1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-22 22:03:43 +03:00

62345 Commits

Author SHA1 Message Date
Lennart Poettering
b6033b7060 tmpfiles: automatically create /etc/credstore/ and friends
This adds a tmpfiles.d/ snippet for LoadCredential= style credentials
directories in /etc/ and /run/.

This is done primarily to ensure that the access modes for the dirs are
set up properly, in the most restrictive ways. Specifically these are
set to 0000, so that CAP_DAC_OVERRIDE is necessary to enumerate and read
the credentials, and being UID=0 is not sufficient to do so.

This creates /etc/credstore/, but leaves /run/credstore/ absent if
missing, for now. Thinking is: the latter being non-persistent is
created by software usually, not manually by users, and hence more
likely right. But dunno, we might want to revisit this sooner or later.

This is ultimately an exercise to advertise the LoadCredential= concept
a bit, and do so in a reasonably secure way, underlining the safety of
the concept.
2023-01-27 10:03:38 +01:00
Lennart Poettering
745de3506a
Merge pull request #26228 from DaanDeMeyer/resolve-cap
resolve: Skip stubs if running in a container with userns but without network namespace
2023-01-27 10:03:17 +01:00
Lennart Poettering
1ea616372d journald: don't check for -EREMCHG on open, given that open doesn't generate it
We generate EREMCHG when writing entries, but not during open, hence
don't bother with checking for it.
2023-01-27 09:41:36 +01:00
Lennart Poettering
23cd1e0962 journal: use TAKE_PTR() at one more place 2023-01-27 09:41:18 +01:00
Jan Janssen
2df8574af0 boot: Use aarch64 virtual counter
This should be used in VMs and should also yield the same value when
running on real devices. It is also what grub uses.

Fixes: #26224
2023-01-27 09:26:16 +01:00
Daan De Meyer
0398c084ef resolve: Skip creating stubs if missing CAP_NET_BIND_SERVICE
If we don't have CAP_NET_BIND_SERVICE, we won't be able to bind
the stub listener socket, so let's skip creating it and log a warning.

We do the same for the extra stubs if they're configured on privileged
ports.
2023-01-26 22:29:05 +01:00
Daan De Meyer
2642d22adc nspawn: Drop CAP_NET_BIND_SERVICE when in userns but not in netns
If we're in a user namespace but not unsharing the network namespace,
we won't be able to bind any privileged ports even with
CAP_NET_BIND_SERVICE, so let's drop it from the retained capabilities
so services can condition themselves on that.
2023-01-26 22:18:47 +01:00
Zbigniew Jędrzejewski-Szmek
5783c4f0a4
Merge pull request #26209 from PeterCxy/doc-fido2-changes
Update NEWS and docs regarding FIDO2 support in systemd-crypt{enroll,setup}
2023-01-26 16:29:06 +01:00
Peter Cai
ad901df995 NEWS: Add entry about support for multiple FIDO2 tokens 2023-01-26 09:33:28 -05:00
Peter Cai
820c66dcfc docs: Update crypt{enroll,setup} limitations regarding FIDO2 2023-01-26 09:33:24 -05:00
Lennart Poettering
9540782d7b journal: prefix all functions with "server_" that operate on Server objects
Just some search/replace, no real code changes.

The majority of functions already followed this rule, but some did not.
Fix that.
2023-01-26 15:27:51 +01:00
Lennart Poettering
a133189eee journal-file: be a tiny bit more careful with generating seqnums
Let's handle overflows in a vaguely reasonable way, i.e. avoid the
special values 0 and UINT64_MAX
2023-01-26 15:27:16 +01:00
Yu Watanabe
2ed56afeb3 sleep: drop unnecessary temporal vaiable and initialization 2023-01-26 11:27:52 +00:00
Yu Watanabe
d812e104c7 sleep: fetch_batteries_capacity_by_name() does not return -ENOENT 2023-01-26 11:27:20 +00:00
Yu Watanabe
3d23df005e sleep: rename hibernate_delay_sec -> _usec 2023-01-26 11:22:04 +00:00
Lennart Poettering
8f8d7dff54 update TODO 2023-01-26 11:51:50 +01:00
Lennart Poettering
208ff21a40 journald: minor modernizations in kmsg handling code
Nothing earth shattering. Mostly just fixes (and some more careful
checking of the boolean variables we keep)
2023-01-26 11:20:18 +01:00
Lennart Poettering
50bf54ad0a
Merge pull request #26198 from poettering/journal-strict-mode
journal: enforce strict ordering only when writing journal files from journald, but not from journal-remote and similar
2023-01-26 11:19:54 +01:00
Zbigniew Jędrzejewski-Szmek
c26662b241 github/labeller: fix yaml syntax 2023-01-26 10:42:05 +01:00
Zbigniew Jędrzejewski-Szmek
58634a2989 github/labeller: add more match patterns 2023-01-26 10:04:58 +01:00
Lennart Poettering
bd524f497f journal: automatically pick up boot ID in journal_file_append_entry()
Let's pick up the boot ID early if unspecified, in
journal_file_append_entry(). This is symmetric to the fact that we
already pick up the monotonic timestamp in journal_file_append_entry()
if unspecified, and given that the monotonic clock is not too useful
without its boot ID it makes a lot of sense to pick them up at the same
time.

There are two relevant callers of journal_file_append_entry() right now:
journald (which leaves the boot ID unspecified) and journal-remote
(there are also some tests, but those don't matter too much). The former
calls it to store new entries in the journal file, the latter for
converting/processing/merging existing ones (where it passes along the
original boot ID). This new code hence only is relevant on the former,
and using the boot ID of the current system is the right choice for live
generated entries.

Note that this effectively changes little, since the lower-level
function journal_file_append_entry_internal() will copy boot ID stored
in the file header into all records if unspecified, and typically that's
the one of the local system. But strictly speaking this is not the right
thing to do, since we actually might end up appending to journal files
from previous boots. (The lower level function is indirectly used by
various tests, where the copying-from-header logic kinda makes sense
since they are detached from any live messages streaming in from the
host after all).
2023-01-26 09:52:49 +01:00
William Roberts
6ae3bd82d0 sha256: header needs stddef
The sha256 header uses size_t which is within stddef, so add it.

Signed-off-by: William Roberts <william.c.roberts@intel.com>
2023-01-25 22:26:26 +01:00
Lennart Poettering
6713ed7a63 journal: add some line breaks/comments 2023-01-25 22:12:30 +01:00
Lennart Poettering
ce92dc27a1 journal-file: make strict order optional
This is a follow-up for 1d8d483f59ffa62974772fb58a8ef4abe88550ec and
makes the strict ordering by realtime clock within each journal file
optional, not mandatory. It then enables it for all journal files
written by journald, but leaves it off on others (for example those
written by journald-remote).

This relaxes the logic behind writing journal files to the status quo
ante for all cases where the journal files are not generated, but are
merged/processed/propagated. Typically when processing journal records
from many files ordering by realtime clock and monotonic clock are
contradictory, and cannot be universally guaranteed as the records are
interleaved. By enforcing strict rules we would thus end up generating
myriads of separate journal files, each with just a few records in them.

Hence, let's losen restrictions again, but continue to enforce them in
journald, i.e. when we original create the journal files locally.

Note that generally there's nothing really wring with having journal
files with non-monotonically ordered entries by realtime clock. Looking
for records will not be deterministic anymore, but that's inherent to a
realtime clock that jumps up and down. So you won't get the "only"
answer, but still *a* answer that is correct if you seek for a realtime
clock.

This also adds similar logic on the monotonic clock, which is also only
enabled when generating journal files locally. This should be harder to
trigger (as journald will generate the messages, and should run with a
stable boot id and monotonic clock), but let's better be safe than
sorry, and refuse on the lower layer what makes no sense, even if it's
unlikely the higher layer will ever generate records that aren't ordered
by their monotonic clock.
2023-01-25 22:12:29 +01:00
Lennart Poettering
79f7681621
Merge pull request #26204 from poettering/journal-header-compoung-init
journal: use compound initialization for journal file "Header" structure
2023-01-25 21:22:07 +01:00
Luca Boccassi
2f03e5087e
Merge pull request #26179 from medhefgo/boot-no-gnu-efi
boot: Use size_t/unicode string literals
2023-01-25 19:51:24 +00:00
Daan De Meyer
2ecc7a5bca repart: Add roothash to output of all verity siblings
This can be used to match verity partitions together using the repart
JSON output.
2023-01-25 19:50:44 +00:00
Luca Boccassi
37aabb488e
Merge pull request #26195 from mrc0mmand/update-uapi
basic/linux: update l2tp.h
2023-01-25 19:49:00 +00:00
Luca Boccassi
a4e05a6aa7
Merge pull request #26192 from mrc0mmand/fix-errno-check
sysupdate: fix errno check
2023-01-25 19:48:23 +00:00
Daan De Meyer
34b5977015 test-execute: Skip when /sys is read-only
The test depends on /sys being writable, so let's skip it when /sys
is read-only.
2023-01-25 19:47:43 +00:00
Michael Biebl
d173c9ebb0 test: skip firstboot --prompt-keymap check if keymaps are missing
Fixes: #26165
2023-01-25 19:46:33 +00:00
Lennart Poettering
71df05fab3
Merge pull request #26197 from poettering/journal-file-size-t-fix
journal: some trivial size_t array size fixes
2023-01-25 19:04:11 +01:00
Lennart Poettering
c3dd0dcb88 journal: use compound initialization for journal file Header structure 2023-01-25 18:48:31 +01:00
Lennart Poettering
6fe167d0a7 journal-def: fix type of signature to match the actual field in the Header structure 2023-01-25 18:47:05 +01:00
Jan Janssen
a083aed03f boot: Use unicode literals
No changes in behavior.
2023-01-25 15:24:10 +01:00
Jan Janssen
54d9ecc380 boot: Use unsigned for beep counting 2023-01-25 15:23:49 +01:00
Jan Janssen
dede50a715 boot: Replace UINTN with size_t
No changes in behavior.
2023-01-25 15:22:41 +01:00
Lennart Poettering
f2592ef0e1 dlfcn: add new safe_dclose() helper
Let's allow destructing loaded module handles in our usual way that is
fine with NULL handles, and also returns the NULL handle again.
2023-01-25 15:07:35 +01:00
Frantisek Sumsal
ed614f17fc partition: fix build with newer linux/btrfs.h uapi header
linux/btrfs.h needs  to be included after sys/mount.h, as since [0]
linux/btrfs.h includes linux/fs.h causing build errors:

```
In file included from /usr/include/linux/fs.h:19,
                 from ../src/basic/linux/btrfs.h:29,
                 from ../src/partition/growfs.c:6:
/usr/include/sys/mount.h:35:3: error: expected identifier before numeric constant
   35 |   MS_RDONLY = 1,                /* Mount read-only.  */
      |   ^~~~~~~~~
[1222/2169] Compiling C object systemd-creds.p/src_creds_creds.c.o
ninja: build stopped: subcommand failed.
```

See: https://github.com/systemd/systemd/issues/8507

[0] a28135303a
2023-01-25 14:27:18 +01:00
Frantisek Sumsal
a95ff98ec4 basic/linux: update linux uapi headers
IPPROTO_L2TP was moved from linux/l2tp.h to linux/in.h [0], so let's
reflect that change to fix build with newer kernels:

```
In file included from ../src/libsystemd/sd-netlink/netlink-types-genl.c:10:
../src/basic/linux/l2tp.h:16: error: "IPPROTO_L2TP" redefined [-Werror]
   16 | #define IPPROTO_L2TP            115
      |
In file included from ../src/libsystemd/sd-netlink/netlink-types-genl.c:3:
/usr/include/netinet/in.h:85: note: this is the location of the previous definition
   85 | #define IPPROTO_L2TP            IPPROTO_L2TP
      |
cc1: all warnings being treated as errors
```

When at it, update the rest of the headers we ship as well.

[0] 65b32f801b
2023-01-25 14:27:18 +01:00
Lennart Poettering
8c29ac2f8a journal-file: cast file size to to fixed size type
(We generally avoid using off_t for file sizes/offsets, and instead use
uint64_t to get the same behaviour everywhere. Do so here too.)
2023-01-25 14:17:20 +01:00
Lennart Poettering
b45a7215fd journal-file: fix type of array counter 2023-01-25 14:16:44 +01:00
Luca Boccassi
6ec7a722ba
Merge pull request #26193 from aafeijoo-suse/cryptenroll-unlock-fido2-device-man-and-bash-completion-fix
Add missing --unlock-fido2-device to systemd-cryptenroll man and bash-completion
2023-01-25 13:15:13 +00:00
Antonio Alvarez Feijoo
d8c5bd048c
man: add missing --unlock-fido2-device to systemd-cryptenroll 2023-01-25 11:58:19 +01:00
Lennart Poettering
43057bf604 update TODO 2023-01-25 11:54:02 +01:00
Antonio Alvarez Feijoo
4d206f1cf9
bash-completion: add missing --unlock-fido2-device to systemd-cryptenroll 2023-01-25 11:53:50 +01:00
Yu Watanabe
a0344b17dd bootctl-status: several follow-ups for unlink command
Follow-ups for 8702496bfb0205764569782a9a2ebd11fd80e5e8.

- add missing error cause in logging,
- add several missing assertions,
- drop an unnecessary initialization,
- make boot_config_find_in() return negative errno if nothing found,
- and several coding style fixlets.
2023-01-25 10:51:50 +00:00
Yu Watanabe
1b7586df97 bootctl-uki: several follow-ups for inspect_osrel()
Follow-ups for #26124 and #26158.

- use os_release_pretty_name(),
- constify the buffer passed to inspect_osrel(),
- propagate errors in inspect_osrele(), and ignore them in the caller
  side,
- and several coding style fixlets.
2023-01-25 10:51:38 +00:00
Frantisek Sumsal
19615a650b coccinelle: skip the empty-to-null transformation on the macro itself
Since the empty_to_null() function was "macrofied", we need to use a bit
of black magic to make Coccinelle avoid running the transformation on
the macro itself.

Follow-up to ef2409cbde3.
2023-01-25 11:35:06 +01:00
Frantisek Sumsal
d56afce6aa sysupdate: fix errno check 2023-01-25 11:28:46 +01:00