1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-22 13:33:56 +03:00
Commit Graph

45522 Commits

Author SHA1 Message Date
Lennart Poettering
bed0b7dfc0
pid1: warn if people use User=nobody (#16293) 2020-06-26 22:36:39 +02:00
Luca Boccassi
7143b95552 efi: define cache functions inside EFI_ENABLE ifdef
../src/shared/efi-loader.c:738:5: error: redefinition of 'efi_loader_get_config_timeout_one_shot'
 int efi_loader_get_config_timeout_one_shot(usec_t *ret) {
     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../src/shared/efi-loader.c:9:
../src/shared/efi-loader.h:85:19: note: previous definition of 'efi_loader_get_config_timeout_one_shot' was here
 static inline int efi_loader_get_config_timeout_one_shot(usec_t *ret) {
                   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../src/shared/efi-loader.c:776:5: error: redefinition of 'efi_loader_update_entry_one_shot_cache'
 int efi_loader_update_entry_one_shot_cache(char **cache, struct stat *cache_stat) {
     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../src/shared/efi-loader.c:9:
../src/shared/efi-loader.h:89:19: note: previous definition of 'efi_loader_update_entry_one_shot_cache' was here
 static inline int efi_loader_update_entry_one_shot_cache(char **cache, struct stat *cache_stat) {
2020-06-26 22:34:22 +02:00
Frantisek Sumsal
cb713f1696 tree-wide: spellcheck fixes
Most of them were reported by Fossies.org
2020-06-26 22:33:56 +02:00
Zbigniew Jędrzejewski-Szmek
7f56c26d10 NEWS: reorder entries with some minor additions
Let's make this easier for readers by grouping common subjects together.

Roughly: pid1 features, unit file changes, general syntax changes, kernel
options, general defaults, udevd features, networkd and .network/.netdev
features, networkctl, resolved, systemctl, systemd-run, journald, journalctl,
various other tools, low-level dbus and library stuff, documentation.
2020-06-26 19:51:34 +02:00
Luca Boccassi
0cffae953a core: add device mapper to allow-list with DevicePolicy=closed and RootImage
To set up a verity/cryptsetup RootImage the forked child needs to
ioctl /dev/mapper/control and create a new mapper.
If PrivateDevices=yes and/or DevicePolicy=closed are used, this is
blocked by the cgroup setting, so add an exception like it's done
for loop devices (and also add a dependency on the kernel modules
implementing them).
2020-06-26 18:39:45 +02:00
Lennart Poettering
b47261e5cb update TODO 2020-06-26 18:04:52 +02:00
Lennart Poettering
e78228b1b0 update TODO 2020-06-26 15:43:36 +02:00
Lennart Poettering
10f9436c2d
Merge pull request #16281 from poettering/logind-cache-more-efi
logind: cache two more EFI variables in logind
2020-06-26 15:12:57 +02:00
Gaoyi
0090b551e6 Add quotes for -n
According to SC2070, -n doesn't work with unquoted arguments
https://github.com/koalaman/shellcheck/wiki/SC2070

Signed-off-by: Gaoyi <ymuemc@163.com>
2020-06-26 15:12:29 +02:00
Lennart Poettering
22aa58adc9 JOURNAL_FILE_FORMAT: minor markdown fixes 2020-06-26 13:55:18 +02:00
Lennart Poettering
1f19ae0ffb NEWS: add more items for 246 2020-06-26 13:54:54 +02:00
Lennart Poettering
af2697e83d logind: also cache LoaderEntryOneShot EFI variable
With this we are now caching all EFI variables that we expose as
property in logind. Thus a client invoking GetAllProperties() should
only trgger a single read of each variable, but never repeated ones.

Obsoletes: #16190
Fixes: #14828
2020-06-26 10:43:42 +02:00
Lennart Poettering
e8df4eee65 efi-loader: cache LoaderConfigTimeoutOneShot too
The data from this EFI variable is exposed as dbus property, and gdbus
clients are happy to issue GetAllProperties() as if it was free. Hence
make sure it's actually free and cache LoaderConfigTimeoutOneShot, since
it's easy.
2020-06-26 10:43:42 +02:00
Lennart Poettering
6eea6e30ab tmpfile-util: typo fixes 2020-06-26 10:41:52 +02:00
Yu Watanabe
95fc17bf46 util: add missing header guard 2020-06-26 08:02:21 +02:00
Zbigniew Jędrzejewski-Szmek
12d14b7373
Merge pull request #16096 from poettering/journal-hash-fix
journal file hash table hardening + zstd support
2020-06-26 07:27:05 +02:00
Zbigniew Jędrzejewski-Szmek
a79be2f807 hwdb: update for v246
As usual, it seems that there are mostly additions with a smaller amount
of corrections, no big removals.
2020-06-26 05:20:50 +09:00
Zbigniew Jędrzejewski-Szmek
3f11426f52
Merge pull request #16275 from yuwata/network-deprecate-netdevsim
network: deprecate netdevsim support
2020-06-25 18:41:49 +02:00
Łukasz Stelmach
fdf3e48c44 udev: split attribute assignment for MMC cards
Some cards have names consisting only of whitespace characters which
prevents the original rule from matching and assigning ID_SERIAL
properly. With the split rules ID_SERIAL and ID_NAME are assigned
independently and the symlink is created only if both are available the
same way it has worked for partitions.
2020-06-25 18:40:45 +02:00
Luca Boccassi
6d88513e6b portabled: create temp file for unit, not directory
open_tmpfile_linkable is used to create a temporary file in the same
directory as the target, but portabled uses the name of the parent
directory instead of the file it intends to create.
In other words, it creats a tmp for /etc/systemd/system.attached instead
of /etc/systemd/system.attached/foo.service.
It still works because it's later moved in the right place.
But as a side effect, it tries the create the file in the parent directory
which is /etc/systemd, and it case of read-only filesystems it fails.
2020-06-25 18:40:19 +02:00
Christian Göttsche
823e917f13 selinux: check mac_selinux_init() in tests
Since bc8d57f290 mac_selinux_init() is checked and considered fatal
tree-wide.

Coverity complains about it not being checked in the test code.

Follow-up of: #16223
Fixes: CID 1429975
2020-06-25 18:39:42 +02:00
Zbigniew Jędrzejewski-Szmek
0986bb9b95
Merge pull request #16278 from keszybz/fix-man-links
Fix html links
2020-06-25 18:38:37 +02:00
Zbigniew Jędrzejewski-Szmek
66ed28d332
Merge pull request #15624 from poettering/hostnamed-instant
hostnamed: stop caching so much
2020-06-25 18:36:56 +02:00
Zbigniew Jędrzejewski-Szmek
98506a41fe
Merge pull request #15697 from OhNoMoreGit/fix-path-units
Recheck PathExists=, PathExistsGlob=, DirectoryNotEmpty= when triggered unit terminates
2020-06-25 18:23:47 +02:00
Lennart Poettering
5c0102f83f update TODO 2020-06-25 15:03:22 +02:00
Lennart Poettering
c85cf04fa3 compress: do something roughly reasonable when building without compressor 2020-06-25 15:03:18 +02:00
Lennart Poettering
3afe5c00a5 coredump: use log_error_errno() where appropriate 2020-06-25 15:03:13 +02:00
Lennart Poettering
d80b051cea tree-wide: add new HAVE_COMPRESSION compile time flag
let's simplify the checks for ZSTD/LZ4/XZ

As suggested:

https://github.com/systemd/systemd/pull/16096#discussion_r440705585
2020-06-25 15:02:45 +02:00
Lennart Poettering
70cd1e561c docs: document the new journal file format additions 2020-06-25 15:02:41 +02:00
Lennart Poettering
bbcd38e41e docs: import journal file format docs from fdo wiki
Just an import, with no textual changes (some fixed URLs however)
2020-06-25 15:02:34 +02:00
Lennart Poettering
8653185a9e journal: support zstd compression for large objects in journal files 2020-06-25 15:02:18 +02:00
Lennart Poettering
0dbe57ee86 journal-file: when individual hash chains grow too large, rotate
Even with the new keyed hash table journal feature: if an attacker
manages to get access to the journal file id it could synthesize records
that result in hash collisions. Let's rotate automatically when we
notice that, so that a new journal file ID is generated, our performance
is restored and the attacker has to guess a new file ID before being
able to trigger the issue again.

That said, untrusted peers should never get access to journal files in
the first case...
2020-06-25 15:02:00 +02:00
Lennart Poettering
4ce534f4cd journal: use a different hash function for each journal file
This adds a new (incompatible) feature to journal files: if enabled the
hash function used for the hash tables is no longer jenkins hash with a
zero key, but siphash keyed by the file uuid that is included in the
file header anyway. This should make our hash tables more robust against
collision attacks, as long as the attacker has no read access to the
journal files. We switch from jenkins to siphash simply because it's
more well-known and we standardize for the rest of our codebase onto it.

This is hardening in order to make collision attacks harder for clients
that can forge log messages but have no read access to the logs. It has
no effect on clients that have read access.
2020-06-25 15:01:45 +02:00
Lennart Poettering
7851ec6634 journal: make signature arrays const 2020-06-25 15:01:40 +02:00
Lennart Poettering
20b0acfacd journal: rename hash64() to jenkins_hash64()
Let's prefix this with "jenkins_" since it wraps the jenkins hash. We
want to add support for other hash functions to journald soon, hence
better be clear with what this is. In particular as all other symbols
defined by lookup3.h actually are prefixed "jenkins_".
2020-06-25 15:01:36 +02:00
Lennart Poettering
f4474e004d journal-file: rename return parameters to ret_xyz
Let's clean this up a bit, following our usual nomenclature to name
return parameters ret-xyz.

This is mostly a bit of renaming, but there's also some minor other
changes: if we return a pointer to a mmap'ed object plus its offset, in
almost all cases we are happy if either parameter is NULL in case the
caller is not interested in it. Let's fix the remaining case to do this
too, to minimize surprises.
2020-06-25 15:01:22 +02:00
Lennart Poettering
5030c85a3e journal-file: also show field hash table size in debug output 2020-06-25 15:01:17 +02:00
Lennart Poettering
e958c05703 journal-file: simplify boot ID acquiring 2020-06-25 15:01:12 +02:00
Lennart Poettering
cde8c5f722 journal: store NE hash instead of LE hash in Match object
We keep converting forth and back though we never need it in LE. Let's
stop doing those conversions hence.
2020-06-25 15:00:59 +02:00
Lennart Poettering
a76560915f journal-file: use FLAGS_SET where appropriate 2020-06-25 15:00:44 +02:00
Lennart Poettering
e9ece6a0e3 journal: fix definition of _OBJECT_COMPRESSED_MAX
The object flags field is a bitmask, hence don't sloppily define
_OBJECT_COMPRESSED_MAX as one mor than the previous flag. That worked OK
as long as we only had two flags, but will fall apart as soon as we have
three. Let's fix this.

(It's kinda sloppy how the string table is built here, as it will be
quite sparse as soon as we have more enum entries, but let's keep it for
now.)
2020-06-25 15:00:37 +02:00
Lennart Poettering
d1d8f0f369 macro: add CONST_MIN() similar to CONST_MAX() 2020-06-25 15:00:09 +02:00
Zbigniew Jędrzejewski-Szmek
4a5a01ccdd man: reword awkward sentence 2020-06-25 14:41:44 +02:00
Zbigniew Jędrzejewski-Szmek
55cf7779f2 man: fix various internal references
Found with linkchecker.
2020-06-25 14:41:44 +02:00
Zbigniew Jędrzejewski-Szmek
b7a4734551 man: fix links to various external man pages
In cases where we used both die-net and man-pages for the same reference,
I switched to use man-pages everywhere.
2020-06-25 14:41:44 +02:00
Lennart Poettering
f49bead3b0
Merge pull request #16257 from keszybz/two-fuzzer-issues
Two fuzzer issues
2020-06-25 14:40:35 +02:00
Lennart Poettering
b7d81d19cc
Merge pull request #16249 from bluca/root_verity_sig
Verity: add support for root hash signature
2020-06-25 13:53:17 +02:00
Lennart Poettering
d7f4ad203a hostnamed: minimize caching of /etc/hostname, /etc/os-release and /etc/machine-info
Instead of reading these files at startup and never again, let's read
them when we need them. As an optimization (in particular as some of
these files contain the data for many fields at once) let's cache the
results as long as the stat data (i.e. mtime) remains stable.

Also, while we are at it, if we can't read any of these props, let's not
fail everything, but continue without the data.
2020-06-25 13:49:11 +02:00
Lennart Poettering
aa994368c9 hostnamed: don't cache local hostname either
Querying the current hostname is cheap, hence let's not cache it. That
way it is much less likely we'll return out-of-date data.
2020-06-25 13:49:07 +02:00
Evgeny Vereshchagin
a055076988 ci: free up some resources on Pipelines
Now that CIFuzz supports all the sanitizers we use and ALLOWED_BROKEN_TARGETS_PERCENTAGE
we no longer need that bash script.
2020-06-25 10:48:57 +02:00