1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-24 21:34:08 +03:00
Commit Graph

509 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
0390b094f5 meson: do not choke on time epoch when there are no git tags
github ci was failing with:

meson.build:685:16: ERROR: String '' cannot be converted to int
2020-07-23 12:25:14 +02:00
Daan De Meyer
bd190899bb Get SOURCE_EPOCH from the latest git tag instead of NEWS
Currently, each change to NEWS triggers a meson reconfigure that
changes SOURCE_EPOCH which causes a full rebuild. Since NEWS changes
relatively often, we have a full rebuild each time we pull from
master even if we pull semi-regularly. This is further compounded
when using branches since NEWS has a relatively high chance to
differ between branches which causes git to update the modification
time, leading to a full rebuild when switching between branches.

We fix this by using the creation time of the latest git tag instead.
2020-07-23 08:38:30 +02:00
Norbert Lange
55678b9eae build: skip installation of 2 files if feature is disabled
dont install systemd-update-utmp if utmp is disabled.
dont install systemd-initctl.service if sysv is disabled.
2020-07-18 13:50:39 +09:00
Zbigniew Jędrzejewski-Szmek
3994922baf meson: bump version numbers for v246 2020-07-08 17:35:54 +02:00
Lennart Poettering
7b78db28e5 homed: add support for authenticating with fido2 hmac-secret tokens 2020-07-01 11:17:28 +02:00
Lennart Poettering
1c0c4a43c6 homectl: add support for enrolling FIDO2 HMAC-SECRET tokens 2020-07-01 11:17:28 +02:00
Lennart Poettering
af4fbd463f build-sys: add libfido2 as optional dependency 2020-07-01 11:17:28 +02:00
Lennart Poettering
d80b051cea tree-wide: add new HAVE_COMPRESSION compile time flag
let's simplify the checks for ZSTD/LZ4/XZ

As suggested:

https://github.com/systemd/systemd/pull/16096#discussion_r440705585
2020-06-25 15:02:45 +02:00
Luca Boccassi
c2923fdcd7 dissect/nspawn: add support for dm-verity root hash signature
Since cryptsetup 2.3.0 a new API to verify dm-verity volumes by a
pkcs7 signature, with the public key in the kernel keyring,
is available. Use it if libcryptsetup supports it.
2020-06-25 08:45:21 +01:00
Lennart Poettering
7bf6babfa2
Merge pull request #16112 from poettering/nss-systemd-block-fix
rework nss-systemd recursion lock
2020-06-24 08:39:44 +02:00
Lennart Poettering
037b0a47b0 userdb: replace recursion lock
Previously we'd used the existance of a specific AF_UNIX socket in the
abstract namespace as lock for disabling lookup recursions. (for
breaking out of the loop: userdb synthesized from nss → nss synthesized
from userdb → userdb synthesized from nss → …)

I did it like that because it promised to work the same both in static
and in dynmically linked environments and is accessible easily from any
programming language.

However, it has a weakness regarding reuse attacks: the socket is
securely hashed (siphash) from the thread ID in combination with the
AT_RANDOM secret. Thus it should not be guessable from an attacker in
advance. That's only true if a thread takes the lock only once and
keeps it forever. However, if a thread takes and releases it multiple
times an attacker might monitor that and quickly take the lock
after the first iteration for follow-up iterations.

It's not a big issue given that userdb (as the primary user for this)
never released the lock and we never made the concept a public
interface, and it was only included in one release so far, but it's
something that deserves fixing. (moreover it's a local DoS only, only
permitting to disable native userdb lookups)

With this rework the libnss_systemd.so.2 module will now export two
additional symbols. These symbols are not used by glibc, but can be used
by arbitrary programs: one can be used to disable nss-systemd, the other
to check if it is currently disabled.

The lock is per-thread. It's slightly less pretty, since it requires
people to manually link against C code via dlopen()/dlsym(), but it
should work safely without the aforementioned weakness.
2020-06-23 17:24:24 +02:00
Filipe Brandenburger
db64ba81c6 meson: build standalone version of systemd-tmpfiles
Use -Dstandalone-binaries=yes to enable building and installing this standalone
version of the binary without a dependency on the systemd-shared solib.

Also move the list of sources for systemd-tmpfiles to its own meson.build file.
2020-06-10 10:54:29 -07:00
Filipe Brandenburger
8ef8f3d5a7 meson: add a new -Dstandalone-binaries=true option
This adds an option to build standalone binaries that do not depend on the
systemd-shared library. This option can be handy to build binaries that can be
useful on a non-systemd system, binaries such as systemd-sysusers and
systemd-tmpfiles have been previously requested, but installing them with all
the required dependencies pulls in too much code that isn't really relevant for
those use cases. The standalone use case is also relevant in containers, where
minimizing the size of the container image is quite relevant.

For now, only `systemd-sysusers` is also built as a standalone binary.

The standalone binaries are installed as `/usr/bin/%{name}.standalone`, the
packaging system is reponsible for renaming those into the correct names
during the packaging step. RPM is able to do so with RemovePathPostfixes:

The default behavior is to build shared binaries only, since this option is
mainly intended for building distribution packages.

Tested that a proper separate binary is built when using this option and
that having it disabled (or using the default Meson configuration) does not
produce a binary for this option.
2020-06-10 10:54:29 -07:00
YmrDtnJu
2ffadd3cee AppArmor: Support for loading a set of pre-compiled profiles at startup time
Let systemd load a set of pre-compiled AppArmor profile files from a policy
cache at /etc/apparmor/earlypolicy. Maintenance of that policy cache must be
done outside of systemd.

After successfully loading the profiles systemd will attempt to change to a
profile named systemd.

If systemd is already confined in a profile, it will not load any profile files
and will not attempt to change it's profile.

If anything goes wrong, systemd will only log failures. It will not fail to
start.
2020-06-09 20:27:47 +02:00
Norbert Lange
63e2d1714e udev: single binary replacing udevd and udevadm
Since the separate binaries contain mostly the same code,
this almost halves the size of the installation.

before:
398K /bin/udevadm
391K /lib/systemd/systemd-udevd

after:
431K /bin/udevadm
0    /lib/systemd/systemd-udevd -> ../../bin/udevadm

Fixes: #14200
2020-06-01 09:41:21 +02:00
Benjamin Berg
8feca2472c xdg-autostart-generator: Add a generator for XDG autostart files
This generator can be used by desktop environments to launch autostart
applications and services. The feature is an opt-in, triggered by
xdg-desktop-autostart.target being activated.

Also included is the new binary xdg-autostart-condition. This binary is
used as an ExecCondition to test the OnlyShowIn and NotShowIn XDG
desktop file keys. These need to be evaluated against the
XDG_CURRENT_DESKTOP environment variable which may not be known at
generation time.

Co-authored-by: Henri Chain <henri.chain@enioka.com>
2020-05-27 09:02:10 +02:00
Norbert Lange
6589a56972 dont install systemd-initctl, runlevel, telinit if no SYSV compat
systemd-initctl executable is still built.
2020-05-26 15:04:36 +02:00
Frantisek Sumsal
c56463fdb4 meson: add fuzz-tests= option
The slow-tests= option already enables fuzzers as well, however, this
option can't be used in the "fully sanitized" runs, as certain slow
tests are affected by the performance quite significantly.

This option allows us to enable only fuzzers without the slow tests to
meet the needs of such runs.
2020-05-21 16:59:40 +02:00
Evgeny Vereshchagin
8976715804 build-system: build the fuzz targets with both ASan and UBSan
Just a follow-up to https://github.com/systemd/systemd/pull/15860
2020-05-20 16:07:13 +02:00
Lennart Poettering
23769fb371 cryptsetup: split out key loading from pkcs11 code and teach search path logic
Let's do some rearrangements, so that we can later on use this to
automatically search for a key file.
2020-05-19 17:28:16 +02:00
Norbert Lange
cdf7ad38b6 allow removal of initrd services 2020-05-19 10:19:18 +02:00
Dimitri John Ledkov
6dbf352cfb meson: initialize time-epoch to reproducible builds compatible value
Debian Policy encourages to preserve timestamps whenever possible in the
tarballs, thus stable release updates of systemd usually do not bump NEWS file
timestamp. And thus time-epoch remains the same for the lifetime of a release.

It would be better, if each new stable release rebuild of systemd would bump
the time epoch a bit. But at the same time remain
reproducible. SOURCE_DATE_EPOCH is an environmnet variable defined for this
purpose. Thus if available, prefer that, instead of the NEWS file modification
time.

For example, on Debian/Ubuntu under the reproducible builds the
SOURCE_DATE_EPOCH is set to the timestamp from the packaging metadata, thus it
is incremented on every new stable release update, whilst preserving
reproducible builds capability.

Reference: https://reproducible-builds.org/docs/timestamps/
2020-05-18 08:45:01 +02:00
Zbigniew Jędrzejewski-Szmek
94c0c5b7ea shared/ethtool-util: hush gcc warnings about array bounds
[127/1355] Compiling C object 'src/shared/5afaae1@@systemd-shared-245@sta/ethtool-util.c.o'
../src/shared/ethtool-util.c: In function ‘ethtool_get_permanent_macaddr’:
../src/shared/ethtool-util.c:260:60: warning: array subscript 5 is outside the bounds of an interior zero-length array ‘__u8[0]’ {aka ‘unsigned char[]’} [-Wzero-length-bounds]
  260 |                 ret->ether_addr_octet[i] = epaddr.addr.data[i];
      |                                            ~~~~~~~~~~~~~~~~^~~
In file included from ../src/shared/ethtool-util.c:5:
../src/shared/linux/ethtool.h:704:7: note: while referencing ‘data’
  704 |  __u8 data[0];
      |       ^~~~
../src/shared/ethtool-util.c: In function ‘ethtool_set_features’:
../src/shared/ethtool-util.c:488:31: warning: array subscript 0 is outside the bounds of an interior zero-length array ‘__u32[0]’ {aka ‘unsigned int[]’} [-Wzero-length-bounds]
  488 |         len = buffer.info.data[0];
      |               ~~~~~~~~~~~~~~~~^~~
In file included from ../src/shared/ethtool-util.c:5:
../src/shared/linux/ethtool.h:631:8: note: while referencing ‘data’
  631 |  __u32 data[0];
      |        ^~~~

The kernel should not define the length of the array, but it does. We can't fix
that, so let's use a cast to avoid the warning.

For https://github.com/systemd/systemd/issues/6119#issuecomment-626073743.

v2:
- use #pragma instead of a cast. It seems the cast only works in some cases, and
  gcc is "smart" enough to see beyond the cast. Unfortunately clang does not support
  this warning, so we need to do a config check whether to try to suppress.
2020-05-11 13:57:11 +02:00
Zbigniew Jędrzejewski-Szmek
f2a8372e37
Merge pull request #15703 from poettering/homed-tweak-default-storage
homed: avoid double encryption
2020-05-08 16:57:14 +02:00
Zbigniew Jędrzejewski-Szmek
165bda37ba
Merge pull request #15718 from poettering/tmpfiles-offline
tmpfiles: read /etc/passwd + /etc/group with fgetpwent()/fgetgrent() if --root= is specified
2020-05-08 11:22:19 +02:00
Lennart Poettering
c76dd733af homed: make default storage/file system type configurable in homed.conf 2020-05-07 23:33:09 +02:00
Zbigniew Jędrzejewski-Szmek
eef4b80033 Add a basic test that the configured fallback hostname is OK
Ideally, assert_cc() would be used for this, so that it is not possible to even
compile systemd with something like '-Dfallback-hostname=.foo'. But to do a
proper check we need to call hostname_is_valid(), and we cannot depend on being
able to run code (e.g. during cross-compilation). So let's do a very superficial
check in meson, and a proper on in test-util.
2020-05-07 17:35:26 +02:00
Lennart Poettering
a3451c2c4c tmpfiles: optionally, read /etc/passwd + /etc/group without NSS
There are two libc APIs for accessing the user database: NSS/getpwuid(),
and fgetpwent(). if we run in --root= mode (i.e. "offline" mode), let's
use the latter. Otherwise the former. This means tmpfiles can use the
database included in the root environment for chowning, which is a lot
more appropriate.

Fixes: #14806
2020-05-07 16:35:20 +02:00
Zbigniew Jędrzejewski-Szmek
dd1e33c8dc meson: drop "meson-" prefix from various helper script filenames
In a few cases, the prefix was originally necessary because a different helper
script was used for automake, and a different one for meson. But now we use
meson exclusively, and the prefix isn't useful. This also synchronizes the
target name, file name, and variable name in meson.build. The targets exposed
by meson didn't have the prefix, so the user interface is unchanged.

(The prefix is retained in the few tools that are used for meson itself,
e.g. meosn-vcs-tag.sh, meson-make-symlink.sh, etc.)
2020-05-07 13:57:48 +02:00
Benjamin Robin
0454681395 meson: Do not drop warnings (unused variable) when NDEBUG is defined
This is no longer needed, since there is now no warning with NDEBUG
defined
2020-05-06 23:03:25 +02:00
Zbigniew Jędrzejewski-Szmek
ba5a389d24 Merge pull request #15473 from keszybz/bus-introspection 2020-05-06 15:00:07 +02:00
Evgeny Vereshchagin
7f3a5eb70e build-system: bring back 'nonnull'
Having taken a look at https://github.com/systemd/systemd/runs/645252074?check_suite_focus=true
where fuzz-journal-remote failed with
```
AddressSanitizer:DEADLYSIGNAL
=================================================================
==16==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f864f98948e bp 0x7ffde5c6b7c0 sp 0x7ffde5c6b560 T0)
==16==The signal is caused by a READ memory access.
==16==Hint: address points to the zero page.
SCARINESS: 10 (null-deref)
    #0 0x7f864f98948e in output_short /work/build/../../src/systemd/src/shared/logs-show.c
    #1 0x7f864f984624 in show_journal_entry /work/build/../../src/systemd/src/shared/logs-show.c:1154:15
    #2 0x7f864f984b63 in show_journal /work/build/../../src/systemd/src/shared/logs-show.c:1239:21
    #3 0x4cabab in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-journal-remote.c:67:21
    #4 0x51fd16 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15
    #5 0x51c330 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:470:3
    #6 0x523700 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__1::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/libfuzzer/FuzzerLoop.cpp:765:7
    #7 0x5246cd in fuzzer::Fuzzer::Loop(std::__1::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/libfuzzer/FuzzerLoop.cpp:792:3
    #8 0x4de3d1 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:824:6
    #9 0x4cfb47 in main /src/libfuzzer/FuzzerMain.cpp:19:10
    #10 0x7f864e69782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #11 0x41f2a8 in _start (out/fuzz-journal-remote+0x41f2a8)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /work/build/../../src/systemd/src/shared/logs-show.c in output_short
==16==ABORTING
MS: 0 ; base unit: 0000000000000000000000000000000000000000
0x44,0x3d,0xa,0x5f,0x5f,0x52,0x45,0x41,0x4c,0x54,0x49,0x4d,0x45,0x5f,0x54,0x49,0x4d,0x45,0x53,0x54,0x41,0x4d,0x50,0x3d,0x31,0xa,0xa,
D=\x0a__REALTIME_TIMESTAMP=1\x0a\x0a
artifact_prefix='./'; Test unit written to ./crash-d635b9dd31cceff3c912fd45e1a58d7e90f0ad73
Base64: RD0KX19SRUFMVElNRV9USU1FU1RBTVA9MQoK
```
I was wondering why it hadn't been caught by the compiler even though clang should have failed to compile it with
```
../src/shared/logs-show.c:624:25: warning: null passed to a callee that requires a non-null argument [-Wnonnull]
                        print_multiline(f, 4 + fieldlen + 1, 0, OUTPUT_FULL_WIDTH, 0, false,
                        ^
../src/shared/logs-show.c:161:24: note: callee declares array parameter as static here
                size_t highlight[static 2]) {
                       ^        ~~~~~~~~~~
../src/shared/logs-show.c:1239:21: warning: null passed to a callee that requires a non-null argument [-Wnonnull]
                r = show_journal_entry(f, j, mode, n_columns, flags, NULL, NULL, ellipsized);
                    ^                                                      ~~~~
../src/shared/logs-show.c:1133:30: note: callee declares array parameter as static here
                const size_t highlight[static 2],
                             ^        ~~~~~~~~~~
2 warnings generated.
```

Given that judging by https://github.com/systemd/systemd/issues/13039 it doesn't seem to be
the first time issues like that have been missed I think it would be better to turn nonnull on
and get around false positives on a case-by-case basis with DISABLE_WARNING_NONNULL .. REENABLE_WARNING

Reopens https://github.com/systemd/systemd/issues/6119
2020-05-06 09:50:57 +02:00
Zbigniew Jędrzejewski-Szmek
81e06775be meson: add man/update-dbus-docs target 2020-05-05 22:41:23 +02:00
Norbert Lange
ef5924aa31 coredump: add zstandard support for coredumps
this will hook libzstd into coredump,
using this format as default.
2020-05-04 10:59:43 +02:00
Zbigniew Jędrzejewski-Szmek
460e5af05d meson: test userdbctl and homectl --help 2020-04-28 09:56:24 +02:00
Zbigniew Jędrzejewski-Szmek
6164ec4c93 meson: modernize indentation
By using a newline after executable( and run_target(, we get less
indentation and the indentation level does not change when the returned
object is saved to a variable.
2020-04-28 09:53:51 +02:00
Jakov Smolic
f30bf4d937
Include new configure options in features list
Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
2020-04-16 10:40:31 +02:00
Jakov Smolic
dd0f79523f
Add new meson configure option for controlling systemd-analyze support
Enables building systemd without systemd-analyze, which in
return saves approx. 4 MB of space upon installing systemd.

Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
2020-04-15 17:53:43 +02:00
Zbigniew Jędrzejewski-Szmek
3614df0575 meson,resolved: make default LLMNR= and MulticastDNS= values configurable
For https://fedoraproject.org/wiki/Changes/systemd-resolved.
2020-04-15 14:37:21 +02:00
Frantisek Sumsal
15529f5cea
Merge pull request #14338 from keszybz/functional-test-rework
Functional test rework
2020-03-30 16:25:12 +02:00
Evgeny Vereshchagin
6b8d32ea7b ci: turn off FuzzBuzz
I don't think anyone uses it.
2020-03-30 14:57:22 +02:00
Zbigniew Jędrzejewski-Szmek
e2d612a8e4 meson: use find_program() for add-git-hook.sh
On azure systemd.systemd ci, the build would fail with:
meson.build:53:0: ERROR: Program or command '/home/appuser/fuzzer/tools/add-git-hook.sh' not found or not executable

We use find_program() for all helpers, so let's do it for this one too.
This should solve the issue, whatever it exactly is.
2020-03-28 12:37:28 +01:00
Zbigniew Jędrzejewski-Szmek
e29e4d5742 test: convert TEST-45 to a normal meson test
On my laptop, it now takes 0.23 s. We don't need the overhead of creating
an image and spawning a machine to mangle a file in /tmp.
2020-03-28 11:50:38 +01:00
Zbigniew Jędrzejewski-Szmek
fbaa11372b test: convert TEST-35-NETWORK-GENERATOR into a unit test 2020-03-28 11:46:48 +01:00
Zbigniew Jędrzejewski-Szmek
96d33e4ac0 Rename _PATH variables to _DIR when they refer to a directory
We were very inconsistent in this, but in general _PATH signifies
a search path (separated with :), and _DIR signifies a single directory.
2020-03-27 20:12:45 +01:00
Zbigniew Jędrzejewski-Szmek
b6261be84d meson: report -Dinstall-tests in summary 2020-03-22 10:22:42 +01:00
Florian Klink
f14266c843 meson.build: drop unused SYSTEMD_SLEEP_BINARY_PATH
seems usage was dropped in ddcbc87378.
2020-03-09 14:52:30 +01:00
Robert Scheck
fd74a13e85 timesync, meson: allow statically linked build
Build option "link-timesyncd-shared" to build a statically linked
systemd-timesyncd by using

  -Dlink-udev-shared=false -Dlink-timesyncd-shared=false

on systems with full systemd stack except systemd-timesyncd, such
as RHEL/CentOS 8.
2020-03-04 10:46:10 +01:00
Zbigniew Jędrzejewski-Szmek
6ffeca8c8f meson: explain GIT_VERSION and PROJECT_VERSION
Fixes #11415.
2020-02-28 16:54:33 +01:00
Zbigniew Jędrzejewski-Szmek
384db814ee meson: bump version numbers for v245 2020-02-05 10:20:56 +01:00