1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-24 21:34:08 +03:00
Commit Graph

1980 Commits

Author SHA1 Message Date
Xℹ Ruoyao
a70581ffb5
New directives PrivateIPC and IPCNamespacePath 2021-03-04 00:04:36 +08:00
Xℹ Ruoyao
a959cd2812
fuzz: add NetworkNamespacePath= into directives.service 2021-03-04 00:04:35 +08:00
Dan Streetman
ad60f58e6e Skip TEST-50 on ubuntu ci
This test is flaky, and requires updates to the kernel to fix, so
disable it for now.

https://github.com/systemd/systemd/issues/17469
2021-03-01 11:18:57 +01:00
Zbigniew Jędrzejewski-Szmek
155d626bc6
Merge pull request #18018 from bluca/mount_images_overlay
Add ExtensionImages directive to form overlays
2021-02-25 11:31:14 +01:00
Annika Wickert
c0267a592a network: Implement B.A.T.M.A.N. Advanced interface type 2021-02-25 01:57:29 +09:00
Luca Boccassi
04153c4509 test: skip TEST-56-OOMD if systemd-oomd is not installed
Fixes #18775
2021-02-24 15:02:07 +01:00
Luca Boccassi
93f597013a Add ExtensionImages directive to form overlays
Add support for overlaying images for services on top of their
root fs, using a read-only overlay.
2021-02-23 15:34:46 +00:00
Yu Watanabe
9947c7bad1 test-network: add tests for dropping unnecessary nexthops 2021-02-23 22:48:12 +09:00
Yu Watanabe
69a91c704e test-network: add tests for Blackhole= setting in [NextHop] section 2021-02-23 02:21:35 +09:00
Yu Watanabe
30f1083709 network: nexthop: add Blackhole= setting in [NextHop] section
As similar to unreachable type routes, blackhole nexthops do not have
NHA_OID attribute, so they are managed by Manager.
2021-02-23 02:21:17 +09:00
Zbigniew Jędrzejewski-Szmek
5735ab0979 fuzz-systemctl-parse-argv: add "telinit" to the argv[0] list 2021-02-22 14:22:07 +00:00
Yu Watanabe
84d32bf59b test-network: test wireguard peer in drop-in config
Closes #18241.
2021-02-22 21:33:36 +09:00
Yu Watanabe
e2d9bc5cfd test-network: add a test for OnLink= in [NextHop] section 2021-02-21 05:16:27 +09:00
Yu Watanabe
2ddd52d1e2 network: nexthop: add OnLink= setting 2021-02-21 05:16:23 +09:00
Yu Watanabe
045db4fa0d test-network: add tests for Broadcast= with boolean settings 2021-02-20 14:23:07 +09:00
Yu Watanabe
7f37ecf7e5
Merge pull request #18699 from yuwata/network-route-add-nexthop-setting
network: add NextHop= setting in [Route] section
2021-02-20 14:17:17 +09:00
Zbigniew Jędrzejewski-Szmek
5800f0fc68 basic/alloc-util: also reset the cleaned-up variable in freep()
freep() has it's own definition, so I missed it in fd421c4adc.

Again, there is a small growth, but the compiler should be able to optimize it away:
-Dbuildtype=debug:

-rwxrwxr-x 1 zbyszek zbyszek 4106816 Feb 19 12:52 build/libsystemd.so.0.30.0
-rwxrwxr-x 1 zbyszek zbyszek 7492952 Feb 19 12:52 build/src/shared/libsystemd-shared-247.so
-rwxrwxr-x 1 zbyszek zbyszek 4472624 Feb 19 12:53 build/systemd

-rwxrwxr-x 1 zbyszek zbyszek 4107056 Feb 19 13:03 build/libsystemd.so.0.30.0
-rwxrwxr-x 1 zbyszek zbyszek 7493480 Feb 19 13:03 build/src/shared/libsystemd-shared-247.so
-rwxrwxr-x 1 zbyszek zbyszek 4472760 Feb 19 13:03 build/systemd

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31055.
2021-02-19 15:25:16 +01:00
Yu Watanabe
cee0f719d8 test-network: add tests for NextHop= setting in [Route] 2021-02-19 22:42:39 +09:00
Yu Watanabe
324e342219 network: add NextHop= setting in [Route] section 2021-02-19 22:42:39 +09:00
Yu Watanabe
38ba3da0a1 network: rename UseFQDN= -> UseHostname=
Prompted by
https://github.com/systemd/systemd/pull/18543#issuecomment-780798451.
2021-02-18 21:47:37 +01:00
Lennart Poettering
489344f24b networkd-test: reenable dnssec while testing
We need to list the synthesized domains as NTAs, otherwise the DNSSEC
validation of course cannot succeed.

Fixes: #10487 #5029
2021-02-18 14:12:42 +00:00
Susant Sahani
d75bf6cfe2 network: Add "route_localnet" sysctl support 2021-02-18 21:04:17 +09:00
Lennart Poettering
dc288ffeab
Merge pull request #18596 from keszybz/systemctl-quiet-legend
systemctl: hide legends with --quiet, allow overriding
2021-02-17 23:40:04 +01:00
Zbigniew Jędrzejewski-Szmek
6906da2692 systemctl: hide legends with --quiet, allow overriding
--no-legend is replaced by --legend=no.

--quiet now implies --legend=no, but --legend=yes may be used to override that.
--quiet controls hints and warnings and such, and --legend controls just the
legends. I think it makes sense to allow both to controlled independently, in
particular --quiet --legend makes sense when using systemctl in a script to
provide some user-visible output.

Fixes #18560.
2021-02-17 21:09:14 +01:00
Luca Boccassi
0761da386a test: avoid leaking open loop devices
When a subshell is used ('make' or 'make all') the LOOPDEV environment
variable, which is used to store the opened loop device, is lost.
So the cleanup on trap/exit doesn't do anything, and the loop
device used to mount the test image is left around.

Avoid using a subshell to fix the issue.
2021-02-17 18:55:05 +01:00
Yu Watanabe
6cd8f9b5f2 test-network: add tests for Family= in [NextHop] 2021-02-17 15:55:37 +09:00
Yu Watanabe
f1923efccb network: nexthop: introduce Family= setting in [NextHop] section
This is an alias of `Gateway=0.0.0.0` or `Gateway=::`.
2021-02-17 15:55:37 +09:00
Zbigniew Jędrzejewski-Szmek
425ac7a253 fuzz-systemctl-parse-argv: call static destuctors
With all the preparatory work in previous PRs, we can now call static destructors
repeatedly without issue. We need to do it here so that global variables allocated
during parsing are properly freed.
2021-02-16 17:15:11 +01:00
Lennart Poettering
83ce3b1944
Merge pull request #18579 from keszybz/fix-fragment-id-crash
Fix fragment id crash
2021-02-15 23:35:25 +01:00
Luca Boccassi
79dbbb261d
Merge pull request #18593 from keszybz/fuzz-more-systemctl-paths
Fuzz more systemctl paths
2021-02-15 19:13:58 +00:00
Luca Boccassi
7eba0c50f5 test: install binaries from local d/control file
The source package in the apt cache might be older than the
packaging from salsa.debian.org/systemd-team/systemd so it might not
list all the current binary packages.
This is currently the case for systemd-timesyncd, so TEST-30 fails.

Simply grep the control file rather than using apt-cache when iterating
over the packages contents.
2021-02-15 10:17:39 +01:00
Zbigniew Jędrzejewski-Szmek
860f154fa3 fuzz-systemctl-parse-argv: add argv[0] values to corpus 2021-02-15 10:01:38 +01:00
Zbigniew Jędrzejewski-Szmek
3b5ab02119 TEST-15-DROPINS: add test for linked units 2021-02-14 15:08:49 +01:00
Zbigniew Jędrzejewski-Szmek
b3c57df0f5
Merge pull request #18401 from anitazha/oomdxattr
oomd: implement avoid/omit support for cgroups
2021-02-13 10:00:31 +01:00
Anita Zhang
4e806bfa9f oom: add unit file settings for oomd avoid/omit xattrs 2021-02-12 12:45:36 -08:00
Yu Watanabe
4a70450104 test-network: merge test_address_static and test_address_preferred_lifetime_zero_ipv6 2021-02-12 23:09:21 +09:00
Vinnie Magro
f963f8953d networkd: add UseFQDN option for DHCPv6
Similar to DHCPv4's UseHostname option, add a UseFQDN config option in
[DHCPv6] to set the system's transient hostname if the FQDN option is
set in the DHCPv6 response from the server.
2021-02-11 13:30:04 +09:00
Luca Boccassi
e26fe5f911 portable: add 'reattach' verb and DBUS interface
Add 'reattach' verb to portablectl, and corresponding DBUS interface
to systemd-portabled.
Takes the same parameters as 'attach', but it will do a 'detach' (and
it will refuse to proceed if it cannot be done) first, matching on
the unversioned prefix of the new image. Eg:

portablectl reattach /tmp/foo_2.raw

will cause foo_1.raw to be detached, and foo_2.raw to be attached.

The key difference with a manual 'detach old' plus 'attach new' is that
the running units are not disturbed until after the attach completed,
and if --now is passed they are then restarted.
A 'detach' is not allowed normally if the units are running.

By using a restart-after-deploy method, 'reattach' allows for minimal
interruption of service and also for features that only work on restart
(eg: file descriptor store) to work as intended.

The DBUS interface returns two lists: first the removals from the detach
that were not immediately re-added in the attach, so that the caller
can stop the relevant units, and then the list of additions that are
either new or updates, so that the caller can restart/enable the
relevant units. portablectl already implements this with the existing
--now/--enable switches.
2021-02-10 19:07:36 +00:00
Luca Boccassi
8b535f3aac test: setup var/tmp in the test image as well 2021-02-10 18:54:12 +00:00
Luca Boccassi
e763342091 test: add empty /etc/resolv.conf in test image
Portable services have a BindPath pointing to it, so it needs to
be available in the image
2021-02-10 18:54:12 +00:00
Luca Boccassi
9785c44dd8 test-50-dissect: move minimal image setup to common setup function
So that it can be re-used for other tests by simply setting
TEST_INSTALL_VERITY_MINIMAL=1 in test.sh, without having to
replicate the setup commands.
2021-02-10 18:54:12 +00:00
Frantisek Sumsal
2de908aead test: count call instructions as well
Binaries on the latest Arch Linux use `call` instructions instead of
`callq`, which breaks the ASan detection and eventually the image
building process (due to insufficient space).
2021-02-10 20:20:31 +03:00
Yu Watanabe
9a67c080b0
Merge pull request #18506 from keszybz/fuzz-systemctl-parse-argv
Fuzzer for systemctl argline parsing
2021-02-11 00:29:22 +09:00
Zbigniew Jędrzejewski-Szmek
5fd8782328 fuzz-systemctl-parse-argv: a new fuzzer
Does what the name suggests. Obviously inspired by sudoers, but note that
our tools are not supposed to be installed suid, so there is no privilege
boundary to cross here.
2021-02-09 14:11:42 +01:00
Yu Watanabe
beb75dd31d test-network: support protocol and linkdown flag for ff00::/8 route
Fixes #18507.
2021-02-09 12:25:27 +01:00
Anita Zhang
59331b8e29 oom: implement avoid/omit xattr support
There may be situations where a cgroup should be protected from killing
or deprioritized as a candidate. In FB oomd xattrs are used to bias oomd
away from supervisor cgroups and towards worker cgroups in container
tasks. On desktops this can be used to protect important units with
unpredictable resource consumption.

The patch allows systemd-oomd to understand 2 xattrs:
"user.oomd_avoid" and "user.oomd_omit". If systemd-oomd sees these
xattrs set to 1 on a candidate cgroup (i.e. while attempting to kill something)
AND the cgroup is owned by root, it will either deprioritize the cgroup as
a candidate (avoid) or remove it completely as a candidate (omit).

Usage is restricted to root owned cgroups to prevent situations where an
unprivileged user can set their own cgroups lower in the kill priority than
another user's (and prevent them from omitting their units from
systemd-oomd killing).
2021-02-09 02:27:40 -08:00
Frantisek Sumsal
01da74243d test: add a custom SELinux file context
Since the test suite overhaul, the test units are now under
/usr/lib/systemd/tests/testdata/tetsuite-06.units with
system_u:object_r:lib_t context. This causes an AVC denial, since the
systemd unit files are expected to have the
system_u:object_r:systemd_unit_file_t context. Let's fix this by using a
custom file context definition.
2021-02-05 17:08:58 +01:00
Frantisek Sumsal
cd2d8fea14 test: clean the module build dir before compiling it
otherwise the module won't compile & load after autorelabel reboot,
since the target is already built.
2021-02-05 16:57:30 +01:00
Zbigniew Jędrzejewski-Szmek
3d0112878f
Merge pull request #18444 from anitazha/proprename
oom: parse properties with 1/10000 precision instead of 1/100
2021-02-04 12:53:10 +01:00
Yu Watanabe
0fb613000d test-network: disable NDISC on veth-peer
This should speed the tests up.
2021-02-03 22:09:07 +00:00