1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-23 17:34:00 +03:00
Commit Graph

60409 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
40d4835d69 TEST-15: add test that shows slice dropin issue
This should be fixed by single-unit reloads. We already have a TODO
entry for this.
2022-10-18 12:26:53 +02:00
Zbigniew Jędrzejewski-Szmek
c3fa408dcc TEST-15: add one more test for drop-in precedence 2022-10-16 21:52:43 +02:00
Zbigniew Jędrzejewski-Szmek
6854434cfb TEST-15: add test for transient units with drop-ins
We want to test four things:
- that the transient units are successfully started when drop-ins exist
- that the transient setings override the defaults
- the drop-ins override the transient settings (the same as for a normal unit)
- that things are the same before and after a reload

To make things more fun, we start and stop units in two different ways: via
systemctl and via a direct busctl invocation. This gives us a bit more coverage
of different code paths.
2022-10-16 14:20:58 +02:00
Zbigniew Jędrzejewski-Szmek
f80c874af3 TEST-15: also test hierarchical drop-ins for slices
Slices are worth testing too, because they don't need a fragment path so they
behave slightly differently than service units. I'm making this a separate
patch from the actual tests that I wanted to add later because it's complex
enough on its own.
2022-10-16 14:20:58 +02:00
Zbigniew Jędrzejewski-Szmek
5731e1378a TEST-15: allow helper functions to accept other unit types
clear_services() is renamed to clear_units() and now takes a full
unit name including the suffix as an argument.

_clear_service() is renamed to clear_unit() and changed likewise.
create_service() didn't have the same underscore prefix, and I don't think
it's useful or needed for a local function, so it is removed.

No functional change.
2022-10-16 14:20:58 +02:00
Zbigniew Jędrzejewski-Szmek
1f83244641 manager: allow transient units to have drop-ins
In https://github.com/containers/podman/issues/16107, starting of a transient
slice unit fails because there's a "global" drop-in
/usr/lib/systemd/user/slice.d/10-oomd-per-slice-defaults.conf (provided by
systemd-oomd-defaults package to install some default oomd policy). This means
that the unit_is_pristine() check fails and starting of the unit is forbidden.

It seems pretty clear to me that dropins at any other level then the unit
should be ignored in this check: we now have multiple layers of drop-ins
(for each level of the cgroup path, and also "global" ones for a specific
unit type). If we install a "global" drop-in, we wouldn't be able to start
any transient units of that type, which seems undesired.

In principle we could reject dropins at the unit level, but I don't think that
is useful. The whole reason for drop-ins is that they are "add ons", and there
isn't any particular reason to disallow them for transient units. It would also
make things harder to implement and describe: one place for drop-ins is good,
but another is bad. (And as a corner case: for instanciated units, a drop-in
in the template would be acceptable, but a instance-specific drop-in bad?)

Thus, $subject.

While at it, adjust the message. All the conditions in unit_is_pristine()
essentially mean that it wasn't loaded (e.g. it might be in an error state),
and that it doesn't have a fragment path (now that drop-ins are acceptable).
If there's a job for it, it necessarilly must have been loaded. If it is
merged into another unit, it also was loaded and found to be an alias.
Based on the discussion in the bugs, it seems that the current message
is far from obvious ;)

Fixes https://github.com/containers/podman/issues/16107,
https://bugzilla.redhat.com/show_bug.cgi?id=2133792.
2022-10-16 14:20:58 +02:00
Zbigniew Jędrzejewski-Szmek
b146a7345b manager: reformat boolean expression in unit_is_pristine()
Not not IN_SET(…) is just too much for my poor brain. Let's invert
the expression to make it easier to undertand.
2022-10-14 15:13:57 +02:00
Yu Watanabe
52bcf45a6c sd-journal: use new() instead of newa() if too many items will be added
For safety, as the size may not be under our control.
2022-10-14 01:30:30 +09:00
Yu Watanabe
80c5cb825a
Merge pull request #24985 from yuwata/codeql
test: several cleanups suggested by CodeQL
2022-10-13 21:36:16 +09:00
Yu Watanabe
74522aa87f test: introduce __eq__() and __ne__()
Suggested by CodeQL#160 (https://github.com/systemd/systemd/security/code-scanning/160).
2022-10-13 17:41:48 +09:00
Yu Watanabe
f9d1709c03 test: drop unused modules
Suggested by CodeQL#167 (https://github.com/systemd/systemd/security/code-scanning/167)
and CodeQL#168 (https://github.com/systemd/systemd/security/code-scanning/168).
2022-10-13 17:34:11 +09:00
Yu Watanabe
5c27347693 test: improve assertion message on failure
Suggested by CodeQL#169 (https://github.com/systemd/systemd/security/code-scanning/169).
2022-10-13 17:33:09 +09:00
Yu Watanabe
7ff7eadf42 TODO: fix typo 2022-10-13 17:15:50 +09:00
Lennart Poettering
fd5dead7d6 update TODO 2022-10-13 09:48:01 +02:00
Lennart Poettering
29818c4e99 update NEWS 2022-10-13 09:48:01 +02:00
Franck Bui
d1d8786c5b analyze: extend the dump command to accept patterns
The new function DumpPatterns() can be used to limit (drastically) the size of
the data returned by PID1. Hence the optimization of serializing data into a
file descriptor should be less relevant than having the possibility to limit
the data when communicating with the service manager remotely.

NB: when passing patterns, the dump command omits the version of the manager as
well as the features and the timestamps.
2022-10-13 07:47:42 +09:00
Yu Watanabe
17f6406bf2
Merge pull request #24625 from yuwata/dissect-image-open-and-lock-decrypted
dissect-image: open dissected and decrypted partitions
2022-10-13 07:47:08 +09:00
David Seifert
d0523bb0d1 gpt-auto: allow using without cryptsetup
Fixes #24978
2022-10-13 06:39:38 +09:00
Yu Watanabe
d2c6e79d89 dissect-image: introduce probe_filesystem_full() which can take file descriptor of device node
In dissect_loop_device(), we have opened the device node. Let's reuse
the file descriptor.
2022-10-13 05:09:27 +09:00
Yu Watanabe
f7725647bb dissect-image: open dissected or decrypted partitions and mount through the file descriptor
If multiple services with the same encrypted image are simultaneously
starting, one may deactivate the dm device while others using it.
Or, similary, after (regular) partitions are dissected, another process
may try to remove them before we mount them.

To prevent such situations, let's keep the dissected and decrypted
partitions opened. Then, use the file descriptors when we mount the
partitions.

Fixes #24617.
2022-10-13 05:09:26 +09:00
Yu Watanabe
f80015ff40 dissect-image: try to open device node before activating
Hopefully decrease the chance that the device is removed soon after
it is detected.
2022-10-13 05:08:33 +09:00
Yu Watanabe
12f5fbdf30 dissect-image: fix error handling of @cancel_deferred_remove DM command
See target_message() in drivers/md/dm-ioctl.c and
dm_cancel_deferred_remove() in drivers/md/dm.c.
2022-10-13 05:08:33 +09:00
Yu Watanabe
1d369d78b3 dissect-image: reduce indentation
No functional change, just refactoring.
2022-10-13 05:08:33 +09:00
Frantisek Sumsal
b8dd27664c test: disable LSan in the ASan env wrapper
This wrapper is used in situations where  we don't care about *San reports,
we just want to make things work. However, with enabled LSan we might
trigger some bogus reports we're definitely not interested in, causing
unexpected test fails.

Spotted on C8S in TEST-34-DYNAMICUSERMIGRATE:
```
[10654.804162] testsuite-34.sh[56]: + systemctl start testservice-34-check-writable.service
         Starting testservice-34-check-writable.service...
[10655.055969] bash[546]: + set -o pipefail
[10655.056127] bash[546]: + declare -a writable_dirs
[10655.056234] bash[546]: + readarray -t writable_dirs
[10655.060838] bash[548]: ++ find / '(' -path /var/tmp -o -path /tmp -o -path /proc -o -path /dev/mqueue -o -path /dev/shm -o -path /sys/fs/bpf -o -path /dev/.lxc -o -path /sys/devices/system/cpu ')' -prune -o -type d -writable -print
[10655.061534] bash[549]: ++ sort -u
[10655.688740] bash[547]: =================================================================
[10655.689075] bash[547]: ==547==ERROR: LeakSanitizer: detected memory leaks
[10655.689246] bash[547]: Direct leak of 112 byte(s) in 1 object(s) allocated from:
[10655.743851] bash[547]:     #0 0x7ffff752d364  (/usr/lib64/clang/14.0.0/lib/libclang_rt.asan-powerpc64le.so+0x13d364) (BuildId: 321f4ed1caea6a1a4c37f9272e07275cf16f034d)
[10655.744060] bash[547]:     #1 0x1000b5d20 in xmalloc (/usr/bin/bash+0xb5d20) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.744224] bash[547]:     #2 0x100083338  (/usr/bin/bash+0x83338) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.744393] bash[547]:     #3 0x10008847c  (/usr/bin/bash+0x8847c) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.744552] bash[547]:     #4 0x1000af6ec in redirection_expand (/usr/bin/bash+0xaf6ec) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.744728] bash[547]:     #5 0x1000b005c  (/usr/bin/bash+0xb005c) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.744886] bash[547]:     #6 0x1000b1388 in do_redirections (/usr/bin/bash+0xb1388) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.745051] bash[547]:     #7 0x100050484  (/usr/bin/bash+0x50484) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.745208] bash[547]:     #8 0x100052160 in execute_command_internal (/usr/bin/bash+0x52160) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.745376] bash[547]:     #9 0x100052a10 in execute_command_internal (/usr/bin/bash+0x52a10) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.745536] bash[547]:     #10 0x100053e38 in execute_command (/usr/bin/bash+0x53e38) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.745711] bash[547]:     #11 0x1000529d8 in execute_command_internal (/usr/bin/bash+0x529d8) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.745870] bash[547]:     #12 0x100053e38 in execute_command (/usr/bin/bash+0x53e38) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.746038] bash[547]:     #13 0x1000529d8 in execute_command_internal (/usr/bin/bash+0x529d8) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.746198] bash[547]:     #14 0x100053e38 in execute_command (/usr/bin/bash+0x53e38) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.746367] bash[547]:     #15 0x1000529d8 in execute_command_internal (/usr/bin/bash+0x529d8) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.746548] bash[547]:     #16 0x100053e38 in execute_command (/usr/bin/bash+0x53e38) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.746741] bash[547]:     #17 0x1000529d8 in execute_command_internal (/usr/bin/bash+0x529d8) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.746897] bash[547]:     #18 0x100053e38 in execute_command (/usr/bin/bash+0x53e38) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.747067] bash[547]:     #19 0x1000529d8 in execute_command_internal (/usr/bin/bash+0x529d8) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.747227] bash[547]:     #20 0x100053e38 in execute_command (/usr/bin/bash+0x53e38) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.747414] bash[547]:     #21 0x1000529d8 in execute_command_internal (/usr/bin/bash+0x529d8) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.747573] bash[547]:     #22 0x100053e38 in execute_command (/usr/bin/bash+0x53e38) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.747741] bash[547]:     #23 0x1000529d8 in execute_command_internal (/usr/bin/bash+0x529d8) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.747896] bash[547]:     #24 0x100053e38 in execute_command (/usr/bin/bash+0x53e38) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.748064] bash[547]:     #25 0x1000529d8 in execute_command_internal (/usr/bin/bash+0x529d8) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.748225] bash[547]:     #26 0x100053e38 in execute_command (/usr/bin/bash+0x53e38) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.748390] bash[547]:     #27 0x1000529d8 in execute_command_internal (/usr/bin/bash+0x529d8) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.748553] bash[547]:     #28 0x1000bf91c in parse_and_execute (/usr/bin/bash+0xbf91c) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.748717] bash[547]:     #29 0x1000311ec  (/usr/bin/bash+0x311ec) (BuildId: da38eb38f6870bdc2a6ef51c52aa6ce20921fe40)
[10655.748883] bash[547]: Direct leak of 17 byte(s) in 1 object(s) allocated from:
...
```
2022-10-12 21:12:17 +02:00
Luca Boccassi
5762dbfad6
Merge pull request #24883 from bluca/extrel_force
portable: allow caller to override extension-release name check
2022-10-12 20:20:46 +02:00
Zbigniew Jędrzejewski-Szmek
31b5f92016
Merge pull request #24974 from yuwata/sd-journal
sd-journal: several cleanups and follow-ups for compact mode PR
2022-10-12 17:47:05 +02:00
Michael Biebl
63238ef937
Merge pull request #24976 from mbiebl/logind-fix-dbus-on_ac_power
logind: fix getting property OnExternalPower via D-Bus
2022-10-12 16:55:21 +02:00
Luca Boccassi
a063184097
Merge pull request #24934 from keszybz/remove-nss-lookup
Remove nss lookups from pid1
2022-10-12 15:21:40 +02:00
Jan Janssen
1a9874905a boot: Always reconnect all drivers
Fixes: #23442
2022-10-12 13:36:22 +02:00
Gerd Hoffmann
5b3e33c26f boot: export reconnect()
Also give it a more descriptive name.
2022-10-12 13:36:22 +02:00
Jan Janssen
2985110b6f stub: Correctly handle multi node file paths
Fixes: #24955
2022-10-12 13:19:34 +02:00
Jan Janssen
616a80fe1a boot: Use device_path_to_str 2022-10-12 13:19:34 +02:00
Jan Janssen
3b3eb196a2 boot: Add device_path_to_str 2022-10-12 13:19:34 +02:00
Yu Watanabe
6c65a9e1d6
Merge pull request #24973 from keszybz/simplify-variable-declarations
Simplify variable declarations
2022-10-12 19:36:47 +09:00
Yu Watanabe
df04b9ed86 sd-journal: add comments that journal_file_move_to() may break previous read data
We have already made similar mistakes several times, e.g.
b8478c14c7, and
b596d06c385e104fc330288b791a56661f0c2d17. Let's document the function
invalidates previously read objects.
2022-10-12 19:32:59 +09:00
Yu Watanabe
a1640191b4 sd-journal: re-read object on next try
Otherwise, the object may be already altered by another cached entry.
2022-10-12 19:32:59 +09:00
Yu Watanabe
231741d355 sd-journal: re-read object from cache
Fixes a bug introduced by 0e35afff1d.

Replaces 3388a4b582.
2022-10-12 19:32:59 +09:00
Yu Watanabe
8f71023764 sd-journal: drop unused argument
Follow-up for a9089a6604.
2022-10-12 19:32:59 +09:00
Yu Watanabe
cc938e4a0a sd-journal: several coding style updates
- rename `ret` -> `ret_object`,
- add missing assertions,
- add FIXME comments,
- wrap function arguments, etc., etc..
2022-10-12 19:32:59 +09:00
Michael Biebl
63168cb517 logind: fix getting property OnExternalPower via D-Bus
The BUS_DEFINE_PROPERTY_GET_GLOBAL macro requires a value as third
argument, so we need to call manager_is_on_external_power(). Otherwise
the function pointer is interpreted as a boolean and always returns
true:

```
$ busctl get-property org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager OnExternalPower
b true
$ /lib/systemd/systemd-ac-power  --verbose
no
```

Thanks: Helmut Grohne <helmut@subdivi.de>
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021644
2022-10-12 11:15:27 +02:00
Luca Boccassi
06768b90a3 portable: allow caller to override extension-release name check
When the --force flag is used, do not insist that the extension-release
file has to match the extension image name
2022-10-12 09:57:24 +01:00
Luca Boccassi
aad813bf17 portable: rename flag PORTABLE_FORCE -> PORTABLE_FORCE_ATTACH
The name is used only internally, also it was just added.
Allows adding different types of force flags.
2022-10-12 09:57:24 +01:00
Luca Boccassi
192a9b70c2 os-util: split out extension-release xattr helper 2022-10-12 09:57:24 +01:00
Luca Boccassi
ac6086fdf6 mount-util: do not pass 'x-*' options to mount syscall
They will not be recognized. libmount filters them manually.
2022-10-12 09:47:39 +01:00
Lennart Poettering
25d615eb70 NEWS: expand on systemd-measure a bit 2022-10-12 10:33:47 +02:00
Lennart Poettering
4d727f8686 update TODO with discussions from Image-based Linux summit 2022-10-12 10:04:07 +02:00
Zbigniew Jędrzejewski-Szmek
9d4cfc7579
Merge pull request #24784 from yuwata/core-exec-directory
core: do not create symlink to private directory if parent already exists
2022-10-12 09:37:16 +02:00
Lennart Poettering
9a72e98f02
Merge pull request #24970 from DaanDeMeyer/crypsetup-fix
Cryptsetup compilation fixes
2022-10-12 09:32:56 +02:00
Zbigniew Jędrzejewski-Szmek
67f047a6f2 basic/user-util: simplify variable declarations in fget{pw,gr}ent_sane() 2022-10-12 09:18:41 +02:00
Zbigniew Jędrzejewski-Szmek
59818f4381 libsystemd-network: trivial simplification 2022-10-12 09:18:24 +02:00