1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-03 05:18:09 +03:00
Commit Graph

77996 Commits

Author SHA1 Message Date
Yu Watanabe
48b404d546 systemctl-edit: ignore ENOENT from unit_is_masked()
If a specified unit does not exist, then it is definitely not masked.

Fixes #35632.

(cherry picked from commit b58b00e4c3)
2024-12-19 09:56:00 +00:00
Lennart Poettering
b5dc1922f9 networkd: show wireguard private key read error number
Noticed while looking at #35641

(cherry picked from commit 0543b02cf8)
2024-12-19 09:56:00 +00:00
Luca Boccassi
72ef5ac211 mkosi: temporarily disable panic_on_warn
Due to a BTRFS issue in kernel 6.12 (and backported in Ubuntu to 6.8)
there's a warning triggered by some tests, and it then causes a panic.

The BTRFS issue has a patch but it is not available in any distro yet,
so disable panic_on_warn until it reaches Arch and Ubuntu Noble. Bugs
have been filed.

(cherry picked from commit 930d65ccca)
2024-12-19 09:56:00 +00:00
Yu Watanabe
ddda27b8c4 test/README: Environment= setting for mkosi should be in [Build] section
Otherwise, we get the following warning:

mkosi.local.conf: Setting Environment should be configured in [Build], not [Content].

(cherry picked from commit 78ef395947)
2024-12-19 09:56:00 +00:00
Yu Watanabe
d23133ef79 TEST-35-LOGIN: check only tty session
For some reasons, another session logind-test-user may be started.
===
Dec 13 07:04:16 systemd-logind[2140]: Got message type=method_call ... member=CreateSessionWithPIDFD ...
(snip)
Dec 13 07:04:16 systemd-logind[2140]: New session 15 of user logind-test-user.
Dec 13 07:04:16 systemd-logind[2140]: VT changed to 2
Dec 13 07:04:16 systemd-logind[2140]: rfkill: Found udev node /dev/rfkill for seat seat0
Dec 13 07:04:16 systemd-logind[2140]: udmabuf: Found udev node /dev/udmabuf for seat seat0
Dec 13 07:04:16 systemd-logind[2140]: Found static node /dev/snd/timer for seat seat0
Dec 13 07:04:16 systemd-logind[2140]: Found static node /dev/snd/seq for seat seat0
Dec 13 07:04:16 systemd-logind[2140]: Changing ACLs at /dev/snd/timer for seat seat0 (uid 0→4712 add)
Dec 13 07:04:16 systemd-logind[2140]: Changing ACLs at /dev/rfkill for seat seat0 (uid 0→4712 add)
Dec 13 07:04:16 systemd-logind[2140]: Changing ACLs at /dev/udmabuf for seat seat0 (uid 0→4712 add)
Dec 13 07:04:16 systemd-logind[2140]: Changing ACLs at /dev/snd/seq for seat seat0 (uid 0→4712 add)
Dec 13 07:04:16 systemd[1]: user-4712.slice: Changed dead -> active
Dec 13 07:04:16 systemd[1]: user-4712.slice: Job 5951 user-4712.slice/start finished, result=done
Dec 13 07:04:16 systemd[1]: Created slice user-4712.slice.
Dec 13 07:04:16 systemd-logind[2140]: Electing new display for user logind-test-user
Dec 13 07:04:16 systemd-logind[2140]: Choosing session 15 in preference to -
(snip)
Dec 13 07:04:16 systemd-logind[2140]: Got message type=method_call ... member=CreateSessionWithPIDFD ...
(snip)
Dec 13 07:04:16 systemd-logind[2140]: New session 16 of user logind-test-user.
Dec 13 07:04:16 systemd-logind[2140]: Electing new display for user logind-test-user
Dec 13 07:04:16 systemd-logind[2140]: Ignoring session 16
===
Let's track only session for the user with tty, which we explicitly created.

Fixes #35597.

(cherry picked from commit 26f65dc0c7)
2024-12-19 09:56:00 +00:00
Ronan Pigott
0cddbebfbe network: don't warn with no NSID assigned
This is nothing interesting to warn about. Also use the symbolic
constant name when testing for this condition.

(cherry picked from commit e803e95760)
2024-12-19 09:56:00 +00:00
Yu Watanabe
11d7050017 test-time-util: fix truncation of usec to sec
Also
- use ASSERT_XYZ() macros,
- log tzname[] on failure.

(cherry picked from commit 3f1d499964)
2024-12-19 09:56:00 +00:00
Luca Boccassi
6186c2735b mkosi: fix section for WithNetwork=
/tmp/autopkgtest.L6NPL0/build.doZ/src/mkosi.conf.d/10-debian-ubuntu/mkosi.conf.d/network.conf: Setting WithNetwork should be configured in [Build], not [Content]

(cherry picked from commit 301c159ce5)
2024-12-19 09:56:00 +00:00
Luca Boccassi
61e321c452 Revert "semaphore: skip some tests"
This reverts commit e19cae12ff.

(cherry picked from commit 7406e0a3af)
2024-12-19 09:56:00 +00:00
Luca Boccassi
96b9fe831f semaphore: bump timeout
When semaphore is overloaded tests can take more than 1hr, bump
timeout

(cherry picked from commit 1855064d4e)
2024-12-19 09:56:00 +00:00
Zbigniew Jędrzejewski-Szmek
3efa9e717f tmpfiles: reduce quoting in warning message
We printed:
systemd-tmpfiles[705]: /usr/lib/tmpfiles.d/20-systemd-shell-extra.conf:10: Unknown modifiers in command 'L$'.
systemd-tmpfiles[705]: /usr/lib/tmpfiles.d/systemd-network.conf:10: Unknown modifiers in command 'd$'.
systemd-tmpfiles[705]: /usr/lib/tmpfiles.d/systemd-network.conf:11: Unknown modifiers in command 'd$'.
...

There's a lot of additional characters here make the message harder to parse. We know
that the command is a word without any whitespace, so quoting isn't really necessary.

Change this to:
... unknown modifiers in command: L$

(cherry picked from commit 390bab5392)
2024-12-19 09:56:00 +00:00
Florian Schmaus
9d36809256 logind: let system-wide idle begin at the time logind was initialized
Initialize the start of the system-wide idle time with the time logind was
initialized and not with the start of the Unix epoch. This means that systemd
will not repport a unreasonable long idle time (around 54 years at the time of
writing this), especially at in the early boot, while no login manager session,
e.g,. gdm, had a chance to provide a more accurate start of the idle period.

Fixes #35163

(cherry picked from commit 718b31138b)
2024-12-19 09:56:00 +00:00
Luca Boccassi
63b6d6aab1 shell-completion: add smbios11 verb to systemd-analyze
Follow-up for 8c5045f9b2

(cherry picked from commit e7fce6a370)
2024-12-19 09:55:11 +00:00
Luca Boccassi
1a259b4e60 mkosi: update debian commit reference
* e8b7c9a4dd Install 81-net-bridge.rules
* 50d2997a07 Install systemd-creds bash completion
* ff0c42823c test: fix flaky boot-and-services test
* 2a19dee4ba test: fix flaky boot-and-services test
* a15a0bfe60 Update changelog for 257-2 release
* c24eafcb7e Backport patches to fix test failures
* 29840f9b68 udev: install dmi_memory_id and its rules on riscv64
* 44893bdb32 Update changelog for 257-1 release
* 7f71d995fb Update symbols file for v257
* 2dd2b80499 Update upstream source from tag 'upstream/257'
* 51a3271a85 Update changelog for 257~rc3-1 release
* 8e687227c5 Update symbols for 257~rc3
* c9bae527d6 Drop patches, merged upstream
* e8cf329870 Update upstream source from tag 'upstream/257_rc3'
* 794457516d autopkgtest: fix one more tzdata dependency
* 16bb143da1 Bump version in tzdata dependency due to p-u upload
* f2ddf70604 sysctl: Add file trigger on /usr/lib/sysctl.d to restart systemd-sysctl
* 79260cb0f4 Increase minimum sections in stub PE header on arm64/armhf/riscv64 to 500
* ed3af24635 systemd-ukfy: recommend systemd-boot-efi for the stub

(cherry picked from commit 8d20606eec)
2024-12-19 09:55:11 +00:00
Luca Boccassi
1fb4673a69 test-loop-block: return -77 on skip in more places
(cherry picked from commit 81e0693465)
2024-12-19 09:55:11 +00:00
Luca Boccassi
29cdad871e battery-check: parse options before checking for kernel command line
Otherwise --help/--version/etc which exit immediately will do pointless work

(cherry picked from commit 60d23b7f4a)
2024-12-19 09:55:11 +00:00
Luca Boccassi
1f6e192848 units: use PrivateTmp=disconnected instead of 'yes' if DefaultDependencies=no
Avoids subtle race conditions such as the one described at
#35582.

Fixes #35582

(cherry picked from commit 1ca315be00)
2024-12-19 09:55:11 +00:00
Daan De Meyer
4162c331dd mkosi: Fix opensuse build
The opensuse spec still looks for README.testsuite so hack it to look
for README.md instead now that we changed the name in the repo.

(cherry picked from commit 3aa7257321)
2024-12-19 09:55:11 +00:00
Yu Watanabe
070c28a12a exec-util: allow to invoke polkit/ask-password agent even if STDIN is not a tty
Closes #35018.

(cherry picked from commit 0f81c8406f)
2024-12-19 09:55:03 +00:00
Ronan Pigott
bcf740e4a3 manager: add list of subscribers to dump info
This is handy for debugging.

(cherry picked from commit 9171384149)
2024-12-19 09:55:03 +00:00
Ronan Pigott
c189ecc7fe dbus: log disconnect on api and system busses
This is an interesting event. Let's log about it.

(cherry picked from commit 11ee1bab60)
2024-12-19 09:55:03 +00:00
Yu Watanabe
644f2a02c8 journalctl: honor --quiet with --setup-keys
Closes #35504.

(cherry picked from commit a5b2973850)
2024-12-19 09:55:03 +00:00
Luca Boccassi
3267661c62 meson.version: change to 257.1
This is used to detect in various CIs that we are on a stable branch,
so set the new version early, otherwise some scripts will think it's
running in main
2024-12-12 16:33:57 +00:00
Yu Watanabe
3b6b819a28 README: drop CentOS CI badges
CentOS CIs are disabled after ead814a0b0.

(cherry picked from commit 1fe583861f)
2024-12-12 16:33:57 +00:00
Luca Boccassi
06467e1dbc test: add more coverage for extensions and verity
(cherry picked from commit c7fcb08324)
2024-12-12 16:33:57 +00:00
Luca Boccassi
c52f82b8d5 core: fix loading verity settings for MountImages=
The MountEntry logic was refactored to store the verity
settings, and updated for ExtensionImages=, but not for
MountImages=.

Follow-up for a1a40297db

(cherry picked from commit 59a83e1188)
2024-12-12 16:33:57 +00:00
Luca Boccassi
b256e149d4 shell completion: add systemd-creds
(cherry picked from commit 783f794e89)
2024-12-12 16:33:57 +00:00
Luca Boccassi
e768cf55b1 semaphore: skip some tests
semaphore CI runs are always very close to the limit of 1hr, and often
time out when it's particularly oversubscribed.
Skip some low-value test cases to shorten the runtime.

(cherry picked from commit e19cae12ff)
2024-12-12 16:33:57 +00:00
Carlo Teubner
df38ba869c systemd-cryptenroll.xml: fix typo
(cherry picked from commit dfbd4d8bc5)
2024-12-12 16:33:57 +00:00
cvlc12
926f5ab6bf man: update example in systemd-measure.xml (#35506)
In the example from systemd-measure(1), do not bind to PCR 7 in
addition to the PCR policy.

As long as this is still done by default, see #35280.

(cherry picked from commit 693038fce4)
2024-12-12 16:33:57 +00:00
Daan De Meyer
ab99950f1a test-bpf-restrict-fs: Migrate to new assertion macros
(cherry picked from commit 1c658c639d)
2024-12-12 16:33:57 +00:00
andrejpodzimek
9fad72cc52 Fixing VLAN ranges in man systemd.network.
Otherwise it doesn't hold that VLANs 100-400 are allowed (because 201-299 are disallowed).

(cherry picked from commit ae2f3af639)
2024-12-12 16:33:57 +00:00
Tobias Klauser
6b90a13789 profile.d: don't bail if $SHELL_* variables are unset
If - for whatever reason - a script uses set -u (nounset) and includes
/etc/profile.d/70-systemd-shell-extra.sh (e.g. transitively via
/etc/profile) the script would fail with:

    /etc/profile.d/70-systemd-shell-extra.sh: line 15: SHELL_PROMPT_PREFIX: unbound variable

For example:

    $ cat > foo.sh <<EOF
    #!/bin/sh
    set -u

    source /etc/profile
    EOF
    $ chmod 700 foo.sh
    $ ./foo.sh
    /etc/profile.d/70-systemd-shell-extra.sh: line 15: SHELL_PROMPT_PREFIX: unbound variable

Fix this by using shell parameter substitution[^1] (which is a POSIX
shell concept) to set the $SHELL_* variables to the empty string if
undefined.

[^1]: https://pubs.opengroup.org/onlinepubs/9699919799.2018edition/utilities/V3_chap02.html

(cherry picked from commit 12e33d332b)
2024-12-12 16:33:57 +00:00
Katariina Lounento
cd727031a4 man: document unprivileged is not for reading properties
Document the fact that read-only properties may not have the flag
SD_BUS_VTABLE_UNPRIVILEGED as that is not obvious especially given the
flag is accepted for writable properties.

Based on the check in `add_object_vtable_internal` called by
`sd_bus_add_object_vtable` (as of the current tip of the main branch
f7f5ba0192):

    case _SD_BUS_VTABLE_PROPERTY: {
            [...]
            if ([...] ||
                [...]
                (v->flags & SD_BUS_VTABLE_UNPRIVILEGED && v->type == _SD_BUS_VTABLE_PROPERTY)) {
                    r = -EINVAL;
                    goto fail;
            }

(where `_SD_BUS_VTABLE_PROPERTY` means read-only property whereas
`_SD_BUS_VTABLE_WRITABLE_PROPERTY` maps to writable property).

This was implemented in the commit
adacb9575a ("bus: introduce "trusted" bus
concept and encode access control in object vtables") where
`SD_BUS_VTABLE_UNPRIVILEGED` was introduced:

    Writable properties are also subject to SD_BUS_VTABLE_UNPRIVILEGED
    and SD_BUS_VTABLE_CAPABILITY() for controlling write access to them.
    Note however that read access is unrestricted, as PropertiesChanged
    messages might send out the values anyway as an unrestricted
    broadcast.

(cherry picked from commit 3ca09aa4dd)
2024-12-12 16:33:57 +00:00
Luca Boccassi
e1659133e7 mkosi: use inetutils package instead of hostname for Archlinux
In Arch the hostname binary is in a different package

Follow-up for cf48bde7ae

(cherry picked from commit 446d737cba)
2024-12-12 16:33:57 +00:00
Luca Boccassi
c026cecac3 test-fd-util: compare FDs to /bin/sh instead of /dev/null
/dev/null is a character device, so same_fd() in the fallback path
that compares fstat will fail, as that bails out if the fd refers
to a char device. This happens on kernels without F_DUPFD_QUERY and
without kcmp.

/* test_same_fd */
Assertion 'same_fd(d, e) > 0' failed at src/test/test-fd-util.c:111, function test_same_fd(). Aborting.

Fixes #35552

(cherry picked from commit 3b32d333e8)
2024-12-12 16:33:57 +00:00
Luca Boccassi
5573ac7d9c test-fd-util: skip test when lacking privileges to create a new namespace
To reproduce, as an unprivileged user start a docker container and build
and run the unit tests inside it:

$ docker run --rm -ti debian:bookworm bash
...
/* test_close_all_fds */
Successfully forked off '(caf-plain)' as PID 10496.
Skipping PR_SET_MM, as we don't have privileges.
(caf-plain) succeeded.
Failed to fork off '(caf-noproc)': Operation not permitted
Assertion 'r >= 0' failed at src/test/test-fd-util.c:392, function test_close_all_fds(). Aborting.

Partially fixes #35552

(cherry picked from commit 630a2e7ee1)
2024-12-12 16:33:57 +00:00
Luca Boccassi
d80ab6aed6 test-capability: CAP_LINUX_IMMUTABLE is not available in unprivileged containers
have ambient caps: yes
Capabilities:cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_net_bind_service,cap_net_raw,cap_sys_chroot,cap_mknod,cap_audit_write,cap_setfcap=ep
Failed to drop auxiliary groups list: Operation not permitted
Failed to change group ID: Operation not permitted
Capabilities:cap_dac_override,cap_net_raw=ep
Capabilities:cap_dac_override=ep
Successfully forked off '(getambient)' as PID 12505.
Skipping PR_SET_MM, as we don't have privileges.
Ambient capability cap_linux_immutable requested but missing from bounding set, suppressing automatically.
Assertion 'x < 0 || FLAGS_SET(c, UINT64_C(1) << CAP_LINUX_IMMUTABLE)' failed at src/test/test-capability.c:273, function test_capability_get_ambient(). Aborting.
(getambient) terminated by signal ABRT.
src/test/test-capability.c:258: Assertion failed: expected "r" to succeed, but got error: Protocol error

Partially fixes #35552

(cherry picked from commit 058a07635f)
2024-12-12 16:33:57 +00:00
Nick Rosbrook
1b945fb1a7 test: set nsec3-salt-length=8 in knot.conf
TEST-75-RESOLVED fails on Ubuntu autopkgtest due to this warning from
knot:

 notice: config, policy 'auto_rollover_nsec3' depends on default nsec3-salt-length=8, since version 3.5 the default becomes 0

Explicitly set nsec3-salt-length=8 to silence.

(cherry picked from commit 59e5108fb4)
2024-12-12 16:33:57 +00:00
Lennart Poettering
bbeb07ad24 analyze: add missing --mask option to --help text
Follow-up for: 3e7a029c28

(cherry picked from commit 4d09f976f6)
2024-12-12 16:33:57 +00:00
Lennart Poettering
f4215e7909 analyze: tab fix
(cherry picked from commit 7167bee6c6)
2024-12-12 16:33:57 +00:00
Antonio Alvarez Feijoo
2f2cd7a865 man/systemd-cryptenroll: sort --fido2-credential-algorithm after --fido2-device
And also fix a typo.

(cherry picked from commit 62b7b70bb7)
2024-12-12 16:33:57 +00:00
Yu Watanabe
1601149c5b test: also generate list of symbols from header files
To make the generated tests able to detect issues like #35554.

(cherry picked from commit 0b39dc23ba)
2024-12-12 16:33:57 +00:00
Yu Watanabe
e231110a64 test: modernize generate-sym-test.py
(cherry picked from commit 6e399ece1f)
2024-12-12 16:33:57 +00:00
Yu Watanabe
d7eeb60cdf sd-json,sd-varlink: drop unexported functions from public headers
These functions are exported by e11f5aa722
and 5fcabde35b in upstream after v257.

Fixes #35554 in v257.
2024-12-12 16:33:57 +00:00
Luca Boccassi
217666530e
Create CNAME 2024-12-10 19:39:23 +00:00
Luca Boccassi
70bae7648f Finalize NEWS and meson.version for v257 2024-12-10 19:23:45 +00:00
Luca Boccassi
97eccc4850
Chores for v257 (#35525) 2024-12-10 19:21:43 +00:00
Yu Watanabe
edd0a3c5e9 copy: do not try to copy zero size data
Hopefully fixes the following sanitizer issue:
===
[ 3754.797377] systemd-journald[776]: ../src/src/shared/copy.c:463:37: runtime error: variable length array bound evaluates to non-positive value 0
[ 3755.101713] systemd-journald[776]: Received SIGTERM from PID 1 (systemd).
[ 3755.124580] systemd-journald[776]: Journal stopped
Found 1 sanitizer issues (0 internal, 0 asan, 0 ubsan, 0 msan).
===
2024-12-10 19:20:50 +00:00
Yu Watanabe
a33813e9e9 TEST-07-PID: wait for sleep command being executed by sd-executor
Hopefully fixes #35528.
2024-12-10 19:19:54 +00:00