17:45:20 +01:00
yangmingtai
5896a9ebdb fix DirectoryNotEmpty when it comes to a Non-directory file 2021-12-07 01:28:07 +09:00
Luca Boccassi
efeecf4010 NEWS: add more entries for v250 2021-12-06 15:58:38 +00:00
Luca Boccassi
11b109223f NEWS: add more entries for v250 2021-12-06 15:29:11 +00:00
Yu Watanabe
aa9de5b1c0 process-util: handle double NUL as the end of command line
Fixes #21186.
2021-12-06 23:42:25 +09:00
Yu Watanabe
95a511b704 process-util: rename function arguments for storing results 2021-12-06 23:21:08 +09:00
Yu Watanabe
2b5587c28f
Merge pull request #21620 from yuwata/udev-path-id
udev/path_id: fix skip_subsystem()
2021-12-06 23:15:43 +09:00
Daan De Meyer
6127ff9870 journal: punch holes in unused parts of entry arrays when archiving
Entry arrays grow exponentially, so when archiving a journal file is
archived, it's very likely that the final entry array objects in each
entry array chain aren't fully used. Let's punch holes in the unused
parts so the filesystem can reclaim this unused space and use it for
something else.
2021-12-06 14:54:06 +01:00
Daan De Meyer
ab6e257b3e journal: truncate archived journals
Journal files have space allocated in 8MiB-aligned increments. This
can add up to substantial wasted space as many archived journals
accumulate without using all the allocated space. Let's truncate
journal files to their actually used size when archiving them to
reclaim this unused space.

As the mmap cache is not thread-safe, we can't call
journal_file_move_to_object() from the offline thread. Instead,
we use journal_file_read_object() which doesn't rely on the mmap
cache.
2021-12-06 14:54:06 +01:00
Daan De Meyer
117e21121e journal: Add journal_file_read_object() 2021-12-06 14:54:06 +01:00
Yu Watanabe
e3a97777ab
Merge pull request #21633 from yuwata/network-route-null-destination
network: route: fix null destination handling
2021-12-06 22:27:37 +09:00
Yu Watanabe
55c3658ba1
Merge pull request #21634 from yuwata/dhcp-header-cleanups
dhcp: trivial header cleanups
2021-12-06 22:26:58 +09:00
Yu Watanabe
416644567b network: dhcp6pd: make dhcp6_pd_assign_prefixes() used also by dhcp6_pd_prefix_acquired() 2021-12-06 21:35:53 +09:00
Yu Watanabe
21cf8e9e6d network: dhcp6pd: first check prefixes, then calculate lifetime 2021-12-06 21:35:53 +09:00
Yu Watanabe
542d04950e network: dhcp6pd: shorten code a bit 2021-12-06 21:35:53 +09:00
Yu Watanabe
c3cd535132 network: dhcp6pd: skip to assign prefixes to a downstream link if it is not ready 2021-12-06 21:35:53 +09:00
Yu Watanabe
5014e66019 network: dhcp6pd: move dhcp6_pd_assign_prefixes()
Preparation for the later commits.
2021-12-06 21:35:53 +09:00
Yu Watanabe
4c004e2a71 network: dhcp6pd: also allow to only assign prefix route for delegated prefix to upstream interface 2021-12-06 21:35:53 +09:00
Yu Watanabe
da10d2d584 network: dhcp6pd: drop unreachable routes when lease lost 2021-12-06 21:30:57 +09:00
Yu Watanabe
95eb38c8d0 network: route: make route_cancel_request() take Link*
As the Route object may be managed by Manager.
2021-12-06 21:30:57 +09:00
Yu Watanabe
1d44187ce6 network: dhcp6pd: also drop prefix assigned to upstream interface
But do not drop prefixes from downstream which request another uplink.
2021-12-06 21:30:26 +09:00
Yu Watanabe
86a4b84aa9
Merge pull request #21632 from yuwata/network-dhcp6pd-fix-typo-and-split
network: dhcp6pd: fix typo and split file
2021-12-06 21:24:47 +09:00
Yu Watanabe
24888c0b19
Merge pull request #21630 from yuwata/test-network-cleanups
test-network: trivial cleanups
2021-12-06 21:24:26 +09:00