1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-05 15:21:37 +03:00
Commit Graph

35716 Commits

Author SHA1 Message Date
Lennart Poettering
4fcb507a90 json: minor optimization
instead of comparing the magic JsonVariants one by one, let's simply
compare that they lie within a specific range.
2018-10-18 16:44:51 +02:00
Lennart Poettering
d77e781fd0 json: when creating an object, insist that every second item is a string
After all, those are the keys, which have to be keys.
2018-10-18 16:44:51 +02:00
Lennart Poettering
b2fa0d4fca json: enforce a maximum nesting depth for json variants
Simply as a safety precaution so that json objects we read are not
arbitrary amounts deep, so that code that processes json objects
recursively can't be easily exploited (by hitting stack limits).

Follow-up for oss-fuzz#10908

(Nice is that we can accomodate for this counter without increasing the
size of the JsonVariant object.)
2018-10-18 16:44:51 +02:00
Lennart Poettering
a7efb03039 json: slightly reorder JsonVariant
Let's move things around a bit, so that the trailing unused whitespace
within the structure due to padding is placed together, so that it is
easier to use for new fields. (Found with pahole)
2018-10-18 16:44:51 +02:00
Lennart Poettering
4ae7e4e5d8 json: avoid stack allocation of long strings in a recursive function
Fixes: oss-fuzz#10908

https://oss-fuzz.com/v2/testcase-detail/5639441482252288
2018-10-18 16:44:51 +02:00
Lennart Poettering
92853e9bbe json: return a double when we shall return a double 2018-10-18 16:44:51 +02:00
Lennart Poettering
a1559e3f53 json: use structured initialization all the way 2018-10-18 16:44:51 +02:00
Zbigniew Jędrzejewski-Szmek
10d4409cea mkosi: use Fedora 29
F29 is at beta now, but should be out within two or three weeks, by the time
next systemd release happens.
2018-10-18 16:27:21 +02:00
Zbigniew Jędrzejewski-Szmek
51a85e5ec2
Merge pull request #10174 from poettering/sd-boot-counter-efi
the EFI changes from PR #9437 (the boot counting PR)
2018-10-18 16:06:01 +02:00
Yu Watanabe
691d6f6d76 bus-unit-util: use streq() instead of STR_IN_SET()
Follow-up for 90fc172e19 (#10308).
2018-10-18 13:46:45 +02:00
Michael Biebl
991b4350a8 docs: use h2 headers
The primer theme does not add a mouse-over anchor link for h1 headers.
So use h2 for subsection headers which looks nicer anyway.

Followup for #10421
2018-10-18 09:57:45 +02:00
Anita Zhang
90fc172e19 core: implement per unit journal rate limiting
Add LogRateLimitIntervalSec= and LogRateLimitBurst= options for
services. If provided, these values get passed to the journald
client context, and those values are used in the rate limiting
function in the journal over the the journald.conf values.

Part of #10230
2018-10-18 09:56:20 +02:00
Yu Watanabe
9fcdab9c87 resolve: set IP_RECVERR
Closes #10345.
2018-10-18 09:43:04 +02:00
Yu Watanabe
103341f9f8
Merge pull request #10438 from poettering/path-is-valid
be a bit more carful when processing transient socket paths via the bus
2018-10-18 06:20:41 +09:00
Lennart Poettering
108e8de655
Merge pull request #10439 from poettering/job-struct-init
three trivial simplifications/clean-ups
2018-10-17 22:55:00 +02:00
Lennart Poettering
67f5d31b45
Merge pull request #10440 from poettering/fflush-and-check-some-more
use fflush_and_check() and free_and_replace() where we can
2018-10-17 22:54:34 +02:00
Lennart Poettering
a42984dbc7
Merge pull request #10428 from keszybz/failure-actions
Implement manager status changes using SuccessAction=
2018-10-17 21:29:10 +02:00
Lennart Poettering
efa3f34e84 service: use free_and_replace() where we can 2018-10-17 21:24:04 +02:00
Lennart Poettering
c93d527f46 exec-util: use fflush_and_check() where appropriate 2018-10-17 21:23:34 +02:00
Lennart Poettering
7d853ca6bc execute: shorten things a bit 2018-10-17 21:18:09 +02:00
Lennart Poettering
15ec102145 job: add lots of colons to log messages 2018-10-17 21:18:09 +02:00
Lennart Poettering
08ac00f279 job: use structured initialization 2018-10-17 21:18:02 +02:00
Lennart Poettering
1f7817f8e9 core: use structured initialization 2018-10-17 21:13:02 +02:00
Lennart Poettering
1fe84279f7 core: shorten list appending a bit, by using better macros 2018-10-17 21:13:02 +02:00
Lennart Poettering
4ad25546e7 dbus: add missing OOM check 2018-10-17 21:13:02 +02:00
Lennart Poettering
6e9c4f450e core: validate socket path with path_is_valid() 2018-10-17 21:13:02 +02:00
Lennart Poettering
656552ebb3 path-util: add new path_is_valid() helper 2018-10-17 21:13:02 +02:00
Lennart Poettering
3088305166 list: fix double avaluation in LIST_APPEND() 2018-10-17 21:13:02 +02:00
Andreas Henriksson
33eb44fe4a sulogin-shell: Use force if SYSTEMD_SULOGIN_FORCE set
When the root account is locked sulogin will either inform you of
this and not allow you in or if --force is used it will hand
you passwordless root (if using a recent enough version of util-linux).

Not being allowed a shell is ofcourse inconvenient, but at the same
time handing out passwordless root unconditionally is probably not
a good idea everywhere.

This patch thus allows to control which behaviour you want by
setting the SYSTEMD_SULOGIN_FORCE environment variable to true
or false to control the behaviour, eg. via adding this to
'systemctl edit rescue.service' (or emergency.service):

[Service]
Environment=SYSTEMD_SULOGIN_FORCE=1

Distributions who used locked root accounts and want the passwordless
behaviour could thus simply drop in the override file in
/etc/systemd/system/rescue.service.d/override.conf

Fixes: #7115
Addresses: https://bugs.debian.org/802211
2018-10-17 20:30:10 +02:00
Zbigniew Jędrzejewski-Szmek
c7adcb1af9 core: do not "warn" about mundane emergency actions
For example in a container we'd log:
Oct 17 17:01:10 rawhide systemd[1]: Started Power-Off.
Oct 17 17:01:10 rawhide systemd[1]: Forcibly powering off: unit succeeded
Oct 17 17:01:10 rawhide systemd[1]: Reached target Power-Off.
Oct 17 17:01:10 rawhide systemd[1]: Shutting down.
and on the console we'd write (in red)
[  !!  ] Forcibly powering off: unit succeeded

This is not useful in any way, and the fact that we're calling an "emergency action"
is an internal implementation detail. Let's log about c-a-d and the watchdog actions
only.
2018-10-17 19:32:09 +02:00
Zbigniew Jędrzejewski-Szmek
a400bd8c2a units: allow and use SuccessAction=exit-force in system systemd-exit.service
C.f. 287419c119: 'systemctl exit 42' can be
used to set an exit value and pulls in exit.target, which pulls in systemd-exit.service,
which calls org.fdo.Manager.Exit, which calls method_exit(), which sets the objective
to MANAGER_EXIT. Allow the same to happen through SuccessAction=exit.

v2: update for 'exit' and 'exit-force'
2018-10-17 19:32:07 +02:00
Zbigniew Jędrzejewski-Szmek
afa6206583 units: use SuccessAction=poweroff-force in systemd-poweroff.service
Explicit systemctl calls remain in systemd-halt.service and the system
systemd-exit.service. To convert systemd-halt, we'd need to add
SuccessAction=halt-force. Halting doesn't make much sense, so let's just
leave that is. systemd-exit.service will be converted in the next commit.
2018-10-17 19:31:50 +02:00
Zbigniew Jędrzejewski-Szmek
d85515edcf units: use SuccessAction=reboot-force in systemd-reboot.service 2018-10-17 19:31:50 +02:00
Zbigniew Jędrzejewski-Szmek
631c9b7bf2 units: use SuccessAction=exit-force in systemd-exit.service
Fixes #10414.

v2:
- rename .service.in to .service
- rename 'exit' to 'exit-force'
2018-10-17 19:31:50 +02:00
Zbigniew Jędrzejewski-Szmek
1710d4beff core: limit service-watchdogs=no to actual "watchdog" commands
The setting is now only looked at when considering an action for a job timeout
or unit start limit. It is ignored for ctrl-alt-del, SuccessAction, SuccessFailure.

v2: turn the parameter into a flag field
v3: rename Options to Flags
2018-10-17 19:31:50 +02:00
Zbigniew Jędrzejewski-Szmek
3f00d379fa core: allow services with no commands but SuccessAction set 2018-10-17 19:31:50 +02:00
Zbigniew Jędrzejewski-Szmek
469f76f170 core: accept system mode emergency action specifiers with a warning
Before we would only accept those "system" values, so there wasn't other
chocie. Let's provide backwards compatiblity in case somebody made use of
this functionality in user mode.

v2: use 'exit-force' not 'exit'
v3: use error value in log_syntax
2018-10-17 19:31:50 +02:00
Zbigniew Jędrzejewski-Szmek
54fcb6192c core: define "exit" and "exit-force" actions for user units and only accept that
We would accept e.g. FailureAction=reboot-force in user units and then do an
exit in the user manager. Let's be stricter, and define "exit"/"exit-force" as
the only supported actions in user units.

v2:
- rename 'exit' to 'exit-force' and add new 'exit'
- add test for the parsing function
2018-10-17 19:31:49 +02:00
Zbigniew Jędrzejewski-Szmek
454dd6ce7a man: move description of *Action= modes to FailureAction=/SuccessAction=
FailureAction=/SuccessAction= were added later then StartLimitAction=, so it
was easiest to refer to the existing description. But those two settings are
somewhat simpler (they just execute the action unconditionally) while
StartLimitAction= has additional timing and burst parameters, and they are
about to take on a more prominent role, so let's move the description of
allowed values.
2018-10-17 19:28:18 +02:00
Zbigniew Jędrzejewski-Szmek
ef5ae8e713 core: consider service with no start command immediately started
The service would always be in state == SERVICE_INACTIVE, but it needs to go
through state == SERVICE_START so that SuccessAction/FailureAction are executed.
2018-10-17 19:28:16 +02:00
Yu Watanabe
d86c8a6cdb udev: make sd_device_get_devname() failure non-fatal
As it is just for logging.

Follow-up for eb276e9841.
2018-10-17 18:02:23 +02:00
Lennart Poettering
8aeb1d3176
Merge pull request #10244 from poettering/nofile-bump
bump RLIMIT_NOFILE
2018-10-17 17:59:36 +02:00
Zbigniew Jędrzejewski-Szmek
1bcf3fc6c5 core: return true from cg_is_empty* on ENOENT 2018-10-17 17:49:57 +02:00
Zbigniew Jędrzejewski-Szmek
30538ff10b meson: simplify definition of MEMORY_ACCOUNTING_DEFAULT
Let's just use the simplest form, it doesn't really matter how the define
looks after preprocessing.
2018-10-17 14:54:48 +02:00
Zbigniew Jędrzejewski-Szmek
c02b6ee496 meson: define @HIGH_RLIMIT_NOFILE@ and use it everywhere 2018-10-17 14:54:48 +02:00
Lennart Poettering
c8884aceef main: introduce a define HIGH_RLIMIT_MEMLOCK similar to HIGH_RLIMIT_NOFILE 2018-10-17 14:40:44 +02:00
Lennart Poettering
a8b627aaed main: bump fs.nr_open + fs.max-file to their largest possible values
After discussions with kernel folks, a system with memcg really
shouldn't need extra hard limits on file descriptors anymore, as they
are properly accounted for by memcg anyway. Hence, let's bump these
values to their maximums.

This also adds a build time option to turn thiss off, to cover those
users who do not want to use memcg.
2018-10-17 14:40:39 +02:00
Lennart Poettering
17fd78cb86
Merge pull request #10429 from yuwata/drop-udev-list
udev: replace udev_list by Hashmap
2018-10-17 11:58:02 +02:00
Yu Watanabe
9b5150b63e udev: use Hashmap for storing global properties 2018-10-17 06:50:12 +09:00
Yu Watanabe
29448498c7 udev: use Hashmap for storing PROGRAM or BUILTIN 2018-10-17 06:49:56 +09:00