1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-23 17:34:00 +03:00
Commit Graph

37569 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
c512dfb9ac meson: print EFI CC configuration nicely
In 595343fb4c it was converted to an array.
This doesn't look good in the output. Let's convert it back to a string.
2018-12-18 12:20:01 +01:00
Zbigniew Jędrzejewski-Szmek
3fa3dc9e44 meson: rename two more variables from _c to _sources
_c is misleading because .h files should be included in those lists too
(this tells meson that the build outputs should be rebuilt if the header
files change).

Follow-up for 1437822638.
2018-12-18 12:19:52 +01:00
Zbigniew Jędrzejewski-Szmek
2811184a09 systemctl: add comment why whitespace in message is needed 2018-12-18 12:18:49 +01:00
Zbigniew Jędrzejewski-Szmek
a8040b6d0a dissect-image: wait for the main device and all partitions to be known by udev
Fixes #10526.

Even if we waited for the root device to appear, the mount could still fail if
we didn't wait for udev to initalize the device. In particular, the
/dev/block/n:m path used to mount the device is created by udev, and nspawn
would sometimes win the race and the mount would fail with -ENOENT.

The same wait is done for partitions, since if we try to mount them, the same
considerations apply.

Note: I first implemented a version which just does a loop (with a short wait).
In that approach, udev takes on average ~800 µs to initialize the loopback
device. The approach where we set up a monitor and avoid the loop is a bit
nicer. There doesn't seem to be a significant difference in speed.
With 1000 invocations of 'systemd-nspawn -i image.squashfs echo':

loop (previous approach):
real	4m52.625s
user	0m37.094s
sys	2m14.705s

monitor (this patch):
real	4m50.791s
user	0m36.619s
sys	2m14.039s
2018-12-17 13:50:57 +01:00
Zbigniew Jędrzejewski-Szmek
b887c8b8a8 dissect-image: wait for the root to appear
dissect-image would wait for the root device and paritions to appear. But if we
had an image with no partitions, we'd not wait at all. If the kernel or udev
were slow in creating device nodes or symlinks, subsequent mount attempt might
fail if nspawn won the race.

Calling wait_for_partitions_to_appear() in case of no partitions means that we
verify that the kernel agrees that there are no partitions. We verify that the
kernel sees the same number of partitions as blkid, so let's that also in this
case.

This makes the failure in #10526 much less likely, but doesn't eliminate it
completely. Stay tuned.
2018-12-17 13:50:57 +01:00
Zbigniew Jędrzejewski-Szmek
ea887be00b dissect-image: split out a chunk of dissect_image() out
No functional change, just moving code around.
2018-12-17 13:50:57 +01:00
Zbigniew Jędrzejewski-Szmek
ed435031a5 rfkill: move wait_for_initialized() to shared/
The function interface is the same, except that the output pointer may be NULL.

The implementation is slightly simplified by taking advantage of changes in
ancestor commit 'sd-device: attempt to read db again if it wasn't found', by
not creating a new sd_device object before re-checking the is_initialized
status.

v2:
- In v1, the old object was always used and the device received back from the
  sd_device_monitor_start callback was ignored. I *think* the result will be
  equivalent in both cases, because by the time we the callback gets called,
  the db entry in the filesystem will also exist, and any subsequent access to
  properties of the object would trigger a read of the database from disk. But
  I'm not certain, and anyway, using the device object received in the callback
  seems cleaner.
2018-12-17 13:50:51 +01:00
Zbigniew Jędrzejewski-Szmek
11c49e6df5 sd-device: remove holes in struct sd_device
Normally, we don't care too much about what pahole reports. But this structure
could potentially be allocated for every device on the system, i.e. in a large
number of copies. 5 vs 7 cache lines is nice.

/* size: 400, cachelines: 7, members: 53 */
/* sum members: 330, holes: 12, sum holes: 70 */
/* last cacheline: 16 bytes */

/* size: 320, cachelines: 5, members: 53 */
/* bit holes: 1, sum bit holes: 6 bits */
/* bit_padding: 5 bits */
2018-12-17 12:29:28 +01:00
Zbigniew Jędrzejewski-Szmek
dc5042c0a3 sd-device: pass timestamp internally as usec_t not char* 2018-12-16 20:58:45 +01:00
Zbigniew Jędrzejewski-Szmek
ebcc52fad6 sd-device: reduce the number of implementations of device_read_db() we keep around
We had two very similar functions: device_read_db_aux and device_read_db,
and a number of wrappers for them:

device_read_db_aux
  ← device_read_db (in sd-device.c)
    ← all functions in sd-device.c, including sd_device_is_initialized

  ← device_read_db_force
     ← event_execute_rules_on_remove (in udev-event.c)

device_read_db (in device-private.c)
  ← functions in device_private.c (but not device_read_db_force):
    device_get_devnode_{mode,uid,gid}
    device_get_devlink_priority
    device_get_watch_handle
    device_clone_with_db
    ← called from udevadm, udev-{node,event,watch}.c

Before 7141e4f62c (sd-device: don't retry loading
uevent/db files more than once), the two implementations were the same. In that
commit, device_read_db_aux was changed. Those changes were reverted in the parent
commit, so the two implementations are now again the same except for superficial
differences. This commit removes device_read_db (in sd-device.c), and renames
device_read_db_aux to device_read_db_internal and makes everyone use this one
implementation. There should be no functional change.
2018-12-16 20:17:39 +01:00
Zbigniew Jędrzejewski-Szmek
cd53c8f97d sd-device: attempt to read db again if it wasn't found
This mostly reverts "sd-device: don't retry loading uevent/db files more than
once", 7141e4f62c. We will retry if we couldn't
access the file, but not if parsing failed.

Not re-reading the database at all just doesn't seem like a good idea. We have
two implementations of device_read_db, and one does that, and the other retries
to read the db. Re-reading seems more useful, since we can create the object
and then access properties as some later time when we know that the device has
been initialized and we can get useful results. Otherwise, we force the user to
destroy this object and create a new one.

This changes device_read_uevent_file() and device_read_db_aux(). See next
commit for description of where those functions are used.
2018-12-16 19:52:58 +01:00
Zbigniew Jędrzejewski-Szmek
421e3b45f0 NEWS: typos and wording adjustments 2018-12-13 11:10:07 +01:00
Franck Bui
d610d20125 vconsole-setup: fonts copy will fail if the current terminal is in graphical mode
If the terminal is in graphical mode, the kernel will refuse to copy the fonts
and will return -EINVAL.

Also having the graphical mode in effect probably indicates that the terminal
is in used by another application and we shouldn't interfer in such cases.
2018-12-13 08:30:20 +01:00
Chris Down
0c17c00433
Merge pull request #11131 from poettering/make-lucab-happy
optionally relabel additional files/dirs for selinux after loading policy
2018-12-12 23:17:39 +00:00
Lennart Poettering
6b1ab752c2 NEWS: initialy version of NEWS
Needs lots of updates still, but let's get the party started.
2018-12-12 21:31:01 +01:00
Sam Morris
4b987478b0 resolved: have the stub resolver listen on both TCP and UDP by default
RFC7766 section 4 states that in the absence of EDNS0, a response that
is too large for a 512-byte UDP packet will have the 'truncated' bit
set. The client is expected to retry the query over TCP.

Fixes #10264.
2018-12-12 21:21:04 +01:00
Chris Down
cb5e3bc37d cgroup: Don't explicitly check for member in UNIT_BEFORE
The parent slice is always filtered ahead of time from UNIT_BEFORE, so
checking if the current member is the same as the parent unit will never
pass.

I may also write a SLICE_FOREACH_CHILD macro to remove some more of the
parent slice checks, but this requires a bit of a rework and general
refactoring and may not be worth it, so let's just do this for now.
2018-12-12 20:50:10 +01:00
tibbling
2cf0b2fe2d timedated: Add dbus method to retrieve list of time zones (#11114)
Move function call get_timezones from timedatectl to timedated and
create a dbus method to list timezones.
2018-12-12 20:49:04 +01:00
Chris Down
e92aaed30e tree-wide: Remove O_CLOEXEC from fdopen
fdopen doesn't accept "e", it's ignored. Let's not mislead people into
believing that it actually sets O_CLOEXEC.

From `man 3 fdopen`:

> e (since glibc 2.7):
> Open the file with the O_CLOEXEC flag. See open(2) for more information. This flag is ignored for fdopen()

As mentioned by @jlebon in #11131.
2018-12-12 20:47:40 +01:00
Lennart Poettering
70a74ec645 mount-setup: don't consider it reason to fail if we can't relabel cgroupfs
We usually don't care much about relabel failures, let's not do that
here either.
2018-12-12 20:46:07 +01:00
Lennart Poettering
c4217b43d1 mount-setup: use FOREACH_STRING where appropriate 2018-12-12 20:46:07 +01:00
Lennart Poettering
65e183d789 mount-setup: optionally, relabel a configured set of files/dirs after loading policy
Fixes: #10466
2018-12-12 20:46:07 +01:00
Zbigniew Jędrzejewski-Szmek
9be3c60570
Merge pull request #10892 from mbiebl/revert-systemctl-runtime-unmask-breakage
Revert "systemctl: when removing enablement or mask symlinks, cover both /run and /etc
2018-12-12 14:23:04 +01:00
Lennart Poettering
c108ee33bc
Merge pull request #11121 from poettering/daemon-reload-race-fix
daemon reload race fix
2018-12-12 13:47:07 +01:00
Lennart Poettering
a95c0505ad core: extend comments regarding coldplug() vs. catchup() 2018-12-12 11:20:53 +01:00
Lennart Poettering
a1c7334b61 core: when a unit state changes only propagate to jobs after reloading is complete
Previously, we'd immediately propagate unit state changes into any jobs
pending for them, always. With this we only do this if the manager is
out of the "reload" state. This fixes the problem #8803 tried to
address, by simply not completing jobs until after the reload (and thus
reestablishment of the dbus connection) is complete.

Note that there's no need to later on explicitly catch up with the
missed job state changes (i.e. there's no need to call
unit_process_job() later one explicitly). That's because for jobs in
JOB_WAITING state on deserialization all jobs are requeued into the run
queue anyway, and thus checked again if they can complete now. And for
JOB_RUNNING jobs unit_catchup() phase is going to trigger missed out
state changes *after* the reload complete anyway (after all that's what
distinguishes from unit_coldplug()).

Replaces: #8803
2018-12-12 11:15:07 +01:00
Lennart Poettering
16c74914d2 core: split out all logic that updates a Job on a unit's unit_notify() invocation
Just some refactoring, no change in behaviour.
2018-12-12 11:15:07 +01:00
Lennart Poettering
b17c9620c8 core: rework how we deserialize jobs
Let's add a helper call unit_deserialize_job() for this purpose, and
let's move registration in the global jobs hash table into
job_install_deserialized() so that it it is done after all superficial
checks are done, and before transitioning into installed states, so that
rollback code is not necessary anymore.
2018-12-12 11:15:07 +01:00
Lennart Poettering
48235ad6b7 job: be more careful when removing job object from jobs hash table
Let's validate that the ID is actually allocated to us before remove a
job.

This is relevant as various bits of code will call job_free() on
partially set up Job objects, and we really shouldn't remove another job
object accidentally from the hash table, when the set up didn't
complete.
2018-12-12 11:15:07 +01:00
Lennart Poettering
4a53080be6 core: don't track jobs-finishing-during-reload explicitly
Memory management is borked for this, and moreover this is unnecessary
since f0831ed2a0, i.e. since coldplug() and catchup() are two different
concepts: the former restoring the state from before a reload, the
latter than adjusting it again to the actual status in effect after the
reload.

Fixes: #10716
Mostly reverts: #8803
2018-12-12 11:15:06 +01:00
Lennart Poettering
728ba51e98 job: update job_free() to follow our usual return-NULL style 2018-12-12 11:14:26 +01:00
Lennart Poettering
8aa7e29db7
Merge pull request #11122 from keszybz/tmpfiles-man
Improvements to tmpfiles.d man page
2018-12-12 10:13:21 +01:00
Zbigniew Jędrzejewski-Szmek
06da5c63dd meson: make net.naming-scheme= default configurable
This is useful for distributions, where the stability of interface names should
be preseved after an upgrade of systemd. So when some specific release of the
distro is made available, systemd defaults to the latest & greatest naming
scheme, and subsequent updates set the same default. This default may still
be overriden through the kernel and env var options.

A special value "latest" is also allowed. Without a specific name, it is harder
to verride from meson. In case of 'combo' options, meson reads the default
during the initial configuration, and "remembers" this choice. When systemd is
updated, old build/ directories could keep the old default, which would be
annoying. Hence, "latest" is introduced to make it explicit, yet follow the
upstream. This is actually useful for the user too, because it may be used
as an override, without having to actually specify a version.
2018-12-12 10:09:36 +01:00
Lennart Poettering
f7e81fd96f udev: introduce udev net_id "naming schemes"
With this we can stabilize how naming works for network interfaces. A
user can request through a kernel cmdline option or an env var which
scheme to follow. The idea is that installers use this to set into stone
(a very soft stone though) the scheme used during installation so that
interface naming doesn't change afterwards anymore.

Why use env vars and kernel cmdline options, and not a config file of
its own?

Well, first of all there's no obvious existing one to use. But more
importantly: I have the feeling that this logic is kind of an incomplete
hack, and I simply don't want to do advertise this as a perfectly
working solution. So far we used env vars for the non-so-official
options and proper config files for the official stuff. Given how
incomplete this logic is (i.e. the big variable for naming remains the
kernel, which might expose sysfs attributes in newer versions that we
check for and didn't exist in older versions — and other problems like
this), I am simply not confident in giving this first-class exposure in
a primary configuration file.

Fixes: #10448
2018-12-11 23:29:46 +01:00
Zbigniew Jędrzejewski-Szmek
6a89d671df man: add a note that /var/run should not be used in tmpfiles 2018-12-11 22:21:25 +01:00
Zbigniew Jędrzejewski-Szmek
d7ef125726 core: fix typo in comment 2018-12-11 22:20:07 +01:00
Zbigniew Jędrzejewski-Szmek
abcb67ceed man: rewrite the general description of tmpfiles
We would describe tmpfiles.d through what systemd-tmpfiles does with them, but
I think it's better to start with a geneneral statement what they are. Also,
let's make the description of volatile file systems less prominent.

Also, strenghten the advice to use RuntimeDirectory and mention
{Cache,Logs,Configuration,State}Directory=.
2018-12-11 22:20:07 +01:00
Zbigniew Jędrzejewski-Szmek
488e435253 man: reword tmpfiles.d descriptions to refer less to previous descriptions
I think it is OK if some option is described as "similar to ..., but in
addition ...", as long as the "in addition" part is strictly additive this is
unambiguous. Otherwise, we'd have to repeat a lot of text, and then we'd
probably forget to adjust some of the descriptions when doing changes.

But when the "in addition" part is about replacing or removing parts of
functionality, it is better to avoid this pattern and describe the later option
from scratch.

Some paragraph breaks are added and minor changes made. UID/GID is changed to
user/group, since we generally expect user/group names to be used, not numeric
ids.

Fixes #11115.
2018-12-11 22:20:07 +01:00
Chris Down
912b4547b5 Always explicitly discard popped stream type from __fsetlocking
No biggie, but I noticed this while looking into bus_match_to_string.
2018-12-11 18:49:54 +01:00
Lennart Poettering
b2c9e8e187
Merge pull request #11100 from abogdanenko/udev-test-check-perm
udev-test: check if permitted to create block device nodes
2018-12-11 17:37:57 +01:00
Lennart Poettering
12d1b1f794
Merge pull request #11119 from cdown/news
NEWS: Add some cgroup related updates
2018-12-11 17:37:09 +01:00
Chris Down
a8467688ca NEWS: Add DisableControllers= to v240 2018-12-11 15:54:20 +00:00
Chris Down
23305a292c NEWS: Add that CPUAccounting=yes may not enable CPU controller in v240 2018-12-11 15:54:20 +00:00
Alexey Bogdanenko
dbfbc6c4e3 udev-test: check if permitted to create block device nodes 2018-12-11 16:55:34 +03:00
Alexey Bogdanenko
a680beb2fe udev-test: add message to show why test-udev failed
Before:

    Assertion 'mknod(devname, mode, devnum) == 0' failed at ../src/test/test-udev.c:116, function run(). Aborting.
    Assertion 'unlink(devname) == 0' failed at ../src/test/test-udev.c:118, function run(). Aborting.

After:

    mknod() failed for '/dev/sda': Operation not permitted
    unlink('/dev/sda') failed: No such file or directory
2018-12-11 16:55:34 +03:00
Zbigniew Jędrzejewski-Szmek
489fae526d nspawn: check cg_ns_supported() just once
cg_ns_supported() caches, so the condition was really checked just once, but
it looks weird to assign the return value to arg_use_cgns (if the variable is not present),
because then the other checks are effectively equivalent to
  if (cg_ns_supported() && cg_ns_supported()) { ...
and later
  if (!cg_ns_supported() || !cg_ns_supported()) { ...
2018-12-11 13:37:41 +00:00
Evgeny Vereshchagin
ba958bb18b
Merge pull request #11099 from abogdanenko/udev-test-fix-missing-dir
udev-test: fix skip condition and missing directory test/run
2018-12-11 14:48:29 +03:00
Lennart Poettering
66944c14f3
Merge pull request #11107 from keszybz/udevadm-info-args
Allow multiple args in udevadm info
2018-12-11 12:12:58 +01:00
Lennart Poettering
c920748289
Merge pull request #11116 from keszybz/predictable-interface-names
Predictable interface names
2018-12-11 12:12:22 +01:00
Zbigniew Jędrzejewski-Szmek
ff0fa50432
Merge pull request #11083 from poettering/nspawn-settings-fixes
read nspawn's .nspawn files before validating configuration
2018-12-11 11:52:23 +01:00