1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-23 17:34:00 +03:00
Commit Graph

27113 Commits

Author SHA1 Message Date
Lennart Poettering
642d6665f4 update TODO 2016-10-10 19:56:45 +02:00
Susant Sahani
53c06862c1 networkd: rename Rename CheckSum → Checksum (#4312) 2016-10-10 19:52:12 +02:00
Lennart Poettering
6dca2fe325 Merge pull request #4332 from keszybz/nspawn-arguments-3
nspawn --private-users parsing, v2
2016-10-10 19:51:51 +02:00
0xAX
c76cf844d6 tree-wide: pass return value of make_null_stdio() to warning instead of errno (#4328)
as @poettering suggested in the #4320
2016-10-10 19:51:33 +02:00
Evgeny Vereshchagin
a0f72a24e0 Merge pull request #4310 from keszybz/nspawn-autodetect
Autodetect systemd version in containers started by systemd-nspawn
2016-10-10 20:47:25 +03:00
Zbigniew Jędrzejewski-Szmek
be7157316c nspawn: better error messages for parsing errors
In particular, the check for arg_uid_range <= 0 is moved to the end, so that
"foobar:0" gives "Failed to parse UID", and not "UID range cannot be 0.".
2016-10-10 11:55:06 -04:00
Zbigniew Jędrzejewski-Szmek
ae209204d8 nspawn,man: fix parsing of numeric args for --private-users, accept any boolean
This is like the previous reverted commit, but any boolean is still accepted,
not just "yes" and "no". Man page is adjusted to match the code.
2016-10-10 11:55:06 -04:00
Zbigniew Jędrzejewski-Szmek
6c2058b35e Revert "nspawn: fix parsing of numeric arguments for --private-users"
This reverts commit bfd292ec35.
2016-10-10 11:17:40 -04:00
Felipe Sateler
baed1fedba login: drop fedora-specific PAM config, add note to DISTRO_PORTING (#4314)
It is impossible to ship a fully generic PAM configuration upstream.
Therefore, ship a minimal configuration with the systemd --user requirements,
and add a note to DISTRO_PORTING documenting this.

Fixes #4284
2016-10-10 15:40:05 +02:00
Franck Bui
84a69ca9ba unit: drop console-shell.service (#4298) (#4325)
console-shell.service was supposed to be useful for normal clean boots
(i.e. multi-user.target or so), as a replacement for logind/getty@.service for
simpler use cases.

But due to the lack of documentation and sanity check one can easily be
confused and enable this service in // with getty@.service.

In this case we end up with both services sharing the same tty which ends up in
strange results.

Even worse, console-shell.service might be failing while getty@.service tries
to acquire the terminal which ends up in the system to poweroff since
console-shell.service uses:

  "ExecStopPost=-/usr/bin/systemctl poweroff".

Another issue: this service doesn't work well if plymouth is also used since it
lets the splash screen program run and mess the tty (at least a "plymouth quit"
is missing).

So let's kill it for now.
2016-10-10 12:06:26 +02:00
Lennart Poettering
7a9ee77204 Merge pull request #4323 from keszybz/resolved-in-userns
A fix to get resolved to start in userns
2016-10-10 09:37:01 +02:00
0xAX
10c961b9c9 main: initialize default unit little later (#4321)
systemd fills arg_default_unit during startup with default.target
value. But arg_default_unit may be overwritten in parse_argv() or
parse_proc_cmdline_item().

Let's check value of arg_default_unit after calls of parse_argv()
and parse_proc_cmdline_item() and fill it with default.target if
it wasn't filled before. In this way we will not spend unnecessary
time to for filling arg_default_unit with default.target.
2016-10-09 22:57:03 -04:00
0xAX
9fc932bff1 tree-wide: print warning in a failure case of make_null_stdio() (#4320)
The make_null_stdio() may fail. Let's check its result and print
warning message instead of keeping silence.
2016-10-09 22:55:24 -04:00
Zbigniew Jędrzejewski-Szmek
0f4db364c9 resolved: also disable stub listener on EPERM
When running in a user namespace without private networking, resolved would
fail to start. There isn't much difference between EADDRINUSE and EPERM,
so treat them the same, except for the warning message text.
2016-10-09 21:22:23 -04:00
Zbigniew Jędrzejewski-Szmek
424e490b94 resolved: simplify error handling in manager_dns_stub_{udp,tcp}_fd()
Make sure an error is always printed… When systemd-resolved is started in a
user namespace without private network, it would fail on setsockopt, but the
error wouldn't be particularly informative:
"Failed to start manager: permission denied."
2016-10-09 21:22:23 -04:00
Evgeny Vereshchagin
763368943a Merge pull request #4319 from keszybz/nspawn-arguments
Nspawn arguments parsing and man page update
2016-10-10 03:26:17 +03:00
Lans Zhang
59991e3fe3 sd-boot: trigger to record further logs to tcg 2.0 final event log area (#4302)
According to TCG EFI Protocol Specification for TPM 2.0 family,
all events generated after the invocation of EFI_TCG2_GET_EVENT_LOG
shall be stored in an instance of an EFI_CONFIGURATION_TABLE aka
EFI TCG 2.0 final events table. Hence, it is necessary to trigger the
internal switch through calling get_event_log() in order to allow
to retrieve the logs from OS runtime.

msekletar:
> I've looked at EDK2 and indeed log entry is added to FinalEventsTable only after 
> EFI_TCG2_PROTOCOL.GetEventLog was called[1][2]. Also, same patch was currently
> merged to shim by Peter Jones [3].

[1] https://github.com/tianocore/edk2/blob/master/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c#L698
[2] https://github.com/tianocore/edk2/blob/master/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c#L824
[3] rhinstaller/shim#64
2016-10-09 18:59:54 -04:00
Zbigniew Jędrzejewski-Szmek
6265bde205 man: describe how to reverse systemd-nspawn -U
Now that systemd-nspawn@.service includes -U, more users might be interested
in this tidbit ;)
2016-10-09 18:24:56 -04:00
Zbigniew Jędrzejewski-Szmek
bfd292ec35 nspawn: fix parsing of numeric arguments for --private-users
The documentation says lists "yes", "no", "pick", and numeric arguments.
But parse_boolean was attempted first, so various numeric arguments were
misinterpreted.

In particular, this fixes --private-users=0 to mean the same thing as
--private-users=0:65536.

While at it, use strndupa to avoid some error handling.
Also give a better error for an empty UID range. I think it's likely that
people will use --private-users=0:0 thinking that the argument means UID:GID.
2016-10-09 11:52:35 -04:00
Zbigniew Jędrzejewski-Szmek
27eb8e9028 nspawn: reindent table 2016-10-09 11:51:18 -04:00
Zbigniew Jędrzejewski-Szmek
a8725a06e6 nspawn: also fall back to legacy cgroup hierarchy for old containers
Current systemd version detection routine cannot detect systemd 230,
only systmed >= 231. This means that we'll still use the legacy hierarchy
in some cases where we wouldn't have too. If somebody figures out a nice
way to detect systemd 230 this can be later improved.
2016-10-08 19:03:53 -04:00
0xAX
084f580557 machinectl: enable pager on help (#4313)
as its output is fairly long.
2016-10-08 17:49:33 -04:00
Zbigniew Jędrzejewski-Szmek
0fd9563fde nspawn: use mixed cgroup hierarchy only when container has new systemd
systemd-soon-to-be-released-232 is able to deal with the mixed hierarchy.
So make an educated guess, and use the mixed hierarchy in that case.

Tested by running the host with mixed hierarchy (i.e. simply using a recent
kernel with systemd from git), and booting first a container with older systemd,
and then one with a newer systemd.

Fixes #4008.
2016-10-08 14:48:41 -04:00
Zbigniew Jędrzejewski-Szmek
27e29a1e43 nspawn: fix spurious reboot if container process returns 133 2016-10-08 14:48:41 -04:00
Zbigniew Jędrzejewski-Szmek
b006762524 nspawn: move the main loop body out to a new function
The new function has 416 lines by itself!

"return log_error_errno" is used to nicely reduce the volume of error
handling code.

A few minor issues are fixed on the way:
- positive value was used as error value (EIO), causing systemd-nspawn
  to return success, even though it shouldn't.
- In two places random values were used as error status, when the
  actual value was in an unusual place (etc_password_lock, notify_socket).

Those are the only functional changes.

There is another potential issue, which is marked with a comment, and left
unresolved: the container can also return 133 by itself, causing a spurious
reboot.
2016-10-08 14:48:41 -04:00
Zbigniew Jędrzejewski-Szmek
98afd6af3a nspawn: check env var first, detect second
If we are going to use the env var to override the detection result
anyway, there is not point in doing the detection, especially that
it can fail.
2016-10-08 14:48:41 -04:00
Zbigniew Jędrzejewski-Szmek
5a46d55fc8 path-util: add a function to peek into a container and guess systemd version
This is a bit crude and only works for new systemd versions which
have libsystemd-shared.
2016-10-08 14:48:41 -04:00
Stefan Schweter
a60f4d0b44 systemd-resolve: use sha256 for local-part of openpgp key (#4193) 2016-10-08 13:59:34 +02:00
Susant Sahani
e63be0847c networkd: address add support to configure flags (#4201)
This patch enables to configure

IFA_F_HOMEADDRESS
IFA_F_NODAD
IFA_F_MANAGETEMPADDR
IFA_F_NOPREFIXROUTE
IFA_F_MCAUTOJOIN
2016-10-08 13:05:41 +02:00
Lennart Poettering
3157b2d9d2 Merge pull request #4061 from dm0-/coreos-1545
resolved: add an option to disable the stub resolver
2016-10-07 23:38:03 +02:00
David Michael
1ae4329575 resolved: add an option to control the DNS stub listener 2016-10-07 12:14:38 -07:00
Lennart Poettering
f767d3de65 Merge pull request #4304 from poettering/notify-nul-check
3 minor improvements for notification message handling
2016-10-07 18:30:53 +02:00
Zbigniew Jędrzejewski-Szmek
8f4d640135 core: only warn on short reads on signal fd 2016-10-07 10:05:04 -04:00
Susant Sahani
1644102735 networkd: remote checksum offload for vxlan (#4110)
This patch adds support to remote checksum checksum offload to VXLAN.
This patch adds RemoteCheckSumTx and RemoteCheckSumRx vxlan configuration
to enable remote checksum offload for transmit and receive on the VXLAN tunnel.
2016-10-07 09:46:18 -04:00
rwmjones
171b533800 architecture: Add support for the RISC-V architecture. (#4305)
RISC-V is an open source ISA in development since 2010 at UCB.
For more information, see https://riscv.org/

I am adding RISC-V support to Fedora:
https://fedoraproject.org/wiki/Architectures/RISC-V

There are three major variants of the architecture (32-, 64- and
128-bit).  The 128-bit variant is a paper exercise, but the other
two really exist in silicon.  RISC-V is always little endian.

On Linux, the default kernel uname(2) can return "riscv" for all
variants.  However a patch was added recently which makes the kernel
return one of "riscv32" or "riscv64" (or in future "riscv128").  So
systemd should be prepared to handle any of "riscv", "riscv32" or
"riscv64" (in future, "riscv128" but that is not included in the
current patch).  If the kernel returns "riscv" then you need to use
the pointer size in order to know the real variant.

The Fedora/RISC-V kernel only ever returns "riscv64" since we're
only doing Fedora for 64 bit at the moment, and we've patched the
kernel so it doesn't return "riscv".

As well as the major bitsize variants, there are also architecture
extensions.  However I'm trying to ensure that uname(2) does *not*
return any other information about those in utsname.machine, so that
we don't end up with "riscv64abcde" nonsense.  Instead those
extensions will be exposed in /proc/cpuinfo similar to how flags
work in x86.
2016-10-07 14:56:27 +02:00
Lennart Poettering
875ca88da5 manager: tighten incoming notification message checks
Let's not accept datagrams with embedded NUL bytes. Previously we'd simply
ignore everything after the first NUL byte. But given that sending us that is
pretty ugly let's instead complain and refuse.

With this change we'll only accept messages that have exactly zero or one NUL
bytes at the very end of the datagram.
2016-10-07 12:14:33 +02:00
Lennart Poettering
045a3d5989 manager: be stricter with incomining notifications, warn properly about too large ones
Let's make the kernel let us know the full, original datagram size of the
incoming message. If it's larger than the buffer space provided by us, drop the
whole message with a warning.

Before this change the kernel would truncate the message for us to the buffer
space provided, and we'd not complain about this, and simply process the
incomplete message as far as it made sense.
2016-10-07 12:12:10 +02:00
Lennart Poettering
c55ae51e77 manager: don't ever busy loop when we get a notification message we can't process
If the kernel doesn't permit us to dequeue/process an incoming notification
datagram message it's still better to stop processing the notification messages
altogether than to enter a busy loop where we keep getting notified but can't
do a thing about it.

With this change, manager_dispatch_notify_fd() behaviour is changed like this:

- if an error indicating a spurious wake-up is seen on recvmsg(), ignore it
  (EAGAIN/EINTR)

- if any other error is seen on recvmsg() propagate it, thus disabling
  processing of further wakeups

- if any error is seen on later code in the function, warn about it but do not
  propagate it, as in this cas we're not going to busy loop as the offending
  message is already dequeued.
2016-10-07 12:08:51 +02:00
Lennart Poettering
fd9b26c6f2 Merge pull request #4300 from keszybz/mkosi
Various mkosi bits
2016-10-07 09:58:25 +02:00
Lukáš Nykrýn
24dd31c19e core: add possibility to set action for ctrl-alt-del burst (#4105)
For some certification, it should not be possible to reboot the machine through ctrl-alt-delete. Currently we suggest our customers to mask the ctrl-alt-delete target, but that is obviously not enough.

Patching the keymaps to disable that is really not a way to go for them, because the settings need to be easily checked by some SCAP tools.
2016-10-06 21:08:21 -04:00
Evgeny Vereshchagin
36264e0de5 Merge pull request #4299 from poettering/variety
ioctl socket fixes, sd-bus error updates, resolved error addition, PAM stub process priv fix
2016-10-06 23:43:08 +03:00
Lennart Poettering
97f0e76f18 user-util: rework maybe_setgroups() a bit
Let's drop the caching of the setgroups /proc field for now. While there's a
strict regime in place when it changes states, let's better not cache it since
we cannot really be sure we follow that regime correctly.

More importantly however, this is not in performance sensitive code, and
there's no indication the cache is really beneficial, hence let's drop the
caching and make things a bit simpler.

Also, while we are at it, rework the error handling a bit, and always return
negative errno-style error codes, following our usual coding style. This has
the benefit that we can sensible hanld read_one_line_file() errors, without
having to updat errno explicitly.
2016-10-06 19:04:10 +02:00
Lennart Poettering
7429b2eb83 tree-wide: drop some misleading compiler warnings
gcc at some optimization levels thinks thes variables were used without
initialization. it's wrong, but let's make the message go anyway.
2016-10-06 19:04:10 +02:00
Lennart Poettering
2d6fce8d7c core: leave PAM stub process around with GIDs updated
In the process execution code of PID 1, before
096424d123 the GID settings where changed before
invoking PAM, and the UID settings after. After the change both changes are
made after the PAM session hooks are run. When invoking PAM we fork once, and
leave a stub process around which will invoke the PAM session end hooks when
the session goes away. This code previously was dropping the remaining privs
(which were precisely the UID). Fix this code to do this correctly again, by
really dropping them else (i.e. the GID as well).

While we are at it, also fix error logging of this code.

Fixes: #4238
2016-10-06 19:04:10 +02:00
Lennart Poettering
729c6467df sd-bus: add DNS errors to the errno translation table
We generate these, hence we should also add errno translations for them.
2016-10-06 19:04:10 +02:00
Lennart Poettering
6f21e066f6 resolved: properly handle BADCOOKIE DNS error
Add this new error code (documented in RFC7873) to our list of known errors.
2016-10-06 19:04:09 +02:00
Lennart Poettering
19526c6679 sd-bus: add a few missing entries to the error translation tables
These were forgotten, let's add some useful mappings for all errors we define.
2016-10-06 19:04:09 +02:00
Lennart Poettering
429b435026 sd-device/networkd: unify code to get a socket for issuing netdev ioctls on
As suggested here:

https://github.com/systemd/systemd/pull/4296#issuecomment-251911349

Let's try AF_INET first as socket, but let's fall back to AF_NETLINK, so that
we can use a protocol-independent socket here if possible. This has the benefit
that our code will still work even if AF_INET/AF_INET6 is made unavailable (for
exmple via seccomp), at least on current kernels.
2016-10-06 19:04:01 +02:00
Zbigniew Jędrzejewski-Szmek
cd35d461be mkosi: install Fedora 25
No need to look back at the past. Fedora 25 is here (almost).
2016-10-06 11:54:24 -04:00
Zbigniew Jędrzejewski-Szmek
a10744be42 mkosi: drop git clean
This is required after systemd/mkosi#25.
2016-10-06 11:54:24 -04:00