1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-26 14:04:03 +03:00

55773 Commits

Author SHA1 Message Date
Julia Kartseva
ccfc534dee bpf: fix bpf_can_link_lsm_program condition
Since bpf_can_link_lsm_program return value is boolean, the expression
`r < 0` is always false.
2022-01-09 21:45:50 -08:00
Zbigniew Jędrzejewski-Szmek
d179b8d368 bpf: adjust comment about not calling sym_bpf_link__destroy 2022-01-09 21:45:50 -08:00
Julia Kartseva
f409aa5c63 bpf: check if lsm link ptr is libbpf error
BPF_RAW_TRACEPOINT_OPEN is expected to work only on x86 and x86_64,
since BPF trampoline is implemented only on these architectures.

Attach probing by bpf_program__attach_lsm already happens in
`bpf_lsm_supported`. The resulting pointer can store libbpf error and
that is the case for unsupported architectures.
Add libbpf error check to `bpf_lsm_supported` so execution does not
reach the point where unit startup fails.
2022-01-09 21:45:50 -08:00
Zbigniew Jędrzejewski-Szmek
79a67f3ca4 units: start systemd-resolved in basic.target
In the olden days systemd-resolved used dbus and it didn't make sense to start
it before dbus which is started fairly late. But we have mostly ported resolved
over to varlink. The queries from nss-resolve are done using varlink, so name
resolution can work without dbus. resolvectl still uses dbus, so e.g. 'resolvectl
query' will not work, but by starting systemd-resolved earlier we're not making this
any worse.

If systemd-resolved is started after dbus, it registers the name and everything
is fine. If it is started before dbus, it'll watch for the dbus socket and
connect later. So it should be fine to start systemd-resolved earlier. (If dbus
is stopped and restarted, unfortunately systemd-resolved does not reconnect.
This seems to be a small bug: since our daemons know how to watch for
dbus.socket, they could restart the watch if they ever lose the connection. But
this scenario shouldn't happen in normal boot, and restarting dbus is not
supported anyway.)

Moving the start earlier the following advantages:
- name resolution becomes availabe earlier, in particular for synthesized
  hostnames even before the network is up.
- basic.target is part of initrd.target, so systemd-resolved will get started
  in the initrd if installed. This is required for nfs-root when the server is
  specified using a name (https://bugzilla.redhat.com/show_bug.cgi?id=2037311).
2022-01-09 20:03:22 +01:00
Jan Janssen
f699bd81e8 boot-timestamps: Discard firmware init time when running in a VM
Fixes: #22060
2022-01-09 19:21:16 +01:00
Zbigniew Jędrzejewski-Szmek
46004616a1 bpf: actually skip RestrictFileSystems= when not supported
Units would fail to start, incl. systemd-journald.service and systemd-udevd.service.
Since unit->manager->restrict_fs will be set if and only if we can use it,
we can just check for that and remove the other checks.
Follow-up for 299d9417238e0727a48ebaabb5a9de0c908ec5c8.
2022-01-09 18:04:49 +00:00
Frantisek Sumsal
fd5e5a87fb test: explicitly configure oomd stuff via dropins
so we don't get overridden by distro-shipped ones.

Fixes: #22030
2022-01-09 17:56:57 +00:00
Luca Boccassi
e683878c0f test: store empty files rather than symlinks for test-fstab-generator
Dangling symlinks get pruned when packaging up the installation
directory. Just store empty files instead, and compare the names
rather than the content for .requires/.wants - the filename is
what is important anyway, the content is ignored.

Fixes #22059
2022-01-09 18:17:40 +01:00
Jan Janssen
b3c5a7074c meson: Use files() for source lists for boot and fundamental
This fixes build reproducibility as otherwise the full path
of the source files ends up in the output binary.
2022-01-09 18:02:34 +01:00
Luca Boccassi
f2d323a3ab
Merge pull request #22028 from medhefgo/boot-cleanup
boot: Cleanup
2022-01-09 15:44:55 +00:00
Albert Brox
3989bdc1ad core: teach LoadCredential= to load from a directory 2022-01-08 13:17:51 +00:00
Luca Boccassi
7e1f61137a
Merge pull request #22044 from keszybz/minor-man-page-adjustments
Minor man page adjustments
2022-01-07 22:14:30 +00:00
Zbigniew Jędrzejewski-Szmek
bd330fb05e man: adjust chart in bootup(5)
The style used for that one branch was inconsistent with other branches.
2022-01-07 17:37:37 +01:00
Zbigniew Jędrzejewski-Szmek
49fddcd355 man: refer to os-release(5) for description of files in the same format 2022-01-07 17:37:37 +01:00
Zbigniew Jędrzejewski-Szmek
55ac274ef4 man: add missing example title in systemd.network(5)
Also rename the file to match the example being extended.
2022-01-07 17:34:20 +01:00
Zbigniew Jędrzejewski-Szmek
5f02870a74 seccomp: move arch_prctl to @default
It was reported as used by the linker:

> [It is] called in the setup of ld-linux-x86-64.so.2 from _dl_sysdep_start.
> My local call stack (with LTO):
>
> #0 init_cpu_features.constprop.0 (/usr/lib64/ld-linux-x86-64.so.2)
> #1 _dl_sysdep_start (/usr/lib64/ld-linux-x86-64.so.2)
> #2 _dl_start (/usr/lib64/ld-linux-x86-64.so.2)
> #3 _start (/usr/lib64/ld-linux-x86-64.so.2)
>
> Looking through the source, I think it's this (links for glibc 2.34):
> - First dl_platform_init calls _dl_x86_init_cpu_features, a wrapper for init_cpu_features.
> - Then init_cpu_features calls get_cet_status.
> - At last, get_cet_status invokes arch_prctl.

Fixes #22033.
2022-01-07 17:34:17 +01:00
Morten Linderud
921e1bae16 man: correct minor mistakes in systemd-creds
Signed-off-by: Morten Linderud <morten@linderud.pw>
2022-01-07 16:07:28 +01:00
Zbigniew Jędrzejewski-Szmek
7f6c2dd0a7
Merge pull request #22013 from yuwata/fstab-generator-skip-nfsroot
fstab-generator: skip root directory handling when nfsroot is requested
2022-01-07 16:02:19 +01:00
Adam Williamson
a5307e173b kernel-install: prefer /boot over /boot/efi for $BOOT_ROOT
This restores the preference order from before 9e82a74. The code
previous to that change 'preferred' /boot over /boot/efi; that
commit changed it to check /boot/efi before checking /boot.
Changing this precedence could (and did, for me) have unexpected
effects - it seems safer to leave it how it was.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
2022-01-07 15:15:04 +01:00
Markus Weippert
e00a25a7b4 homed: stop before stopping dbus
Otherwise, systemd-homed-active.service will fail to deactivate all
homes because homectl can no longer talk to homed if dbus stops first.
As a result, /home cannot be umounted.

Doing this on systemd-homed-active.service instead works as well, but
systemd-homed will exit 1 if dbus is already shut down.
2022-01-07 14:33:35 +01:00
Zbigniew Jędrzejewski-Szmek
7359e3d35a
Merge pull request #22006 from yuwata/on-ac-power
udev-util: ignore USB-C ports in power source mode
2022-01-07 14:28:19 +01:00
Yu Watanabe
aac470326e pid1: voidify manager_override_watchdog()
As it always returns 0.
2022-01-07 09:44:32 +01:00
Yu Watanabe
b144177240 watchdog: rebreak comments 2022-01-07 09:31:57 +01:00
Franck Bui
8ce08c8e97 watchdog: shorten watchdog_set_device() 2022-01-07 09:28:55 +01:00
Julia Kartseva
299d941723 bpf: do not freeze if bpf lsm fails to set up
BPF LSM is cgroup unaware and it's set up is happening in core manager.
It occures that the current implementation is too restrictive and causes
pid 1 to freeze.
Instead:
* in bpf_lsm_setup set manager->restrict_fs pointer last,
so it is an indicator that the set up was successful
* check for manager->restrict_fs before applying unit options
2022-01-07 16:25:45 +09:00
Yu Watanabe
2bdd2e7ac9
Merge pull request #22031 from floppym/issue22001-1
test-watchdog adjustments
2022-01-07 12:28:47 +09:00
Mike Gilbert
23126a7b9b test-watchdog: set timeout to 2 seconds by default
Some hardware/drivers do not handle a 1 second timeout properly.

Fixes: https://github.com/systemd/systemd/issues/22001
2022-01-06 14:12:33 -05:00
Mike Gilbert
788c2d9523 test-watchdog: use watchdog_runtime_wait() to determine sleep interval
As sugggested in
https://github.com/systemd/systemd/issues/22001#issuecomment-1006755438.
2022-01-06 14:09:30 -05:00
Pigmy-penguin
cd933f14bd
userdbctl: fix "Password OK" shown even when password is empty or locked (#21308)
userdbctl: fix "Password OK" shown even when password is empty or locked
2022-01-06 16:01:38 +00:00
Yu Watanabe
8cc8a073a8 test: add test cases for fstab-generator 2022-01-07 00:58:50 +09:00
Yu Watanabe
7611946ebc tree-wide: fix typo 2022-01-06 22:20:11 +09:00
Yu Watanabe
c0b28d44a9 NEWS: sort entries 2022-01-06 22:18:05 +09:00
Jan Janssen
ad9962bb7e boot: Simplify line_edit 2022-01-06 14:16:34 +01:00
Jan Janssen
6893c4c553 boot: Switch to insertion sort
We can do a little better than bubble sort without ramping up the
code complexity.
2022-01-06 14:16:34 +01:00
Jan Janssen
163d1ea5dd boot: Do more config handling in config_load_all_entries 2022-01-06 14:16:34 +01:00
Jan Janssen
b00e37daa6 boot: Remove no_autoselect 2022-01-06 14:16:34 +01:00
Jan Janssen
dd4ddc82e6 boot: Close xbootldr root_dir 2022-01-06 14:16:34 +01:00
Jan Janssen
a45d4f3543 boot: Simplify config_entry_add_osx 2022-01-06 14:16:34 +01:00
Yu Watanabe
b322e683ac meson: install test-network-generator-conversion.sh even if networkd is not enabled
Follow-up for 987dd89c775815831ae21736fe60aef59cb7a6fa.
2022-01-06 20:14:39 +09:00
Yu Watanabe
155e1bb4e7 fstab-generator: also skip other network filesystems and live image 2022-01-06 20:14:35 +09:00
Yu Watanabe
77b8e92de8 fstab-generator: skip root directory handling when nfsroot is requested
Fixes RHBZ#2037233 (https://bugzilla.redhat.com/show_bug.cgi?id=2037233).
2022-01-06 20:14:16 +09:00
Yu Watanabe
795e86b4f1 udev-util: ignore USB-C ports in power source mode when detecting system is running on AC power
Fixes #21988.
2022-01-06 18:28:56 +09:00
Yu Watanabe
01d4ad3bde udev-util: re-implement on_ac_power() with sd-device 2022-01-06 18:28:50 +09:00
Yu Watanabe
06795b02e3 util: move on_ac_power() from util.c -> udev-util.c 2022-01-06 18:06:22 +09:00
Michael Biebl
cfd4c84add oomd: move oomctl to bindir
We don't really need oomctl during early boot, so bindir seems like a
more suitable place for the binary.
2022-01-06 12:52:01 +09:00
Mike Gilbert
70652c2a6f test-watchdog: mark as unsafe
If something goes wrong with this test it may result in an unsafe
system restart. Let's avoid running it automatically.

See https://github.com/systemd/systemd/issues/22001.
2022-01-06 02:11:20 +09:00
Jason A. Donenfeld
06511ba559 random-seed: cleanup code nits
This incorporates various nits from the post-merge review on #21986.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2022-01-06 02:09:22 +09:00
Yu Watanabe
9cca5f4cda
Merge pull request #22018 from keszybz/logind-survive-aborted-suspend
Make logind survive aborted suspend
2022-01-06 02:08:14 +09:00
Yu Watanabe
4c77ed48fb
Merge pull request #22016 from yuwata/small-cleanups
assorted trivial cleanups
2022-01-06 01:18:34 +09:00
Frantisek Sumsal
1b51599f29 test: use full date & time when checking for coredumps
Otherwise we might hit a window where the coredump happens before
midnight, but we check for it after midnight, which yields no results.

E.g.:

```
$ coredumpctl --no-legend --no-pager --file system.journal
Wed 2022-01-05 01:00:06 CET 359 0 0 SIGABRT journal /usr/bin/udevadm n/a
$ coredumpctl --since 23:59:55 --no-legend --no-pager --file system.journal
No coredumps found.
$ coredumpctl --since "2022-01-04 23:59:59" --no-legend --no-pager --file system.journal
Wed 2022-01-05 01:00:06 CET 359 0 0 SIGABRT journal /usr/bin/udevadm n/a
```
2022-01-06 01:18:12 +09:00