1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-02 02:21:44 +03:00
Commit Graph

544 Commits

Author SHA1 Message Date
Benjamin Berg
8feca2472c xdg-autostart-generator: Add a generator for XDG autostart files
This generator can be used by desktop environments to launch autostart
applications and services. The feature is an opt-in, triggered by
xdg-desktop-autostart.target being activated.

Also included is the new binary xdg-autostart-condition. This binary is
used as an ExecCondition to test the OnlyShowIn and NotShowIn XDG
desktop file keys. These need to be evaluated against the
XDG_CURRENT_DESKTOP environment variable which may not be known at
generation time.

Co-authored-by: Henri Chain <henri.chain@enioka.com>
2020-05-27 09:02:10 +02:00
Norbert Lange
6589a56972 dont install systemd-initctl, runlevel, telinit if no SYSV compat
systemd-initctl executable is still built.
2020-05-26 15:04:36 +02:00
Frantisek Sumsal
c56463fdb4 meson: add fuzz-tests= option
The slow-tests= option already enables fuzzers as well, however, this
option can't be used in the "fully sanitized" runs, as certain slow
tests are affected by the performance quite significantly.

This option allows us to enable only fuzzers without the slow tests to
meet the needs of such runs.
2020-05-21 16:59:40 +02:00
Evgeny Vereshchagin
8976715804 build-system: build the fuzz targets with both ASan and UBSan
Just a follow-up to https://github.com/systemd/systemd/pull/15860
2020-05-20 16:07:13 +02:00
Lennart Poettering
23769fb371 cryptsetup: split out key loading from pkcs11 code and teach search path logic
Let's do some rearrangements, so that we can later on use this to
automatically search for a key file.
2020-05-19 17:28:16 +02:00
Norbert Lange
cdf7ad38b6 allow removal of initrd services 2020-05-19 10:19:18 +02:00
Dimitri John Ledkov
6dbf352cfb meson: initialize time-epoch to reproducible builds compatible value
Debian Policy encourages to preserve timestamps whenever possible in the
tarballs, thus stable release updates of systemd usually do not bump NEWS file
timestamp. And thus time-epoch remains the same for the lifetime of a release.

It would be better, if each new stable release rebuild of systemd would bump
the time epoch a bit. But at the same time remain
reproducible. SOURCE_DATE_EPOCH is an environmnet variable defined for this
purpose. Thus if available, prefer that, instead of the NEWS file modification
time.

For example, on Debian/Ubuntu under the reproducible builds the
SOURCE_DATE_EPOCH is set to the timestamp from the packaging metadata, thus it
is incremented on every new stable release update, whilst preserving
reproducible builds capability.

Reference: https://reproducible-builds.org/docs/timestamps/
2020-05-18 08:45:01 +02:00
Zbigniew Jędrzejewski-Szmek
94c0c5b7ea shared/ethtool-util: hush gcc warnings about array bounds
[127/1355] Compiling C object 'src/shared/5afaae1@@systemd-shared-245@sta/ethtool-util.c.o'
../src/shared/ethtool-util.c: In function ‘ethtool_get_permanent_macaddr’:
../src/shared/ethtool-util.c:260:60: warning: array subscript 5 is outside the bounds of an interior zero-length array ‘__u8[0]’ {aka ‘unsigned char[]’} [-Wzero-length-bounds]
  260 |                 ret->ether_addr_octet[i] = epaddr.addr.data[i];
      |                                            ~~~~~~~~~~~~~~~~^~~
In file included from ../src/shared/ethtool-util.c:5:
../src/shared/linux/ethtool.h:704:7: note: while referencing ‘data’
  704 |  __u8 data[0];
      |       ^~~~
../src/shared/ethtool-util.c: In function ‘ethtool_set_features’:
../src/shared/ethtool-util.c:488:31: warning: array subscript 0 is outside the bounds of an interior zero-length array ‘__u32[0]’ {aka ‘unsigned int[]’} [-Wzero-length-bounds]
  488 |         len = buffer.info.data[0];
      |               ~~~~~~~~~~~~~~~~^~~
In file included from ../src/shared/ethtool-util.c:5:
../src/shared/linux/ethtool.h:631:8: note: while referencing ‘data’
  631 |  __u32 data[0];
      |        ^~~~

The kernel should not define the length of the array, but it does. We can't fix
that, so let's use a cast to avoid the warning.

For https://github.com/systemd/systemd/issues/6119#issuecomment-626073743.

v2:
- use #pragma instead of a cast. It seems the cast only works in some cases, and
  gcc is "smart" enough to see beyond the cast. Unfortunately clang does not support
  this warning, so we need to do a config check whether to try to suppress.
2020-05-11 13:57:11 +02:00
Zbigniew Jędrzejewski-Szmek
f2a8372e37
Merge pull request #15703 from poettering/homed-tweak-default-storage
homed: avoid double encryption
2020-05-08 16:57:14 +02:00
Zbigniew Jędrzejewski-Szmek
165bda37ba
Merge pull request #15718 from poettering/tmpfiles-offline
tmpfiles: read /etc/passwd + /etc/group with fgetpwent()/fgetgrent() if --root= is specified
2020-05-08 11:22:19 +02:00
Lennart Poettering
c76dd733af homed: make default storage/file system type configurable in homed.conf 2020-05-07 23:33:09 +02:00
Zbigniew Jędrzejewski-Szmek
eef4b80033 Add a basic test that the configured fallback hostname is OK
Ideally, assert_cc() would be used for this, so that it is not possible to even
compile systemd with something like '-Dfallback-hostname=.foo'. But to do a
proper check we need to call hostname_is_valid(), and we cannot depend on being
able to run code (e.g. during cross-compilation). So let's do a very superficial
check in meson, and a proper on in test-util.
2020-05-07 17:35:26 +02:00
Lennart Poettering
a3451c2c4c tmpfiles: optionally, read /etc/passwd + /etc/group without NSS
There are two libc APIs for accessing the user database: NSS/getpwuid(),
and fgetpwent(). if we run in --root= mode (i.e. "offline" mode), let's
use the latter. Otherwise the former. This means tmpfiles can use the
database included in the root environment for chowning, which is a lot
more appropriate.

Fixes: #14806
2020-05-07 16:35:20 +02:00
Zbigniew Jędrzejewski-Szmek
dd1e33c8dc meson: drop "meson-" prefix from various helper script filenames
In a few cases, the prefix was originally necessary because a different helper
script was used for automake, and a different one for meson. But now we use
meson exclusively, and the prefix isn't useful. This also synchronizes the
target name, file name, and variable name in meson.build. The targets exposed
by meson didn't have the prefix, so the user interface is unchanged.

(The prefix is retained in the few tools that are used for meson itself,
e.g. meosn-vcs-tag.sh, meson-make-symlink.sh, etc.)
2020-05-07 13:57:48 +02:00
Benjamin Robin
0454681395 meson: Do not drop warnings (unused variable) when NDEBUG is defined
This is no longer needed, since there is now no warning with NDEBUG
defined
2020-05-06 23:03:25 +02:00
Zbigniew Jędrzejewski-Szmek
ba5a389d24 Merge pull request #15473 from keszybz/bus-introspection 2020-05-06 15:00:07 +02:00
Evgeny Vereshchagin
7f3a5eb70e build-system: bring back 'nonnull'
Having taken a look at https://github.com/systemd/systemd/runs/645252074?check_suite_focus=true
where fuzz-journal-remote failed with
```
AddressSanitizer:DEADLYSIGNAL
=================================================================
==16==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f864f98948e bp 0x7ffde5c6b7c0 sp 0x7ffde5c6b560 T0)
==16==The signal is caused by a READ memory access.
==16==Hint: address points to the zero page.
SCARINESS: 10 (null-deref)
    #0 0x7f864f98948e in output_short /work/build/../../src/systemd/src/shared/logs-show.c
    #1 0x7f864f984624 in show_journal_entry /work/build/../../src/systemd/src/shared/logs-show.c:1154:15
    #2 0x7f864f984b63 in show_journal /work/build/../../src/systemd/src/shared/logs-show.c:1239:21
    #3 0x4cabab in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-journal-remote.c:67:21
    #4 0x51fd16 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15
    #5 0x51c330 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:470:3
    #6 0x523700 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__1::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/libfuzzer/FuzzerLoop.cpp:765:7
    #7 0x5246cd in fuzzer::Fuzzer::Loop(std::__1::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/libfuzzer/FuzzerLoop.cpp:792:3
    #8 0x4de3d1 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:824:6
    #9 0x4cfb47 in main /src/libfuzzer/FuzzerMain.cpp:19:10
    #10 0x7f864e69782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #11 0x41f2a8 in _start (out/fuzz-journal-remote+0x41f2a8)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /work/build/../../src/systemd/src/shared/logs-show.c in output_short
==16==ABORTING
MS: 0 ; base unit: 0000000000000000000000000000000000000000
0x44,0x3d,0xa,0x5f,0x5f,0x52,0x45,0x41,0x4c,0x54,0x49,0x4d,0x45,0x5f,0x54,0x49,0x4d,0x45,0x53,0x54,0x41,0x4d,0x50,0x3d,0x31,0xa,0xa,
D=\x0a__REALTIME_TIMESTAMP=1\x0a\x0a
artifact_prefix='./'; Test unit written to ./crash-d635b9dd31cceff3c912fd45e1a58d7e90f0ad73
Base64: RD0KX19SRUFMVElNRV9USU1FU1RBTVA9MQoK
```
I was wondering why it hadn't been caught by the compiler even though clang should have failed to compile it with
```
../src/shared/logs-show.c:624:25: warning: null passed to a callee that requires a non-null argument [-Wnonnull]
                        print_multiline(f, 4 + fieldlen + 1, 0, OUTPUT_FULL_WIDTH, 0, false,
                        ^
../src/shared/logs-show.c:161:24: note: callee declares array parameter as static here
                size_t highlight[static 2]) {
                       ^        ~~~~~~~~~~
../src/shared/logs-show.c:1239:21: warning: null passed to a callee that requires a non-null argument [-Wnonnull]
                r = show_journal_entry(f, j, mode, n_columns, flags, NULL, NULL, ellipsized);
                    ^                                                      ~~~~
../src/shared/logs-show.c:1133:30: note: callee declares array parameter as static here
                const size_t highlight[static 2],
                             ^        ~~~~~~~~~~
2 warnings generated.
```

Given that judging by https://github.com/systemd/systemd/issues/13039 it doesn't seem to be
the first time issues like that have been missed I think it would be better to turn nonnull on
and get around false positives on a case-by-case basis with DISABLE_WARNING_NONNULL .. REENABLE_WARNING

Reopens https://github.com/systemd/systemd/issues/6119
2020-05-06 09:50:57 +02:00
Zbigniew Jędrzejewski-Szmek
81e06775be meson: add man/update-dbus-docs target 2020-05-05 22:41:23 +02:00
Norbert Lange
ef5924aa31 coredump: add zstandard support for coredumps
this will hook libzstd into coredump,
using this format as default.
2020-05-04 10:59:43 +02:00
Zbigniew Jędrzejewski-Szmek
460e5af05d meson: test userdbctl and homectl --help 2020-04-28 09:56:24 +02:00
Zbigniew Jędrzejewski-Szmek
6164ec4c93 meson: modernize indentation
By using a newline after executable( and run_target(, we get less
indentation and the indentation level does not change when the returned
object is saved to a variable.
2020-04-28 09:53:51 +02:00
Jakov Smolic
f30bf4d937
Include new configure options in features list
Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
2020-04-16 10:40:31 +02:00
Jakov Smolic
dd0f79523f
Add new meson configure option for controlling systemd-analyze support
Enables building systemd without systemd-analyze, which in
return saves approx. 4 MB of space upon installing systemd.

Signed-off-by: Jakov Smolic <jakov.smolic@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
2020-04-15 17:53:43 +02:00
Zbigniew Jędrzejewski-Szmek
3614df0575 meson,resolved: make default LLMNR= and MulticastDNS= values configurable
For https://fedoraproject.org/wiki/Changes/systemd-resolved.
2020-04-15 14:37:21 +02:00
Frantisek Sumsal
15529f5cea
Merge pull request #14338 from keszybz/functional-test-rework
Functional test rework
2020-03-30 16:25:12 +02:00
Evgeny Vereshchagin
6b8d32ea7b ci: turn off FuzzBuzz
I don't think anyone uses it.
2020-03-30 14:57:22 +02:00
Zbigniew Jędrzejewski-Szmek
e2d612a8e4 meson: use find_program() for add-git-hook.sh
On azure systemd.systemd ci, the build would fail with:
meson.build:53:0: ERROR: Program or command '/home/appuser/fuzzer/tools/add-git-hook.sh' not found or not executable

We use find_program() for all helpers, so let's do it for this one too.
This should solve the issue, whatever it exactly is.
2020-03-28 12:37:28 +01:00
Zbigniew Jędrzejewski-Szmek
e29e4d5742 test: convert TEST-45 to a normal meson test
On my laptop, it now takes 0.23 s. We don't need the overhead of creating
an image and spawning a machine to mangle a file in /tmp.
2020-03-28 11:50:38 +01:00
Zbigniew Jędrzejewski-Szmek
fbaa11372b test: convert TEST-35-NETWORK-GENERATOR into a unit test 2020-03-28 11:46:48 +01:00
Zbigniew Jędrzejewski-Szmek
96d33e4ac0 Rename _PATH variables to _DIR when they refer to a directory
We were very inconsistent in this, but in general _PATH signifies
a search path (separated with :), and _DIR signifies a single directory.
2020-03-27 20:12:45 +01:00
Zbigniew Jędrzejewski-Szmek
b6261be84d meson: report -Dinstall-tests in summary 2020-03-22 10:22:42 +01:00
Florian Klink
f14266c843 meson.build: drop unused SYSTEMD_SLEEP_BINARY_PATH
seems usage was dropped in ddcbc87378.
2020-03-09 14:52:30 +01:00
Robert Scheck
fd74a13e85 timesync, meson: allow statically linked build
Build option "link-timesyncd-shared" to build a statically linked
systemd-timesyncd by using

  -Dlink-udev-shared=false -Dlink-timesyncd-shared=false

on systems with full systemd stack except systemd-timesyncd, such
as RHEL/CentOS 8.
2020-03-04 10:46:10 +01:00
Zbigniew Jędrzejewski-Szmek
6ffeca8c8f meson: explain GIT_VERSION and PROJECT_VERSION
Fixes #11415.
2020-02-28 16:54:33 +01:00
Zbigniew Jędrzejewski-Szmek
384db814ee meson: bump version numbers for v245 2020-02-05 10:20:56 +01:00
Zbigniew Jędrzejewski-Szmek
ce4121c6ff meson: update efi path detection to gnu-efi-3.0.11
Fixes systemd build in Fedora rawhide.

The old ldsdir option is not useful, because both the directory and the
file name changed. Let's remove the option and try to autodetect the file
name. If this turns out to be not enough, a new option to simply specify
the full path to the file can be added.

F31:
         efi arch:                          x86_64
         EFI machine type:                  x64
         EFI CC                             ccache cc
         EFI lds:                           /usr/lib64/gnuefi/elf_x64_efi.lds
         EFI crt0:                          /usr/lib64/gnuefi/crt0-efi-x64.o
         EFI include directory:             /usr/include/efi
F32:
         efi arch:                          x86_64
         EFI machine type:                  x64
         EFI CC                             ccache cc
         EFI lds:                           /usr/lib/gnuefi/x64/efi.lds
         EFI crt0:                          /usr/lib/gnuefi/x64/crt0.o
         EFI include directory:             /usr/include/efi
2020-02-04 23:43:21 +09:00
Yu Watanabe
60d0a5098b util: uid_t, gid_t, and pid_t must be 32bit
We already have assert_cc(sizeof(uid_t) == sizeof(uint32_t)) or friends
at various places.
2020-02-02 17:13:08 +01:00
Yu Watanabe
c757517d98 meson: fix feature list 2020-02-02 17:09:28 +01:00
Yu Watanabe
af06ddf51a meson, man: do not install pam_systemd_home(8) when pam or homed is disabled
Fixes #14725.
2020-02-01 12:13:45 +01:00
Lennart Poettering
26cf9fb7f8 home: add pam_systemd_home.so PAM hookup
In a way fixes: https://bugs.freedesktop.org/show_bug.cgi?id=67474
2020-01-28 22:36:41 +01:00
Lennart Poettering
4aa0a8ac3e home: add homectl client tool 2020-01-28 22:36:30 +01:00
Lennart Poettering
70a5db5822 home: add new systemd-homed service that can manage LUKS homes
Fixes more or less: https://bugs.freedesktop.org/show_bug.cgi?id=67474
2020-01-28 22:36:07 +01:00
Lennart Poettering
e594a3b154 repart: add new systemd-repart tool
Fixes: #14052
2020-01-20 17:42:03 +01:00
Zbigniew Jędrzejewski-Szmek
cdc6804b60 units: drop full paths for utilities in $PATH
This makes things a bit simpler and the build a bit faster, because we don't
have to rewrite files to do the trivial substitution. @rootbindir@ is always in
our internal $PATH that we use for non-absolute paths, so there should be no
functional change.
2020-01-20 16:50:16 +01:00
Lennart Poettering
1684c56f40 nss: hook up nss-systemd with userdb varlink bits
This changes nss-systemd to use the new varlink user/group APIs for
looking up everything.

(This also changes the factory /etc/nsswitch.conf line to use for
hooking up nss-system to use glibc's [SUCCESS=merge] feature so that we
can properly merge group membership lists).

Fixes: #12492
2020-01-15 15:29:07 +01:00
Lennart Poettering
1604937f83 userdbd: add userdbctl tool as client for userdbd 2020-01-15 15:28:42 +01:00
Lennart Poettering
d093b62c94 userdbd: add new service that can merge userdb queries from multiple clients 2020-01-15 15:28:17 +01:00
Zbigniew Jędrzejewski-Szmek
5425f8a57c Revert "docs: rename HACKING → Hacking"
This reverts commit 8c5cd27dd1.
2020-01-15 13:45:04 +01:00
Zbigniew Jędrzejewski-Szmek
8c5cd27dd1 docs: rename HACKING → Hacking
Let's see if this works at all.
2020-01-15 12:38:12 +01:00
Robert Scheck
5ac8b50d58 network, meson: allow statically linked build
Build option "link-networkd-shared" to build a statically linked
systemd-networkd by using

  -Dlink-udev-shared=false -Dlink-networkd-shared=false

on systems with full systemd stack except systemd-networkd, such
as RHEL/CentOS 8.
2020-01-08 09:50:32 +01:00
Lennart Poettering
086697094e cryptsetup: add native pkcs#11 support to cryptsetup
This adds a new crypttab option for volumes "pkcs11-uri=" which takes a
PKCS#11 URI. When used the key stored in the line's key file is
decrypted with the private key the PKCS#11 URI indiciates.

This means any smartcard that can store private RSA keys is usable for
unlocking LUKS devices.
2019-12-09 19:25:25 +01:00
Lennart Poettering
839fddbe50 shared: add pkcs11-util.[ch] 2019-12-09 19:25:25 +01:00
Lennart Poettering
5ead4e85f6 missing: add rt_sigqueueinfo() syscall definition
This is not a new system call at all (since kernel 2.2), however it's
not exposed in glibc (a wrapper is exposed however in sigqueue(), but it
substantially simplifies the system call). Since we want a nice fallback
for sending signals on non-pidfd systems for pidfd_send_signal() let's
wrap rt_sigqueueinfo() since it takes the same siginfo_t parameter.
2019-12-04 10:34:03 +01:00
Lennart Poettering
5f152f43d0 missing: define new pidfd syscalls 2019-12-04 10:33:41 +01:00
Zbigniew Jędrzejewski-Szmek
78af8a798a meson: bump version numbers for v244 2019-11-22 14:41:10 +01:00
Zbigniew Jędrzejewski-Szmek
62d3999518 meson: add target to update the chromiumos rules
There is no change in the file right now, but the download seems to work
OK.

It's funny that the biggest company in the world cannot provide a
download link in plain text.
2019-11-15 11:36:59 +01:00
Zbigniew Jędrzejewski-Szmek
67f5b9e06e
Merge pull request #14003 from keszybz/user-path-configurable
meson: make user $PATH configurable
2019-11-14 10:08:40 +01:00
Zbigniew Jędrzejewski-Szmek
5bc655cd20 meson: avoid ternary op in .format()
meson 0.49 can't parse that for some reason. I'm keeping this separate so it
can be reverted easily when we bump required meson version.
2019-11-13 22:34:33 +01:00
Zbigniew Jędrzejewski-Szmek
3602ca6f0c meson: make user $PATH configurable
This partially reverts db11487d10 (the logic to
calculate the correct value is removed, we always use the same setting as for
the system manager). Distributions have an easy mechanism to override this if
they wish.

I think making this configurable is better, because different distros clearly
want different defaults here, and making this configurable is nice and clean.
If we don't make it configurable, distros which either have to carry patches,
or what would be worse, rely on some other configuration mechanism, like
/etc/profile. Those other solutions do not apply everywhere (they usually
require the shell to be used at some point), so it is better if we provide
a nice way to override the default.

Fixes  #13469.
2019-11-13 22:34:14 +01:00
Zbigniew Jędrzejewski-Szmek
e9f4f5667d meson: apply our -Wno-* options also in c++ calls
We compile some c++ code for tests. We would simply use the default options for
those. When the previous commit raised the default warning level, we started
getting warnings from c++ code. Let's add the most important options to the c++
command, so that we get a compilation without any warnings again.

I don't think it makes sense to add *all* the options that we add for c to the
c++ flags, because testing them takes quite a while, and the c++ compilations
are for small amounts of code, mostly to check that the headers have compatible
syntax.
2019-11-12 09:23:31 +01:00
Zbigniew Jędrzejewski-Szmek
827ca90986 meson: use warning_level=2 by default
Let's bump up the warning level, and not add by -Wextra by hand. This is the
approach recommended by meson. The idea is that all projects should be as
similar as possible to make it easier for users to switch between projects.
2019-11-12 09:23:31 +01:00
Yu Watanabe
737f140546 network: cleanup header inclusion 2019-10-30 22:23:43 +09:00
Iwan Timmer
38e053c58f resolved: require at least version 3.6.0 of GnuTLS for DNS-over-TLS
Increase the required version to ensure TLS 1.3 is always supported when using GnuTLS for DNS-over-TLS and allow further changes to use recent API additions.
2019-10-29 20:26:05 +01:00
Anita Zhang
7bc9ea513a meson: expand ternary in functions to if statements
Per https://github.com/mesonbuild/meson/issues/5003, ternary doesn't
always work as function args with older versions of meson.
Expand out ternary statements to stay compatible with older versions (< 0.49).
2019-10-26 11:15:56 +02:00
Zbigniew Jędrzejewski-Szmek
21d0dd5a89 meson: allow WatchdogSec= in services to be configured
As discussed on systemd-devel [1], in Fedora we get lots of abrt reports
about the watchdog firing [2], but 100% of them seem to be caused by resource
starvation in the machine, and never actual deadlocks in the services being
monitored. Killing the services not only does not improve anything, but it
makes the resource starvation worse, because the service needs cycles to restart,
and coredump processing is also fairly expensive. This adds a configuration option
to allow the value to be changed. If the setting is not set, there is no change.

My plan is to set it to some ridiculusly high value, maybe 1h, to catch cases
where a service is actually hanging.

[1] https://lists.freedesktop.org/archives/systemd-devel/2019-October/043618.html
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1300212
2019-10-25 17:20:24 +02:00
Zbigniew Jędrzejewski-Szmek
4f10b80786 Rename udev's hwdb/ to hwdb.d/
As in the parent commit, this makes the name consistent with the
rest of the source tree and the actuall installation path.
2019-10-10 00:53:09 +01:00
Zbigniew Jędrzejewski-Szmek
ef2ad30aee Rename udev's rules/ to rules.d/
This change is only about the source tree. We have tmpfiles.d/, modprobe.d/,
sysctl.d/, and sysusers.d/, but for historical reasons, rules/ didn't fit this
pattern. We also *install* it as rules.d/. Let's rename to be consistent.
2019-10-10 00:53:09 +01:00
Mario Limonciello
b61d777abe rules: Add automatic suspend udev rules
The ChromeOS ecosystem has a large amount of testing, both automated
and manual across devices including measurement of power regressions.

It's safe to assume that any of these devices will handle USB
auto-suspend appropriately.  Use the script from ChromeOS
https://chromium.googlesource.com/chromiumos/platform2/+/master/power_manager/udev/gen_autosuspend_rules.py
to generate udev rules at build time.

This script in systemd `tools/chromeos/gen_autosuspend_rules.py` should be kept
in sync with the ChromeOS version of the script.

Manually added autosuspend devices should be placed in the new
template `rules/61-autosuspend-manual.rules`

Suggested-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Mario Limonciello <mario.limonciello@dell.com>
2019-10-04 08:57:29 +02:00
Norbert Lange
68e70ac2b2 fix build with compilers with default stack-protector enabled
building systemd fails with a compiler that supports
-fstack-protector but does not enable it by default.
(will miss several __stack_chk_* symbols).

fix this by also adding the switch during linking.

Signed-off-by: Norbert Lange <nolange79@gmail.com>
2019-10-03 12:19:29 +02:00
Jay Strict
d90874b4e2 cryptsetup: bump minimum libcryptsetup version to v2.0.1
libcryptsetup v2.0.1 introduced new API calls, supporting 64 bit wide
integers for `keyfile_offset`. This change invokes the new function
call, gets rid of the warning that was added in #7689, and removes
redundant #ifdefery and constant definitions.
See https://gitlab.com/cryptsetup/cryptsetup/issues/359.

Fixes #7677.
2019-10-01 13:34:06 +02:00
Lennart Poettering
733cbd00b0 netlink: move local-addresses.[ch] to src/shared
This code is not part of the public API of sd-netlink, nor used by it
internally and hence should not be in the sd-netlink directory.

Also, move the test case for it to src/test/.
2019-07-24 09:06:50 +02:00
Lennart Poettering
1899985645 meson: bump version for package and .so 2019-07-23 15:56:41 +02:00
Zbigniew Jędrzejewski-Szmek
e5ea741c62 timesyncd: add ntp-units.d/ entry for timesync
Priority is 80. At least in Fedora, chrony uses 50, and ntpd 60.
timesyncd has lower priority, because if people install those other packages,
it's most likely on purpose. timesyncd is always installed and provides
less functionality.
2019-07-22 15:21:23 +02:00
Yu Watanabe
3f708e7f69 meson: drop redundant line
Found by @mattiasb.
2019-07-22 14:10:02 +09:00
Eric DeVolder
9b4abc69b2 pstore: Tool to archive contents of pstore
This patch introduces the systemd pstore service which will archive the
contents of the Linux persistent storage filesystem, pstore, to other storage,
thus preserving the existing information contained in the pstore, and clearing
pstore storage for future error events.

Linux provides a persistent storage file system, pstore[1], that can store
error records when the kernel dies (or reboots or powers-off). These records in
turn can be referenced to debug kernel problems (currently the kernel stuffs
the tail of the dmesg, which also contains a stack backtrace, into pstore).

The pstore file system supports a variety of backends that map onto persistent
storage, such as the ACPI ERST[2, Section 18.5 Error Serialization] and UEFI
variables[3 Appendix N Common Platform Error Record]. The pstore backends
typically offer a relatively small amount of persistent storage, e.g. 64KiB,
which can quickly fill up and thus prevent subsequent kernel crashes from
recording errors. Thus there is a need to monitor and extract the pstore
contents so that future kernel problems can also record information in the
pstore.

The pstore service is independent of the kdump service. In cloud environments
specifically, host and guest filesystems are on remote filesystems (eg. iSCSI
or NFS), thus kdump relies [implicitly and/or explicitly] upon proper operation
of networking software *and* hardware *and* infrastructure.  Thus it may not be
possible to capture a kernel coredump to a file since writes over the network
may not be possible.

The pstore backend, on the other hand, is completely local and provides a path
to store error records which will survive a reboot and aid in post-mortem
debugging.

Usage Notes:
This tool moves files from /sys/fs/pstore into /var/lib/systemd/pstore.

To enable kernel recording of error records into pstore, one must either pass
crash_kexec_post_notifiers[4] to the kernel command line or enable via 'echo Y
 > /sys/module/kernel/parameters/crash_kexec_post_notifiers'. This option
invokes the recording of errors into pstore *before* an attempt to kexec/kdump
on a kernel crash.

Optionally, to record reboots and shutdowns in the pstore, one can either pass
the printk.always_kmsg_dump[4] to the kernel command line or enable via 'echo Y >
/sys/module/printk/parameters/always_kmsg_dump'. This option enables code on the
shutdown path to record information via pstore.

This pstore service is a oneshot service. When run, the service invokes
systemd-pstore which is a tool that performs the following:
 - reads the pstore.conf configuration file
 - collects the lists of files in the pstore (eg. /sys/fs/pstore)
 - for certain file types (eg. dmesg) a handler is invoked
 - for all other files, the file is moved from pstore

 - In the case of dmesg handler, final processing occurs as such:
   - files processed in reverse lexigraphical order to faciliate
     reconstruction of original dmesg
   - the filename is examined to determine which dmesg it is a part
   - the file is appended to the reconstructed dmesg

For example, the following pstore contents:

 root@vm356:~# ls -al /sys/fs/pstore
 total 0
 drwxr-x--- 2 root root    0 May  9 09:50 .
 drwxr-xr-x 7 root root    0 May  9 09:50 ..
 -r--r--r-- 1 root root 1610 May  9 09:49 dmesg-efi-155741337601001
 -r--r--r-- 1 root root 1778 May  9 09:49 dmesg-efi-155741337602001
 -r--r--r-- 1 root root 1726 May  9 09:49 dmesg-efi-155741337603001
 -r--r--r-- 1 root root 1746 May  9 09:49 dmesg-efi-155741337604001
 -r--r--r-- 1 root root 1686 May  9 09:49 dmesg-efi-155741337605001
 -r--r--r-- 1 root root 1690 May  9 09:49 dmesg-efi-155741337606001
 -r--r--r-- 1 root root 1775 May  9 09:49 dmesg-efi-155741337607001
 -r--r--r-- 1 root root 1811 May  9 09:49 dmesg-efi-155741337608001
 -r--r--r-- 1 root root 1817 May  9 09:49 dmesg-efi-155741337609001
 -r--r--r-- 1 root root 1795 May  9 09:49 dmesg-efi-155741337710001
 -r--r--r-- 1 root root 1770 May  9 09:49 dmesg-efi-155741337711001
 -r--r--r-- 1 root root 1796 May  9 09:49 dmesg-efi-155741337712001
 -r--r--r-- 1 root root 1787 May  9 09:49 dmesg-efi-155741337713001
 -r--r--r-- 1 root root 1808 May  9 09:49 dmesg-efi-155741337714001
 -r--r--r-- 1 root root 1754 May  9 09:49 dmesg-efi-155741337715001

results in the following:

 root@vm356:~# ls -al /var/lib/systemd/pstore/155741337/
 total 92
 drwxr-xr-x 2 root root  4096 May  9 09:50 .
 drwxr-xr-x 4 root root    40 May  9 09:50 ..
 -rw-r--r-- 1 root root  1610 May  9 09:50 dmesg-efi-155741337601001
 -rw-r--r-- 1 root root  1778 May  9 09:50 dmesg-efi-155741337602001
 -rw-r--r-- 1 root root  1726 May  9 09:50 dmesg-efi-155741337603001
 -rw-r--r-- 1 root root  1746 May  9 09:50 dmesg-efi-155741337604001
 -rw-r--r-- 1 root root  1686 May  9 09:50 dmesg-efi-155741337605001
 -rw-r--r-- 1 root root  1690 May  9 09:50 dmesg-efi-155741337606001
 -rw-r--r-- 1 root root  1775 May  9 09:50 dmesg-efi-155741337607001
 -rw-r--r-- 1 root root  1811 May  9 09:50 dmesg-efi-155741337608001
 -rw-r--r-- 1 root root  1817 May  9 09:50 dmesg-efi-155741337609001
 -rw-r--r-- 1 root root  1795 May  9 09:50 dmesg-efi-155741337710001
 -rw-r--r-- 1 root root  1770 May  9 09:50 dmesg-efi-155741337711001
 -rw-r--r-- 1 root root  1796 May  9 09:50 dmesg-efi-155741337712001
 -rw-r--r-- 1 root root  1787 May  9 09:50 dmesg-efi-155741337713001
 -rw-r--r-- 1 root root  1808 May  9 09:50 dmesg-efi-155741337714001
 -rw-r--r-- 1 root root  1754 May  9 09:50 dmesg-efi-155741337715001
 -rw-r--r-- 1 root root 26754 May  9 09:50 dmesg.txt

where dmesg.txt is reconstructed from the group of related
dmesg-efi-155741337* files.

Configuration file:
The pstore.conf configuration file has four settings, described below.
 - Storage : one of "none", "external", or "journal". With "none", this
   tool leaves the contents of pstore untouched. With "external", the
   contents of the pstore are moved into the /var/lib/systemd/pstore,
   as well as logged into the journal.  With "journal", the contents of
   the pstore are recorded only in the systemd journal. The default is
   "external".
 - Unlink : is a boolean. When "true", the default, then files in the
   pstore are removed once processed. When "false", processing of the
   pstore occurs normally, but the pstore files remain.

References:
[1] "Persistent storage for a kernel's dying breath",
    March 23, 2011.
    https://lwn.net/Articles/434821/

[2] "Advanced Configuration and Power Interface Specification",
    version 6.2, May 2017.
    https://www.uefi.org/sites/default/files/resources/ACPI_6_2.pdf

[3] "Unified Extensible Firmware Interface Specification",
    version 2.8, March 2019.
    https://uefi.org/sites/default/files/resources/UEFI_Spec_2_8_final.pdf

[4] "The kernel’s command-line parameters",
    https://static.lwn.net/kerneldoc/admin-guide/kernel-parameters.html
2019-07-19 21:46:07 +02:00
Michael Biebl
6db904625d meson: make nologin path build time configurable
Some distros install nologin as /usr/sbin/nologin, others as
/sbin/nologin.
Since we can't really on merged-usr everywhere (where the path wouldn't
matter), make the path build time configurable via -Dnologin-path=.

Closes #13028
2019-07-18 12:46:35 +02:00
Yu Watanabe
426c1d3852 network-generator: introduce new tool systemd-network-generator
The new tool parses dracut's command line options and generates
relevant .network, .netdev, and .link files.
2019-07-14 09:37:15 +09:00
Lennart Poettering
261e7d9270
Merge pull request #12755 from keszybz/short-identifiers
Allow using unit names in status messages
2019-07-11 00:00:51 +02:00
Lennart Poettering
08945b59d1
Merge pull request #12926 from keszybz/urlify-logs
Urlify CONFIG_FILE and improve SYSTEMD_LOG_LOCATION
2019-07-11 00:00:34 +02:00
Zbigniew Jędrzejewski-Szmek
91b08bb00f boot,shared: share the definitions of EFI_LOADER_FEATURE macros
This means the the code needs to be kept compatible in the shared header,
but I think that still nicer than having two places to declare the same
things.

I added src/boot to -I, so that efi/foo.h needs to be used. This reduces
the potential for accidentally including the wrong header.
2019-07-10 14:59:48 +02:00
Zbigniew Jędrzejewski-Szmek
36cf45078c Add config and kernel commandline option to use short identifiers
No functional change, just docs and configuration and parsing.

v2:
- change ShortIdentifiers=yes|no to StatusUnitFormat=name|description.
2019-07-10 13:35:26 +02:00
Zbigniew Jędrzejewski-Szmek
a0b15b4177 basic/log: add a define for path relative to source root
When using build/ directory inside of the source directory:
__FILE__: ../src/test/test-log.c
RELATIVE_SOURCE_PATH: ..
PROJECT_FILE: src/test/test-log.c

When using a build directory outside of the source directory:
__FILE__: ../../../home/zbyszek/src/systemd-work/src/test/test-log.c
RELATIVE_SOURCE_PATH: ../../../home/zbyszek/src/systemd-work
PROJECT_FILE: src/test/test-log.c
2019-07-04 10:27:19 +02:00
Zbigniew Jędrzejewski-Szmek
29c7680ec9 meson: drop varlogdir variable
It was only used for exactly one thing: to substitute in the text in
/var/log/README. But it's use there was completely wrong, because the text
talks about "missing" log files from syslog, so even if we configured systemd
to log to a different directory, the "missing" log files would still be
"missing" from the old location.
2019-07-04 10:16:48 +02:00
Jan Synacek
93912e872f debug-generator: enable custom systemd.debug_shell tty 2019-07-02 09:51:27 +02:00
Yu Watanabe
1b9313991b meson: default to use libidn2 if both libidn2 and libidn are installed 2019-06-29 03:13:36 +09:00
Yu Watanabe
6c092dbe43 meson: drop unused debug option 2019-06-29 03:06:11 +09:00
Michal Sekletar
b070c7c0e1 core: introduce NUMAPolicy and NUMAMask options
Make possible to set NUMA allocation policy for manager. Manager's
policy is by default inherited to all forked off processes. However, it
is possible to override the policy on per-service basis. Currently we
support, these policies: default, prefer, bind, interleave, local.
See man 2 set_mempolicy for details on each policy.

Overall NUMA policy actually consists of two parts. Policy itself and
bitmask representing NUMA nodes where is policy effective. Node mask can
be specified using related option, NUMAMask. Default mask can be
overwritten on per-service level.
2019-06-24 16:58:54 +02:00
Iwan Timmer
4310bfc20b resolved: add strict mode for DNS-over-TLS
Add strict mode for DNS-over-TLS, which will require TLS support from the server. Closes #10755
2019-06-19 13:10:44 +02:00
Yu Watanabe
b349bc59e4 meson: fix error message 2019-06-17 07:44:18 +02:00
Michael Biebl
4450894653 Drop support for /usr/sbin/halt.local
/usr/sbin/halt.local is a Fedora/Red Hat anachronism from pre-systemd
times.
2019-05-23 10:19:01 +02:00
Yu Watanabe
d7c5b3ec3e
Merge pull request #12510 from keszybz/test-directives
test: run check-directives.sh as part of the test suite
2019-05-21 08:35:10 +09:00
Yu Watanabe
3041250a9f
Merge pull request #12519 from keszybz/man-on-demand
Build man pages on demand only
2019-05-21 08:25:26 +09:00
Zbigniew Jędrzejewski-Szmek
c6448ee39e test: run check-directives.sh as part of the test suite 2019-05-20 15:44:31 +02:00
Evgeny Vereshchagin
9c5c4677fa fuzzers: use -fsanitizer=fuzzer if clang supports it
Closes https://github.com/systemd/systemd/issues/10645
2019-05-14 13:42:17 +02:00
Zbigniew Jędrzejewski-Szmek
e9bbff18e1 meson: add build/man/man and build/man/html to build and display pages
Man page generation is generally very slow. I prefer to use -Dman=false when
developing systemd, and only build specific pages when introducing changes.
Those two little helper tools make it easy:

$ build/man/man systemd.link
$ build/man/html systemd.link

will show systemd.link.8 and systemd.link.html from the build directory build/.
2019-05-09 18:17:28 +02:00
Lennart Poettering
fd0a16d8a5
Merge pull request #11887 from evverx/fuzzbuzz
tests: hook up fuzz targets to FuzzBuzz
2019-05-08 12:40:03 +02:00
Evgeny Vereshchagin
87ac55a129 tests: hook up fuzz targets to FuzzBuzz 2019-05-07 21:39:01 +00:00
Zbigniew Jędrzejewski-Szmek
6695c200bd shared/utmp-wtmp: silence gcc warning about strncpy truncation
Unfortunately the warning must be known, or otherwise the pragma generates a
warning or an error. So let's do a meson check for it.

Is it worth doing this to silence the warning? I think so, because apparently
the warning was already emitted by gcc-8.1, and with the recent push in gcc to
catch more such cases, we'll most likely only get more of those.
2019-05-07 21:05:26 +02:00
Lennart Poettering
adb7b782f8
Merge pull request #12218 from keszybz/use-libmount-more
Use libmount more
2019-04-30 19:44:17 +02:00
Ben Boeckel
5238e95759 codespell: fix spelling errors 2019-04-29 16:47:18 +02:00