1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

4213 Commits

Author SHA1 Message Date
Frantisek Sumsal
0ffb690111 test: make the test happy with coverage builds
Bump the LimitFSIZE=, since the process needs to write quite a lot of
.gcda files, and suppress coverage errors with DynamicUser=true.
2023-11-05 00:32:04 +00:00
Yu Watanabe
ab8f553d1e sd-journal: rework generic_array_bisect()
- Rename generic_array_bisect_one() -> generic_array_bisect_step(), as there
  is also generic_array_bisect_plus_one(), so the original name is confusing.
- Make generic_array_bisect_step() return TEST_GOTO_NEXT or TEST_GOTO_PREVIOUS
  when the current array does not contain any matching entries.
- Make generic_array_bisect_step() symmetric with respect to the direction
  we are going to, except for the journal corruption handling.
- Make generic_array_bisect_step() gracefully handle journal corruptions,
  so the corruption handling in the caller side can be mostly dropped.
- Especially, when the last entry in an array is corrupted, previously
  we tried to find a valid entry sequentially from the end of the array,
  but now we anyway bisect the array. That should improve performance of
  reading corrupted journal files.
- Return earlier when no entry linked to the chained array (n == 0).
- Add many comments.

No behavior change unless journal is corrupted.
2023-11-04 11:01:30 +09:00
Frantisek Sumsal
12c2560997 test: wait for the nvme device to appear
Also, use a /dev/disk/by-id/ symlink to the device, which should be
predictable, unlike the /dev/nvmeX stuff.
2023-11-03 23:26:57 +00:00
Frantisek Sumsal
ebefce6eab test: add a couple of tests for systemd-bsod
Add some basic tests for systemd-bsod, mainly to have something to build on
for #29056.
2023-11-03 20:39:15 +00:00
Frantisek Sumsal
4e086c389a Revert "test: don't panic on soft lockups"
Let's put this back in, as it could help with occasional machine lock ups
on overloaded systems (and it didn't help with the original issue
anyway).

This reverts commit 3a89904e45.
2023-11-03 20:38:31 +00:00
Maanya Goenka
db776f6935 portable: add support for confext
Support confexts for portable services
2023-11-03 16:59:58 +00:00
Luca Boccassi
f0304df6e4 core: check that extensions have the hierarchies before overlaying
Before confext was added, hierarchies always existed in extensions. Now
they are optional - i.e., a sysext will not contain /etc/. So mixing a
confext and a sysext fails, as we'll try to create an overlay with /etc/
from the base, the confext and the sysext, but the latter doesn't have
the directory.

After the source images are mounted, check that each hierarchy exists in
each source image before creating the overlay, and drop them if they
don't.

Follow-up for 55ea4ef096
2023-11-03 16:59:58 +00:00
Luca Boccassi
8d04721507
Merge pull request #28891 from poettering/pcrlock
new pcrlock tool for generating signed PCR policies for PCR 0, 1, 4, …
2023-11-03 16:07:43 +00:00
Frantisek Sumsal
d4317fe172 nspawn: allow disabling os-release check
Introduce a new env variable $SYSTEMD_NSPAWN_CHECK_OS_RELEASE, that can
be used to disable the os-release check for bootable OS trees. Useful
when trying to boot a container with empty /etc/ and bind-mounted /usr/.

Resolves: #29185
2023-11-03 16:05:14 +00:00
Lennart Poettering
3e6a25a6f3 test: add pcrlock integration test
(Contains various test additions added by @mrc0mmand)
2023-11-03 11:25:14 +01:00
Yu Watanabe
b94f59b9d5 network: make generated configs have higher precedence over default configs
We use 80- for default .network files. So, the generated files from the
kernel command line should have smaller prefix.
2023-11-03 11:42:19 +09:00
Luca Boccassi
d2e99d288e
Merge pull request #29792 from poettering/resolved-monitor-packet
resolved: make sure "resolvectl monitor" can properly deal with stub …
2023-11-02 20:43:19 +00:00
Frantisek Sumsal
a0e000076a test: check that resolvectl monitor --json generates valid JSON
Provides coverage for #29580.
2023-11-02 18:08:30 +01:00
Lennart Poettering
565b7c90eb test: add integration test for systemd-storagetm 2023-11-02 14:19:32 +01:00
Peter Hutterer
4f7a629e6c analyze: handle CAP_BPF support 2023-11-01 10:25:59 +00:00
Frantisek Sumsal
3d72a9645e test: exercise more systemd-executor related stuff 2023-10-31 18:52:00 +01:00
Frantisek Sumsal
72d50da4f6 test: skip SocketBind*= tests when built without a bpf framework
The test intentionally checks for -BPF_FRAMEWORK so we run the test case
(and fail) even if we rename the feature flag.
2023-10-31 17:36:03 +01:00
Lennart Poettering
b3634c45d7 network-generator: add support for ip=link-local 2023-10-31 11:03:49 +01:00
Yu Watanabe
d19434fbf8 tree-wide: fix typo 2023-10-31 14:35:33 +09:00
Frantisek Sumsal
33b0e0c09a test-network: copy rules from source & build trees if needed
When running with --build-dir= we need to copy over udev rules from
$BUILD_DIR/udev.d/ and $SOURCE_TREE/udev.d/ to make stuff work as
expected.
2023-10-30 21:13:00 +00:00
Frantisek Sumsal
d203e5e008 test: add one missing cleanup
So the test doesn't fail when run multiple times with the same image.
2023-10-30 22:37:08 +09:00
Luca Boccassi
7b6d3dcdd2 exec-invoke: don't double-close FDs on error
When a late error occurs in sd-executor, the cleanup-on-close of the
context structs happen, but at that time all FDs might have already
been closed via close_all_fds(), so a double-close happens. This
can be seen when DynamicUser is enabled, with a non-existing
WorkingDirectory.

Invalidate the FDs in the context structs if close_all_fds succeeds.
2023-10-28 16:56:25 +02:00
Luca Boccassi
3ad5aedadc test: io.latency cgroup support might not be available, skip test
It doesn't seem to be enabled on Debian stable, and the test fails.

Follow-up for 5efc8183c9
2023-10-28 08:08:42 +00:00
Yu Watanabe
2aa246e88f
Merge pull request #29693 from rpigott/dhcp-rapid-commit
network: implement RFC4039 DHCP Rapid Commit
2023-10-28 10:23:23 +09:00
Luca Boccassi
8a505d3b6b
Merge pull request #29734 from YHNdnzj/fstab-filter-options
fstab-generator: drop ignored mount options from mount unit Options=
2023-10-27 23:20:46 +01:00
Frantisek Sumsal
5efc8183c9 test: cover more sd-executor related stuff
Let's probe directives that have slightly more "complex" handling in
the serialization/deserialization machinery.
2023-10-27 21:01:33 +02:00
Ronan Pigott
2beecc7077 test-network: add dhcp rapid commit test 2023-10-27 10:55:55 -07:00
Mike Yuan
b3ee014879
fstab-generator: drop unapplicable mount options for / from mount unit Options=
Prompted by #29705

Note that x-systemd.wanted-by= and x-systemd.required-by= are not
dropped, since we ignore them because they are unnecessary rather
than unapplicable.
2023-10-27 23:51:01 +08:00
Luca Boccassi
b44a72da57
Merge pull request #29711 from berrange/tests-silverblue
Fix test suite when developing on Fedora SilverBlue (rpm-ostree) host
2023-10-26 21:17:03 +01:00
Luca Boccassi
63862de4b7 core: do not post-process skipped mounts
When a mount is gracefully skipped (e.g.: BindReadOnlyPaths=-/nonexistent)
we still post-process it, like making it read-only. Except if nothing
has been mounted, the mount point will be made read-only for no reason.
Track when mounts are skipped and avoid post-processing.

One day we'll switch all of this to the new mount api and do these
operations atomically or not at all.

Fixes https://github.com/systemd/systemd/issues/29725
2023-10-26 21:15:41 +01:00
Daniel P. Berrangé
3570ee3688 test-fstab-generator: skip test impacted by /mnt symlink
On rpm-ostree distributions such as Fedora SilverBlue /mnt
(and other well known paths) will be a symlink to a location
under /var. The fstab generator emits correct output in this
case, however, the data does not match the expected output
stored in the source tree.

Rather than trying to adapt the test data, just skip this
single test scenario when we see /mnt is a symlink.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-10-26 14:46:15 +01:00
Daniel P. Berrangé
8473ece90e test-systemd-tmpfiles: skip when /tmp has unexpected ownership
The systemd-tmpfiles binary will report a fatal error if /tmp is not owned
either by root, or by the current user:

  Detected unsafe path transition /tmp (owned by nobody) →
    /tmp/test-systemd-tmpfiles.a8qc6n18 (owned by berrange)
    during canonicalization of
    tmp/test-systemd-tmpfiles.a8qc6n18/test-content.7chd7rdi

When doing development inside a 'toolbox' container (which is required
on a Fedora SilverBlue distro), /tmp is owned by 'nobody', because it
has been passed through from the host and host UID 0 gets mapped to
UID 65536 by usernamespaces. This triggers the unsafe path transition
error message.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2023-10-26 14:46:15 +01:00
Luca Boccassi
e34836aa59
Merge pull request #29529 from yuwata/core-namespace-check-priv
core/namespace: check if we have enough privilege
2023-10-26 14:27:56 +01:00
Yu Watanabe
e9af462aba test: add a simple test for PrivateNetwork= 2023-10-26 19:09:49 +09:00
Yu Watanabe
dd59a609be test-network: suppress too much outputs of state file
Follow-up for 0f9efffaeb.
2023-10-26 12:26:19 +09:00
Daan De Meyer
c173be0d4c
Merge pull request #29708 from DaanDeMeyer/bootctl-always
Always build bootctl
2023-10-25 22:59:59 +02:00
Frantisek Sumsal
d08b67e55e test: slightly extend systemd-tpm2-setup's coverage 2023-10-25 18:18:48 +02:00
Frantisek Sumsal
af70e2021e test: add a couple more tests for systemd-pcrextend 2023-10-25 18:18:47 +02:00
Frantisek Sumsal
45534eefe6 test: make the TPM event log checking a bit more robust
Don't hardcode the event number, so the test works correctly even if
someone wrote to the event log before us. Also, explicitly pick the
sha256 bank when checking digests, as the indexing may vary depending on
current TPM's capabilities.
2023-10-25 18:18:11 +02:00
Daan De Meyer
dedb925eaf meson: Always build bootctl
bootctl is rather useful to have, even if on a system without UEFI,
as it has a number of verbs that are unrelated to UEFI (e.g kernel-identify),
and more importantly, it supports --root to operate on directory trees
(which could be intended to be deployed on UEFI) so let's make sure we
always build it.
2023-10-25 16:49:24 +02:00
Frantisek Sumsal
29be59555f test: split TEST-70-TPM2 into subtests 2023-10-25 14:48:30 +02:00
Luca Boccassi
7470e161cf
Merge pull request #29553 from keszybz/analyze-cat-config-tldr
analyze/cat-config: add switch to print only "interesting" parts of conffiles
2023-10-25 09:53:19 +01:00
Frantisek Sumsal
b9439855d2
Merge pull request #29687 from yuwata/network-state-file-sync
network: several fixlets for state file
2023-10-25 08:29:58 +00:00
Yu Watanabe
0f9efffaeb test-network: wait for the state file being updated
Also, sync state files before read.

Addresses the first issue in #29678.
2023-10-24 23:22:27 +09:00
Zbigniew Jędrzejewski-Szmek
063c838206 analyze/cat-config: add switch to print only "interesting" parts of config files
When looking at configuration, often a user wants to suppress the comments and
just look at the parts that actually configure something, roughly equivalent to
  systemd-analyze cat-config … | rg -v '^(#|;|$)
This switch implements this natively, skipping lines that start with a comment
character or only contain whitespace.

For formats that have section headers, section headers are skipped, if only
followed by stuff that would be skipped. (The last section header is printed
when we're about to print some actual output.)

Note that the caller doesn't know if the format has headers or not. We do format
type detection in pretty-print.c. So the caller only specifies tldr=true|false, and
conf_files_cat() figures out if the format has headers and whether those should
be handled specially.

The comments that show the file name are always printed, even if all of the file
is suppressed.

This is a partial answer to the discussions in
https://github.com/systemd/systemd/pull/28919,
https://github.com/systemd/systemd/pull/29248. If the default config is shown in
config files, the user can conveniently use '--tldr' to show the relevant parts.
2023-10-24 15:59:34 +02:00
Frantisek Sumsal
270b20b98b test: shorten service stop/abort timeouts for TEST-69-SHUTDOWN
In several Ubuntu CI jobs I noticed timeouts in TEST-69, which are
apparently caused by a very stubborn bash/login process:

$ journalctl -o short-monotonic --no-hostname --file artifacts/TEST-69-SHUTDOWN.journal
[ 2011.698430] systemd[1]: shutdown.target: starting held back, waiting for: veritysetup.target
[ 2011.698473] systemd[1]: sysinit.target: stopping held back, waiting for: user@0.service
[ 2045.884982] systemd[1]: systemd-oomd.service: Got notification message from PID 54 (WATCHDOG=1)
[ 2071.576424] systemd[1]: Received SIGCHLD from PID 65 (bash).
[ 2071.576941] systemd[1]: Child 65 (bash) died (code=killed, status=1/HUP)
[ 2071.577026] systemd[1]: session-13.scope: Child 65 belongs to session-13.scope.
[ 2071.577100] systemd[1]: session-13.scope: cgroup is empty
[ 2071.577249] systemd[1]: session-13.scope: Deactivated successfully.

$ journalctl -o short-monotonic --no-hostname --file artifacts/TEST-69-SHUTDOWN.journal _PID=65
[ 3038.661488] login[65]: ROOT LOGIN  on '/dev/pts/0'

Since, in this case, we really care only about the actual shutdown,
let's shorten the service stop/abort timeouts to let systemd SIGKILL all
remaining processes in the 60s `expect` window.
2023-10-24 12:51:03 +02:00
Frantisek Sumsal
5ab2f737cd test: introduce $TEST_SKIP_SHUTDOWN
To get rid of some boilerplate.
2023-10-24 12:35:03 +02:00
Franck Bui
a1af99df8e test: install af_packet kernel module on openSUSE
Currently needed by test-dhcp-server unit test, af_packet is not built-in on
openSUSE distributions.
2023-10-21 11:39:10 +01:00
Luca Boccassi
665a3d6d15 systemctl: automatically softreboot/kexec if set up on reboot
Automatically softreboot if the nextroot has been set up with an OS
tree, or automatically kexec if a kernel has been loaded with kexec
--load.

Add SYSTEMCTL_SKIP_AUTO_KEXEC and SYSTEMCTL_SKIP_AUTO_SOFT_REBOOT to
skip the automated switchover.
2023-10-20 11:45:37 +01:00
Luca Boccassi
f5a7476677
Merge pull request #29628 from mrc0mmand/systemd-executor-test
test: slightly improve sd-executor's coverage
2023-10-19 19:39:39 +01:00