1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-22 13:33:56 +03:00
Commit Graph

56035 Commits

Author SHA1 Message Date
Jonas Gorski
b19b7c67e9 core: fix build when seccomp is off
Something went wrong when 6aa2c55522 was
cherry-picked for v250-stable, causing it to fail to build when seccomp
is disabled.

Fix this by changing the code to how it looks like in other versions of
the backported commit, slightly adapted to the file's style in v250.

Fixes the following build error:

| ../git/src/core/main.c: In function 'parse_config_file':
| ../git/src/core/main.c:721:101: error: lvalue required as unary '&' operand
|   721 |                 { "Manager", "SystemCallArchitectures",      config_parse_syscall_archs,         0, &DISABLED_CONFIGURATION                },
|       |                                                                                                     ^

Fixes: 8e8c7d5114 ("pid1: generate compat warning for SystemCallArchitectures= if seccomp is off")
2024-09-12 19:56:14 +02:00
Michal Sekletar
4ada129058 resolved: actually check authenticated flag of SOA transaction
Fixes #25676

(cherry picked from commit 3b4cc1437b)
(cherry picked from commit 6da5ca9dd6)
(cherry picked from commit 029272750f)
(cherry picked from commit 5c149c77cb)
(cherry picked from commit bb78da7f95)
(cherry picked from commit f58fc88678)
2023-12-24 11:50:31 +01:00
Luca Boccassi
65fe9f3080 boot: skip loading DTBs in type 1 when secure boot is enabled
The kernel loads the DTB from EFI before ExitBootServices():

https://github.com/torvalds/linux/blob/v6.5/drivers/firmware/efi/libstub/fdt.c#L245

DTBs can map and assign arbitrary memory ranges. The kernel refuses
to load one from the dtb= kernel command line parameter when secure
boot is enabled, as it's not safe. Let's do the same for type 1
entries, as they are unverified.

This only affects arm64 and riscv64, firmwares do not support DTB
on x86.

(cherry picked from commit 4b4d612d86)
(cherry picked from commit c1404fff32)
(cherry picked from commit 7844c655be)
(cherry picked from commit f381320760)
(cherry picked from commit 3c97ff5907)
2023-09-20 13:03:55 +01:00
msizanoen1
53353de5b0 test-escape: Add tests for escaping bogus UTF-8 sequences
(cherry picked from commit 582843ee37)
(cherry picked from commit c4e7cf2bd7)
(cherry picked from commit dec5e2e7b5)
(cherry picked from commit 11ecf66646)
2023-03-05 23:19:17 +00:00
msizanoen1
fb016a1339 escape: Ensure that output is always valid UTF-8
This ensures that shell string escape operations will not produce output
with invalid UTF-8 from the input by escaping invalid UTF-8 data as if
they were single byte characters.

(cherry picked from commit 00f57157f3)
(cherry picked from commit e906fd2421)
(cherry picked from commit e0a674f7f8)
(cherry picked from commit dfa043ae1f)
2023-03-05 23:19:17 +00:00
Frantisek Sumsal
654e805496 virt: correctly detect QEMU emulated pSeries guests
Resolves: #26629
(cherry picked from commit 8c7a6c742a)
(cherry picked from commit 1a22006574)
(cherry picked from commit 48911dc5ec)
(cherry picked from commit 085795656a)
2023-03-05 23:19:17 +00:00
Lennart Poettering
fadf3c4099 psi-util: fix error handling
We checked ERRNO_IS_NOT_SUPPORTED on a possible positive non-error code,
which isn't right.

Fix that. Also add caching, since we are about to call this more often.

(cherry picked from commit 90ec8ebe33)
(cherry picked from commit 5ee19fdfa0)
(cherry picked from commit 8e6234064d)
(cherry picked from commit cb4f512f47)
2023-03-05 23:19:17 +00:00
David Tardon
5d0fb9483a systemctl: print better message if default target is masked
If the default target is masked, `systemctl get-default` prints

  Failed to get default target: Operation not possible due to RF-kill

That's a bit too cryptic, so let's make it clear what's actually
happening.

Fixes #26589.

(cherry picked from commit 7c78a19322)
(cherry picked from commit 144ac494ec)
(cherry picked from commit 30eae23c4a)
(cherry picked from commit 407726df07)
2023-03-05 23:19:17 +00:00
Lennart Poettering
6d5014e85f man: add two missing commands to synopsys
(cherry picked from commit aff131775b)
(cherry picked from commit dc98d58dd8)
(cherry picked from commit 7d3af1ff11)
(cherry picked from commit 09174303d1)
2023-03-05 23:19:17 +00:00
Yu Watanabe
0d386bb7d6 core/dbus-socket: check the socket path is absolute
In config_parse_socket_listen(), we have checked the path is absolute,
however we have not in the dbus method.

(cherry picked from commit 4de2b47bde)
(cherry picked from commit e093acd062)
(cherry picked from commit 22d1f01b05)
(cherry picked from commit 1a4634b6f4)
2023-03-05 23:19:17 +00:00
Yu Watanabe
056fbe84ef sd-event: fix error handling
Follow-up for 6d2326e036.

(cherry picked from commit 1912f790fe)
(cherry picked from commit a719c2ec2f)
(cherry picked from commit dd6561ff3e)
(cherry picked from commit 8be4af4204)
2023-03-05 23:19:17 +00:00
Yu Watanabe
f1a8b69808 sd-event: always initialize sd_event.perturb
If the boot ID cannot be obtained, let's first fallback to the machine
ID, and if still cannot, then let's use 0.
Otherwise, no timer event source cannot be triggered.

Fixes #26549.

(cherry picked from commit 6d2326e036)
(cherry picked from commit 58c821af60)
(cherry picked from commit 78976199b2)
(cherry picked from commit ac04d804c3)
2023-03-05 23:19:17 +00:00
Yu Watanabe
92f8a86f2b systemctl: show "Until:" field only for service and scope units
Only service and scope units have RuntimeMaxUSec bus property.
To suppress the "Until:" field for other unit types, the entry must be
initialized with USEC_INFINITY.

Fixes #26473.

(cherry picked from commit b59052be26)
(cherry picked from commit 2bfb07b22f)
(cherry picked from commit 028cee00dd)
(cherry picked from commit e385eb57dc)
2023-03-05 23:19:17 +00:00
Zbigniew Jędrzejewski-Szmek
7cafc74085 tmpfiles.d: drop misleading comment
I'm not sure what "suffix" was meant by this comment, but the file has the usual suffix.
The file was added with the current name back in c4708f1323.
Maybe an earlier version of the patch did something different.

(cherry picked from commit 9c7188547c)
(cherry picked from commit d9abd8babe)
(cherry picked from commit 2ca2390b11)
(cherry picked from commit 3339b23f4c)
2023-03-05 23:19:17 +00:00
Zbigniew Jędrzejewski-Szmek
81bcca471a efi: drop executable-stack bit from .elf file
An rpminspect test in Fedora/RHEL is flagging our stub files as having an
executable stack. The check is correct:

$ readelf --wide --program-headers build/src/boot/efi/linuxx64.elf.stub | rg -i stack
  GNU_STACK      0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RWE 0x10

It seems to be just an omission in the linker script… None of the objects that
are linked into the stub are marked as requiring an executable stack:

$ readelf --wide --sections build/src/boot/efi/*.c.o \
  /usr/lib/gnuefi/x64/libgnuefi.a \
  /usr/lib/gnuefi/x64/libefi.a \
  /usr/lib/gcc/x86_64-redhat-linux/12/libgcc.a \
  | rg '.note.GNU-stack.*X'
(nothing)

On aarch64 we end up with a nonexecutable stack, but on ia32 and x64 we get one,
so this might be just a matter of defaults in the linker. It doesn't matter
greatly, but let's mark the stack as non-executable to avoid the warning.

Note: '-Wl,-z' is not needed, things work with just '-z'.
(cherry picked from commit 1eca770933)
(cherry picked from commit 44c2ff5b1e)
(cherry picked from commit 4f4344e3a5)
(cherry picked from commit c68ae31edb)
2023-03-05 23:19:17 +00:00
Lennart Poettering
f61016afa7 homectl: add missing break
(cherry picked from commit 464ec1dec7)
(cherry picked from commit eae11e3f06)
(cherry picked from commit 8af5e945c7)
(cherry picked from commit 73fd236311)
2023-03-05 23:19:17 +00:00
Zbigniew Jędrzejewski-Szmek
f74a15ecfc man/tmpfiles.d: adjust the table in synopsis, improve spelling
r and R take globs, so let's name the argument appropriately in the tl;dr listing.

Also, use 'clean-up' in the file name where it represents the verb "clean up",
and other minor spelling adjustments.

(cherry picked from commit 164297cd9a)
(cherry picked from commit aac692160e)
(cherry picked from commit e72f1676af)
(cherry picked from commit 88302d7f84)
2023-03-05 23:19:17 +00:00
Yu Watanabe
9587156920 process-util: show requested process name in the log
This is useful for debugging issues like #26474.

(cherry picked from commit b9fadf2e2c)
(cherry picked from commit ba1cb4156b)
(cherry picked from commit 892fe5d204)
(cherry picked from commit bfbd75cf87)
2023-03-05 23:19:17 +00:00
Mike Yuan
37b20aa49a journalctl: fix output when --lines is used with --grep
Previously, we skip the entries before arg_lines
unconditionally, which doesn't behave correctly
when used with --grep. After this commit, when
a pattern is specified, we don't skip the entries
early, but rely on the count of the lines shown
to tell us when to stop. To achieve that we would
have to search backwards instead.

Fixes #25147

(cherry picked from commit db4691961c)
(cherry picked from commit c4cdbb978f)
(cherry picked from commit e9889190be)
(cherry picked from commit a90a4560ff)
2023-03-05 23:19:17 +00:00
Jan Janssen
8a9b918e17 boot: Fix assertion failure
The TPM code expects a description unless the PCR index indicates that
no measurements have to take place. The assert was preempting this
check from happening.

Fixes: #26428
(cherry picked from commit f92428eae5)
(cherry picked from commit cd5de2811a)
(cherry picked from commit ac3d8922df)
(cherry picked from commit 2cf90e13f5)
2023-03-05 23:19:17 +00:00
Lennart Poettering
8e8c7d5114 pid1: generate compat warning for SystemCallArchitectures= if seccomp is off
(cherry picked from commit 6aa2c55522)
(cherry picked from commit 01b90e1588)
(cherry picked from commit 7c9b9c8d93)
(cherry picked from commit 292debc981)
2023-03-05 23:19:17 +00:00
Yu Watanabe
4cba8e33f8 core/mount: fix default target for /sysusr/usr and its child
Follow-up for 29a24ab28e.

(cherry picked from commit dbfc096095)
(cherry picked from commit a3177cbe54)
(cherry picked from commit 6e8d76f776)
(cherry picked from commit 4647e86922)
2023-03-05 23:19:17 +00:00
Joan Bruguera
74d5f34b0a resolved: Fall back to TCP if UDP is blocked
If UDP is blocked on the system (e.g. by iptables or BPF), the kernel will
return EPERM on some or all of the system calls (connect, sendmsg, etc.).
In this case, try to fall back to TCP, which hopefully will not be blocked.

(cherry picked from commit 3dd6336ad0)
(cherry picked from commit a88e35bf95)
(cherry picked from commit 58cbb7a89b)
(cherry picked from commit 5f6a369a6a)
2023-03-05 23:19:17 +00:00
Yu Watanabe
85771e8df5 sysusers: also add root group
Follow-up for 49bb7fe5f8.

Fixes an issue reported at
https://github.com/systemd/systemd/pull/26270#issuecomment-1428945403.

(cherry picked from commit 9361a712f8)
(cherry picked from commit e91a304274)
(cherry picked from commit f32581ac80)
2023-02-16 20:59:05 +00:00
Daan De Meyer
2b068e24ba test-boot-timestamp: Handle ERANGE error
Timestampfs from sysfs files can be zero in which case ERANGE will
be returned so let's make sure we catch that.

(cherry picked from commit 0da4cc97b4)
(cherry picked from commit ef96e60f18)
(cherry picked from commit 18a2aaf2f6)
2023-02-16 15:02:59 +00:00
ml
1b7b67d22a man: fix directory for user home bind mounts
(cherry picked from commit f39d7d00a3)
(cherry picked from commit bfaf02348e)
(cherry picked from commit 067b5b7e89)
2023-02-16 15:02:59 +00:00
ml
b98d71f53c nspawn: fix directory in logged error
(cherry picked from commit 7b03b44ed9)
(cherry picked from commit cad1e9c53d)
(cherry picked from commit 3a44be9ad0)
2023-02-16 15:02:59 +00:00
Lennart Poettering
54b580e1a7 core: when isolating to a unit, also keep units running that are triggered by units we keep running
Inspired by: #26364

(this might even "fix" #26364, but without debug logs it's hard to make
such claims)

Fixes: #23055
(cherry picked from commit 32d6707dd1)
(cherry picked from commit c973e2295c)
(cherry picked from commit bfe6d1d197)
2023-02-13 21:10:07 +00:00
Samuel Cabrero
dde473ed45 userdb: Use json_dispatch_user_group_name() to parse GetMembership fields
It allows to relax the checks and allow characters like '\', used by
windows to split the domain name and user name.

For reference, discussion in the systemd-devel mailing list:
https://lists.freedesktop.org/archives/systemd-devel/2023-February/048804.html

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
(cherry picked from commit edd5ec2373)
(cherry picked from commit 68d11465e4)
(cherry picked from commit 132e153b90)
2023-02-13 21:10:07 +00:00
Luca Boccassi
3271bc9bec README: explicitly note that util-linux's mount/swap are required
These are the most visible and hard requirements, as we use options that
busybox does not provide, so list them explicitly to avoid surprises

(cherry picked from commit 164070e497)
(cherry picked from commit 0dc9f7335d)
(cherry picked from commit facb134183)
2023-02-13 21:10:07 +00:00
Zbigniew Jędrzejewski-Szmek
1734d9629d man: fix section number
Fixes #26376.

(cherry picked from commit 359c14368e)
(cherry picked from commit ebada36b7b)
(cherry picked from commit a05470812a)
2023-02-13 21:10:07 +00:00
Zbigniew Jędrzejewski-Szmek
4502e7928c manager: "downgrade" message about command vanishing from the unit file
We would print "Current command vanished from the unit file, execution of
the command list won't be resumed." as a warning, but most of the time there
is nothing to resume, because a unit has just one command. So let's detect
the case where the command that was active is the last command in the sequence
and skip the warning.

I was considering how to store the information that the command is last. An
important consideration is not to use a format that would confuse older versions
of systemd. (It wouldn't be a big problem if older systemd just refused the
new serialization, since we require systemd to be newer, but we should avoid
the case where the deserialization is "successful", but actually incorrect.)
Similarly, the deserialization from the old systemd must not confuse new systemd.
For this command, we have a list of arguments at the end, so just adding a
new field either in the middle or at the end is problematic because it's hard
to ensure that we don't mix up the positional and variable arguments.

We actually need to store just one bit of information, so '+' is prefixed on
the index of the last command and used by new systemd to skip the warning.
When deserializing from older systemd, '+' is not present, so we detect all
commands as "not last", and still emit the warning, so we err on the side of
caution. If the user were to deserialize from newer to older systemd, nothing
untoward would happen, because the '+' is ignored. (Users shouldn't do this,
but we know that this occasionally happens with initrds or exitrds and package
downgrades.)

(cherry picked from commit a99bd455b5)
(cherry picked from commit 9bb72a4e96)
(cherry picked from commit a71be850b5)
2023-02-13 21:10:07 +00:00
Zbigniew Jędrzejewski-Szmek
eeb9299eee test-parse-util: add tests with explicit plus character
I expected this to work, but our tests did not cover this
explicitly.

(cherry picked from commit 8eb491f499)
(cherry picked from commit 7c0ac515c8)
(cherry picked from commit 36c35e765d)
2023-02-13 21:10:07 +00:00
Zbigniew Jędrzejewski-Szmek
c20388003e core/service: constify ExecCommand* in two functions
(cherry picked from commit 502096b565)
(cherry picked from commit e811aead84)
(cherry picked from commit b4df64597b)
2023-02-13 21:10:07 +00:00
Luca Boccassi
0a3a54c069 core: imply DeviceAllow=/dev/tpmrm0 with LoadCredentialEncrypted
If the device access policy is restricted, add implicitly access to the TPM
if at least one encrypted credential needs to be loaded.

Fixes https://github.com/systemd/systemd/issues/26042

(cherry picked from commit 398dc7d39b)
(cherry picked from commit f0126ad7f9)
(cherry picked from commit 158760941f)
2023-02-13 21:10:07 +00:00
Yu Watanabe
4d447fb910 udevd: configure a child process name for worker processes
This effectively reverts commit ff86c92e30,
and re-apply 49f3ee7e74.

The change was dropped due to the process name was not correctly logged,
but the issue was fixed by dd15e4cb57.
Let's set the child process name again.

(cherry picked from commit e955a7f460)
(cherry picked from commit 62055cfd4b)
(cherry picked from commit a87c01d202)
2023-02-13 21:10:07 +00:00
Lennart Poettering
125655d13d journal: print a useful error message if we hit the journal file open limit
See: #20921
(cherry picked from commit 763c46defa)
(cherry picked from commit 1187340c9d)
(cherry picked from commit 2c984010bc)
2023-02-13 21:10:07 +00:00
Yu Watanabe
9fbbd7bf28 argv-util: also update program_invocation_short_name
Our logging uses program_invocation_short_name. Without this patch,
logs from forked client may become broken; spuriously truncated or
the short invocation name is not completely shown in the log.

(cherry picked from commit dd15e4cb57)
(cherry picked from commit ce4726468d)
(cherry picked from commit 7a862d9d1a)
2023-02-13 21:10:07 +00:00
Zbigniew Jędrzejewski-Szmek
53be27c44b repart: fix invalid errno in log
(cherry picked from commit 375ffdba43)
(cherry picked from commit 31b7785814)
(cherry picked from commit 828e73a7bb)
2023-02-13 21:10:07 +00:00
Robin Humble
a2dc9e3be9 pid1: fix segv triggered by status query (#26279)
If any query makes it to the end of install_info_follow() then I think symlink_target is set to NULL.
If that is followed by -EXDEV from unit_file_load_or_readlink(), then that causes basename(NULL)
which segfaults pid 1.

This is triggered by eg. "systemctl status crond" in RHEL9 if

/etc/systemd/system/crond.service
  -> /ram/etc/systemd/system/crond.service
  -> /usr/lib/systemd/system/.crond.service.blah.blah
  -> /usr/lib/systemd/system/crond.service

(cherry picked from commit 19cfda9fc3)
(cherry picked from commit 015b0ca928)
(cherry picked from commit 9a906fae89)
2023-02-13 21:10:07 +00:00
Jan Janssen
8523187071 meson: Install missing bash-completions
(cherry picked from commit 7b2f84e3f2)
(cherry picked from commit 6d8885af57)
(cherry picked from commit 3ae3405989)
2023-02-13 21:10:07 +00:00
Jan Janssen
0691c16e34 meson: Install missing network file
(cherry picked from commit 17be6f2709)
(cherry picked from commit aa79d157af)
(cherry picked from commit 8a91017dad)
2023-02-13 21:10:07 +00:00
Jan Janssen
9c232539c7 meson: Install all catalogs
(cherry picked from commit 3774ff06f2)
(cherry picked from commit 5bad071f73)
(cherry picked from commit 4aa6be359f)
2023-02-13 21:10:07 +00:00
Rudi Heitbaum
078ce6450a glibc: Conditionally #include <linux/fs.h> to resolve fsconfig_command/mount_attr conflict with glibc 2.36
Co-authored-by: Frantisek Sumsal <frantisek@sumsal.cz>
(cherry picked from commit 1bb6ba08b1)
(cherry picked from commit a8b9c4766d)
(cherry picked from commit f048fba73f)
2023-02-13 21:10:07 +00:00
Zbigniew Jędrzejewski-Szmek
1adad5d279 sysusers: insist that root group is 0
In https://bugzilla.redhat.com/show_bug.cgi?id=2156900 sysusers was reporting a
conflict between the following lines:
  u root 0:0 "Super User" /root /bin/bash
  u root    0     "Super User" /root

The problem is that those configurations are indeed not equivalent. If group 0
exists with a different name, the first line would just create the user, but the
second line would create a 'root' group with a different GID. The second
behaviour seems definitely wrong. (Or at least more confusing in practice than
the first one. The system is in a strange shape, but the second approach takes
an additional step than is worse than doing nothing.)

When this line was initially added, we didn't have the uid:gid functionality for
'u', so we didn't think about this too much. But now we do, so we should use it.

$ build/systemd-sysusers --root=/var/tmp/inst7 --inline 'g foobar 0'
Creating group 'foobar' with GID 0.

$ build/systemd-sysusers --root=/var/tmp/inst7 --inline 'u root 0 "Zuper zuper"'
src/sysusers/sysusers.c:1365: Creating group 'root' with GID 999.
src/sysusers/sysusers.c:1115: Suggested user ID 0 for root already used.
src/sysusers/sysusers.c:1183: Creating user 'root' (Zuper zuper) with UID 999 and GID 999.

vs.

$ build/systemd-sysusers --root=/var/tmp/inst7 --inline 'u root 0:0 "Zuper zuper"'
src/sysusers/sysusers.c:1183: Creating user 'root' (Zuper zuper) with UID 0 and GID 0.

(cherry picked from commit 49bb7fe5f8)
(cherry picked from commit 8ad3d68acd)
(cherry picked from commit c8b6bc7530)
2023-02-13 21:10:07 +00:00
Arsen Arsenović
5d8283f77d importd: Always specify file unpacked by tar
Despite popular belief, the default file extracted by GNU tar is not stdin.  It
is the value of the TAPE environment variable, falling back on a compile-time
constant.  On my system, the default value is /dev/full, which causes tar to
just spin forever due to --ignore-zeros.  Always specifying this flag is the
safe thing to do.

  ~$ tar --show-defaults
  --format=gnu -f/dev/full -b20 --quoting-style=escape
  --rmt-command=/usr/sbin/grmt

See also: ``(tar)defaults'', available via Info viewers, and in HTML form at:
https://www.gnu.org/s/tar/manual/html_node/defaults.html

(cherry picked from commit 181eea677d)
(cherry picked from commit 817b8441c4)
(cherry picked from commit 48f3e2d5c5)
2023-02-13 21:10:07 +00:00
Yu Watanabe
37d4bf1cd2 sd-dhcp-server: allow to send header only message
If we receive a header only message, and the server is running in relay
mode, then the assertion was triggered.

Fixes #26151.

(cherry picked from commit b52031dbbc)
(cherry picked from commit 7aeb2a8d4e)
(cherry picked from commit 41fdc8ed32)
2023-02-13 21:10:07 +00:00
Daan De Meyer
b5ab57bd6f resolve: Skip creating stubs if missing CAP_NET_BIND_SERVICE
If we don't have CAP_NET_BIND_SERVICE, we won't be able to bind
the stub listener socket, so let's skip creating it and log a warning.

We do the same for the extra stubs if they're configured on privileged
ports.

(cherry picked from commit 0398c084ef)
(cherry picked from commit ab877f7072)
(cherry picked from commit 2a36784277)
2023-02-13 21:10:07 +00:00
Daan De Meyer
92bed29fdd nspawn: Drop CAP_NET_BIND_SERVICE when in userns but not in netns
If we're in a user namespace but not unsharing the network namespace,
we won't be able to bind any privileged ports even with
CAP_NET_BIND_SERVICE, so let's drop it from the retained capabilities
so services can condition themselves on that.

(cherry picked from commit 2642d22adc)
(cherry picked from commit 3a49291f4b)
(cherry picked from commit 5037e0d27b)
2023-02-13 21:10:07 +00:00
Nick Rosbrook
70dcc16bc2 sd-netlink: add a test for rtnl_set_link_name()
Add a test that verifies a deleted alternative name is restored on error
in rtnl_set_link_name().

(cherry picked from commit b338a8bb40)
(cherry picked from commit 7299341bd1)
(cherry picked from commit 37df773b23)
2023-02-13 21:10:07 +00:00