1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

44925 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
e0c17a7d1b bus-message: fix negative offset with ~empty message
In the linked reproducer, m->fields_size == 0, and we calculate ri == -1, which
of course doesn't end well. Skip the whole calculation if m->fields_size == 0,
and also check that we don't go negative even if it is non-zero.

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19446 and #15583.
2020-05-20 09:33:54 +02:00
Lennart Poettering
550c8784c5 udev: when random MACs are requested, generate them with genuine randomness
This is a security feature, and we thus shouldn't derive the random MACs
from a potentially guessable source. MAC addresses are after all facing
to the outside, and can be interacted with from untrusted environments.
Hence, let's generate them the same way as we generate UUIDs: from
getrandom() or /dev/urandom, and optionally with RDRAND if that's
supported.

RDRAND should be fine, since this is not cryptographic key material, but
ultimately public information. We just want to make sure conflicts are
not likely.

Previously we'd generate the MACs via rand(), which means given the
short seed they are a little bit too guessable, making collisions too
likely. See #14355 in particular.

Fixes: #14355

(Note that #14355 was already fixed by
a0f11d1d11, but I think we should do
better even, and not rely on rand() and uninitialized random pools)
2020-05-20 08:25:18 +02:00
Susant Sahani
2d3adfa6c4 DHCPv6: MUD URL lengh - use UINT8_MAX instead of 255 2020-05-20 07:59:01 +02:00
Susant Sahani
ed0d1b2e99 network: DHCPv6 - Add support to send vendor class information
Frame 1: 177 bytes on wire (1416 bits), 177 bytes captured (1416 bits) on interface veth-peer, id 0
Ethernet II, Src: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4), Dst: IPv6mcast_01:00:02 (33:33:00:01:00:02)
Internet Protocol Version 6, Src: fe80::1c04:f8ff:feb8:2fd4, Dst: ff02::1:2
User Datagram Protocol, Src Port: 546, Dst Port: 547
DHCPv6
    Message type: Solicit (1)
    Transaction ID: 0x5ca46b
    Rapid Commit
    Identity Association for Non-temporary Address
    Fully Qualified Domain Name
    Vendor Class
        Option: Vendor Class (16)
        Length: 23
        Value: 0000ab11000048656c6c6f3a686f773a6172653a796f75
        Enterprise ID: Tom Gundersen (systemd) (43793)
        vendor-class-data: Hello:how:are:you
    Identity Association for Prefix Delegation
    Option Request
    Client Identifier
    Elapsed time
2020-05-20 07:58:03 +02:00
Susant Sahani
73c8ced784 sd-network: DHCPv6 - Add support to send vendor class data
```
21.16.  Vendor Class Option

   This option is used by a client to identify the vendor that
   manufactured the hardware on which the client is running.  The
   information contained in the data area of this option is contained in
   one or more opaque fields that identify details of the hardware
   configuration.  The format of the Vendor Class option is:

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |      OPTION_VENDOR_CLASS      |           option-len          |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                       enterprise-number                       |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      .                                                               .
      .                       vendor-class-data                       .
      .                             . . .                             .
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                   Figure 28: Vendor Class Option Format

      option-code          OPTION_VENDOR_CLASS (16).

      option-len           4 + length of vendor-class-data field.

      enterprise-number    The vendor's registered Enterprise Number as
                           maintained by IANA [IANA-PEN].  A 4-octet
                           field containing an unsigned integer.

      vendor-class-data    The hardware configuration of the node on
                           which the client is running.  A
                           variable-length field (4 octets less than the
                           value in the option-len field).

   The vendor-class-data field is composed of a series of separate
   items, each of which describes some characteristic of the client's
   hardware configuration.  Examples of vendor-class-data instances
   might include the version of the operating system the client is
   running or the amount of memory installed on the client.

   Each instance of vendor-class-data is formatted as follows:

      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+
      |       vendor-class-len        |          opaque-data          |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+

               Figure 29: Format of vendor-class-data Field

   The vendor-class-len field is 2 octets long and specifies the length
   of the opaque vendor-class-data in network byte order.

   Servers and clients MUST NOT include more than one instance of
   OPTION_VENDOR_CLASS with the same Enterprise Number.  Each instance
   of OPTION_VENDOR_CLASS can carry multiple vendor-class-data
   instances.
   ```
2020-05-20 07:52:19 +02:00
Susant Sahani
d6463307e0 network: DHCPv4- Allow to set DHCP lease lifetime 2020-05-20 06:32:26 +02:00
Susant Sahani
4c0b8d563d sd-dhcpv4: Allow to configure lease lifetime 2020-05-20 06:30:05 +02:00
Lennart Poettering
e945dd9eed pam_systemd: clean up success path
Let's make sure we always apply the process properties from the user
record, in all our three successful paths:

1. when we register a regular session
2. when we run for the systemd --user session
3. when we have no logind (but might still have complex user records
   from elsewhere) and thus exit early
2020-05-20 00:47:37 +02:00
Lennart Poettering
764ae4dd51 man_systemd_home: intrdouce SYSTEMD_HOME_SUSPEND env var
This variable is read by the module and can be used instead of the
suspend= PAM module parameter.

It is also set for the session itself to make debugging easy.
2020-05-20 00:47:37 +02:00
Lennart Poettering
d08a6ec39c update TODO 2020-05-19 19:58:26 +02:00
Zbigniew Jędrzejewski-Szmek
1c3232e4a4
Merge pull request #15482 from ssahani/dhcpv6-userclass
network: DHCPv6 Introduce  user class
2020-05-19 19:38:06 +02:00
Michal Koutný
38fee61952 systemctl: Fix frozen state coloring
When unit is in an unhighlighted state, freezer coloring won't be turned off
(active_off is empty) until the end of the TTY output.
2020-05-19 19:35:36 +02:00
Lennart Poettering
d31dda5e95
Merge pull request #15637 from poettering/cryptsetup-literal
a number of cryptsetup fixes and additions
2020-05-19 19:28:42 +02:00
Lennart Poettering
6e41f4dd91 man: document the newly acquired cryptsetup features 2020-05-19 17:28:47 +02:00
Lennart Poettering
4eb08bdb71 cryptsetup: fix minor indentation issue 2020-05-19 17:28:43 +02:00
Lennart Poettering
0ba6f85ed3 cryptsetup: optionally, see if empty password works for unlocking the file system
This adds a new switch try-empty-password. If set and none of PKCS#11 or
key files work, it is attempted to unlock the volume with an empty
password, before the user is asked for a password.

Usecase: an installer generates an OS image on one system, which is the
booted up for the first time in a possibly different system. The image
is encrypted using a random volume key, but an empty password. A tool
that runs on first boot then queries the user for a password to set or
enrols the volume in the TPM, removing the empty password. (Of course, in
such a scenario it is important to never reuse the installer image on
multiple systems as they all will have the same volume key, but that's a
different question.)
2020-05-19 17:28:40 +02:00
Lennart Poettering
2424fb7e7b cryptsetup: fix minor memory leak 2020-05-19 17:28:36 +02:00
Lennart Poettering
c6b1d7d1da cryptsetup: also check for /dev/hwrng as random device node 2020-05-19 17:28:33 +02:00
Lennart Poettering
cb6c9283b5 cryptsetup: make sure to return EAGAIN on wrong tcrypt password too
Only then we'll try again to ask the user for a password.

Fixes: #12152
2020-05-19 17:28:29 +02:00
Lennart Poettering
7407f68980 cryptsetup: automatically load luks keys off disk
Let's make loading of keys a bit more automatic and define a common
place where key files can be placed. Specifically, whenever a volume of
name "foo" is attempted, search for a key file in
/etc/cryptsetup-keys.d/foo.key and /run/cryptsetup-keys.d/foo.key,
unless a key file is declared explicitly.

With this scheme we have a simple discovery in place that should make it
more straightfoward wher to place keys, and requires no explicit
configuration to be used.
2020-05-19 17:28:25 +02:00
Lennart Poettering
23769fb371 cryptsetup: split out key loading from pkcs11 code and teach search path logic
Let's do some rearrangements, so that we can later on use this to
automatically search for a key file.
2020-05-19 17:28:16 +02:00
Lennart Poettering
d3d49e7649 cryptsetup: optionally remove key file after use
This is useful when the key file is acquired dynamically in some form
and should be erased after use.

Note that this code tries to be robust, and removes the key file both on
success and on failure.
2020-05-19 17:28:13 +02:00
Lennart Poettering
8ced40c09b cryptsetup: catch up with debian crypttab options a bit
Support some aliases Debian added, and drop some options that Debian
dropped from our list of unsupported options.
2020-05-19 17:28:09 +02:00
Lennart Poettering
053e0626db fs-util: teach unlinkat_deallocate() a simple scheme for overwriting for erasing
With that it becomes useful for deleting password files and such.
2020-05-19 17:27:13 +02:00
Lennart Poettering
1d06deba0f
Merge pull request #15845 from poettering/btrfs-encrypted-fix
make path_is_encrypted() test pass on btrfs inside container
2020-05-19 17:15:22 +02:00
Zbigniew Jędrzejewski-Szmek
2946d46355
Merge pull request #15843 from poettering/busctl-duplicate-tweaks
busctl: improve log messages on duplicate members or interfaces
2020-05-19 16:33:46 +02:00
Lennart Poettering
f12465466d
Merge pull request #15848 from keszybz/small-doc-tweaks
A few tweaks to docs
2020-05-19 16:29:58 +02:00
Zbigniew Jędrzejewski-Szmek
70fcda8562 NEWS: retroactively document Family=
Requested in https://github.com/systemd/systemd/issues/13233#issuecomment-630800112.
2020-05-19 16:21:52 +02:00
Franck Bui
b406c6d128 pid1: make manager_deserialize_{uid,gid}_refs() static
No functional change.
2020-05-19 15:48:54 +02:00
Franck Bui
80f605c807 pid1: make manager_serialize_{uid,gid}_refs() static
No functional change.
2020-05-19 15:48:54 +02:00
Franck Bui
06a4eb0737 pid1: make manager_vacuum_{uid,gid}_refs() static
No functional change.
2020-05-19 15:48:54 +02:00
Franck Bui
1addc46c8c pid1: make manager_flip_auto_status() static
No functional change.
2020-05-19 15:48:54 +02:00
Franck Bui
ffe5c01eaa pid1: fold load_configuration() into main()
That's reduce the number of functions dealing with configuration
parsing/loading and should make the code simpler especially since this function
was used only once.

No functional change.
2020-05-19 15:48:54 +02:00
Franck Bui
986935cf6a pid1: update manager settings on reload too
Most complexity of this patch is due to the fact that some manager settings
(basically the watchdog properties) can be set at runtime and in this case the
runtime values must be retained over daemon-reload or daemon-reexec.

For consistency sake, all watchdog properties behaves now the same way, that
is:

  - Values defined by config files can be overridden by writing the new value
    through their respective D-BUS properties. In this case, these values are
    preserved over reload/reexec until the special value '0' or USEC_INFINITY
    is written, which will then restore the last values loaded from the config
    files. If the restored value is '0' or 'USEC_INFINITY', the watchdogs will
    be disabled and the corresponding device will be closed.

  - Reading the properties from a user instance will return the USEC_INFINITY
    value as these properties are only meaningful for PID1.

  - Writing to one of the watchdog properties of a user instance's will be a
    NOP.

Fixes: #15453
2020-05-19 15:31:55 +02:00
Lennart Poettering
544e146b0e journalctl,elsewhere: make sure --file=foo fails with sane error msg if foo is not readable
It annoyed me for quite a while that running "journalctl --file=…" on a
file that is not readable failed with a "File not found" error instead
of a permission error. Let's fix that.

We make this work by using the GLOB_NOCHECK flag for glob() which means
that files are not accessible will be returned in the array as they are
instead of being filtered away. This then means that our later attemps
to open the files will fail cleanly with a good error message.
2020-05-19 15:26:51 +02:00
Zbigniew Jędrzejewski-Szmek
7f6b827f36
Merge pull request #15836 from poettering/makefs-lock
lock whole block device file running makefs
2020-05-19 15:23:23 +02:00
Lennart Poettering
feb13fca97 repart: don't insist on coming up on partition label ourselves
If the user specified a label, use that.

Fixes: #15841
2020-05-19 15:04:01 +02:00
Lennart Poettering
3468e5ac51 btrfs-util: tweak error code a bit 2020-05-19 12:12:00 +02:00
Lennart Poettering
f8838c6c2f test-fs-util: don't fail on btrfs file systems in containers
Fixes: #15821
2020-05-19 12:11:12 +02:00
Susant Sahani
ffed0205c7 DHCP: Use UINT8_MAX instead of 255 2020-05-19 11:48:37 +02:00
Susant Sahani
f37f2a6b8a network: DHCPv6 - Add support to send user class
Frame 115: 171 bytes on wire (1368 bits), 171 bytes captured (1368 bits) on interface veth-peer, id 0
Ethernet II, Src: 1e:04:f8:b8:2f:d4 (1e:04:f8:b8:2f:d4), Dst: IPv6mcast_01:00:02 (33:33:00:01:00:02)
Internet Protocol Version 6, Src: fe80::1c04:f8ff:feb8:2fd4, Dst: ff02::1:2
User Datagram Protocol, Src Port: 546, Dst Port: 547
DHCPv6
    Message type: Solicit (1)
    Transaction ID: 0x673257
    Rapid Commit
        Option: Rapid Commit (14)
        Length: 0
    Identity Association for Non-temporary Address
        Option: Identity Association for Non-temporary Address (3)
        Length: 12
        Value: d0cc94090000000000000000
        IAID: d0cc9409
        T1: 0
        T2: 0
    Fully Qualified Domain Name
        Option: Fully Qualified Domain Name (39)
        Length: 6
        Value: 01045a657573
        0000 0... = Reserved: 0x00
        .... .0.. = N bit: Server should perform DNS updates
        .... ..0. = O bit: Server has not overridden client's S bit preference
        .... ...1 = S bit: Server should perform forward DNS updates
        Client FQDN: Zeus
    User Class
        Option: User Class (15)
        Length: 17
        Value: 000f68656c6c6f30313233343031323334
    Identity Association for Prefix Delegation
        Option: Identity Association for Prefix Delegation (25)
        Length: 12
        Value: d0cc94090000000000000000
        IAID: d0cc9409
        T1: 0
        T2: 0
    Option Request
        Option: Option Request (6)
        Length: 10
        Value: 001700180038001f000e
        Requested Option code: DNS recursive name server (23)
        Requested Option code: Domain Search List (24)
        Requested Option code: NTP Server (56)
        Requested Option code: Simple Network Time Protocol Server (31)
        Requested Option code: Rapid Commit (14)
    Client Identifier
        Option: Client Identifier (1)
        Length: 14
        Value: 00020000ab11d258482fc7eee651
        DUID: 00020000ab11d258482fc7eee651
        DUID Type: assigned by vendor based on Enterprise number (2)
        Enterprise ID: Tom Gundersen (systemd) (43793)
        Identifier: d258482fc7eee651
    Elapsed time
        Option: Elapsed time (8)
        Length: 2
        Value: 0bd0
        Elapsed time: 30240ms
2020-05-19 11:48:30 +02:00
Susant Sahani
3392392518 sd-network: DHCPv6 - add support to send userclass option
sd-network: DHCPv6 - add support to send userclass option

21.15.  User Class Option

   The User Class option is used by a client to identify the type or
   category of users or applications it represents.

   The format of the User Class option is:

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |       OPTION_USER_CLASS       |          option-len           |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      .                                                               .
      .                          user-class-data                      .
      .                                                               .
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                    Figure 26: User Class Option Format

      option-code          OPTION_USER_CLASS (15).

      option-len           Length of user-class-data field.

      user-class-data      The user classes carried by the client.  The
                           length, in octets, is specified by
                           option-len.

The information contained in the data area of this option is
   contained in one or more opaque fields that represent the user class
   or classes of which the client is a member.  A server selects
   configuration information for the client based on the classes
   identified in this option.  For example, the User Class option can be
   used to configure all clients of people in the accounting department
   with a different printer than clients of people in the marketing
   department.  The user class information carried in this option MUST
   be configurable on the client.

   The data area of the User Class option MUST contain one or more
   instances of user-class-data information.  Each instance of
   user-class-data is formatted as follows:

      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+
      |        user-class-len         |          opaque-data          |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-...-+-+-+-+-+-+-+

                Figure 27: Format of user-class-data Field
2020-05-19 11:44:51 +02:00
Frantisek Sumsal
44dcb318cc
Merge pull request #15842 from evverx/cifuzz
cifuzz: protect forks from CIFuzz
2020-05-19 10:30:32 +02:00
Norbert Lange
cdf7ad38b6 allow removal of initrd services 2020-05-19 10:19:18 +02:00
Zbigniew Jędrzejewski-Szmek
5e375a1ef2
Merge pull request #15794 from poettering/pam-sudo-fixes-part2
pam_systemd/pam_systemd_home: fix caching
2020-05-19 10:09:14 +02:00
Lennart Poettering
201fa8f256
Merge pull request #15166 from ssahani/networkctl-ipvlan
networkctl: Add support to display ipvlan
2020-05-19 09:29:45 +02:00
Lennart Poettering
c5dc0a298e homed: use right config section in example config
We really should get this right, otherwise it's a pretty useless vendor
default example configuration file.

Follow-up for: c76dd733af
2020-05-19 09:26:49 +02:00
Lennart Poettering
f17153a721 busctl: improve error messages on duplicate members/interfaces
Prompted by: #15833
2020-05-19 09:11:15 +02:00
Lennart Poettering
9600c27c41 busctl: use structured initialization 2020-05-19 09:04:36 +02:00
Zbigniew Jędrzejewski-Szmek
11aaaa2c96 TODO: drop some external items
Those are either implemented or obsolete.
2020-05-19 08:59:53 +02:00