1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-25 01:34:28 +03:00
Commit Graph

67773 Commits

Author SHA1 Message Date
Lennart Poettering
49b6babb76 cgroup: rename cgroup_modify_nft_set() → unit_modify_nft_set()
This is the only function that cgroup.h exports that is prefixed with
cgroup_ where this does not refer to some type such as CGroupContext or
CGroupTasksMax or so. It simply operates on a unit. And it doesn't even
modify a cgroup, but just modifies an nft set.

Hence, to make the naming scheme systematic, change prefix from cgroup_
to unit_, matching the majority of the functions that operate on Unit*
in the file.
2023-10-06 18:42:22 +02:00
Lennart Poettering
64c71f4fd7 cgroup: un-export two functions 2023-10-06 18:36:03 +02:00
Lennart Poettering
d46510de2f cgroup: refactor cgroup_xattr_apply()
Split the function up, so that each set of xattrs is applied separately.
2023-10-06 18:24:50 +02:00
Lennart Poettering
17d047f507 cgroup: drop cgroup path parameter from xattr calls
We only pass the same thing there: u->cgroup_path or NULL (which is
ultimately the same as u->cgroup_path). Hence let's simplify things, and
simply drop the whole parameter, and imply u->cgroup_pat.
2023-10-06 18:20:08 +02:00
Lennart Poettering
c6f2dca68c cgroup: rename cgroup_add_* to cgroup_context_*
They add settings to a CGroupContext, hence give them the expected
context, to make clear they do not operate on anything else than the
structure (i.e. not on a kernel cgroup or so).
2023-10-06 18:15:56 +02:00
Lennart Poettering
94f0b13b16 cgroup: rename TasksMax structure to CGroupTasksMax
Almost all our enums/structs/funcs carry the CGroup prefix if they are
defined in cgroup.h, TasksMax so far does not, even though it is
exclusively used in cgroup context.

Change that.
2023-10-06 18:13:16 +02:00
Luca Boccassi
15461b7f19 core: improve debug logs when failing to create symlinks in namespaces
I am seeing some failures and I don't know what is failing and why even
with debug logs, so add more details
2023-10-06 14:30:30 +01:00
Yu Watanabe
34ba0f5150
Merge pull request #29325 from poettering/varlink-introspect
varlink: add introspection support + varlinkctl + varlinkify one first command line tool (systemd-pcrextend)
2023-10-06 21:58:17 +09:00
Luca Boccassi
4e6afcaedc
Merge pull request #29470 from yuwata/network-test-mode
network: introduce test mode
2023-10-06 13:41:34 +01:00
Lennart Poettering
3d1831b94b update TODO 2023-10-06 11:49:38 +02:00
Lennart Poettering
8525de1365 test: extend some existing tests with varlinkctl lines, to test varlinkctl + new PCRExtend service 2023-10-06 11:49:38 +02:00
Lennart Poettering
4e16d5c69e pcrextend: make pcrextend tool acccessible via varlink
This is primarily supposed to be a 1st step with varlinkifying our
various command line tools, and excercise in how this might look like
across our codebase one day. However, at AllSystemsGo! 2023 it was
requested that we provide an API to do a PCR measurement along with a
matching event log record, and this provides that.
2023-10-06 11:49:38 +02:00
Lennart Poettering
d408a53f78 varlinkctl: add new varlinkctl tool 2023-10-06 11:49:38 +02:00
Lennart Poettering
02b0d24d1e varlink: add varlink_invocation() call
This call checks if we are invoked in a socket-activation Varlink server
context. It's useful for commands that can be run from the command line
or as Varlink service and then either serve commands from the cmdline or
those from Varlink.
2023-10-06 11:49:38 +02:00
Lennart Poettering
2e5edb93b7 varlink: add new call varlink_server_loop_auto()
This is a helper call that runs the specified VarlinkServer object in an
event loop, and exits once no more connections exist.

This is useful for pure varlink servers (i.e. those which only server
varlink requests and do nothing else), to run as long as there's
something to do and exit right after.
2023-10-06 11:49:38 +02:00
Lennart Poettering
206504a594 varlink: add varlink_server_listen_auto() helper
This new helper will automatically take listening fds passed in from the
service manager and processes varlink on them. It's useful for Varlink
services that shall be socket activatable.
2023-10-06 11:49:38 +02:00
Lennart Poettering
4772334013 varlink: add exit-on-idle logic for Varlink server
This adds a logic that if enabled ensures sd_event_exit() is called
whenever the varlink connection count hits zero.

This is useful for implementing pure Varlink services (i.e. services
whose only job is to serve Varlink requests), that shall run only as
long as needed, i.e. as long as at least one request is being served.
2023-10-06 11:49:38 +02:00
Lennart Poettering
faec54ad34 test: add test for varlink introspection logic 2023-10-06 11:49:38 +02:00
Lennart Poettering
7dce9ead5d oomd: move SubscriptionTaken Varlink error out of generic Varlink code
This error is a private error returned by PID 1 to oomd. It's internal,
and very specific to the use-case. Hence it should not be part of the
org.varlink.service interface (which isn't really our namespace anyway).

Hence, let's clean this up and move it over to the ManagedOOM varlink
interface of PID, where it belongs.

Since this is a private protocol of our two daemons, and the client
(i.e. oomd) doesn't explicitly test for this error anyway we can just
move it over without ill effects.
2023-10-06 11:49:38 +02:00
Lennart Poettering
abef4a7b3c tree-wide: make all our Varlink APIs introspectable 2023-10-06 11:49:38 +02:00
Lennart Poettering
0f274a8790 varlink: add varlink_connect_url() and varlink_connect_exec() calls 2023-10-06 11:49:38 +02:00
Lennart Poettering
7e006b49ad varlink: implement the org.varlink.service introspection interface by default + hook up validator
Fixes: #23874
2023-10-06 11:49:38 +02:00
Lennart Poettering
f946d4c9ec varlink: add introspection data for the org.varlink.service and io.systemd interfaces
The official org.varlink.service interface definition, as per:

https://varlink.org/Service

And the io.systemd service where we carry some super generic errors our
Varlink implementation generates.
2023-10-06 11:49:38 +02:00
Lennart Poettering
9fc843ed0e varlink: allow associating Varlink IDL information with a VarlinkServer
The data is not used for anything yet, but this will be added in later
commits.
2023-10-06 11:49:38 +02:00
Lennart Poettering
e50b2a93d6 varlink: add IDL/introspection logic 2023-10-06 11:49:38 +02:00
Yu Watanabe
e081ffc114 test-network: move get_dbus_dhcp_client_state() and friends to global 2023-10-06 10:16:27 +01:00
Daan De Meyer
8aa59287c0
Merge pull request #29456 from yuwata/journal-replace-truncating-with-punching-holes
journal: replace truncating with punching holes
2023-10-06 09:18:06 +02:00
Daan De Meyer
f478b6e97d Update HACKING instructions
Let's mention that we just need the latest stable release of mkosi,
not the latest git commit. We also split the instructions for building
on the host and the instructions for building with mkosi into two blocks,
as it's not required to build on the host anymore to build with mkosi.
2023-10-06 09:16:33 +02:00
G2-Games
4919967720 Fix a typo in systemctl-enable.c 2023-10-06 09:10:43 +02:00
Lennart Poettering
8240fa920d varlink: add new helper that reports whether connection is idle
This is useful to allow event loops to run exactly as long as there's
something to do but not longer.
2023-10-06 07:44:47 +02:00
Lennart Poettering
5e71f86dff alloc-util: add realloc0() helper than is like realloc() but zero-initializes appended space 2023-10-06 07:44:47 +02:00
Yu Watanabe
042c91459a fuzz: suppress log messages 2023-10-06 13:26:16 +09:00
Yu Watanabe
8b50b3198b libsystemd-network: introduce $SYSTEMD_NETWORK_TEST_MODE environment variable
Then, drop dhcp_client_set_test_mode() and friends.
2023-10-06 13:25:23 +09:00
felixdoerre
3846d3aa29
journalctl: verify that old entries are not sealed with too recent key (#28885)
When verifying seals produced with forward secure sealing, the verification
currently does not check that old entries are only sealed with the key for
their epoch and not a more recent one. This missing check allows an attacker
to remove seals, and create new ones with the currently available key, and
verify will claim everything is in order, although all entries could have
been modified.

This resolves CVE-2023-31439.

Co-authored-by: Felix Dörre <felix.doerre@kit.edu>
2023-10-06 12:18:21 +09:00
Yu Watanabe
09ff0aadf9 backlight: support to specify percentage of minimum brightness
Closes #29328.
2023-10-06 11:21:20 +09:00
Yu Watanabe
4f4d7911cd man: fix typo
Follow-up for a121b331e3.
2023-10-06 11:18:47 +09:00
Yu Watanabe
8c35a97758 core: fix typo 2023-10-06 11:15:30 +09:00
Yu Watanabe
8af8f9e891
Merge pull request #29417 from yuwata/sd-journal-cleanups-for-generic-array-bisect-plus-one
sd-journal: cleanups for generic_array_bisect_plus_one()
2023-10-06 11:04:07 +09:00
Yu Watanabe
77db35bf10 sd-journal: make journal_file_next_entry() always return the nearest entry object
Previously, if the input offset 'p' does not point to an entry object,
the function returns the next of the nearest entry object on
DIRECTION_DOWN, as generic_array_bisect() already returns the nearest
entry object.
2023-10-06 09:57:27 +09:00
Yu Watanabe
80f96c0ce1 sd-journal: reduce number of calls generic_array_bisect_plus_one()
If the first call of generic_array_bisect_plus_one() provides the same
offset, then it is not necessary to call the next one, as we already
know the entry object is also liked to the input data object.

Also, this make the function reuse the object returned by
generic_array_bisect_plus_one().

No functional change, just optimization.
2023-10-06 09:55:04 +09:00
Yu Watanabe
20c45e5784 sd-journal: drop unnecessary re-read of data object
Follow-up for ec50313d4e.

The function generic_array_bisect_plus_one() does not read any new data
objects, so the data object is still valid, and not necessary to re-read it.
2023-10-06 09:55:04 +09:00
Yu Watanabe
d67078b4a3 sd-journal: rewrite conditions for test result and direction
No functional change, just refactoring. Hopefully the condition is more
descriptive now.
2023-10-06 09:55:00 +09:00
Yu Watanabe
3b0ae13bbf test: add reproducer for SIGBUS issue caused by journal truncation
The added code fails without the previous commit.

For issue #24320.
2023-10-06 09:24:55 +09:00
Luca Boccassi
85d0fd29af
Merge pull request #29438 from evelikov/document-rm-extra-uefi-vars
Document and purge LoaderConfigConsoleMode and LoaderEntryLastBooted
2023-10-06 00:12:49 +01:00
Lennart Poettering
3fe418a571 machinectl: align UID shift status field properly 2023-10-05 23:23:52 +01:00
Lennart Poettering
e7df707b8a image-discover: skip properly over files that cannot be recognized as image files
Follow-up for: #29364
2023-10-05 23:23:31 +01:00
Lennart Poettering
c79e760f36
Merge pull request #29364 from poettering/make-ddi-easy
repart: make building DDIs easier (and other fixes)
2023-10-05 21:13:13 +02:00
Mike Yuan
4146960ee9 systemctl-show: align "Cntrl PID" correctly 2023-10-05 19:37:44 +01:00
Lennart Poettering
634b847149 repart: make arg_empty a proper enum with a string table
Now that we translate in both directions (from enum to string, and
string to enum) let's just make the thing a proper enum with a proper
string table, like we generally do.
2023-10-05 19:18:36 +02:00
Lennart Poettering
99d9edf0bd test: test the new --make-ddi= logic 2023-10-05 19:18:36 +02:00