1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

470 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
03d1319b12 shared/logs-show: be more careful before using a _SOURCE_REALTIME_TIMESTAMP entry
journalctl -o short would display those entries, but journalctl -o short-full
would refuse. If the entry is bad, just fall back to the receive-side realtime
timestamp like we would if it was completely missing.
2018-05-31 14:30:23 +02:00
Zbigniew Jędrzejewski-Szmek
324d6aa926 shared/logs-show: fix mixup between length-based memory duplication and string operations
We'd look for a '=' separator using memchr, i.e. ignoring any nul bytes in the
string, but then do a strndup, which would terminate on any nul byte, and then
again do a memcmp, which would access memory past the chunk allocated by strndup.

Of course, we probably shouldn't allow keys with nul bytes in them. But we
currently do, so there might be journal files like that out there. So let's fix
the journal-reading code first.
2018-05-31 14:30:23 +02:00
Zbigniew Jędrzejewski-Szmek
e743ce7053 journal-remote: when an entry is rejected with -EBADMSG, do not rotate the journal file
Something is wrong with the entry (probably a missing timestamp), so no point
in rotating. But suppress the error in process_source(), so that the processing
of the data stream continues.

Also, just return 0 from writer_write() on success, the only caller doesn't
care.
2018-05-31 13:04:18 +02:00
Zbigniew Jędrzejewski-Szmek
a38f7fec44 fuzz-journal-remote: a fuzzer for journal-remote over-the-wire input 2018-05-31 13:04:18 +02:00
Sergio Lindo Mansilla
c2f32f616b Fix pattern to detect distribution
With operator '=', when in /etc/os-release:
ID_LIKE="opensuse suse" # Tumbleweed since at least 2018-04-24
or
ID_LIKE="suse opensuse" # Leap 15
2018-05-30 18:13:14 +02:00
Lennart Poettering
b294e5943f core: introduce specifiers for /tmp and /var/tmp
This corresponds nicely with the specifiers we already pass for
/var/lib, /var/cache, /run and so on.

This is particular useful to update the test-path service files to
operate without guessable files, thus allowing multiple parallel
test-path invocations to pass without issues (the idea is to set $TMPDIR
early on in the test to some private directory, and then only use the
new %T or %V specifier to refer to it).
2018-05-29 11:39:15 +02:00
Lennart Poettering
cdc0f9be92
Merge pull request #8817 from yuwata/cleanup-nsflags
core: allow to specify RestrictNamespaces= multiple times
2018-05-24 16:49:13 +02:00
Yu Watanabe
1c5873096e test-execute: remove state directories before running tests
Fixes #8679.
2018-05-10 22:50:51 -07:00
Joost Heitbrink
b6887d7ae4 test: add testcase for environment file variables with backslashes
systemd silently strips out backslashes in variables from environment
files. Add a testcase that explicitly tests for this behaviour.
2018-05-11 13:15:16 +09:00
Susant Sahani
4319c181d4 Networkd tests: add bridge link properties to test
Test the "[Bridge]" section keys

```
[Bridge]
UnicastFlood=true
HairPin=true
UseBPDU=true
FastLeave=true
AllowPortToBeRoot=true
Cost=555
Priority=23
```

```
test_bridge_init (__main__.BridgeTest) ... ok
test_bridge_port_priority (__main__.BridgeTest) ... ok
test_bridge_port_priority_set_zero (__main__.BridgeTest)
It should be possible to set the bridge port priority to 0 ... ok
test_bridge_port_property (__main__.BridgeTest)
Test the "[Bridge]" section keys ... ok

```
2018-05-10 10:41:30 -07:00
Yu Watanabe
1dcf96c29f test: add tests for merging RestrictNamespaces= 2018-05-05 11:07:37 +09:00
Lennart Poettering
0ea21d9e88 test: don't send image building output to /dev/null (#8886)
Yes, the output is sometimes annyoing, but /dev/null is not the right
place...

I figure this redirection was left in from some debugging session, let's
fix it, and make the setup_basic_environment invocation like in all
other test scripts.
2018-05-03 16:47:42 +03:00
Yu Watanabe
022fa82a8b oss-fuzz: add the reproducer case by oss-fuzz #8064 2018-05-03 16:57:29 +09:00
Lennart Poettering
3e7aa2edcd
test-functions: don't nest KVM (#8883)
Nested KVM is very flaky as we learnt from our CI. Hence, let's avoid
KVM whenever we detect we are already running inside of KVM.

Maybe one day nested KVM is fixed, at which point we can turn this on
again, but for now let's simply avoid nested KVM, since reliable CI is
more important than quick CI, I guess.

And yes, avoiding KVM for our qemu runs does make things substantially
slower, but I think it's not a complete loss.

Inspired by @evverx' findings in:

https://github.com/systemd/systemd/pull/8701#issuecomment-380213302
2018-05-02 20:06:13 +02:00
Yu Watanabe
9c6f2e5ab9 test: fix descriptions 2018-05-01 13:44:29 +09:00
Yu Watanabe
cfa24ca0e6 test: add tests for PrivateDevices= with '+' prefix 2018-05-01 13:44:24 +09:00
Yu Watanabe
545673d4b0 test: add tests for %j and %J specifier in test-execute (#8838)
Follow-up for 250e9fadbc.
2018-04-27 13:07:23 +02:00
Lennart Poettering
63d6135fea tests: compare with correct shell
We synthesize the passwd record for UID 0, hence we need to compare with
our synthesized data and not with the data stored in /etc/passwd
2018-04-19 11:41:28 +02:00
Franck Bui
80359410c4 sysusers: make sure to reset the returned value when EOF is reached in fget*ent_sane() wrappers (#8737)
To indicate that the there're no more entries, these wrappers return false but
did leave the passed pointed unmodified.

However EOF is not an error and is a very common case so initialize the output
argument to NULL even in this case so callers don't need to do that.

Fixes: #8721
2018-04-18 18:32:21 +02:00
Lennart Poettering
2cb36f7c1e
Merge pull request #8575 from keszybz/non-absolute-paths
Do not require absolute paths in ExecStart and friends
2018-04-17 15:54:10 +02:00
Zbigniew Jędrzejewski-Szmek
7e4a49b42b test-execute: make find invocation a bit more efficent, increase timeout
We go through the whole file system, so this test can take arbitrary time.  But
this test is still quite useful, so let's at least try to make it more efficent
by not descending at all into the directories we would filter out later on
anyway.

Also increase the timeout, in case the previous step doesn't help enough.
2018-04-16 16:09:46 +02:00
Zbigniew Jędrzejewski-Szmek
42345b178d test: drop the use of /bin/sh in various test services
This is not meant to be comprehensive, just the few cases where the /bin/sh -c wrapper
is obviously superfluous.
2018-04-16 16:09:46 +02:00
Zbigniew Jędrzejewski-Szmek
5008da1ec1 systemd: do not require absolute paths in ExecStart
Absolute paths make everything simple and quick, but sometimes this requirement
can be annoying. A good example is calling 'test', which will be located in
/usr/bin/ or /bin depending on the distro. The need the provide the full path
makes it harder a portable unit file in such cases.

This patch uses a fixed search path (DEFAULT_PATH which was already used as the
default value of $PATH), and if a non-absolute file name is found, it is
immediately resolved to a full path using this search path when the unit is
loaded. After that, everything behaves as if an absolute path was specified. In
particular, the executable must exist when the unit is loaded.
2018-04-16 16:09:46 +02:00
Lennart Poettering
7ce49e656b test: add test for prefix unit loading 2018-04-13 11:34:48 +02:00
Zbigniew Jędrzejewski-Szmek
c0af656c52 test-execute/exec-specifier.service: fix quoting
The lines would cause the whole service to fail to be loaded.
2018-04-12 16:20:02 +02:00
Zbigniew Jędrzejewski-Szmek
11a1589223 tree-wide: drop license boilerplate
Files which are installed as-is (any .service and other unit files, .conf
files, .policy files, etc), are left as is. My assumption is that SPDX
identifiers are not yet that well known, so it's better to retain the
extended header to avoid any doubt.

I also kept any copyright lines. We can probably remove them, but it'd nice to
obtain explicit acks from all involved authors before doing that.
2018-04-06 18:58:55 +02:00
Feng Sun
709e86f18f fix missed bracket of exec-personality-ppc64le.service (#8650)
Signed-off-by: Neil Sun <neilsun@yunify.com>
2018-04-04 11:10:42 +02:00
Evgeny Vereshchagin
053edc5b04 tests: run udevadm settle after sfdisk (#8610)
This makes the script wait for the newly created partition to
show up before trying to put a filesystem on it, which should
prevent the tests from failing with the following error:
```
New situation:
Disklabel type: dos
Disk identifier: 0x3541a0ec

Device       Boot  Start    End Sectors  Size Id Type
/dev/loop6p1        2048 800767  798720  390M 83 Linux
/dev/loop6p2      800768 819199   18432    9M 83 Linux

The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
The file /dev/loop6p1 does not exist and no size was specified.
make: *** [setup] Error 1
F: Failed to mkfs -t ext4
Makefile:4: recipe for target 'setup' failed
```
2018-03-29 13:20:57 +09:00
Zbigniew Jędrzejewski-Szmek
e2093454a2 shared/specifier: be less extravagant with memory allocations
ubsan times out because we do too many allocations:

$ valgrind build/fuzz-unit-file test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6977-full
...
test/fuzz-regressions/fuzz-unit-file/oss-fuzz-6977-full... ok
==1757==
==1757== HEAP SUMMARY:
==1757==     in use at exit: 0 bytes in 0 blocks
==1757==   total heap usage: 199,997 allocs, 199,997 frees, 90,045,318,585 bytes allocated

...
==3256==   total heap usage: 100,120 allocs, 100,120 frees, 13,097,140 bytes allocated

https://oss-fuzz.com/v2/issue/4651449704251392/6977 should now be really fixed.

e3c3d6761b was the first attempt, but even with this change, e3c3d6761b
still makes sense.
2018-03-28 10:38:45 +02:00
Lennart Poettering
967bae687c run-integration-tests: show number of tests run 2018-03-23 15:46:11 +01:00
Lennart Poettering
ce6b7858ca run-integration-tests: show make command line executed
That makes it much easier to figure out what to type to just run one
specific test for debugging.
2018-03-23 15:45:47 +01:00
Lennart Poettering
67321fdf3e test: bypass selinux integration test if selinux policy devel package is not installed
With this "sudo ./run-integration-tests.sh" should work fully without
exception, even on systems lacking SELinux (in which case that test will
just be skipped)
2018-03-23 15:29:35 +01:00
Lennart Poettering
959071cac2
Merge pull request #8552 from keszybz/test-improvements
Test and diagnostics improvements
2018-03-23 15:26:54 +01:00
Zbigniew Jędrzejewski-Szmek
a5935c6601 test-execute: skip exec-specifier-interpolation if perl is missing 2018-03-22 15:57:56 +01:00
Zbigniew Jędrzejewski-Szmek
6b08180ca6 test-execute: allow sit0@ to exist in private network namespace
It's always visible:

$ sudo modprobe sit
$ sudo unshare -n ip l
1: lo: <LOOPBACK> mtu 65536 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    ...
2: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN mode DEFAULT group default qlen 1000
    ...
2018-03-22 15:57:56 +01:00
Zbigniew Jędrzejewski-Szmek
c725631f4b test-execute: simplify checks if grep output is empty
grep already indicates if it matched anything by return value.
Additional advantage is then that if the test fails, the unexpected
matching lines are visible in the log output.
2018-03-22 15:57:56 +01:00
Zbigniew Jędrzejewski-Szmek
b1ffacb631 tests: skip udev-test when perl is not installed 2018-03-22 15:57:56 +01:00
juergbi
39362f6f7d main: add NoNewPrivileges config option (#8475)
This makes it possible to disable new privileges for the whole system.
2018-03-21 23:41:19 +01:00
Lennart Poettering
ed1738a24a
Merge pull request #8487 from keszybz/oss-fuzz-fixes
Oss fuzz fixes, another batch
2018-03-21 11:50:57 +01:00
Zbigniew Jędrzejewski-Szmek
e3c3d6761b core/load-fragment: reject overly long paths early
No need to go through the specifier_printf() if the path is already too long in
the unexpanded form (since specifiers increase the length of the string in all
practical cases).

In the oss-fuzz test case, valgrind reports:
  total heap usage: 179,044 allocs, 179,044 frees, 72,687,755,703 bytes allocated
and the original config file is ~500kb. This isn't really a security issue,
since the config file has to be trusted any way, but just a matter of
preventing accidental resource exhaustion.

https://oss-fuzz.com/v2/issue/4651449704251392/6977

While at it, fix order of arguments in the neighbouring log_syntax() call.
2018-03-21 00:46:13 +01:00
Zbigniew Jędrzejewski-Szmek
e127f26b1a basic/calendarspec: add check for repeat values that would overflow
https://oss-fuzz.com/v2/issue/4651449704251392/7004
2018-03-21 00:46:13 +01:00
Lennart Poettering
8c637fe242
Merge pull request #8452 from keszybz/use-libmount-more
Use libmount in systemd-shutdown, add tests
2018-03-20 09:53:34 +01:00
Evgeny Vereshchagin
e4711004d6
Merge pull request #8461 from keszybz/oss-fuzz-fixes
Oss fuzz fixes
2018-03-19 00:06:44 +03:00
Zbigniew Jędrzejewski-Szmek
bd0763b642 fuzz-unit-file: simply do not test ListenNetlink= at all
msan doesn't understand sscanf with %ms, so it falsely reports unitialized
memory. Using sscanf with %ms is quite convenient in
socket_address_parse_netlink(), so let's just not run the fuzzer for
ListenNetlink= at all for now. If msan is fixed, we can remove this.

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6884
2018-03-18 21:05:43 +01:00
Yu Watanabe
6f1ea95493
Merge pull request #8471 from filbranden/envnewline1
basic/env-util: Allow newlines in values of environment variables
2018-03-18 20:29:55 +09:00
Franck Bui
97e34e945c test: add a sysusers test with NIS entries 2018-03-17 14:18:26 +01:00
Zbigniew Jędrzejewski-Szmek
1c56d50109 fuzz: add test case for oss-fuzz #6897 and a work-around
The orignal reproducer from oss-fuzz depends on the hostname (via %H and %c).
The hostname needs a dash for msan to report this, so a simpler case from
@evverx with the dash hardcoded is also added.

The issue is a false positive from msan, which does not instruct stpncpy
(https://github.com/google/sanitizers/issues/926). Let's add a work-around
until this is fixed.
2018-03-17 09:48:22 +01:00
Zbigniew Jędrzejewski-Szmek
10062bbc35 unit-file: do not allow bogus IOSchedulingClass values
We have only three bits of space, i.e. 8 possible classes. Immediately reject
anything outside of that range. Add the fuzzer test case and an additional
unit test.

oss-fuzz #6908.
2018-03-17 09:01:53 +01:00
Zbigniew Jędrzejewski-Szmek
064c593899 core/service: fix memleak of USBFunctionStrings and USBFunctionDescriptors
oss-fuzz #6892.
2018-03-17 09:01:53 +01:00
Zbigniew Jędrzejewski-Szmek
4b8d0cdf04 Add .gitattributes for test/fuzz-regressions
Those reproducers are essentially binary, hence let's ignore whitespace
in them.
2018-03-17 09:01:53 +01:00