1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-11 05:17:44 +03:00
Commit Graph

58006 Commits

Author SHA1 Message Date
Michael Biebl
8a6f966be4 Do not fail EFI build with newer binutils
Newer binutils versions currently trigger the following warnings due to
a bug in gnu-efi

on arm64:
/usr/bin/ld.bfd: warning: src/boot/efi/systemd-bootaa64.elf has a LOAD segment with RWX permissions

on amd64:
/usr/bin/ld.bfd: warning: /usr/lib/crt0-efi-x86_64.o: missing .note.GNU-stack section implies executable stack

This results in a build failure due to --fatal-warnings.
Work around this issue by suppressing those warnings until gnu-efi has
been fixed.

See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013341

(cherry picked from commit b0e5bf0451)
2022-08-08 09:51:48 +02:00
Zbigniew Jędrzejewski-Szmek
516108f273 kernel-install: fix invocation as installkernel
Fixes #23681.

(cherry picked from commit c9e7ab8c29)
2022-07-13 13:12:32 +02:00
Yu Watanabe
d36b2af987 sd-device: make sd_device_get_is_initialized() not return -ENOENT
(cherry picked from commit 591c186f2f)
2022-07-13 13:12:32 +02:00
Yu Watanabe
a03ea9798a resolve: introduce FORMAT_DNS_RCODE() macro
Fixes #23958.

(cherry picked from commit 0d609349ba)
2022-07-13 13:12:31 +02:00
Yu Watanabe
d56649142b sd-dhcp-client: fix log message
(cherry picked from commit 3857d367f0)
2022-07-13 13:12:31 +02:00
Yu Watanabe
c87c7e7231 network: drop redundant warning
If file is world readable, then `read_full_file_full()` will warn
about that.

(cherry picked from commit d5ad2ec1d4)
2022-07-13 13:12:31 +02:00
Yu Watanabe
900af21558 core/load-fragment: fix error value in log_syntax()
`extract_first_word()` may return positive value on success.

(cherry picked from commit 6a35d52d78)
2022-07-13 13:12:31 +02:00
Yu Watanabe
b7fc4ffe97 resolve: fix possible integer overflow
(cherry picked from commit 370999c05b)
2022-07-13 13:12:31 +02:00
Yu Watanabe
feb244676b resolve: fix heap-buffer-overflow reported by ASAN with strict_string_checks=1
Fixes #23942.

(cherry picked from commit beeab352de)
2022-07-13 13:12:31 +02:00
Yu Watanabe
72d4c15a94 time-util: fix buffer-over-run
Fixes #23928.

(cherry picked from commit 9102c625a6)
2022-07-13 13:12:31 +02:00
Lennart Poettering
9e73f919ab tmpfiles: correct error variable to use
(cherry picked from commit 149e0ca6c7)
2022-07-13 13:12:31 +02:00
Lennart Poettering
c377dc4832 namespace: fix propagated error number
(cherry picked from commit 1ce268c789)
2022-07-13 13:12:31 +02:00
Zbigniew Jędrzejewski-Szmek
a385019e58 systemctl: stop saying "vendor preset"
We have vendor presets, and local admin presets, and runtime presets
(under /usr/lib, /usr/local/lib and /etc, /run, respectively). When we
display preset state, it can be configured in any of those places, so
we shouldn't say anything about the origin.

(Another nice advantage is that it improves alignment:

[root@f36 ~]# systemctl list-unit-files multipathd.service
UNIT FILE          STATE   VENDOR PRESET
multipathd.service enabled enabled

^ this looks we have a "PRESET" column that is empty.)

(cherry picked from commit c1e0dc9c88)
2022-07-13 13:12:31 +02:00
Lennart Poettering
81d33ab7f6 man: "enabled commands are started at boot" is rubbish
it's enabled units, and they might be started by various forms of
activation, not just "at boot".

Fix that.

(cherry picked from commit 0c772b1cc1)
2022-07-13 13:12:31 +02:00
Lennart Poettering
2e6e30a92f json: actually use numeric C locale we just allocated
This fixes formatting of JSON real values, and uses C locale for them.
It's kinda interesting that this wasn't noticed before: the C locale
object we allocated was not used, hence doing the dance had zero effect.

This makes "test-varlink" pass again on systems with non-C locale.

(My guess: noone noticed this because "long double" was used before by
the JSON code and that had no locale supporting printer or so?)

(cherry picked from commit 93258c7d72)
2022-07-13 13:12:31 +02:00
Lennart Poettering
6e6da09bd0 sd-id128: don't allow chars > f in valid id128 values
(cherry picked from commit 82c3a0b74c)
2022-07-13 13:12:31 +02:00
Yu Watanabe
5478878067 nspawn: support PrivateUsers=identity
Follow-up for 33eac552ab.

Fixes #23825.

(cherry picked from commit 5ad08191d8)
2022-07-13 13:12:31 +02:00
Yu Watanabe
4bcd8bf893 unit: prioritize module devices
Also, prioritize tty and network devices.

Follow-up for 2336bde964

Fixes #23850.

(cherry picked from commit 12bdeb58a6)
2022-07-13 13:12:31 +02:00
Yu Watanabe
9d86a5ac92 journalctl: fix to show user slice
Fixes #23867.

(cherry picked from commit 3daf1f913c)
2022-07-13 13:12:31 +02:00
Daan De Meyer
437978fe51 journal: Fix missing parenthesis
(cherry picked from commit f63d1b0efa)
2022-07-13 13:12:31 +02:00
Yu Watanabe
0c36233a84 virt: fix detection of Parallels virtualization
If Parallels virtualization is detected from DMI, then trust that over CPUID.

Fixes issue caused by 28b1a3eac2.

Fixes #23856.

(cherry picked from commit 840a49f3dc)
2022-07-13 13:12:31 +02:00
Yu Watanabe
c45bdd7cfb sd-journal: data object may be invalid after data_object_in_hash_table()
Fixes a bug introduced by 578cd1855b.

The function `data_object_in_hash_table()` calls
`journal_file_move_to_object()` with `OBJECT_DATA`. Hence,
previously obtained pointer to a data object may be now invalid.

Fixes #23794.

(cherry picked from commit b8478c14c7)
2022-07-13 13:12:31 +02:00
Yu Watanabe
bde6e95213 test: add another test for inotify event source
The test case is for issue #23826.

(cherry picked from commit c7b5a5a736)
2022-07-13 13:12:31 +02:00
Yu Watanabe
632ba5b2f0 sd-event: make sd_event_prepare() return positive when buffered inotify data exists
Previously, even if there is buffered inotify data, sd_event_prepare()
did not process the data when there is no pending event source.

Fixes #23826.

(cherry picked from commit 067fc91702)
2022-07-13 13:12:31 +02:00
Zbigniew Jędrzejewski-Szmek
09e0ccf293 test-sd-hwdb: adjust the test to actually do anything
Without the terminating colon we wouldn't match anything, so the loop over
properties was skipped.

(cherry picked from commit 6b0485c29a)
2022-07-13 13:12:31 +02:00
Jacek Migacz
596dc75d18 emacs: ignore .dir-locals-2.el (personal customization) versioning
(cherry picked from commit 25e17bddec)
2022-07-13 13:12:31 +02:00
Yu Watanabe
0c5b7ee318 udev: allow to execute longer command line
Fixes #23607.

(cherry picked from commit c3613ee51e)
2022-07-13 13:12:31 +02:00
Yu Watanabe
b5fbf3972a core: close watchdog device if watchdog device is unspecified now
If a watchdog device was specified previously, and unspecified later and
PID1 is reloaded, then we need to close the device.

(cherry picked from commit 82d7a151db)
2022-07-13 13:12:31 +02:00
Łukasz Stelmach
12b790995c core: Fix memory leaks
arg_early_core_pattern and arg_watchdog_device hold pointers to memory
allocated with strdup() (inside path_make_absolute_cwd). The memory needs
to be freed in reset_arguments() during reload rather than forgotten.

(cherry picked from commit 919ea64f69)
2022-07-13 12:57:39 +02:00
Alban Bedel
8539a62207 units: remove the restart limit on the modprobe@.service
They are various cases where the same module might be repeatedly
loaded in a short time frame, for example if a service depending on a
module keep restarting, or if many instances of such service get
started at the same time. If this happend the modprobe@.service
instance will be marked as failed because it hit the restart limit.

Overall it doesn't seems to make much sense to have a restart limit on
the modprobe service so just disable it.

Fixes: #23742
(cherry picked from commit 9625350e53)
2022-07-13 12:57:39 +02:00
Pavel Zhukov
b777390814 Add sys/file.h for LOCK_
Fixes build with musl:
| ../git/src/shared/dissect-image.c: In function 'mount_image_privately_interactively':
| ../git/src/shared/dissect-image.c:2986:34: error: 'LOCK_SH' undeclared (first use in this function)
|  2986 |         r = loop_device_flock(d, LOCK_SH);
|       |                                  ^~~~~~~

(cherry picked from commit 19df770fe1)
2022-07-13 12:57:39 +02:00
Zbigniew Jędrzejewski-Szmek
a82d8d1916 pkgconfig,rpm: expose vars for user-tmpfiles.d location
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2098553.

(cherry picked from commit 107795a759)
2022-07-13 12:57:39 +02:00
Frantisek Sumsal
9facc51e2f test: use saved process PID instead of %%
As the `%%` specifier might fail if the current job (i.e. the last
background job) already finished:

```
[   61.692196] testsuite-04.sh[656]: ++ systemd-id128 new
[   61.705407] testsuite-04.sh[263]: + ID=912cb8f8ef304153a123f772bb0fe9e0
[   61.706318] testsuite-04.sh[657]: + systemd-cat -t 912cb8f8ef304153a123f772bb0fe9e0 bash -c 'echo parent; (echo child) & wait'
[   61.720940] testsuite-04.sh[263]: + PID=657
[   61.721126] testsuite-04.sh[263]: + wait %%
[   61.723014] testsuite-04.sh[263]: /usr/lib/systemd/tests/testdata/units/testsuite-04.sh: line 96: wait: %%: no such job
```

(cherry picked from commit 0897048500)
2022-07-13 12:57:39 +02:00
Marc Kleine-Budde
16b8ae51b0 networkctl: fix output of "status": replace "Queue Length" by "Number of Queues"
Commit 0307afc681 ("networkctl: add support to display Transmit/Recieve queue
length (#12633)") added the display of the number of RX and TX Queues to the
output of `networkctl status $DEV`. However the row description says "Queue
Length".

This patch fixes the output by replacing "Queue Length" by "Number of Queues".

Fixes: 0307afc681 ("networkctl: add support to display Transmit/Recieve queue length (#12633)")
(cherry picked from commit 25ed7633b1)
2022-07-13 12:57:39 +02:00
Yu Watanabe
996979f513 seccomp-util: make @known include @obsolete
@known is generated from syscall-list.txt, which generated from kernel
headers. So, some syscalls in @obsolete may not be listed in
syscall-list.txt.

(cherry picked from commit 6d6a08547c)
2022-07-13 12:57:39 +02:00
Yu Watanabe
20a265b416 analyze-security: always save syscall name
This reverts dd51e725df and fixes bugs
introduced by 1624114d74.

Previously,
- On online scan, the syscall filter was a string Hashmap, but it
  might contain syscall name with errno or error action. Hence, we need
  to drop the errno or error action in the string.
- On offline scan, the syscall filter was a Hashmap of syscall ID, so
  hashmap_contains() with syscall name did not work. We need to convert
  syscall IDs to syscall names.
- If hashmap_contains() in syscall_names_in_filter() is true, then
  the syscall is allowed when the list is an allow-list, and vice versa.
  Hence, the condition in syscall_names_in_filter() was errnously
  inverted by dd51e725df.

This makes syscalls are always stored with its name, instead of ID,
and also correct the condition.

Fixes #23663.

(cherry picked from commit 5862e5561c)
2022-07-13 12:57:39 +02:00
Yu Watanabe
a64c080ccf set: introduce set_put_strndup()
Note, if `n != SIZE_MAX`, we cannot check the existence of the specified
string in the set without duplicating the string. And, set_consume() also
checks the existence of the string. Hence, it is not necessary to call
set_contains() if `n != SIZE_MAX`.

(cherry picked from commit cb649d12bf)
2022-07-13 12:57:39 +02:00
Yu Watanabe
20037219b7 nspawn: fix UID map string
We send/recv the set of payload uid, host uid, payload gid, host gid.
Hence, the index must be incremented with 4, instead of 2.

Fixes #23664.

(cherry picked from commit 05ab439a62)
2022-07-13 10:49:07 +02:00
Shreenidhi Shedi
73a327d2f4 sd-journal: check retval of sd_id128_from_string call
Fixes: CID#1469712

CID 1469712 (#1 of 1): Unused value (UNUSED_VALUE)
returned_value: Assigning value from sd_id128_from_string(word + 2, &boot_id) to r here,
but that stored value is overwritten before it can be used.

(cherry picked from commit c9f5ac0917)
2022-07-13 10:48:21 +02:00
Shreenidhi Shedi
18517e849c homework: initialize we_detached
Fixes: CID#1469711

CID 1469711 (#1 of 1): Uninitialized scalar variable (UNINIT)
14. uninit_use: Using uninitialized value we_detached.

(cherry picked from commit 2f4ad53549)
2022-07-13 10:48:12 +02:00
Jan Luebbe
adcd345156 hwdb: analyzers: remove generic "STM Device in DFU Mode"
The USB ID v0483pDF11 is used by the ROM code in many STMicroelectronics
devices (for firmware download) and not just signal analyzers.

(cherry picked from commit 5d049ff920)
2022-07-13 10:42:52 +02:00
Shreenidhi Shedi
4509a06382 network: l2tp: initialize a to NULL
Fixes: CID#1475788
(cherry picked from commit a4433b4532)
2022-07-13 10:42:31 +02:00
Yu Watanabe
25158b2944 dns-domain: make each label nul-terminated
dns_label_unescape() does not nul-terminate the buffer if it does not
have enough space. Hence, if a lable is enough long, then strjoin()
triggers buffer-overflow.

Fixes #23705.

(cherry picked from commit 9db01ca5b0)
2022-06-12 14:47:59 +02:00
Elias Probst
4925a108ff systemctl: add edit verb to arguments' help text
The arguments `--global`, `--runtime` and `--root` also affect the
`edit` verb.

(cherry picked from commit 4218f81d83)
2022-06-12 11:51:11 +02:00
Jan Janssen
2c1257a590 boot: Fix bad CompareMem call
(cherry picked from commit 2d5d72c62b)
2022-06-09 17:51:57 +02:00
Zbigniew Jędrzejewski-Szmek
6ffda7bb54 sha256: fix compilation on efi-ia32
/usr/bin/gcc -c ../src/fundamental/sha256.c -o src/boot/efi/sha256.c.o -Wno-format-signedness -Wno-missing-field-initializers -Wno-unused-parameter -Wdate-time -Wendif-labels -Werror=format=2 -Werror=implicit-function-declaration -Werror=incompatible-pointer-types -Werror=int-conversion -Werror=overflow -Werror=override-init -Werror=return-type -Werror=shift-count-overflow -Werror=shift-overflow=2 -Werror=undef -Wfloat-equal -Wimplicit-fallthrough=5 -Winit-self -Wlogical-op -Wmissing-include-dirs -Wmissing-noreturn -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls -Wshadow -Wstrict-aliasing=2 -Wstrict-prototypes -Wsuggest-attribute=noreturn -Wunused-function -Wwrite-strings -Wno-unused-result -fno-stack-protector -fno-strict-aliasing -fpic -fwide-exec-charset=UCS2 -Wall -Wextra -Wsign-compare -nostdlib -std=gnu99 -ffreestanding -fshort-wchar -fvisibility=hidden -isystem /usr/include/efi -isystem /usr/include/efi/ia32 -I /builddir/build/BUILD/systemd-stable-250.7/src/fundamental -DSD_BOOT -DGNU_EFI_USE_MS_ABI -include src/boot/efi/efi_config.h -include version.h -mno-sse -mno-mmx -flto -O2 -flto=auto
../src/fundamental/sha256.c: In function ‘sha256_finish_ctx’:
../src/fundamental/sha256.c:61:25: error: ‘false’ undeclared (first use in this function)
   61 | # define UNALIGNED_P(p) false
      |                         ^~~~~
../src/fundamental/sha256.c:136:21: note: in expansion of macro ‘UNALIGNED_P’
  136 |                 if (UNALIGNED_P(resbuf))
      |                     ^~~~~~~~~~~
../src/fundamental/sha256.c:32:1: note: ‘false’ is defined in header ‘<stdbool.h>’; did you forget to ‘#include <stdbool.h>’?
   31 | #include "sha256.h"
  +++ |+#include <stdbool.h>
   32 |
...

(cherry picked from commit 38c87ca2ab)
2022-06-09 17:51:57 +02:00
Zbigniew Jędrzejewski-Szmek
eadd4f7bb0 shared/microhttp-util: silence gcc warning
../src/journal-remote/microhttpd-util.c: In function ‘check_permissions’:
../src/journal-remote/microhttpd-util.c:301:5: error: function might be candidate for attribute ‘noreturn’ [-Werror=suggest-attribute=noreturn]
  301 | int check_permissions(struct MHD_Connection *connection, int *code, char **hostname) {
      |     ^~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

Fixes #23630.

(cherry picked from commit b547241728)
2022-06-09 17:51:57 +02:00
Daan De Meyer
7028d6d2ac coredump: Fix format string type mismatch
Fixes #23471

(cherry picked from commit 08e86b15fc)
2022-06-09 17:51:57 +02:00
Christian Hesse
baa3291b5d shared/utmp-wtmp: fix build without utmp
Commit 1661833238 changed a function to
add an extra argument. The data types used when building without utmp
missed the change.

(cherry picked from commit d6e2c2d34d)
2022-06-02 22:05:22 +02:00
Zbigniew Jędrzejewski-Szmek
253052686c core/bpf: prefix log messages from different bpf subsystems
When something goes awry, we would get identical log messages from all the
bpf subsystems. E.g. "Failed to load BPF object: %m" appeared 5 times in the
sources. But it is very important to know *which* object we failed to load.
This could be guessed, e.g. from surroudning messages or from filename/line
metadata, but when we get log messages in bug reports, this might not be
available. Let's make the messages distinguishable.

While at it, some messages were adjusted a bit. In particular, we shouldn't use
internal names like BPFProgram which have no meaning outside of the codebase.

(cherry picked from commit b1acbc08e2)
2022-06-02 20:07:11 +02:00