1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 14:55:37 +03:00
Commit Graph

25702 Commits

Author SHA1 Message Date
Susant Sahani
4eb086a387 networkd: fix link_up() (#12505)
Fillup IFLA_INET6_ADDR_GEN_MODE while we do link_up.

Fixes the following error:
```
dummy-test: Could not bring up interface: Invalid argument
```

After reading the kernel code when we do a link up
```
net/core/rtnetlink.c
IFLA_AF_SPEC
 af_ops->set_link_af(dev, af);
  inet6_set_link_af
   if (tb[IFLA_INET6_ADDR_GEN_MODE])
             Here it looks for IFLA_INET6_ADDR_GEN_MODE
```
Since link up we didn't filling up that it's failing.

Closes #12504.
2019-05-09 04:05:35 +02:00
Yu Watanabe
9aa5d8ba84 network: include glibc headers before including kernel headers 2019-05-09 03:21:31 +02:00
Yu Watanabe
d03f390ef2 network: drop arpa/inet.h from networkd-manager.h 2019-05-09 02:33:33 +02:00
Yu Watanabe
fa67272288 sd-netlink: include glibc headers earlier to resolve conflict with kernel headers
Then, hopefully libc-compat.h make everything fine.
2019-05-09 02:29:32 +02:00
Yu Watanabe
004aadcacd network: replace inet_pton() with in_addr_from_string() 2019-05-09 01:44:31 +02:00
Yu Watanabe
57e447078d network: replace inet_ntop() with in_addr_to_string() 2019-05-09 01:44:31 +02:00
Susant Sahani
1087623bac networkd: Add support to configure proxy ARP and proxy ARP Wifi 2019-05-09 01:44:26 +02:00
Zbigniew Jędrzejewski-Szmek
180f1e3359
Merge pull request #12445 from cdown/dmm_docs
cgroup: Some memory protection fixes
2019-05-08 18:09:45 +02:00
Lennart Poettering
e95be7def2
Merge pull request #12411 from keszybz/pr/12394
run: when emitting the calendarspec warning, use red
2019-05-08 10:11:32 -04:00
Lennart Poettering
fd5e11f0bd
Merge pull request #12509 from poettering/table-fixlets
two trivial fixes to table formatting code
2019-05-08 10:10:55 -04:00
Evgeny Vereshchagin
7f2cdceaed util-lib: fix a typo in rdrand
Otherwise, the fuzzers will fail to compile with MSan:
```
../../src/systemd/src/basic/random-util.c:64:40: error: use of undeclared identifier 'sucess'; did you mean 'success'?
        msan_unpoison(&success, sizeof(sucess));
                                       ^~~~~~
                                       success
../../src/systemd/src/basic/alloc-util.h:169:50: note: expanded from macro 'msan_unpoison'
                                                 ^
../../src/systemd/src/basic/random-util.c:38:17: note: 'success' declared here
        uint8_t success;
                ^
1 error generated.
[80/545] Compiling C object 'src/basic/a6ba3eb@@basic@sta/process-util.c.o'.
ninja: build stopped: subcommand failed.
Fuzzers build failed
```
2019-05-08 16:10:06 +02:00
Chris Down
465ace74d9 cgroup: Test that it's possible to set memory protection to 0 again
The previous commit fixes this up, and this should prevent it
regressing.
2019-05-08 12:06:32 +01:00
Chris Down
22bf131be2 cgroup: Support 0-value for memory protection directives
These make sense to be explicitly set at 0 (which has a different effect
than the default, since it can affect processing of `DefaultMemoryXXX`).

Without this, it's not easily possible to relinquish memory protection
for a subtree, which is not great.
2019-05-08 12:06:32 +01:00
Chris Down
7e7223b3d5 cgroup: Readd some plumbing for DefaultMemoryMin
Somehow these got lost in the previous PR, rendering DefaultMemoryMin
not very useful.
2019-05-08 12:06:32 +01:00
Lennart Poettering
fd0a16d8a5
Merge pull request #11887 from evverx/fuzzbuzz
tests: hook up fuzz targets to FuzzBuzz
2019-05-08 12:40:03 +02:00
Lennart Poettering
324d9acab7 machinectl/loginctl: show json output if requested even if zero entries 2019-05-08 06:33:36 -04:00
Lennart Poettering
a1c7a1f057 format-table: correct prototype 2019-05-08 06:33:36 -04:00
Zbigniew Jędrzejewski-Szmek
d1c377da0d
Merge pull request #12489 from ssahani/vxlan
networkd: VXLAN rename Id to VNI
2019-05-08 12:02:54 +02:00
Zbigniew Jędrzejewski-Szmek
ad3b2109c3
Merge pull request #12507 from poettering/random-fixlets
three minor fixes to random-util.c
2019-05-08 12:02:02 +02:00
Zbigniew Jędrzejewski-Szmek
0d0464d39d journalctl,shared/log: use yellow for warnings
In program output, highlighting warnings with ANSI_HIGHLIGHT is not enough,
because it doesn't stand out enough. Yellow is more appropriate.

I was worried that yellow wouldn't be visible on white background, but (at
least gnome-terminal) uses a fairly dark yellow that is fully legible on white
and light-colored backgrounds. We also used yellow in many places,
e.g. systemctl, so this should be fine.

Note: yellow is unreadable on urxvt with white background (urxvt +rv). But
grey, which we already used, is also unreadable, so urxvt users would have
to disable colors anyway, so this change does not make the problem
intrinsically worse. See
https://github.com/systemd/systemd/issues/12482#issuecomment-490374210.
2019-05-08 09:50:38 +02:00
Zbigniew Jędrzejewski-Szmek
1a04395959 Enable log colors for most of tools in /usr/bin
When emitting the calendarspec warning we want to see some color.
Follow-up for 04220fda5c.

Exceptions:
- systemctl, because it has a lot hand-crafted coloring
- tmpfiles, sysusers, stdio-bridge, etc, because they are also used in
  services and I'm not sure if this wouldn't mess up something.
2019-05-08 09:50:21 +02:00
Zbigniew Jędrzejewski-Szmek
37b8d2f699 basic/log: use colors to highlight messages like journalctl 2019-05-08 09:45:38 +02:00
Susant Sahani
61b824c561 networkd: bridge fdb add support to configure VXLAN VNI 2019-05-08 03:43:43 +02:00
Susant Sahani
8c32c5884d networkd: VXLAN use correct type for VNI 2019-05-08 06:52:54 +05:30
Susant Sahani
4cc0fd7531 networkd: VXLAN add support to configure Generic Protocol Extension
See https://tools.ietf.org/html/draft-ietf-nvo3-vxlan-gpe-07
2019-05-08 06:52:42 +05:30
Lennart Poettering
b2adc2ae3a
Merge pull request #12501 from keszybz/silence-strncpy-warnings
Silence strncpy warnings
2019-05-08 01:39:32 +02:00
Lennart Poettering
328f850e36 random-util: rename "err" to "success"
After all rdrand returns 1 on success, and 0 on failure, hence let's
name this accordingly.
2019-05-07 18:51:26 -04:00
Evgeny Vereshchagin
87ac55a129 tests: hook up fuzz targets to FuzzBuzz 2019-05-07 21:39:01 +00:00
Lennart Poettering
80eb560a5b random-util: hash AT_RANDOM getauxval() value before using it
Let's be a bit paranoid and hash the 16 bytes we get from getauxval()
before using them. AFter all they might be used by other stuff too (in
particular ASLR), and we probably shouldn't end up leaking that seed
though our crappy pseudo-random numbers.
2019-05-07 17:31:20 -04:00
Lennart Poettering
cc28145d51 random-util: use gcc's bit_RDRND definition if it exists 2019-05-07 17:31:20 -04:00
Lennart Poettering
1a0ffa1e73 random-util: rename RANDOM_DONT_DRAIN → RANDOM_MAY_FAIL
The old flag name was a bit of a misnomer, as /dev/urandom cannot be
"drained". Once it's initialized it's initialized and then is good
forever. (Only /dev/random has a concept of 'draining', but we never use
that, as it's an obsolete interface).

The flag is still useful though, since it allows us to suppress accesses
to the random pool while it is not initialized, as that trips up the
kernel and it logs about any such attempts, which we really don't want.
2019-05-07 17:30:40 -04:00
Zbigniew Jędrzejewski-Szmek
099c77fd5f scsi_serial: replace some crazy strncpy() calls by strnlen()
gcc was warning about strncpy() leaving an unterminated string.
In this case, it was correct.

The code was doing strncpy()+strncat()+strlen() essentially to determine
if the strings have expected length. If the length was correct, a buffer
overread was performed (or at least some garbage bytes were used from the
uninitialized part of the buffer). Let's do the length check first and then
only copy stuff if everything agrees.

For some reason the function was called "prepend", when it obviously does
an "append".
2019-05-07 21:06:44 +02:00
Zbigniew Jędrzejewski-Szmek
6695c200bd shared/utmp-wtmp: silence gcc warning about strncpy truncation
Unfortunately the warning must be known, or otherwise the pragma generates a
warning or an error. So let's do a meson check for it.

Is it worth doing this to silence the warning? I think so, because apparently
the warning was already emitted by gcc-8.1, and with the recent push in gcc to
catch more such cases, we'll most likely only get more of those.
2019-05-07 21:05:26 +02:00
Susant Sahani
76fbd4d73d networkd: VXLan TTL must be <= 255
Ignore when TTL > 255
2019-05-07 20:34:45 +02:00
Susant Sahani
83cb24ac20 networkd: VXLan Make group and remote variable separate
VXLAN Document Group=
2019-05-07 20:34:27 +02:00
Zbigniew Jędrzejewski-Szmek
717e8eda77
Merge pull request #12475 from yuwata/network-fix-12452
network: add network_ref/_unref() and make Link object take a reference of Network object
2019-05-07 20:03:22 +02:00
Zbigniew Jędrzejewski-Szmek
9175aabfb6
Merge pull request #12481 from ssahani/dhcp-max-retry
networkd: Allow DHCP4 client to set the number to attempt to configure/reconfigure
2019-05-07 19:58:40 +02:00
Susant Sahani
6f213e4a34 networkd: VXLAN rename Id to VNI
It makes more sense to call VXLAN ID as

1. the VXLAN Network Identifier (VNI) (or VXLAN Segment ID)
2. test-network: rename VXLAN Id to VNI
3. fuzzer: Add VXLAN VNI directive to fuzzer
2019-05-07 20:52:11 +05:30
Yu Watanabe
aa5f4c7773 network: add error cause in the log 2019-05-07 17:12:09 +02:00
Susant Sahani
715cedfbf0 networkd: Allow DHCP4 client to set the number to attempt to reconfigure.
Otherwise current value is 6 and after 6 it will give up.
2019-05-07 17:12:04 +02:00
Yu Watanabe
67a4683364 network: use IN_ADDR_NULL and ETHER_ADDR_NULL
The change in manager_rtnl_process_address() may not be necessary,
but for safety, let's initialize the value.
2019-05-07 16:55:19 +02:00
Yu Watanabe
ce2ea782c2 network: fix conditional jump depends on uninitialised value(s)
When address is in IPv4, the remaining buffer in in_addr_union may
not be initialized.

Fixes the following valgrind warning:
```
==13169== Conditional jump or move depends on uninitialised value(s)
==13169==    at 0x137FF6: UnknownInlinedFun (networkd-ndisc.c:77)
==13169==    by 0x137FF6: UnknownInlinedFun (networkd-ndisc.c:580)
==13169==    by 0x137FF6: ndisc_handler.lto_priv.83 (networkd-ndisc.c:597)
==13169==    by 0x11BE23: UnknownInlinedFun (sd-ndisc.c:201)
==13169==    by 0x11BE23: ndisc_recv.lto_priv.174 (sd-ndisc.c:254)
==13169==    by 0x4AA18CF: source_dispatch (sd-event.c:2821)
==13169==    by 0x4AA1BC2: sd_event_dispatch (sd-event.c:3234)
==13169==    by 0x4AA1D88: sd_event_run (sd-event.c:3291)
==13169==    by 0x4AA1FAB: sd_event_loop (sd-event.c:3313)
==13169==    by 0x117401: UnknownInlinedFun (networkd.c:113)
==13169==    by 0x117401: main (networkd.c:120)
==13169==  Uninitialised value was created by a stack allocation
==13169==    at 0x1753C8: manager_rtnl_process_address (networkd-manager.c:479)
```
2019-05-07 16:55:19 +02:00
Yu Watanabe
62bbbedf73 sd-radv: fix memleak
Fixes one memleak found in #12452.
2019-05-07 16:55:19 +02:00
Yu Watanabe
2c448c8a17 network: fix use-after-free
The function sd_radv_add_prefix() in dhcp6_pd_prefix_assign() may
return -EEXIST, and in that case the sd_radv_prefix object allocated
in dhcp6_pd_prefix_assign() will be freed when the function returns.
Hence, the key value in Manager::dhcp6_prefixes hashmap is lost.
2019-05-07 16:55:19 +02:00
Yu Watanabe
ca7c792b83 network: fix memleak and double free
Fixes the third issue in #12452.
2019-05-07 16:55:19 +02:00
Yu Watanabe
f535e35417 network: simplify link_free() 2019-05-07 16:55:19 +02:00
Yu Watanabe
715d398e61 network: drop list fields in Network object 2019-05-07 16:55:19 +02:00
Susant Sahani
d4df632674 networkd: manager do not unef netlink and gennetlink early
Because of this the fd is getting closed and we getting errors
like
```
^Ceno1: Could not send rtnetlink message: Bad file descriptor
enp7s0f0: Could not send rtnetlink message: Bad file descriptor
enp7s0f0: Cannot delete unreachable route for DHCPv6 delegated subnet 2a0a:...:fc::/62: Bad file descriptor
Assertion '*_head == _item' failed at ../systemd/src/network/networkd-route.c:126, function route_free(). Aborting.
Aborted
```

Closes one of https://github.com/systemd/systemd/issues/12452
2019-05-07 16:55:19 +02:00
Yu Watanabe
c9c908a60d network: make Link objects take references of Network objects 2019-05-07 16:55:19 +02:00
Yu Watanabe
35ac3b7664 network: introduce reference counter for Network object 2019-05-07 16:55:19 +02:00
Zbigniew Jędrzejewski-Szmek
881a62debb scsi_serial: replace &foo[n] by foo+n 2019-05-07 15:07:43 +02:00
Zbigniew Jędrzejewski-Szmek
f1d553e9df shared/utmp-wtmp: avoid gcc warning about strncpy truncation
The fact that strncpy does the truncation is the whole point here, and gcc
shouldn't warn about this. We can avoid the warning and simplify the
whole procedure by directly copying the interesting part.
2019-05-07 14:15:46 +02:00
Zbigniew Jędrzejewski-Szmek
c98b354500 network: remove redunant link name in message
Fixes #12454.

gcc was complaining that the link->ifname argument is NULL. Adding
assert(link->ifname) right before the call has no effect. It seems that
gcc is confused by the fact that log_link_warning_errno() internally
calls log_object(), with link->ifname passed as the object. log_object()
is also a macro and is does a check whether the passed object is NULL.
So we have a check if something is NULL right next an unconditional use
of it where it cannot be NULL. I think it's a bug in gcc.

Anyway, we don't need to use link->ifname here. log_object() already prepends
the object name to the message.
2019-05-07 13:46:55 +02:00
Yu Watanabe
b30160ff7f
Merge pull request #12478 from yuwata/wireguard-fwmark
network: rename WireGuard.FwMark -> FirewallMark
2019-05-07 05:16:34 +02:00
Yu Watanabe
11793fcd63 sd-dhcp: store number of trial in sd_dhcp_client::attempt
Calling 2^n as attempt is misleading.
2019-05-07 04:08:33 +02:00
Zbigniew Jędrzejewski-Szmek
3759c0bdd3
Merge pull request #12440 from poettering/realloc-again
another shot at the malloc_usable_size() thing
2019-05-06 17:17:22 +02:00
Mike Gilbert
5797a12223 basic/mountpoint-util: whitelist 'exfat' in fstype_can_uid_gid 2019-05-06 16:43:22 +02:00
Susant Sahani
946f8e14d5 networkd: stop clients when networkd shuts down (#12463)
We not stopping the clients when networkd stops. They
should shut down cleanly and then we need to clean the DS.

One of requirements to implement
https://github.com/systemd/systemd/issues/10820.

```
^CBus bus-api-network: changing state RUNNING → CLOSED
DHCP SERVER: UNREF
DHCP SERVER: STOPPED
DHCP CLIENT (0x60943df0): STOPPED
veth-test: DHCP lease lost
veth-test: Removing address 192.168.5.31
NDISC: Stopping IPv6 Router Solicitation client
DHCP CLIENT (0x0): FREE
==24308==
==24308== HEAP SUMMARY:
==24308==     in use at exit: 8,192 bytes in 2 blocks
==24308==   total heap usage: 4,230 allocs, 4,228 frees, 1,209,732 bytes allocated
==24308==
==24308== LEAK SUMMARY:
==24308==    definitely lost: 0 bytes in 0 blocks
==24308==    indirectly lost: 0 bytes in 0 blocks
==24308==      possibly lost: 0 bytes in 0 blocks
==24308==    still reachable: 8,192 bytes in 2 blocks
==24308==         suppressed: 0 bytes in 0 blocks
==24308== Rerun with --leak-check=full to see details of leaked memory
==24308==
==24308== For lists of detected and suppressed errors, rerun with: -s
==24308== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
==24308== could not unlink /tmp/vgdb-pipe-from-vgdb-to-24308-by-sus-on-Zeus
==24308== could not unlink /tmp/vgdb-pipe-to-vgdb-from-24308-by-sus-on-Zeus
==24308== could not unlink /tmp/vgdb-pipe-shared-mem-vgdb-24308-by-sus-on-Zeus

```
2019-05-06 16:06:50 +02:00
Frantisek Sumsal
6ab668337e test: return a non-zero return code when 'nobody' user doesn't exist
Lookup of a non-existing user using getpwnam() is not considered
an error, thus the `errno` is not set appropriately, causing
unexpected fails on systems, where 'nobody' user doesn't exist by
default
2019-05-06 15:13:07 +02:00
Yu Watanabe
1c30b174ed network: rename WireGuard.FwMark -> FirewallMark
For the consistency with FirewallMark= in [RoutingPolicyRule] section.
2019-05-04 17:20:23 +02:00
Yu Watanabe
810ae0dc95 network: warn about Network.IPv4LL= is deprecated 2019-05-04 16:46:02 +02:00
Yu Watanabe
29e81083bd network: disable fallback IPv4ll address assignment when DHCPv4 is disabled 2019-05-04 16:46:02 +02:00
Yu Watanabe
e800fd24a1 network: use DEFINE_STRING_TABLE_LOOKUP() macro for AddressFamilyBoolean 2019-05-04 16:46:02 +02:00
Yu Watanabe
6c0c041a8e network: make link_check_ready() handle LinkLocalAddressing=fallback 2019-05-04 16:46:02 +02:00
Yu Watanabe
552081a499 network: rewrite condition about DHCP in link_check_ready() 2019-05-04 16:46:02 +02:00
Susant Sahani
8bc17bb3f7 networkd: Option to use LinkLocalAddressing only when DHCP fails
When LinkLocalAddressing=fallback or LinkLocalAddressing=ipv4-fallback
then IPv4LL will be started only when DHCP fails.

Closes #9648.
2019-05-04 16:45:57 +02:00
Chris Down
6450ee3f8c
Merge pull request #12466 from yuwata/network-fix-issue-12452
network: fix assertion when link get carrier
2019-05-03 23:01:28 -04:00
Chris Down
b6adba159c
Merge pull request #12441 from ssahani/bridge-fdb
networkd: add support for bridge fdb destination address.
2019-05-03 09:50:47 -04:00
Wieland Hoffmann
8a7033ac2f fstab-generator: Prevent double free of reused FILE*
When the .automount unit file already existed for any reason in the
`normal-dir` passed to `systemd-fstab-generator`, but the normal .mount unit
file did not, `f` was closed (but _not_ set to NULL). The call to
`generator_open_unit_file(..., automount_name, &f)` then failed because the
.mount unit file already existed. Now `f` did not point to an open FILE and the
later cleanup from the `_cleanup_fclose_` attribute failed with a double free.
Reset `f` to NULL before reusing it.
2019-05-03 13:22:36 +02:00
Susant Sahani
c2c2793f39 networkd: Add support to configure destination address for bridge FDB
Closes #5145.

Example conf:
```
[Match]
Name=vxlan1309

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.2

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.4

[BridgeFDB]
MACAddress=00:00:00:00:00:00
Destination=10.0.0.5
```
2019-05-03 06:11:52 +02:00
Yu Watanabe
b9ea3d2e47 network: fix assertion when link get carrier
This fixes a bug introduced by bd08ce5615.
When link is in LINK_STATE_INITIALIZED, `Link::network` may not be
set yet.

Fixes #12452.
2019-05-03 01:14:36 +02:00
Lennart Poettering
4136447576 test-alloc-util: let's test a few more things around GREEDY_REALLOC() 2019-05-02 14:53:40 +02:00
Lennart Poettering
e59054270c alloc-util: reintroduce malloc_usable_size() into greedy_realloc()
This is another attempt at d4b604baea and #12438

Instead of blindly using the extra allocated space, let's do so only
after telling libc about it, via a second realloc(). The second
realloc() should be quick, since it never has to copy memory around.
2019-05-02 14:53:40 +02:00
Zbigniew Jędrzejewski-Szmek
64538af89b udev/cdrom_id: drop unneeded parentheses 2019-05-01 11:46:42 +02:00
Lennart Poettering
adb7b782f8
Merge pull request #12218 from keszybz/use-libmount-more
Use libmount more
2019-04-30 19:44:17 +02:00
Franck Bui
9f3f596477 meson: make source files including nspawn-settings.h depend on libseccomp
Since nspawn-settings.h includes seccomp.h, any file that includes
nspawn-settings.h should depend on libseccomp so the correct header path where
seccomp.h lives is added to the header search paths.

It's especially important for distros such as openSUSE where seccomp.h is not
shipped in /usr/include but /usr/include/libseccomp.

This patch is similar to 8238423095.
2019-04-30 19:31:22 +02:00
Yu Watanabe
8b803ad634 udev: drop unnecessary brackets
Follow-up for ed0cb34682.
2019-04-30 19:10:35 +02:00
Lennart Poettering
0892f3f999
Merge pull request #12420 from mrc0mmand/coccinelle-tweaks
Coccinelle improvements
2019-04-30 11:37:19 +02:00
Lennart Poettering
043d453c40 tests: add test for umask-util.h 2019-04-30 09:53:09 +02:00
Lennart Poettering
650c7a2e8b umask-util: simplify RUN_WITH_UMASK()
Why have a struct to store the iteration bit if we actually have plenty
place in mode_t?
2019-04-30 09:52:35 +02:00
Frantisek Sumsal
ed0cb34682 tree-wide: code improvements suggested by Coccinelle 2019-04-30 09:39:07 +02:00
Susant Sahani
f143c650a3 netword: fdb fix coding style 2019-04-30 13:06:10 +05:30
Zbigniew Jędrzejewski-Szmek
cb9ff7532b
Merge pull request #12434 from poettering/rm-rf-children-take-ptr
minor rm_rf_children() modernizations
2019-04-30 08:23:13 +02:00
Aaron Barany
fcc72fd0f1 alloc-util: don't use malloc_usable_size() to determine allocated size
This reverts commit d4b604baea.

When realloc() is called, the extra memory between the originally
requested size and the end of malloc_usable_size() isn't copied. (at
least with the version of glibc that currently ships on Arch Linux)
As a result, some elements get lost and use uninitialized memory, most
commonly 0, and can lead to crashes.

fixes #12384
2019-04-30 08:20:59 +02:00
Lennart Poettering
987719d37d
Merge pull request #12414 from keszybz/detect-podman
Detect podman as separate container type
2019-04-29 19:07:24 +02:00
Susant Sahani
b5799eeb07 networkd: Add back static routes after DHCPv4 lease expires.
1. When the DHCPv4 lease expires kernel removes the route. So add it back
when we gain lease again.

Closes https://github.com/systemd/systemd/issues/12426

2. When UseRoutes=false do not remove router
2019-04-29 18:13:31 +02:00
Ben Boeckel
5238e95759 codespell: fix spelling errors 2019-04-29 16:47:18 +02:00
Lennart Poettering
50b6eec154 rm-rf: simplify rm_rf_children() a bit by using _cleanup_close_ 2019-04-29 16:21:01 +02:00
Lennart Poettering
c0ba6b9286 switch-root: modernize rm_rf_children() invocation a bit 2019-04-29 16:17:29 +02:00
Zbigniew Jędrzejewski-Szmek
90fb1f0938 basic/virt: treat "podman" as separate container type
We would detect podman as container-other. Let's assign a name to it.
Inspired by https://github.com/containers/libpod/issues/2996.
2019-04-29 15:36:26 +02:00
Zbigniew Jędrzejewski-Szmek
342bed0208 basic/virt: try the /proc/1/sched hack also for PID1
If a container manager does not set $container, we could end up
in a strange situation when detect-virt returns container-other when
run as non-pid-1 and none when run as pid-1.
2019-04-29 15:36:26 +02:00
Yu Watanabe
51aba17b88 network: drop invalid assertion
The link may not have corresponding .network file.
Note that in that case, link_ipv4ll_enabled() and link_dhcp4_enabled()
returns false. So, it is safe to drop the assertion.

Fixes #12422.
2019-04-28 19:54:50 +02:00
Frantisek Sumsal
55033662f9 tree-wide: drop !! casts to booleans
Done by coccinelle/bool-cast.cocci
2019-04-28 14:32:19 +02:00
Frantisek Sumsal
4e361acc06 tree-wide: replace explicit NULL checks with their shorter variants
Done by coccinelle/equals-null.cocci
2019-04-28 14:28:49 +02:00
Lennart Poettering
d8974757c4
Merge pull request #12407 from keszybz/two-unrelated-cleanups
Two unrelated cleanups
2019-04-26 23:43:27 +02:00
Ben Boeckel
8f8dfb9552 nspawn-expose-ports: fix a typo in error message 2019-04-26 23:42:55 +02:00
Zbigniew Jędrzejewski-Szmek
e608bf6f7f run: reword a comment
Use unicode m-dash and remove the part about discoverability, since it's just a
warning on the terminal.
2019-04-26 12:11:04 +02:00
Yu Watanabe
aeafd03a2b resolve: use bridge or bonding interfaces in degraded-carrier state
Fixes #12285.
2019-04-26 10:00:06 +02:00
Franck Bui
83a32ea7b0 sd-bus: bump message queue size again
Simliarly to issue #4068, the current limit turns out to be too small for a
big storage setup that uses many small disks. Let's bump it further.
2019-04-26 09:59:02 +02:00
Franck Bui
5406c36844 udevd: notify when max number value of children is reached only once per batch of events
When booting with "udev.log-priority=debug" for example, the output might be
spammed with messages like this:

    systemd-udevd[23545]: maximum number (248) of children reached
    systemd-udevd[23545]: maximum number (248) of children reached
    systemd-udevd[23545]: maximum number (248) of children reached
    systemd-udevd[23545]: maximum number (248) of children reached
    systemd-udevd[23545]: maximum number (248) of children reached
    systemd-udevd[23545]: maximum number (248) of children reached
    systemd-udevd[23545]: maximum number (248) of children reached

While the message itself is useful, printing it per batch of events should be
enough.
2019-04-26 09:58:12 +02:00
Zbigniew Jędrzejewski-Szmek
a6d04b1a17
Merge pull request #12394 from poettering/oncalendar-tweak
systemd-run --on-calendar= follow-up
2019-04-26 08:48:28 +02:00
Lennart Poettering
85318688cc chown-recursive: also check mode before we bypass 2019-04-26 08:31:08 +02:00
Lennart Poettering
cbb3092ce6 json: let's not accept embedded NUL bytes when allocating JSON strings
Let's add an additional paranoia check, and not accept embedded NUL
bytes in strings, just in case.
2019-04-26 08:24:41 +02:00
Lennart Poettering
b2bdf6e456 json: make log message more focussed 2019-04-26 08:22:22 +02:00
Lennart Poettering
04220fda5c run: when we determine a timer cannot elapse anymore, really just warn, nothing else
When we determine that a calendar expression cannot elapse anymore,
print a warning but proceed regardless like we normally would.

Quite possibly a remote system has a different understanding of time
(timezone, system clock) than we have, hence we really shouldn't change
behaviour here client side, but log at best, and then leave the decision
what to do to the server side.

Follow-up for #12299
2019-04-25 13:40:01 +02:00
Lennart Poettering
9bb656bd0c calendarspec: make return time value of calendar_spec_next_usec() optional
If noone is interested, there's no reason to return it.

(Also document the ENOENT error code in a comment)
2019-04-25 13:21:54 +02:00
Zbigniew Jędrzejewski-Szmek
c5b7ae0edb
Merge pull request #12074 from poettering/io-acct
expose IO stats on the bus and in "systemctl status" and "systemd-run --wait"
2019-04-25 11:59:37 +02:00
Frantisek Sumsal
10434dbdfd run: check if the specified calendar event is not in the past
Check if calendar event specification passed by --on-calendar runs in
some time in the future. If not, execute the given command immediately
2019-04-25 11:27:40 +02:00
Zbigniew Jędrzejewski-Szmek
4232cf049f network: drop "return 1" when the return value is ignored by all callers
The reader is tricked into thinking that this has some meaning...
2019-04-25 11:13:39 +02:00
Zbigniew Jędrzejewski-Szmek
c5322608a5 core: adjust unit_get_ancestor_memory_{low,min}() to work with units which don't have a CGroupContext
Coverity doesn't like the fact that unit_get_cgroup_context() returns NULL for
unit types that don't have a CGroupContext. We don't expect to call those
functions with such unit types, so this isn't an immediate problem, but we can
make things more robust by handling this case.

CID #1400683, #1400684.
2019-04-25 11:13:02 +02:00
Zbigniew Jędrzejewski-Szmek
b6411f716c
Merge pull request #12332 from cdown/default_min
cgroup: Add support for propagation of memory.min
2019-04-25 11:06:45 +02:00
Zbigniew Jędrzejewski-Szmek
e87c1a458a
Merge pull request #12382 from yuwata/wireguard-12377
network: fix ListenPort= in [WireGuard] section
2019-04-25 10:55:53 +02:00
Zbigniew Jędrzejewski-Szmek
688fc38537
Merge pull request #12316 from yuwata/network-prevent-multiple-initialization-12315
network: prevent interfaces to be initialized multiple times
2019-04-25 10:54:28 +02:00
Yu Watanabe
5f707e1280 network: fix ref/unref logic for Link object
- bridge or bonding master takes a reference of slave links.
- drop link from bridge or bonding master's slave list when slave link
  is removed.
- change type of Link::slaves to Set*,

Fixes #12315.
2019-04-25 10:47:17 +02:00
Yu Watanabe
bd08ce5615 network: prevent interfaces to be initialized multiple times
When a uevent is received during the relevant interface is in
LINK_STATE_PENDING, then the interface may be initialized twice.
To prevent that, this introduces LINK_STATE_INITIALIZED.
2019-04-25 10:44:46 +02:00
Yu Watanabe
84ea567eb4 udev,network: warn when .link or .network file has no [Match] section
Closes #12098.
2019-04-25 08:41:10 +02:00
Yu Watanabe
a62b7bb79e network: fix ListenPort= in [WireGuard] section
This fixes a bug introduced by f1368a333e.

Fixes #12377.
2019-04-25 02:43:03 +02:00
Balint Reczey
bb5ac84d79 Move verify_vc_kbmode() to terminal-util.c as vt_verify_kbmode() 2019-04-24 18:01:40 +02:00
Lennart Poettering
aba5472979
Merge pull request #12351 from keszybz/sd-bus-add-symbol
Add symbol to tell the linker that new libsystemd version is needed
2019-04-24 10:23:10 +02:00
Jan Klötzke
99b43caf26 core: immediately trigger watchdog action on WATCHDOG=trigger
A service might be able to detect errors by itself that may require the
system to take the same action as if the service locked up. Add a
WATCHDOG=trigger state change notification to sd_notify() to let the
service manager know about the self-detected misery and instantly
trigger the configured watchdog behaviour.
2019-04-24 10:17:10 +02:00
Zbigniew Jędrzejewski-Szmek
2f2d81d957 shared/mount-util: make sure utab is ignored in umount_recursive()
See https://github.com/systemd/systemd/pull/12218#pullrequestreview-226029985.
2019-04-23 23:52:15 +02:00
Zbigniew Jędrzejewski-Szmek
e2857b3d87 Add helper function for mnt_table_parse_{stream,mtab}
This wraps a few common steps. It is defined as inline function instead of in a
.c file to avoid having a .c file. With a .c file, we would have three choices:
- either link it into libshared, but then then libshared would have to be
  linked to libmount.
- or compile the .c file into each target separately. This has the disdvantage
  that configuration of every target has to be updated and stuff will be compiled
  multiple times anyway, which is not too different from keeping this in the
  header file.
- or create a new convenience library just for this. This also has the disadvantage
  that the every target would have to be updated, and a separate library for a
  10 line function seems overkill.

By keeping everything in a header file, we compile this a few times, but
otherwise it's the least painful option. The compiler can optimize most of the
function away, because it knows if 'source' is set or not.
2019-04-23 23:29:29 +02:00
Zbigniew Jędrzejewski-Szmek
7d991d4818 mount-tool: use libmount to parse /proc/self/mountinfo
Same motivation as in other places: let's use a single logic to parse this.

Use path_equal() to compare the path.

A bug in error handling is fixed: if we failed after the GREEDY_REALLOC but
before the line that sets the last item to NULL, we would jump to
_cleanup_strv_free_ with the strv unterminated. Let's use GREEDY_REALLOC0
to avoid the issue.
2019-04-23 23:29:29 +02:00
Zbigniew Jędrzejewski-Szmek
13dcfe4661 shared/mount-util: convert to libmount
It seems better to use just a single parsing algorithm for /proc/self/mountinfo.

Also, unify the naming of variables in all places that use mnt_table_next_fs().
It makes it easier to compare the different call sites.
2019-04-23 23:29:29 +02:00
Zbigniew Jędrzejewski-Szmek
155dc16168 meson: do not use f-strings
Our travis CI still uses python3.5. I'm making this into a separate
commit to make it easy to revert later.
2019-04-23 22:59:19 +02:00
Zbigniew Jędrzejewski-Szmek
bf135d288d sd-bus: when running user find function don't trust the value to be initialized
The find function is externally provided, and we shouldn't trust that the
authors remember to set the output parameter in all cases.
2019-04-23 22:58:39 +02:00
Zbigniew Jędrzejewski-Szmek
d5c8d8233c busctl: add introspect --xml-interface
This wraps the call to org.freedesktop.DBus.Introspectable.Introspect.
Using "busctl call" directly is inconvenient because busctl escapes the
string before printing.

Example:
$ busctl introspect --xml org.freedesktop.systemd1 /org/freedesktop/systemd1 | pygmentize -lxml | less -RF
2019-04-23 22:58:29 +02:00
Zbigniew Jędrzejewski-Szmek
d603324b4b test-bus-{vtable,introspect}: share data and test introspect_path()
test-bus-introspect is also applied to the tables from test-bus-vtable.c.

test-bus-vtable.c is also used as C++ sources to produce test-bus-vtable-cc,
and our hashmap headers are not C++ compatible. So let's do the introspection
part only in the C version.
2019-04-23 22:58:26 +02:00
Zbigniew Jędrzejewski-Szmek
67962036f6 basic/socket-util: put a limit on the loop to flush connections
Follow-up for #12346.
2019-04-23 15:24:56 +02:00
Zbigniew Jędrzejewski-Szmek
644cb4cc7a basic/socket-util: fix typo and reword comment
Comment bike-shedding might be the ultimate form of procrastination, but
I can't stop myself. :)
2019-04-23 15:11:08 +02:00
Zbigniew Jędrzejewski-Szmek
f5f899ef04
Merge pull request #12346 from poettering/accept-flush
socket-util: make sure accept_flush() doesn't hang on EOPNOTSUPP
2019-04-23 15:03:29 +02:00
Jiri Pirko
eaa9d507d8 udev: net_id: introduce predictable names for netdevsim
In order to properly and predictably name netdevsim netdevices,
introduce a separate implementation, as the netdevices reside on a
specific netdevsim bus. Note that this applies only to netdevsim devices
created using sysfs, because those expose phys_port_name attribute.

Signed-off-by: Jiri Pirko <jiri@mellanox.com>
2019-04-23 14:01:00 +02:00
Zbigniew Jędrzejewski-Szmek
dff9e25a76 sd-bus: split introspection into the content creation and reply creation parts
Just moving code around, in preparation to allow the content creation
part to be used in other places.

On the surface of things, introspect_path() should be in bus-introspect.c, but
introspect_path() uses many static helper functions in bus-objects.c, so moving
it would require all of them to be exposed, which is too much trouble.

test-bus-introspect is updated to actually write the closing bracket.
2019-04-23 12:23:15 +02:00
Zbigniew Jędrzejewski-Szmek
2abda6d1e4 sd-bus: use _cleanup_ for struct introspect 2019-04-23 12:23:15 +02:00
Zbigniew Jędrzejewski-Szmek
2caef9fba4 sd-bus: allow vtable format structure to grow in the future
We would check the size of sd_bus_vtable entries, requring one of the two known
sizes. But we should be able to extend the structure in the future, by adding
new fields, without breaking backwards compatiblity.

Incidentally, this check was what caused -EINVAL failures before, when programs
were compiled with systemd-242 and run with older libsystemd.
2019-04-23 12:23:15 +02:00
Zbigniew Jędrzejewski-Szmek
8dd8a286d1 sd-bus: add symbol to tell linker that new vtable functions are used
In 856ad2a86b sd_bus_add_object_vtable() and
sd_bus_add_fallback_vtable() were changed to take an updated sd_bus_vtable[]
array with additional 'features' and 'names' fields in the union.

The commit tried to check whether the old or the new table format is used, by
looking at the vtable[0].x.start.element_size field, on the assumption that the
added fields caused the structure size to grow. Unfortunately, this assumption
was false, and on arm32 (at least), the structure size is unchanged.

In libsystemd we use symbol versioning and a major.minor.patch semantic
versioning of the library name (major equals the number in the so-name).  When
systemd-242 was released, the minor number was (correctly) bumped, but this is
not enough, because no new symbols were added or symbol versions changed. This
means that programs compiled with the new systemd headers and library could be
successfully linked to older versions of the library. For example rpm only
looks at the so-name and the list of versioned symbols, completely ignoring the
major.minor numbers in the library name. But the older library does not
understand the new vtable format, and would return -EINVAL after failing the
size check (on those architectures where the structure size did change, i.e.
all 64 bit architectures).

To force new libsystemd (with the functions that take the updated
sd_bus_vtable[] format) to be used, let's pull in a dummy symbol from the table
definition. This is a bit wasteful, because a dummy pointer has to be stored,
but the effect is negligible. In particular, the pointer doesn't even change
the size of the structure because if fits in an unused area in the union.

The number stored in the new unsigned integer is not checked anywhere. If the
symbol exists, we already know we have the new version of the library, so an
additional check would not tell us anything.

An alternative would be to make sd_bus_add_{object,fallback}_vtable() versioned
symbols, using .symver linker annotations. We would provide
sd_bus_add_{object,fallback}_vtable@LIBSYSTEMD_221 (for backwards
compatibility) and e.g. sd_bus_add_{object,fallback}_vtable@@LIBSYSTEMD_242
(the default) with the new implementation. This would work too, but is more
work. We would have to version at least those two functions. And it turns out
that the .symver linker instructions have to located in the same compilation
unit as the function being annotated. We first compile libsystemd.a, and then
link it into libsystemd.so and various other targets, including
libsystemd-shared.so, and the nss modules. If the .symver annotations were
placed next to the function definitions (in bus-object.c), they would influence
all targets that link libsystemd.a, and cause problems, because those functions
should not be exported there. To export them only in libsystemd.so, compilation
would have to be rearranged, so that the functions exported in libsystemd.so
would not be present in libsystemd.a, but a separate compilation unit containg
them and the .symver annotations would be linked solely into libsystemd.so.
This is certainly possible, but more work than the approach in this patch.

856ad2a86b has one more issue: it relies on the
undefined fields in sd_bus_vtable[] array to be zeros. But the structure
contains a union, and fields of the union do not have to be zero-initalized by
the compiler. This means that potentially, we could have garbarge values there,
for example when reading the old vtable format definition from the new function
implementation. In practice this should not be an issue at all, because vtable
definitions are static data and are placed in the ro-data section, which is
fully initalized, so we know that those undefined areas will be zero. Things
would be different if somebody defined the vtable array on the heap or on the
stack. Let's just document that they should zero-intialize the unused areas
in this case.

The symbol checking code had to be updated because otherwise gcc warns about a
cast from unsigned to a pointer.
2019-04-23 12:23:12 +02:00
Chris Down
6610200d29
Merge pull request #12336 from anitazha/disablecontroller
core: support DisableControllers= for transient units
2019-04-23 10:42:37 +02:00
Anita Zhang
25cc30c4c8 core: support DisableControllers= for transient units 2019-04-22 11:52:08 -07:00
Lennart Poettering
6cdc62aa97 udev: whitespace fix 2019-04-18 15:18:12 +02:00
Lennart Poettering
5b116c37e1 test: add test for flush_accept()
Fixes: #12335
2019-04-18 15:18:12 +02:00
Lennart Poettering
f3d75364fb socket-util: make sure flush_accept() doesn't hang on unexpected EOPNOTSUPP
So apparently there are two reasons why accept() can return EOPNOTSUPP:
because the socket is not a listening stream socket (or similar), or
because the incoming TCP connection for some reason wasn't acceptable to
the host. THe latter should be a transient error, as suggested on
accept(2). The former however should be considered fatal for
flush_accept(). Let's fix this by explicitly checking whether the socket
is a listening socket beforehand.
2019-04-18 15:18:12 +02:00
Yu Watanabe
0beb9542e9 network: logs link state change 2019-04-17 19:41:50 +09:00
Yu Watanabe
528fcf8d1d bootspec: fix build when EFI support is disabled
Follow-up for ce4c4f8108.
2019-04-17 11:20:04 +02:00
Chris Down
7ad5439e06 unit: Add DefaultMemoryMin 2019-04-16 18:45:04 +01:00
Chris Down
6264b85e92 cgroup: Create UNIT_DEFINE_ANCESTOR_MEMORY_LOOKUP
This is in preparation for creating unit_get_ancestor_memory_min.
2019-04-16 18:39:51 +01:00
Yu Watanabe
ac9b17271f linux: import if_ether.h from kernel-5.0
kernel-4.15's if_ether.h has a bug that the header does not provide
'struct ethhdr'. The bug is introduced by
6926e041a8920c8ec27e4e155efa760aa01551fd (4.15-rc8)
and fixed by da360299b6734135a5f66d7db458dcc7801c826a (4.16-rc3).

This makes systemd built with kernel-4.15 headers.

Fixes #12319.
2019-04-16 10:27:01 +02:00
Lennart Poettering
4d48eabf37
Merge pull request #12305 from yuwata/import-more-headers-from-kernel-5-0
linux: import more headers from kernel-5.0
2019-04-15 11:33:06 +02:00
Lennart Poettering
929b02b5b8
Merge pull request #12301 from keszybz/silence-alignment-warning
Silence alignment warning
2019-04-15 11:21:15 +02:00
Lennart Poettering
a4009bee4a
Merge pull request #12311 from yuwata/timeout_abort_set-change-bool
core: several follow-ups for timeout PR #11211
2019-04-15 11:14:18 +02:00
Florian Dollinger
5a1ee07302 Check for final assignments in RUN keys (#12309)
As described in #12291
2019-04-15 15:59:36 +09:00