1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-11 05:17:44 +03:00
Commit Graph

32441 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
157baa87e4 meson: support both separate and merged sbin-bin directories
Follow-up for ba7f4ae617.

By default, we detect if the real root has a separate /usr/sbin directory, but
this can be overrides with -Dsplit-bin=true|false. The check assumes that
/usr/sbin is split if it is not a symlink, so it'll return a false negative
with some more complicated setups. But that's OK, in those cases this should be
configured explicitly.

This will copy the structure of the directories in the root file system to
$DESTDIR. If a directory is a directory in $DESTDIR but a symlink in the root
file system, this script will fail. This means that it's not possible to reuse
a $DESTDIR from between ba7f4ae61 and this patch.
2018-03-01 12:27:33 +01:00
Zbigniew Jędrzejewski-Szmek
2675413e39 meson: autodetect split-usr
Also move the status from "features" to the paths section. This is more of an
anti-feature.
2018-03-01 12:23:00 +01:00
Lennart Poettering
649a5ffba8
Merge pull request #8171 from poettering/sd-bus-queue-limit
try not to overload pid1's bus message write queue
2018-02-28 18:15:40 +01:00
Lennart Poettering
8c89cb5a50
Merge pull request #8283 from poettering/nspawn-user-fix
some trivial nspawn related fixes
2018-02-28 10:37:01 +01:00
Franck Bui
f8adf25d65 rules: skip btrfs check if devices are not ready in 64-btrfs.rules (#8304)
If any devices are marked with 'SYSTEMD_READY=0' then we shouldn't run any
btrfs check on them.

Indeed there's no point in running "btrfs ready" on devices that already have
SYSTEMD_READY=0 set. Most probably such devices are members of a higher layer
aggregate device such as dm-multipath or software RAID. Doing IO on them wastes
time at best, and may cause delays, timeouts, or even hangs at worst (think
active-passive multipath or degraded RAID, for example).

It was initially reported at:
https://bugzilla.opensuse.org/show_bug.cgi?id=872929
2018-02-28 10:36:06 +01:00
Javier Martinez Canillas
81818461c6 kernel-install: Don't install BLS kernel images if dest dir doesn't exist (#8306)
The script shouldn't rely on a previous script exiting with a status code
that prevents it to be executed. Instead, should check if the destination
directory for the BLS kernel image exists and exit otherwise.
2018-02-28 10:25:19 +01:00
Zbigniew Jędrzejewski-Szmek
ba7f4ae617 meson: install compat symlinks for systemctl and systemd (#8300)
v2:
- init is a symlink to systemd, not systemctl!
2018-02-28 10:20:48 +01:00
Lennart Poettering
05a8b3305f nspawn: close pipe on error 2018-02-28 10:01:16 +01:00
Lennart Poettering
5d71bac3b9 process-util: don't install atfork() handler more than once 2018-02-28 10:01:16 +01:00
Lennart Poettering
340c01be7c coccinelle: slightly improve run-coccinelle.sh
Let's include the command line to use to get the requested output. This
makes it easy to copy/paste the command line out, and add "--in-place"
to actually apply the changes "run-coccinelle.sh" outputs.
2018-02-28 10:01:15 +01:00
Lennart Poettering
e7685a77b4 util: add new safe_close_above_stdio() wrapper
At various places we only want to close fds if they are not
stdin/stdout/stderr, i.e. fds 0, 1, 2. Let's add a unified helper call
for that, and port everything over.
2018-02-28 10:00:50 +01:00
Lennart Poettering
c7f9a8d270 nspawn: propagate original error. No need to make up -EIO 2018-02-28 10:00:50 +01:00
Lennart Poettering
5018c0c9e8 nspawn: use STR_IN_SET() where we can 2018-02-28 10:00:50 +01:00
Lennart Poettering
c5b82d86b5 nspawn: port some code to use read_line()
This shortens our code a bit. Which is always nice.
2018-02-28 10:00:50 +01:00
Zbigniew Jędrzejewski-Szmek
bdad9e44e4
Merge pull request #8294 from fsateler/debian-patches
Upstreaming some debian patches
2018-02-28 09:10:16 +01:00
Yu Watanabe
dca4bb35a4
Merge pull request #8280 from poettering/seccomp-flags
seccomp flags rework + minor other build system/repo changes
2018-02-28 10:55:59 +09:00
Filipe Brandenburger
27e2779bed rule-syntax-check: fix handling of runaway strings in comma splitting (#8298)
A runaway string should still be returned by the code that splits on
commas, so add a '?' to the regex so that the last '"?' in a string
still produces a valid block for the split code.

Tested:

  ACTION=="remove\"GOTO=""

Which then produced:

  $ test/rule-syntax-check.py src/login/70-uaccess.rules
  # looking at src/login/70-uaccess.rules
  Invalid line src/login/70-uaccess.rules:10: ACTION=="remove\"GOTO=""
    clause: ACTION=="remove\"GOTO=""
2018-02-28 03:11:38 +03:00
Ansgar Burchardt
7486f305cd Include additional directories in ProtectSystem 2018-02-27 18:56:19 -03:00
Michael Biebl
f6de1b02fe Add note to udev.conf that changes to that file require a rebuild of the initramfs
Based on debian/patches/udev_conf_comments from the old udev package.
2018-02-27 18:56:19 -03:00
Zbigniew Jędrzejewski-Szmek
10eeab67aa
Merge pull request #8297 from filbranden/udevrule1
Udev rule syntax checker updates
2018-02-27 22:35:19 +01:00
Yu Watanabe
a7bba4ee10 po: add Japanese translation (#8289) 2018-02-27 22:18:06 +01:00
Robert Antoni Buj Gelonch
9b9d26f652 po: typing mistakes in Catalan translation (#8290) 2018-02-27 22:16:41 +01:00
Filipe Brandenburger
c9715ffce3 rule-syntax-check: allow commas inside quoted strings
Using a regex to match the groups is smarter than the split(',') that
would break in those cases.

Tested:

  SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*,*:070202:*", TAG+="uaccess"

Rule checker doesn't break there after this commit.
2018-02-27 13:11:07 -08:00
Filipe Brandenburger
d498347a01 rule-syntax-check: add support for escaped double quotes
Add support to backslash-escaped double quote inside a string.

Tested by modifying src/login/70-uaccess.rules to include:

  ACTION=="remove" it", GOTO="uaccess_end"

And had the rule checker complain about it:

  $ test/rule-syntax-check.py src/login/70-uaccess.rules
  # looking at src/login/70-uaccess.rules
  Invalid line src/login/70-uaccess.rules:10: ACTION=="remove" it", GOTO="uaccess_end"
    clause: ACTION=="remove" it"
2018-02-27 11:15:42 -08:00
Lennart Poettering
13d92c6300 seccomp: rework functions for parsing system call filters
This reworks system call filter parsing, and replaces a couple of "bool"
function arguments by a single flags parameter.

This shouldn't change behaviour, except for one case: when we
recursively call our parsing function on our own syscall list, then
we'll lower the log level to LOG_DEBUG from LOG_WARNING, because at that
point things are just a problem in our own code rather than in the user
configuration we are parsing, and we shouldn't hence generate confusing
warnings about syntax errors.

Fixes: #8261
2018-02-27 19:59:09 +01:00
Lennart Poettering
fa7bc1d1c7 systemd-sysv-install: unset ROOT rather than setting it to ""
Follow-up for #8264.

It's cleaner to pass no env var at all to forked off processes rather
than an empty one.
2018-02-27 19:59:09 +01:00
Lennart Poettering
4384284655 coccinelle: drop empty-if.cocci script
It doesn't work, spits out only rubbish and was already excluded of
run-coccinelle.sh. It's a pitty it doesn't work, but let's drop this
dead piece of code for now.
2018-02-27 19:59:09 +01:00
Lennart Poettering
f09eb7688e doc: add a new doc/ directory, and move two markdown docs into them
I figure sooneror later we'll have more of these docs, hence let's give
them a clean place to be.

This leaves NEWS and README/README.md as well as the LICENSE texts in
the root directory of the project since that appears to be customary for
Free Software projects.
2018-02-27 19:59:09 +01:00
Lennart Poettering
e0a085811d core: don't process dbus unit and job queue when there are already too many messages pending
We maintain a queue of units and jobs that we are supposed to generate
change/new notifications for because they were either just created or
some of their property has changed. Let's throttle processing of this
queue a bit: as soon as > 1K of bus messages are queued for writing
let's skip processing the queue, and then recheck on the next
iteration again.

Moreover, never process more than 100 units in one go, return to the
event loop after that. Both limits together should put effective limits
on both space and time usage of the function, delaying further
operations until a later moment, when the queue is empty or the the
event loop is sufficiently idle again.

This should keep the number of generated messages much lower than
before on busy systems or where some client is hanging.

Note that this also means a bad client can slow down message dispatching
substantially for up to 90s if it likes to, for all clients. But that
should be acceptable as we only allow trusted bus clients, anyway.

Fixes: #8166
2018-02-27 19:54:29 +01:00
Lennart Poettering
9fc677e3c9 core: don't bother enqueuing signal messages into busses that aren't ready yet
This is an optimization: there's no point in enqueuing unit and job
change notificiation signal messages into bus connection that aren't
fully set up yet.

This doesn't fix #8166 but should lower the load of messages enqueued
but not processed yet a bit.
2018-02-27 19:54:29 +01:00
Lennart Poettering
2770da027a sd-bus: add APIs to query the current read and write queue size 2018-02-27 19:54:29 +01:00
Franck Bui
75a56cb632 rule-syntax-check: values can contain escaped double quotes
This is true since commit 7e760b79ad.

Note that the changes in the regex expressions relies on the fact that the
script assumes that the comma separator is mandatory.

Add a comment in the script to clarify this.
2018-02-27 14:42:09 +01:00
Franck Bui
905ca72a8f rule-syntax-check: PROGRAM is not supposed to get value assigned
In udev man page, "PROGRAM" key is part of the keys which are used for
matching purposes so it should only be used with the compare operator "==".

Actually it doesn't really make sense to assign it a value.

udev code allows both "=" and "==" for PROGRAM and both are handled the same
way but for consistencies it's better to have only the compare operator allowed
by the rule syntax checker.

No rules shipped by systemd use PROGRAM key so nothing need to be changed in
our rule files.
2018-02-27 14:38:23 +01:00
Franck Bui
71232aac41 rules: add a missing comma in 70-uaccess.rules since it improves readability
rule-syntax-check.py failed with the following error:

$ ./test/rule-syntax-check.py ./src/login/70-uaccess.rules
Invalid line ./src/login/70-uaccess.rules:31: SUBSYSTEM=="sound", TAG+="uaccess"   OPTIONS+="static_node=snd/timer", OPTIONS+="static_node=snd/seq"
  clause: TAG+="uaccess"   OPTIONS+="static_node=snd/timer"

The comma is actually optional but the script makes it mandatory which seems a
good thing since it improves readability.
2018-02-27 14:37:01 +01:00
Zbigniew Jędrzejewski-Szmek
033c836647 missing_syscall: add pkey_mprotect for ppc (#8292)
Accurate for both ppc and ppc64 according to https://fedora.juszkiewicz.com.pl/syscalls.html.
2018-02-27 13:33:00 +01:00
Evgeny Vereshchagin
b8eded40be
Merge pull request #8282 from poettering/khash-enokey
deal with borked ENOKEY on centos kernel's AF_ALG support
2018-02-27 12:34:41 +03:00
Robert Antoni Buj Gelonch
294924c336 po: update Catalan translation (#8267) 2018-02-27 09:20:40 +01:00
Yu Watanabe
e568a92d99 man: suggests TemporaryFileSystem= when people want to nest bind mounts inside InaccessiblePaths= (#8288)
Suggested by @sourcejedi in #8242.
Closes #7895, #7153, and #2780.
2018-02-27 08:59:03 +01:00
Zbigniew Jędrzejewski-Szmek
ed762da2e3
Merge pull request #8285 from poettering/logind-close-fixes
various smaller logind fixes
2018-02-27 08:55:40 +01:00
Lennart Poettering
f1a2c7584d fstab-generator: downgrade message when we can't canonicalize fstab entries (#8281)
Let's make this LOG_DEBUG, as this didn't used to be an issue, and
shouldn't really be still.

Replaces: #8132
2018-02-27 07:58:19 +01:00
Lennart Poettering
84df74c6f0
Merge pull request #8284 from keszybz/gcc-warning-fixes
Gcc warning fixes
2018-02-26 21:20:13 +01:00
Zbigniew Jędrzejewski-Szmek
aa484f3561 tree-wide: use reallocarray instead of our home-grown realloc_multiply (#8279)
There isn't much difference, but in general we prefer to use the standard
functions. glibc provides reallocarray since version 2.26.

I moved explicit_bzero is configure test to the bottom, so that the two stdlib
functions are at the bottom.
2018-02-26 21:20:00 +01:00
Lennart Poettering
4cbbc2a2a4 sd-login: make use of _cleanup_close_ where possible 2018-02-26 18:45:45 +01:00
Lennart Poettering
3ccf323dfd journal-upload: make use of safe_close() where appropriate 2018-02-26 18:45:28 +01:00
Lennart Poettering
4d219f5343 logind: make sure we don't trip up on half-initialized session devices
Fixes: #8035
2018-02-26 18:39:32 +01:00
Lennart Poettering
51ead3e377 logind: check file is device node before using .st_rdev 2018-02-26 18:39:32 +01:00
Lennart Poettering
0410444446 logind: let's pack a few struct fields we can pack 2018-02-26 18:39:32 +01:00
Lennart Poettering
4c9cb12c05 logind: fd 0 is a valid fd 2018-02-26 18:39:32 +01:00
Lennart Poettering
d7ba71f4b4 logind: let's reduce one level of indentation 2018-02-26 18:33:20 +01:00
Lennart Poettering
e38aa66426 logind: propagate the right error, don't make up ENOMEM 2018-02-26 18:33:05 +01:00