1
0
mirror of https://github.com/systemd/systemd.git synced 2025-03-28 02:50:16 +03:00

80330 Commits

Author SHA1 Message Date
Daan De Meyer
e213ecd484
test: Make it possible to run the integration tests standalone (#36868)
Currently, to run the integration tests, it's still necessary to
install various other build tools besides meson: A compiler, gperf,
libcap, ... which we want to avoid in CI systems where we receive
prebuilt systemd packages and only want to test them. Examples are
Debian's autopkgtest CI and Fedora CI. Let's make it possible for
these systems to run the integration tests without having to install
any other build dependency besides meson by extracting the logic
required to run the integration tests with meson into a separate
subdirectory and adding a standalone top-level meson.build file which
can be used to configure a meson tree with as its only purpose running
the integration tests.

Practically, we do the following:
- all the integration test directories and integration-test-wrapper.py
  are moved from test/ to test/integration-tests/.
- All the installation logic is kept out of test/integration-tests/ or
  any of its subdirectories and moved into test/meson.build instead.
- We add test/integration-tests/standalone/meson.build to run the
  integration tests standalone. This meson file includes
  test/integration-tests via a cute symlink hack to trick meson into
  including a parent directory with subdir().
- Documentation is included on how to use the new standalone mode.
2025-03-27 21:38:00 +01:00
Daan De Meyer
d9f48358bd test: Make it possible to run the integration tests standalone
Currently, to run the integration tests, it's still necessary to
install various other build tools besides meson: A compiler, gperf,
libcap, ... which we want to avoid in CI systems where we receive
prebuilt systemd packages and only want to test them. Examples are
Debian's autopkgtest CI and Fedora CI. Let's make it possible for
these systems to run the integration tests without having to install
any other build dependency besides meson by extracting the logic
required to run the integration tests with meson into a separate
subdirectory and adding a standalone top-level meson.build file which
can be used to configure a meson tree with as its only purpose running
the integration tests.

Practically, we do the following:
- all the integration test directories and integration-test-wrapper.py
  are moved from test/ to test/integration-test/.
- All the installation logic is kept out of test/integration-test/ or
  any of its subdirectories and moved into test/meson.build instead.
- We add test/integration-test/standalone/meson.build to run the
  integration tests standalone. This meson file includes
  test/integration-test via a cute symlink hack to trick meson into
  including a parent directory with subdir().
- Documentation is included on how to use the new standalone mode.
- TEST-64-UDEV-STORAGE and TEST-85-NETWORK are changed to generate separate
  units for each testcase to make them behave more like the other integration
  tests.
2025-03-27 21:37:13 +01:00
ZIHCO
72586a971b ac-power: update the help output to use the ansi-color functions 2025-03-27 14:58:08 +09:00
Yu Watanabe
e2c801e767
core: drop manager_get_unit_by_pid() and friends (#36872)
Except for one place, they are only used by test-watch-pid. Let's also
use manager_get_unit_by_pidref() and friends in the test, and drop the
_pid() variants.
2025-03-27 06:10:53 +09:00
msizanoen
85d00912c0 core/cgroup: Properly handle aborting a pending freeze operation
We must thaw the cgroup even if cgroup.events/frozen=0 if a freeze
operation is in flight as it means the cgroup is already partially
frozen.
2025-03-26 21:39:50 +01:00
Yu Watanabe
3432d5e21f
coredump: make sure pid1/journal coredumps are not lost when Storage=journal is selected (#36870)
It confused the hell of me, that if pid1 crashes in an mkosi system run
from the build tree there's no coredump kept. Because mkosi configures
journal storage for coredumps, but that's not going to work for pid1 or
journald. Hence use external storage for these two even if everything
else is stored in the journal.
2025-03-27 04:27:01 +09:00
Yu Watanabe
eb3554666e core: drop unused wrappers of manager_get_unit_by_pidref() and friends 2025-03-27 04:15:43 +09:00
Yu Watanabe
56691ea753 test-watch-pid: use pidref_safe_fork() with FORK_FREEZE
Then, use pidref version of functions.
2025-03-27 04:13:54 +09:00
Yu Watanabe
017f9bc1d7 test-watch-pid: move required test conditions to intro()
Follow-up for 7bcd76513a61f8f16f2cc9b291895779c7c367fe.
2025-03-27 03:57:02 +09:00
Lennart Poettering
ed2e3a8404 coredump: do not disable removal of temporary coredump file 2025-03-26 11:37:15 -04:00
Lennart Poettering
dc8e3118f9 coredump: make sure we initialize all return parameters on success of save_external_coredump() 2025-03-26 11:37:11 -04:00
Lennart Poettering
5125a0b8fa coredump: do not remove PID1/journal coredumps if Storage=journal is used
We always redirect PID1/journal coredumps directly onto disk instead of
the journal even if that's configured because that might cause a
deadlock because we are still pinning the old journal process while
processing the coredump. However, so far we then immediately deleted the
coredumps because of Storage=journal, which is very annoying, since
there's hence no copy kept whatsoever.

Let's hence exclude PID1+journal from the removal.

This in particulary brings the code in line with the log messages which
claim we kept the file around but we actually did not.
2025-03-26 11:37:08 -04:00
Lennart Poettering
2d0bcf1e02 coredump: rename fix_permissions() → fix_permissions_and_link()
The function doesn't just adjust permissions, it actually moves the
file into place. The function name should really make this fundamental
fact clear.
2025-03-26 11:33:38 -04:00
Luca Boccassi
3d9f3420b5
test: update to use the new ASSERT_OK() macro and friends (#36838)
Converted the unitest implemented in src/test/test-watch-pid.c that
still uses assert_se() to use the new ASSERT_OK() macro and friends.
2025-03-26 15:21:55 +00:00
Daan De Meyer
b4b1d94a09 meson: Drop project_source_root and project_build_root variables
We can now rely on meson.project_source_root() and meson.project_build_root()
which do the same thing.
2025-03-26 14:45:34 +01:00
Daan De Meyer
d22ffb44c1 tree-wide: Update outdated docs on removed old integration test stuff 2025-03-26 14:40:14 +01:00
Daan De Meyer
5944dc07cf Revert "test: dynamically generate list of test cases"
We want to decouple the integration tests in meson from the
rest of the source files so the integration tests can be run
without the source files available. Let's revert the change to
dynamically figure out the test cases from the networkd tests for
now so that the tests can be generated without the test source file
being available.

This reverts commit 514458604b29663bc02c9d0e310f06e0ed682ae9.
2025-03-26 14:40:14 +01:00
Daan De Meyer
420b875ccb README: Drop test packages
This has bitrotted so let's just drop it as it's woefully out of date
and not really in the right location to be useful to anyone.
2025-03-26 14:40:14 +01:00
Daan De Meyer
20a4f117d9 test: Make sure serial is always set explicitly for scsi-hd qemu devices
Now that mkosi uses -blockdev instead -drive, the device_id property
of scsi-hd devices is not populated automatically anymore so we have to
make sure to always specify serial= to make sure /dev/disk/by-id is populated
as expected in the test.
2025-03-26 14:40:14 +01:00
Daan De Meyer
8a87f70e3b mkosi: Add back .mkosi-private/ to .gitignore
Required to exclude the history data;
2025-03-26 14:40:14 +01:00
ZIHCO
7bcd76513a test: update to use DEFINE_TEST_MAIN_WITH_INTRO() macro 2025-03-26 11:55:30 +00:00
ZIHCO
a87a1669a4 test: update to use the new ASSERT_OK() macro and friends 2025-03-26 11:55:30 +00:00
Steve Ramage
3e2c67bfb4 man: Add AssertVersion= to documentation (#36862) 2025-03-26 16:11:59 +09:00
Luca Boccassi
1cc8e4a183
logind: inhibitor fixups (#36817) 2025-03-26 00:22:27 +00:00
Nick Rosbrook
971fb3b0bc polkit: use -EBUSY to indicate shortcut after error or denial
Commit 536c18e5c3 ("bus-polkit: shortcut auth. after first denial")
added logic to async_polkit_query_check_action() that returns
-EALREADY when a failure or denial decision was made for a previous
action.

Tweak this to return -EBUSY instead of -EALREADY. This hopefully makes
the intent of the error more clear. EALREADY suggests that the request
is OK, but polkit is processing something else, and we should come back
later. EBUSY suggests that polkit is busy or unusable, hence the
request cannot be processed, and we should go away.
2025-03-25 16:15:34 -04:00
Nick Rosbrook
bc3a11097f login: add polkit example rules for allowing root to ignore inhibitors
The semantics of strong inhibitors require that POLKIT_ALWAYS_QUERY
always be set when checking if we can allow blocking inhibitors to be
ignored on shutdown, reboot, etc. With the default polkit rules and
policy, users may experience a situation where users in the sudo group
are authorized to run:

 systemctl reboot --check-inhibitors=no

but the root user is not authorized. Instead, the following error is
given:

 Call to Reboot failed: Interactive authentication required.

While this is correct according to the semantics of strong inhibitors,
it is confusing. To help the situation, provide example polkit rules
that allow root to perform these actions.

Finally, when root receives SD_BUS_ERROR_INTERACTIVE_AUTHORIZATION_REQUIRED
when calling e.g. systemctl reboot, print a message explaining that this
is due to the current polkit policy, and point to the new example rule.

Related: https://github.com/systemd/systemd/issues/36786
2025-03-25 16:15:34 -04:00
Nick Rosbrook
4b1e7a5822 login: handle -EALREADY from bus_verify_polkit_async_full()
Commit 536c18e5c3 ("bus-polkit: shortcut auth. after first denial")
added logic to async_polkit_query_check_action() that returns
-EALREADY when a failure or denial decision was made for a previous
action.

This has the consequence that root is able to ignore inhibitors and
shutdown etc. even when polkit explicitly denies it. This is because
when systemctl's verb_start_special() calls logind_reboot(), unless
the call succeeds or returns one of -EACCES, -EOPNOTSUPP, or
-EINPROGRESS, a fallback path is taken to attempt the action without
going through logind. Hence, since logind_reboot() started returning
-EALREADY in some cases, the fallback path was taken, and the shutdown
was performed anyways.

For example:

 root@ubuntu:/# cat /etc/polkit-1/rules.d/10-systemd-logind-no-skip-inhibitors.rules
 // Never allow strong inhibitors to be ignored.
 polkit.addRule(function(action, subject) {
     if ((action.id == "org.freedesktop.login1.power-off-ignore-inhibit" ||
          action.id == "org.freedesktop.login1.reboot-ignore-inhibit" ||
          action.id == "org.freedesktop.login1.halt-ignore-inhibit" ||
          action.id == "org.freedesktop.login1.suspend-ignore-inhibit" ||
          action.id == "org.freedesktop.login1.hibernate-ignore-inhibit")) {

         return polkit.Result.NO;
     }
 });
 root@ubuntu:/# systemctl reboot -i
 Call to Reboot failed: Operation already in progress

..but the reboot continues anyways due to the fallback.

To fix this, add logic in systemd-logind's verify_shutdown_creds() to
handle -EALREADY from bus_verify_polkit_async_full(): if we receive
-EALREADY when checking authorization for <action>-multiple-sessions,
and we are blocked on inhibitors, continue on to get the decision for
<action>-ignore-inhibit directly.

While here, add similar logic to method_inhibit(), which may need to
verify multiple polkit actions in a single call.

Fixes 536c18e5c33fd682fcd38d228b46a339adbe150b
2025-03-25 16:15:34 -04:00
Nick Rosbrook
94a5969b31 polkit: fix the ordering of a log message 2025-03-25 16:15:34 -04:00
Luca Boccassi
1a5f9b2caf
tools/check-version-history: avoid DeprecationWarning with newer lxml (#36860)
We get the same warning thousands of times:
/work/src/tools/check-version-history.py:28: FutureWarning: This search
incorrectly ignores the root element, and will be fixed in a future
version. If you rely on the current behaviour, change it to

"./refsynopsisdiv/funcsynopsis/funcprototype/funcdef/function[.='udev_device_get_properties_list_entry']"

We also need to update the ignorelist to the new form.
2025-03-25 19:34:44 +00:00
Zbigniew Jędrzejewski-Szmek
011cb5c1d7 gitignore: add .mkosi-private/ to the list again
It was dropped in 9f9da8a1c61a01d6367d517d2e8dcfa85ae6795d and is
messing up CI now.
2025-03-25 17:37:48 +01:00
Zbigniew Jędrzejewski-Szmek
8d4eda524a tools/check-version-history: avoid DeprecationWarning with newer lxml
We get the same warning thousands of times:
/work/src/tools/check-version-history.py:28: FutureWarning: This search incorrectly
ignores the root element, and will be fixed in a future version. If you rely on the
current behaviour, change it to
"./refsynopsisdiv/funcsynopsis/funcprototype/funcdef/function[.='udev_device_get_properties_list_entry']"

We also need to update the ignorelist to the new form.
2025-03-25 17:16:16 +01:00
Daan De Meyer
9f9da8a1c6 mkosi: Add two more mkosi entries to .gitignore
Also get rid of a bunch of outdated entries that don't apply anymore.
2025-03-25 15:09:40 +00:00
Daan De Meyer
9ed7019520 mkosi: update fedora commit reference
* 13d523f84d Relax dependencies from noarch packages on archful packages for OBS builds
* 59378485be Remove purge-nobody-user script
* d1380dc114 Add more services to %post for udev and networkd
* 6f0d03443d Fix paths for /usr/sbin/nologin and related progs
* df9a74d530 Make the source tarball glob in the test script more generic
2025-03-25 15:09:11 +00:00
Daan De Meyer
52b4371807 test: Disable pager in integration test units
Integration test units are now connected to the tty when running
interactively, so let's make sure we disable the pager to avoid tests
hanging in the pager.
2025-03-25 12:35:23 +01:00
Luca Boccassi
a372936346
Trivial updates for docs and comments (#36854) 2025-03-25 10:37:42 +00:00
Zbigniew Jędrzejewski-Szmek
4dd94e5ba1 man/systed.swap: update description of implicit deps
This changed in e3e6f996894f0eea0e766b4194922f5c7235fb01.
Closes https://github.com/systemd/systemd/issues/36761.
2025-03-25 10:40:12 +01:00
Zbigniew Jędrzejewski-Szmek
7a468f277b man/systemd-remount-fs: fix grammar 2025-03-25 10:37:12 +01:00
Zbigniew Jędrzejewski-Szmek
a0064690c6 man/varlinkctl: remove unneeded absolute path in example 2025-03-25 10:37:12 +01:00
Zbigniew Jędrzejewski-Szmek
aa0f0dd814 remount-fs: adjust comment 2025-03-25 10:37:00 +01:00
Zbigniew Jędrzejewski-Szmek
c4876f604b
Ratelimit attempts to open watchdog, increase logging (#35708) 2025-03-24 21:06:57 +01:00
Luca Boccassi
b065ff03b1 man: fix typo in org.freedesktop.systemd1.xml 2025-03-24 18:25:29 +00:00
Busayo Dada
86960038ef test: update to use the new ASSERT_OK() macro and friends 2025-03-24 15:46:13 +00:00
Yu Watanabe
dadaad157e man/timedatectl: add reference to systemd.time(7)
Closes #36839.
2025-03-24 12:59:27 +00:00
Luca Boccassi
5aee5bda1a
tree-wide: introduce LOG_ITEM() macro for verifying format string (#36780)
This introduce `LOG_ITEM()` macro that checks format strings in
log_struct() and friends.

Hopefully, this silences false-positive warnings by Coverity.
2025-03-24 12:58:14 +00:00
Yu Watanabe
f0cfb6a791 man/networkd.conf: revert unexpected replacement of PersistLeases= setting
The entry was unexpectedly replaced by the commit
418f2dc75564330d4ff6c86193f4a3c8ffbb1f1b (v256).
This reverts the change.

Fixes #36837.
2025-03-24 11:30:23 +00:00
Daan De Meyer
d2c1242c6d user-record: Allow/strip status for mask/extract privileged helpers
If we're using these helpers, we want to split a user record into two,
one with the privileged section, and one without. This should work even
when the user record has a "status" section, so adapt the helpers to
account for that.
2025-03-24 11:36:16 +01:00
Zbigniew Jędrzejewski-Szmek
a9cee8f4de core/manager: do not exclude watchdog logic from busy-loop protection
As reported in https://github.com/systemd/systemd/issues/35405, if the watchdog
ping failed, we effectively started a busy loop here. The previous commits
should fix this, but in general, the protection here is intended as a safety
net in case the logic is broken somewhere else. We shouldn't exclude the
watchdog stuff from this.
2025-03-24 10:45:49 +01:00
Zbigniew Jędrzejewski-Szmek
ab596e4cde shared/watchdog: give up after a few failed pings
Closes https://github.com/systemd/systemd/issues/35405. Apparently some
watchdog devices can be opened, but then the pings start failing after some
time. Since the timestamp of the last successful ping is not updated, we try to
ping again immediately, causing a busy loop and excessive logging.

After trying a few different approaches to fit this into the existing framework
without changing the logic too much, I settled on an approach with a second
timestamp. In particular, the timestamp of the last successful ping is public,
exposed as WatchdogLastPingTimestamp over dbus. It'd be wrong to redefine this
to mean the last ping *attempt*. So we need a second timestamp in some form.

Also, if we give up on pinging, we probably should attempt to disarm the
watchdog. It's possible that the pinging fails, but the watchdog would still
fire. I don't think we want that, since it seems that our internal loop is
working, it's just the watchdog that is broken.

Structured message with SD_MESSAGE_WATCHDOG_PING_FAILED is logged if we fail
to ping.

I tested this by attaching gdb to pid 1 and calling close(watchdog_fd).
We get a bunch of warning messages and then an attempt to close the watchdog:
Mar 21 15:46:17 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:20 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:23 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:26 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:29 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:32 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:35 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:37 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:40 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:43 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:46 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:49 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:52 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:55 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0: Bad file descriptor
Mar 21 15:46:58 fedora systemd[1]: Failed to ping hardware watchdog /dev/watchdog0, closing watchdog after 15 attempts: Bad file descriptor
Mar 21 15:46:58 fedora systemd[1]: Failed to disable hardware watchdog, ignoring: Bad file descriptor
Mar 21 15:46:58 fedora systemd[1]: Failed to disarm watchdog timer, ignoring: Bad file descriptor
2025-03-24 10:45:49 +01:00
Erik Larsson
c88adbc01d networkd: add support for setting vlan_tunnel on bridge ports 2025-03-24 17:15:19 +09:00
Luca Boccassi
2e3efb1884
some dbus property fixes (#36830) 2025-03-22 15:54:16 +00:00