1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-31 07:51:21 +03:00
Commit Graph

52276 Commits

Author SHA1 Message Date
Juergen Hoetzel
274b0d3fc1 docs: EFI separator needs to be backslash-escaped in markdown 2021-06-24 20:09:52 +02:00
Frantisek Sumsal
eb70d9450c test: correctly mask supporting services in tests, take #2
Due to a little misunderstanding the last patch doesn't work as
expected, since test_create_image() is called only for the first image
(usually TEST-01-BASIC), and all subsequent images are then (possibly)
modified with test_append_files().

Follow-up to 179ca4d2b1.
2021-06-24 16:26:19 +01:00
Lennart Poettering
86e24d608a
Merge pull request #20001 from keszybz/test-path-simplify-less
Do not call path_simplify() when not needed
2021-06-24 15:33:09 +02:00
Lennart Poettering
6abd991c71 sd-journal: add missing bracket in journal verify log message 2021-06-24 15:25:29 +02:00
Luca Boccassi
5bf7d8f04d
Merge pull request #20000 from dtardon/replace-strtoul
replace strtoul by safe_ato*
2021-06-24 14:18:58 +01:00
David Tardon
04d54d5011 udev-builtin-keyboard: drop unnecessary {} 2021-06-24 15:12:34 +02:00
David Tardon
1001167ca5 udev: replace strtoul by safe_ato* 2021-06-24 15:12:29 +02:00
Zbigniew Jędrzejewski-Szmek
280e4b368e
Merge pull request #20004 from yuwata/readdir-ensure-type
dirent-util: introduce readdir_ensure_type()
2021-06-24 15:11:06 +02:00
Lennart Poettering
4ef65db34b openssl-util: include the headers the file actually uses definitions from 2021-06-24 15:09:14 +02:00
Zbigniew Jędrzejewski-Szmek
c1e4c62235
Merge pull request #19997 from keszybz/selinux-opt
Drop libselinux dependency from libsystemd
2021-06-24 15:07:29 +02:00
Luca Boccassi
1e26f8a60b core: add ConditionOSRelease= directive 2021-06-24 13:57:48 +01:00
Luca Boccassi
70b6ee6110 basic/extract-word: add EXTRACT_RETAIN_SEPARATORS flag
Makes the helpers avoid skipping over the separator(s) in the
input string
2021-06-24 13:41:17 +01:00
Dan Streetman
61764fe4e2 test: add test to verify RequiredForOnline= setting with ActivationPolicy=
Add test to verify that the RequiredForOnline= value is correct based on
the configuration of ActivationPolicy=
2021-06-24 08:33:29 -04:00
Dan Streetman
003015af5a networkctl: add field 'Required For Online' 2021-06-24 08:32:21 -04:00
Dan Streetman
7c644a6966 network: default RequiredForOnline=false if ActivactionPolicy= not set to up
If ActivationPolicy= is set to down, always-down, or manual, then any
matching link will delay boot (due to delaying network-online.target).

If RequiredForOnline= wasn't explicitly set, then default it to false
if ActivationPolicy= is down or manual. If ActivationPolicy=always-down,
then force RequiredForOnline=no.
2021-06-24 08:32:21 -04:00
Lennart Poettering
b80ef40caf ask-password: add "-n" switch for disabling trailing newline
This is similar to the "-n" switch of the "echo" command.
2021-06-24 13:25:39 +02:00
Luca Boccassi
6222acc2b5
Merge pull request #20002 from yuwata/sd-dhcp-client-ignore-forcerenew
sd-dhcp-client: ignore FORCERENEW
2021-06-24 10:01:10 +01:00
Zbigniew Jędrzejewski-Szmek
ac19bdd04b core: avoid calling path_simplify() unnecessarilly for u.requires_mounts_for keys
We would always call path_simplify() before doing a lookup, which requires the
path key to be duplicated first. But the hashmap lookup doesn't require this…
So let's opportunistically skip the allocation if the key is already present.

Inspired by https://github.com/systemd/systemd/pull/19973.
2021-06-24 10:59:45 +02:00
Zbigniew Jędrzejewski-Szmek
0fb789af20 test-hash-funcs: add new file to test that path set ignores dot components 2021-06-24 10:59:45 +02:00
Zbigniew Jędrzejewski-Szmek
da90c261af gitignore: add jekyll cache directory
Follow-up for 2d4efd1dba.
2021-06-24 10:20:29 +02:00
Zbigniew Jędrzejewski-Szmek
c3b8bacd7b shared/selinux-util: rework switching of the getenforce() function
The approach with function pointer was neat, but it gets in the way
when we want to resolve the symbol dynamically: static initialization
is not possible. It also makes the code more complicated than necessary.
In this case, a simple boolean is sufficient.
2021-06-24 10:20:29 +02:00
Zbigniew Jędrzejewski-Szmek
cd503dbb6b shared/dlfcn-util: add sentinel helper or for dlsym_many_or_warn()
I didn't do this before to avoid churn in all the users.
2021-06-24 10:20:29 +02:00
Zbigniew Jędrzejewski-Szmek
d32f7a8e9b shared/tpm2-util: simplify and convert to the new helper
The function would return 0 or 3. I don't think the return code was
used for anything, so let's avoid the explicit calculation and return
0 or 1.
2021-06-24 10:20:27 +02:00
Zbigniew Jędrzejewski-Szmek
1622ef77ee various: convert to the new dlopen_or_warn() helper 2021-06-24 10:16:46 +02:00
Zbigniew Jędrzejewski-Szmek
fff25ab22e dlfcn-util: invert function naming and add helper that does the whole job
We warn when the operation fails, not when it succeeds. Hence this should be
"<do>_or_<handle failure>", not "<do>_and_<handle failure>". We *could* use
whatever convention we want, but rust and perl are rather consistent in using
the logical convention. We don't care about perl that much, but having a naming
convention inverted wrt. rust would be rather confusing.

Also, pretty much every implementation does similar steps, so add a nice
wrapper which combines opening of the library and loading of the symbols.

Also add missing sentinel attribute in dlopen_or_warn().
2021-06-24 10:16:43 +02:00
Zbigniew Jędrzejewski-Szmek
87501ac0eb meson: drop libseccomp and libselinux from libbasic linkage
This means libsystemd.so is without them now. This is important
because countless programs link to libsystemd.so, and do not need
to pull in selinux now. And libselinux.so pulls in libpcre2, so
we trim a nice dependency tree.

I'm not sure why libseccomp was listed there. No code seems to
refer to it.

$ diff -u <(ldd ../systemd/build/libsystemd.so|sed 's/0x.*/0x…/') <(ldd build/libsystemd.so|sed 's/0x.*/0x…/')
@@ -4,11 +4,9 @@
 	libzstd.so.1 => /lib64/libzstd.so.1 (0x…
 	liblz4.so.1 => /lib64/liblz4.so.1 (0x…
 	libcap.so.2 => /lib64/libcap.so.2 (0x…
-	libselinux.so.1 => /lib64/libselinux.so.1 (0x…
 	libgcrypt.so.20 => /lib64/libgcrypt.so.20 (0x…
 	libpthread.so.0 => /lib64/libpthread.so.0 (0x…
 	libc.so.6 => /lib64/libc.so.6 (0x…
 	/lib64/ld-linux-x86-64.so.2 (0x…
-	libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 (0x…
 	libdl.so.2 => /lib64/libdl.so.2 (0x…
 	libgpg-error.so.0 => /lib64/libgpg-error.so.0 (0x…

$ diff -u <(ldd ../systemd/build/libudev.so|sed 's/0x.*/0x…/') <(ldd build/libudev.so|sed 's/0x.*/0x…/')
@@ -1,8 +1,5 @@
 	linux-vdso.so.1 (0x…
 	librt.so.1 => /lib64/librt.so.1 (0x…
-	libselinux.so.1 => /lib64/libselinux.so.1 (0x…
 	libpthread.so.0 => /lib64/libpthread.so.0 (0x…
 	libc.so.6 => /lib64/libc.so.6 (0x…
 	/lib64/ld-linux-x86-64.so.2 (0x…
-	libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 (0x…
-	libdl.so.2 => /lib64/libdl.so.2 (0x…
2021-06-24 10:11:16 +02:00
Zbigniew Jędrzejewski-Szmek
b25a930f0e basic,shared: move a bunch of files to src/shared/
The goal is to move everything that requires selinux or smack
away from src/basic/. This means that src/basic/label.[ch] must move,
which implies btrfs-util.[ch], copy.[ch], and a bunch of other files
which form a cluster of internal use.

This is just moving text around, so there should be no functional difference.

test-blockdev-util is new, because path_is_encrypted() is moved to
blockdev-util.c, and so far we didn't have any tests for code there.
2021-06-24 10:11:00 +02:00
Zbigniew Jędrzejewski-Szmek
2d32453bc8 basic,shared: move dlopen helpers to shared/
This was added in 88d775b734,
with the apparent intent of using in shared/ and the rest of our code.
It doesn't matter much for our code, since libdl is part of glibc anyway,
but moving it removes one linkage from libsystemd. (libshared was already
linking to libdl explicitly).
2021-06-24 10:05:50 +02:00
Zbigniew Jędrzejewski-Szmek
6a818c3cb4 basic: move acquire_data_fd() and fd_duplicate_data_fd() to new data-fd-util.c
fd_duplicate_data_fd() is renamed to copy_data_fd(). This makes
the two functions have nicely similar names.

Now fd-util.[ch] is again about low-level file descriptor manipulations.
copy_data_fd() is a complex function that internally wraps the other
functions in copy.c. I want to move copy.c and the whole cluster of
related code from basic/ to shared/ later on, and this is a preparatory
step for that.
2021-06-24 10:05:22 +02:00
Zbigniew Jędrzejewski-Szmek
37350b81b5 Move hwdb creation code to src/shared/
hwdb_update() is the main entry point, and it is called from
"udevadm hwdb" and "systemd-hwdb", so it belongs in shared/.
2021-06-24 09:47:15 +02:00
Zbigniew Jędrzejewski-Szmek
2686114332 basic,shared: move quota-util.[ch] to src/shared/
No need for this to in basic/.
2021-06-24 09:47:15 +02:00
Zbigniew Jędrzejewski-Szmek
65ddc2c5ff basic: drop one btrfs-related function and move another
This will become useful later, it is the first step to moving btrfs-util.[ch]
out of src/basic/.
2021-06-24 09:42:08 +02:00
Yu Watanabe
38e980a6a5 sd-dhcp-client: tentatively ignore FORCERENEW command
This makes DHCP client ignore FORCERENEW requests, as unauthenticated
FORCERENEW requests causes a security issue (TALOS-2020-1142, CVE-2020-13529).

Let's re-enable this after RFC3118 (Authentication for DHCP Messages)
and/or RFC6704 (Forcerenew Nonce Authentication) are implemented.

Fixes #16774.
2021-06-24 11:25:26 +09:00
Yu Watanabe
551ad0b7de sd-dhcp-client: logs when dhcp client unexpectedly gains a new lease
Previously, such situation is handled silently.
2021-06-24 11:25:26 +09:00
Yu Watanabe
d57b62be0d sd-dhcp-client: shorten code a bit 2021-06-24 11:25:26 +09:00
Yu Watanabe
67d8cd8193 sd-dhcp-client: check error earlier and reduce indentation 2021-06-24 11:25:26 +09:00
Anders Wenhaug
4dbad977ff docs: add coding style example
Add example of how to structure else-blocks following a multiline block.
2021-06-24 10:06:40 +09:00
Yu Watanabe
f565b8676f dirent-util: use readdir_ensure_type() in readdir_no_dot() and FOREACH_DIRENT() 2021-06-24 04:29:40 +09:00
Yu Watanabe
98f7a4c8bb dirent-util: introduce readdir_ensure_type() 2021-06-24 04:19:38 +09:00
Zbigniew Jędrzejewski-Szmek
6d216bdd07 test-path-util: check that dot components are irrelevant for path comparisons 2021-06-23 18:11:49 +02:00
Zbigniew Jędrzejewski-Szmek
a79726113a TODO: elide initrd-parse-etc.service if possible 2021-06-23 18:11:49 +02:00
Zbigniew Jędrzejewski-Szmek
aa45911b79 man/50-xdg-data-dirs: add quotes as suggested by shellcheck 2021-06-23 18:11:49 +02:00
Zbigniew Jędrzejewski-Szmek
9c6535367d basic,shared: move make_mount_point_inode_*() to shared/
Those pull in selinux for labelling, and we should avoid selinux in basic/.
2021-06-23 10:34:58 +02:00
Zbigniew Jędrzejewski-Szmek
f69c2926f8 meson: sort file list
At least emacs thinks this is the right way.
2021-06-23 10:29:37 +02:00
Yu Watanabe
5118e8e71d udev: remove unsafe characters from ID_SERIAL for nvme
Fixes #19309.
2021-06-23 17:11:27 +09:00
Yu Watanabe
91c27ac686 man: update description of "string_escape=" udev option 2021-06-23 17:11:23 +09:00
Yu Watanabe
ea0f4578a7 udev: replace unsafe characters on assigning ENV{key}="val" when OPTIONS="string_escape=replace" is set
Strictly speaking, this breaks backward compatibility, as previously
`ENV{key}="val"` ignored `string_escape=` option. But, introducing
a new option such as `string_escape=hoge` sounds overkill for me.
The default escape mode is `ESCAPE_UNSET`, so I hope this merely break
existing rules.
2021-06-23 16:40:52 +09:00
Yu Watanabe
51c2f543d1 udev: fix key name in debug log 2021-06-23 16:33:14 +09:00
Yu Watanabe
068b0f7728 udev: refuse invalid ifname earlier 2021-06-23 16:32:42 +09:00
Yu Watanabe
b4d885f0e8 udev: introduce new netif naming scheme flag to strictly replace ifname 2021-06-23 16:10:26 +09:00