1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 14:55:37 +03:00
Commit Graph

60281 Commits

Author SHA1 Message Date
msizanoen1
383d9155a2 journald: harden against forward clock jumps before unclean shutdown
Try harder to inherit the sequence number and ID from the old journal
file before rotating it away.

This helps the libsystemd journal file selection code make better decisions
even in the face of massive incorrect forward clock jumps prior to an
unclean shutdown.
2022-10-16 21:07:33 +07:00
Yu Watanabe
ae24e4e80e TODO: fix typo 2022-10-08 15:09:53 +09:00
Yu Watanabe
766c1eae8e NEWS: fix typo 2022-10-08 15:09:47 +09:00
Yu Watanabe
4a874ecea5 NEWS: drop reverted feature for networkd 2022-10-08 15:09:33 +09:00
Daan De Meyer
46fb302f72 Revert "journal: Add --convert= command to journalctl"
This reverts commit 721620e8a3.

This commit was accidentally merged as part of #22998
2022-10-08 03:24:25 +09:00
Zbigniew Jędrzejewski-Szmek
b75bc18887 fuzz: shorten name of fuzz test case
Wide fuzzer case names make meson test output very wide…
2022-10-08 03:24:01 +09:00
Lennart Poettering
a0769ee489 update NEWS for v250-rc1 2022-10-07 18:11:04 +02:00
anarcat
9aafd310cc man/shutdown: document how to switch to single-user mode
Before Debian switched to systemd, `shutdown now` would reset the system into
single user mode, doing roughly the equivalent of `telinit 1`.

Now, systemd's `shutdown` command does not behave that way; it defaults to
`poweroff` which might be confusing for users (like me) used to the previous
method.

Because I don't use the command often, I keep being stumped by this behavior,
and every time I look at the `shutdown(1)` manpage, I don't understand why I
can't find what I am looking for. This patch should make sure that people like
me find their way back to some sort of reason.

Maybe the *proper* way to fix this would be to restore the more classic
behavior, but I'm definitely not going to climb that hill. Besides, I clearly
remember the time I found out about the `shutdown` command and was *really*
confused when it brought me back to a command-line prompt. That was really
counter-intuitive and I find that change to actually be a good thing. So I'm
not proposing to change this behavior, merely document it better.

I originally added this to the `-P` option but it was suggested adding a new
`COMPATIBILITY` section instead, where other such issues could be added.

The `COMPATIBILITY` section is not actually officially documented. `man(1)`
talks about a `CONFORMING TO` section, but `shutdown(1)` is not
POSIX (`shutdown(2)` is, of course), so there's no actual standard on how this
should work.

The other option I considered was to add a `BUGS` section, but that seemed to
inflammatory, and definitely counter-productive.
2022-10-07 17:54:31 +02:00
Luca Boccassi
7dbbb3933d Finalize changelog for v252-rc2 2022-10-07 17:09:32 +02:00
Luca Boccassi
5791594a0f meson: bump numbers for v252-rc1 2022-10-07 16:37:36 +02:00
Luca Boccassi
47819da972 Enable PR template for RC phase 2022-10-07 16:37:36 +02:00
Aidan Dang
fd83c98e8a Implement --luks-sector-size for homed 2022-10-07 16:36:04 +02:00
Luca Boccassi
b25e08a752
Merge pull request #22998 from DaanDeMeyer/journal-compact-split
journal: Add compact mode
2022-10-07 16:19:03 +02:00
Daan De Meyer
721620e8a3 journal: Add --convert= command to journalctl
--convert writes the journal files read by journalctl to the given
location. The location should be specified as a full journal file
path (e.g. /a/b/c/converted.journal). The directory specifies where
the converted journal files will be stored. The filename specifies
the naming convention the converted journal files will follow.
2022-10-07 12:28:09 +02:00
Daan De Meyer
e81710d3d0 journal: Store offsets to tail entry array objects in chain
Previously, we'd iterate an entry array from start to end every time
we added an entry offset to it. To speed up this operation, we cache
the last entry array in the chain and how many items it contains.
This allows the addition of an entry to the chain to be done in
constant time instead of linear time as we don't have to iterate
the entire chain anymore every time we add an entry.
2022-10-07 12:28:09 +02:00
Daan De Meyer
0e35afff1d journal: Introduce journal_file_data_payload()
journal_file_data_payload() retrieves the payload of a Data object,
optionally decompressing it and checking to see if matches a given
field. This function replaces all the decompression code in the sd-journal
codebase with a single function.

This commit should not introduce any changes in sd-journal behavior.
2022-10-07 12:28:05 +02:00
Daan De Meyer
a9089a6604 journal: Use 32-bit entry item object offsets in compact mode
To do this, we move EntryItem out of journal-def.h and turn it into
a host only struct in native endian mode so we can still use it to
ship the necessary info around.

Aside from that, the changes are pretty simple, we introduce some
extra functions to access the right field depending on the mode and
convert all the other code to use those functions instead of
accessing the raw fields.

We also drop the unused entry item hash field in compact mode. We
already stopped doing anything with this field a while ago, now we
actually drop it from the format in compact mode.
2022-10-07 12:20:57 +02:00
Daan De Meyer
99daf3ce03 journal: Use 32-bit entry array offsets in compact mode
Before:

OBJECT TYPE      ENTRIES SIZE
Unused           0       0B
Data             3610336 595.7M
Field            5310    285.2K
Entry            3498326 1.2G
Data Hash Table  29	 103.1M
Field Hash Table 29      151.3K
Entry Array      605991  1011.6M
Tag              0	 0B
Total            7720021 2.9G

After:

OBJECT TYPE      ENTRIES SIZE
Unused           0	 0B
Data             3562667 591.0M
Field            3971    213.6K
Entry            3498566 1.2G
Data Hash Table  20	 71.1M
Field Hash Table 20	 104.3K
Entry Array	 582647  505.0M
Tag              0	 0B
Total            7647891 2.4G
2022-10-07 12:20:08 +02:00
Daan De Meyer
d06727aec2 journal: Don't allocate objects above UINT32_MAX in compact mode
To allow storing offsets as 32-bit, we should never allocate objects
outside of the 32-bit range.
2022-10-07 12:20:08 +02:00
Daan De Meyer
c92f1ebe5d journal: Run unit tests with and without compact mode enabled 2022-10-07 12:16:11 +02:00
Yu Watanabe
02dfb6a3c9
Merge pull request #24930 from yuwata/network-drop-ndisc-vacuum
network: further follow-ups for recent NDisc PRs
2022-10-07 18:38:34 +09:00
Yu Watanabe
261979ed85
Merge pull request #24931 from bluca/news
hwdb and NEWS
2022-10-07 18:38:18 +09:00
Daan De Meyer
61297656c7 journal: Enable compact mode
We also add an environment variable $SYSTEMD_JOURNAL_COMPACT that
can be used to disable compact mode if needed (similar to
$SYSTEMD_JOURNAL_KEYED_HASH).
2022-10-07 11:28:12 +02:00
Daan De Meyer
87413812c9 journal: Add compact mode
This adds a new flag in preparation for incompatible journal changes
which will be gated behind this flag. The max file size of journal
files in compact mode is limited to 4 GiB.
2022-10-07 11:26:28 +02:00
Luca Boccassi
42c25d70f6 Update hwdb
ninja -C build update-hwdb
2022-10-07 11:00:28 +02:00
Luca Boccassi
23992ce1e9 NEWS: list contributors 2022-10-07 11:00:27 +02:00
Luca Boccassi
167420a394 NEWS: typos 2022-10-07 11:00:27 +02:00
Yu Watanabe
b3fac19f1b network: free timer event source for NDisc when link is freed
Though, it should be already freed already freed in link_stop_engines()
-> ndisc_stop(). Just for safety.
2022-10-07 14:32:13 +09:00
Yu Watanabe
44085d63f0 network: drop unnecessary call of ndisc_vacuum()
After the commit 773024685b, DNS servers
or domains are dropped when their lifefime become zero. Hence, it is not
necessary to try to them when writing state file.

Of course, because of the accuracy of the timer event source or priority
of event sources, a possibility is introduced that a DNS server or domain
with zero lifetime is stored in the state file. However, such entry will
be dropped soon when the timer event source is triggered. Hence, that
should not cause any real issues.
2022-10-07 14:17:28 +09:00
Zbigniew Jędrzejewski-Szmek
c76691d708
Merge pull request #24511 from martinetd/bpf1
libbpf: Add libbpf 1.0.0 compat
2022-10-06 19:01:33 +02:00
Arnaud Ferraris
5113436b05 repart: always honour --discard=no
Currently, even if `--discard=no` is passed to `systemd-repart`, the
`context_discard_gap_after()` function still runs normally, discarding
e.g. all blocks between the GPT and the start of the first partition.

This can lead to issues on some embedded devices, where this space
holds the bootloader and shouldn't be modified (creating a protective
partition there is not always possible due to the specifics of the boot
process of some ARM-based SoC's).

This commit ensures passing `--discard=no` would be enough to ensure
the bootloader isn't wiped in such cases.

Signed-off-by: Arnaud Ferraris <arnaud.ferraris@gmail.com>
2022-10-06 17:27:47 +02:00
Michal Koutný
3286770daa meson: Require TPM2 for measuring utilities
I happened to run build with openssl but no tpm2 and ran into issues
like:

        [313/1382] Compiling C object systemd-measure.p/src_boot_measure.c.o
        FAILED: systemd-measure.p/src_boot_measure.c.o
        cc -Isystemd-measure.p -I. -I.. -Isrc/basic -I../src/basic -Isrc/fundamental -I../src/fundamental -Isrc/systemd -I../src/systemd -I../src/libsystemd/sd-bus -I../src/libsystemd/sd-device -I../src/libsystemd/sd-event -I../src/libsystemd/sd-hwdb -I../src/libsystemd/sd-id128 -I../src/libsystemd/sd-journal -I../src/libsystemd/sd-netlink -I../src/libsystemd/sd-network -I../src/libsystemd/sd-resolve -Isrc/shared -I../src/shared -fdiagnostics-color=always -D_FILE_OFFSET_BITS=64 -Wall -Winvalid-pch -Wextra -std=gnu11 -O0 -g -Wno-missing-field-initializers -Wno-unused-parameter -Wdate-time -Wendif-labels -Werror=format=2 -Werror=format-signedness -Werror=implicit-function-declaration -Werror=incompatible-pointer-types -Werror=int-conversion -Werror=overflow -Werror=override-init -Werror=return-type -Werror=shift-count-overflow -Werror=shift-overflow=2 -Werror=undef -Wfloat-equal -Wimplicit-fallthrough=5 -Winit-self -Wlogical-op -Wmissing-include-dirs -Wmissing-noreturn -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls -Wshadow -Wstrict-aliasing=2 -Wstrict-prototypes -Wsuggest-attribute=noreturn -Wunused-function -Wwrite-strings -Wno-unused-result -Werror=missing-declarations -Werror=missing-prototypes -fdiagnostics-show-option -fno-common -fno-strict-aliasing -fstack-protector -fstack-protector-strong -fvisibility=hidden --param=ssp-buffer-size=4 -fno-omit-frame-pointer -Werror=shadow -include config.h -DOPENSSL_LOAD_CONF -MD -MQ systemd-measure.p/src_boot_measure.c.o -MF systemd-measure.p/src_boot_measure.c.o.d -o systemd-measure.p/src_boot_measure.c.o -c ../src/boot/measure.c
        ../src/boot/measure.c: In function ‘verb_sign’:
        ../src/boot/measure.c:710:48: error: variable ‘c’ has initializer but incomplete type
          710 |         _cleanup_(tpm2_context_destroy) struct tpm2_context c = {};

        [308/1382] Compiling C object systemd-pcrphase.p/src_boot_pcrphase.c.o
        FAILED: systemd-pcrphase.p/src_boot_pcrphase.c.o
        cc -Isystemd-pcrphase.p -I. -I.. -Isrc/basic -I../src/basic -Isrc/fundamental -I../src/fundamental -Isrc/systemd -I../src/systemd -I../src/libsystemd/sd-bus -I../src/libsystemd/sd-device -I../src/libsystemd/sd-event -I../src/libsystemd/sd-hwdb -I../src/libsystemd/sd-id128 -I../src/libsystemd/sd-journal -I../src/libsystemd/sd-netlink -I../src/libsystemd/sd-network -I../src/libsystemd/sd-resolve -Isrc/shared -I../src/shared -fdiagnostics-color=always -D_FILE_OFFSET_BITS=64 -Wall -Winvalid-pch -Wextra -std=gnu11 -O0 -g -Wno-missing-field-initializers -Wno-unused-parameter -Wdate-time -Wendif-labels -Werror=format=2 -Werror=format-signedness -Werror=implicit-function-declaration -Werror=incompatible-pointer-types -Werror=int-conversion -Werror=overflow -Werror=override-init -Werror=return-type -Werror=shift-count-overflow -Werror=shift-overflow=2 -Werror=undef -Wfloat-equal -Wimplicit-fallthrough=5 -Winit-self -Wlogical-op -Wmissing-include-dirs -Wmissing-noreturn -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls -Wshadow -Wstrict-aliasing=2 -Wstrict-prototypes -Wsuggest-attribute=noreturn -Wunused-function -Wwrite-strings -Wno-unused-result -Werror=missing-declarations -Werror=missing-prototypes -fdiagnostics-show-option -fno-common -fno-strict-aliasing -fstack-protector -fstack-protector-strong -fvisibility=hidden --param=ssp-buffer-size=4 -fno-omit-frame-pointer -Werror=shadow -include config.h -DOPENSSL_LOAD_CONF -MD -MQ systemd-pcrphase.p/src_boot_pcrphase.c.o -MF systemd-pcrphase.p/src_boot_pcrphase.c.o.d -o systemd-pcrphase.p/src_boot_pcrphase.c.o -c ../src/boot/pcrphase.c
        ../src/boot/pcrphase.c: In function ‘determine_banks’:
        ../src/boot/pcrphase.c:117:24: error: unknown type name ‘TPMI_ALG_HASH’
          117 |         _cleanup_free_ TPMI_ALG_HASH *algs = NULL;

Guarding the utilites with HAVE_TPM2 fixes the issue for me.

This complements #24811.
2022-10-06 22:57:45 +09:00
Dominique Martinet
87e462f713 libbpf: add compat helpers for libbpf down to 0.1.0
- new symbols are available from libbpf 0.6.0 so could be used with
libbpf.so.0, but we're sure the old symbols will be there and this
simplifies code
- detection at runtime should always work, regardless of whether systemd
has been compiled with older or newer libbpf and runs with older or newer
libbpf
2022-10-06 21:33:55 +09:00
drosdeck
cbf8fad440 Fix key toggle touchpad and programmable buttom for Positivo N14 2022-10-06 13:50:44 +09:00
Aleksey Vasenev
2be1ae54ba ata_id: Fixed getting Response Code from SCSI Sense Data (#24921)
The Response Code is contained in the first byte of the SCSI Sense Data.
Bit number 7 is reserved or has a different meaning for some Response Codes
and is set to 1 for some drives.
2022-10-06 13:50:30 +09:00
Daan De Meyer
5a967e2887 Try to load libbpf.so.1 as well
libbpf had a soname bump. Our usage of libbpf is compatible with
both libbpf.so.0 and libbpf.so.1, so let's try to load from both.
2022-10-06 07:31:23 +09:00
Daan De Meyer
6b8085db68 libbpf: Remove use of deprecated APIs 2022-10-06 07:31:23 +09:00
Daan De Meyer
e2490f7384 Bump libbpf version to 0.7
We already depend on the skeleton APIs introduced in libbpf 0.7 so
let's bump our minimum version to reflect that.

We don't enforce bpf compilation on mkosi anymore since not all
distros have sufficiently up-to-date libbpf available.
2022-10-06 07:31:20 +09:00
Frantisek Sumsal
4163c87731 test: configure ldconfig's cache in the minimal verity images
The glibc stuff on ppc64le C8S is a little bit wild, as there are two
versions:

```
$ ldconfig -p | grep libc.so
        libc.so.6 (libc6,64bit, hwcap: "power9", OS ABI: Linux 3.10.0) => /lib64/glibc-hwcaps/power9/libc-2.28.so
        libc.so.6 (libc6,64bit, OS ABI: Linux 3.10.0) => /lib64/libc.so.6
```

and with `/etc/ld.so.cache` present all binaries use the first one:

```
$ ldd /bin/cat
        linux-vdso64.so.1 (0x00007fffa8070000)
        libc.so.6 => /lib64/glibc-hwcaps/power9/libc-2.28.so (0x00007fffa7e20000)
        /lib64/ld64.so.2 (0x00007fffa8090000)
```

However, without the cache the binaries will fall back to `/lib64/libc.so.6`
which breaks tests that use the minimal verity images (like TEST-29),
because we install only the first version (that's shown by `ldd` at
the time the images are created):

```
[   91.595343] testsuite-29.sh[747]: + portablectl --profile=trusted attach --now --runtime /usr/share/minimal_0.raw minimal-app0
         Starting systemd-portabled.service...
[  OK  ] Started systemd-portabled.service.
         Starting minimal-app0-foo.service...
         Starting minimal-app0.service...
[  104.432217] cat[858]: cat: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
[  104.435080] cat[857]: cat: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
[FAILED] Failed to start minimal-app0.service.
See 'systemctl status minimal-app0.service' for details.
```

```
$ chroot /var/tmp/systemd-test.nMHPfc/minimal/
/bin/bash: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
```

With the ldconfig's cache it seems to work as expected:
```
$ chroot /var/tmp/systemd-test.gVtYLg/minimal
bash-4.4# cat --version
cat (GNU coreutils) 8.30
...
```
2022-10-06 02:35:22 +09:00
Luca Boccassi
e96180a88d
Merge pull request #24877 from brauner/namespace_utils
namespace-util: add an initial set of tweaks
2022-10-04 21:59:48 +01:00
Daan De Meyer
fd1ca01a86 repart: Drop usage of CHASE_WARN
CHASE_WARN only makes sense when CHASE_SAFE or CHASE_NO_AUTOFS are
used. repart uses neither so let's drop usage of CHASE_WARN.
2022-10-04 21:48:06 +01:00
Luca Boccassi
46c41ade20 NEWS: even more news 2022-10-04 20:12:50 +02:00
Christian Brauner
4b00e738d5
mount-util: use in_same_namespace()
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
2022-10-04 18:51:30 +02:00
Christian Brauner
f7a2dc3dd5
nspawn: use in_same_namespace() helper 2022-10-04 18:51:30 +02:00
Christian Brauner
2fe299a320
namespace-util: add in_same_namespace()
Add a helper for the canonical way to determine whether two namespaces
are identical.
2022-10-04 18:51:28 +02:00
Christian Brauner
241b15779b
nsflags: replace namespace_flag_map with general namespace_info introduced earlier 2022-10-04 18:51:04 +02:00
Christian Brauner
c3b9c418c0
namespace-util: add namespace_info 2022-10-04 18:46:27 +02:00
Lennart Poettering
edcb46fcd7
Merge pull request #24900 from yuwata/network-ndisc-drop-outdated
network: ndisc: fix zero lifetime handling
2022-10-04 18:03:25 +02:00
Marius Vollmer
4e2baf2f0a bus: Process authentication after write
Once everything has been written, a server bus might now process a
pending "BEGIN" and start the bus.
2022-10-04 17:52:50 +02:00
Luca Boccassi
043ba6a1ee NEWS: more news 2022-10-04 15:00:55 +02:00