1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-01 17:51:22 +03:00
Commit Graph

53043 Commits

Author SHA1 Message Date
Luca Boccassi
54966b7cee
Merge pull request #20705 from yuwata/test-oomd-util
test: skip oomd test on a unified container on a hybrid host
2021-09-12 12:56:46 +01:00
Anita Zhang
7417f06187 test: tweak parameters for TEST-55-OOMD
Pressure remains > 1% after a kill for some time and could cause
testchill to get killed. Bumping the limit from 1% to 20% should help
with this.

Fixes #20118
2021-09-12 19:16:18 +09:00
Yu Watanabe
ca589b1b41 unit: systemd-oomd.service requires cgroup memory controller 2021-09-12 10:29:29 +09:00
Yu Watanabe
8b2e22579a test-oomd-util: skip tests if cgroup memory controller is not available
Fixes #20593 and #20655.
2021-09-12 10:29:25 +09:00
Yu Watanabe
28fb998615 oomd: refuse to start if cgroup memory controller is not available 2021-09-12 10:28:24 +09:00
Jan Janssen
de829ff593 sd-boot: Fix assertion fail
The UEFI Platform Initialization Specification says that both
parameters may be NULL.
2021-09-11 23:33:17 +09:00
Yu Watanabe
594c383554 cgroup-util: use string_hash_ops_free 2021-09-11 20:29:34 +09:00
Yu Watanabe
dccdbf9b35 cgroup-util: use _cleanup_free_ attribute 2021-09-11 20:26:58 +09:00
Anatol Pomozov
d2bf22fb8d tpm-util: fix TPM parameter handling
cryptenroll allows to specify a custom TPM driver separated from
parameters with colon e.g. `systemd-cryptenroll --tpm2-device=swtpm:`
tells to load swtpm tss driver and use it as a device.

Unfortunately it does not work, swtpm driver init() fails with

```
debug:tcti:src/tss2-tcti/tcti-swtpm.c:570:Tss2_Tcti_Swtpm_Init() Dup'd conf string to: 0x562f91cbc000
debug:tcti:src/util/key-value-parse.c:85:parse_key_value_string() parsing key/value: swtpm:
WARNING:tcti:src/util/key-value-parse.c:50:parse_key_value() key / value string is invalid
Failed to initialize TCTI context: tcti:A parameter has a bad value
```

It turns out that cryptenroll suppose to use the driver name internally
and strip it before passing the rest of parameters to init() function.
Without doing it swtpm receives incorrect key-value property and gets
confused.

Fix it by passing the correct parameter (without driver name) to the
init() function.

Fixes #20708
2021-09-11 15:32:17 +09:00
Luca Boccassi
c54e851acb
Merge pull request #20699 from yuwata/network-drop-foreign
network: do not drop foreign configs when carrier of unmanaged interface is lost
2021-09-10 21:10:58 +01:00
Luca Boccassi
992fccd411
Merge pull request #20702 from yuwata/network-trivial-cleanups
network: several trivial cleanups
2021-09-10 21:10:40 +01:00
Yu Watanabe
160203e974 network: fix handling of network interface renaming
Fixes #20657.
2021-09-10 20:49:05 +02:00
Lennart Poettering
034d45d021
Merge pull request #20703 from poettering/gpt-dissect-tweaks
dissect: various small tweaks/tougher checks/refactoring of GPT dissection code
2021-09-10 20:48:31 +02:00
Daan De Meyer
a4303b4096 core: Parse log environment settings again after applying manager environment
Currently, SYSTEMD_LOG_LEVEL set in the ManagerEnvironment property in system.conf
or user.conf doesn't affect the manager's logging level. Parsing the logging environment
variables again after pushing the manager environment into the process environment
block makes sure any new environment changes also get taken into account for logging.
2021-09-10 14:03:55 +01:00
Lennart Poettering
f9e0bb6167 dissect-image: replace redundant if check by assert()
We know that the designator can only be USR or ROOT (or negative), hence
let's test that with an assert here, instead of doing an if check.
2021-09-10 14:16:00 +02:00
Lennart Poettering
1903defc2d dissect-image: insist that if a verity partition designator is specified the partition exists
Let's tighten our checks further.
2021-09-10 14:15:55 +02:00
Lennart Poettering
7b32164f3c dissect-image: tighten checks on root + /usr/ combinations
Our code logic doesn't support images with two verity partitions at the
moment, hence refuse this early (with ENOTUNIQ)

Also, go even further and refuse any combinations of verity enabled root
with verity-less /usr, simplify because that is unsafe and defeats the
point of verity. (i.e. we want to give the guarantee that for
auto-discovered verity magic we guarantee that the data afterwards
available in /usr is safe).
2021-09-10 14:15:50 +02:00
Lennart Poettering
ab5b2787fb dissect-image: drop redundant check
We already check whether we discovered a /usr verity partition without a
/usr partition when initially mangling the partitions, a bunch of lines
further up, no need to repeat this here.
2021-09-10 14:15:46 +02:00
Lennart Poettering
00a8b34fa7 dissect-image: don't do generic root partition fallback if verity is requested for /usr 2021-09-10 14:15:41 +02:00
Lennart Poettering
cb241a69e3 dissect-image: insist that the architecture matches if both root and /usr partitions are found 2021-09-10 14:15:36 +02:00
Lennart Poettering
4ab51780c3 dissect-image: mangle discovered /usr/ partition data, even if we found a root partition
Previously, we'd clean up discovered /usr/ partition data only if we did
not find a root partition. Given that we allow combinations of root and
/usr partitions clean things up in both cases however.
2021-09-10 14:15:32 +02:00
Lennart Poettering
0903fd2683 dissect-image: refuse external verity data in partitioned mode
Our code doesn't support setting up verity with an external verity data
file unless we operate in non-partitioned mode. Let's refuse this
clearly and early if attempted anyway.
2021-09-10 14:15:27 +02:00
Lennart Poettering
e0d53d5291 dissect-image: also derive read-only mode from fstype in non-partitioned mode
For the GPT partitioned logic we also consult the fstype to determine whether
a partition is read-only (i.e. squashfs is already read-only). For the
non-partitioned mode we didn't do that so far. Fix that.
2021-09-10 14:15:22 +02:00
Lennart Poettering
a0bff7ea4c dissect-image: tighten assertion checks on verity data 2021-09-10 14:15:18 +02:00
Lennart Poettering
495367666b dissect-image: rename dissected_image_has_verity()/_can_do_verity()
Let's also pick more precise names for these helpers that are used for
the tabular output: one checks whether a partition is candidate for
verity at all, and the other checks if it is ready to be used for it.
Let's make this clearer in the name.
2021-09-10 14:15:00 +02:00
Lennart Poettering
c3c88d67c0 dissect-image: rename verity flag booleans
Let's make the booleans indicating verity state a bit more descriptive.

Let's rename:

    can_verity → has_verity: because that's really what this about
    whether verity data is included in the image. Whether we actually
    can use it is a different story.

    verity → verity_ready: this one should tell us if we have everything
    need to actually set it up, hence explicitly say "ready to use" in
    the name.

No change in behaviour. Just a bit of renaming.
2021-09-10 14:14:53 +02:00
Lennart Poettering
215e19eb27 id128: clarify that the "well-known" IDs are about GPT partition types
At least for now they are all GPT partition types, and we should mention
that.
2021-09-10 13:39:16 +02:00
Yu Watanabe
995cc7a72c network: drop unused "after_configure" feature for nexthops, neighbors, and routing policy rules 2021-09-10 19:40:27 +09:00
Yu Watanabe
f1c22cf4da network: do not try to drop addresses or routes of unmanaged interfaces on carrier lost
Currently, link_stop_engines(), link_drop_config(), and link_drop_foreign_config()
do nothing when the interface is unmanaged. So this does not change anything.
But returning earlier should be clear and safer for protecting configs
on unmanaged interfaces.
2021-09-10 19:40:27 +09:00
Yu Watanabe
dbf8942ab9 network: introduce route_by_kernel() helper function
And drop "FIXME" from comment, as there is nothing we need to fix.
2021-09-10 17:06:24 +09:00
Yu Watanabe
86173383a3 network: introduce ipv4acd_set_ifname() 2021-09-10 17:06:24 +09:00
Yu Watanabe
fccf662c3f network: use sd_netlink_message_read_string_strdup() 2021-09-10 17:06:24 +09:00
Emil Renner Berthing
6e86342bb8 sd-boot: Support installing new devicetree
The Bootloader Specification says "devicetree refers to the binary
device tree to use when executing the kernel..", but systemd-boot
didn't actually do anything when encountering this stanza until now.

Add support for loading, applying fixups if relevant, and installing the
new device tree before executing the kernel.
2021-09-10 16:48:47 +09:00
Chris Packham
7c5b9952c4 basic/linux: Sync if_arp.h with Linux 5.14
ARPHRD_MCTP was added in 5.14. Sync if_arp.h to pick up the definition

Fixes #20694
2021-09-10 15:22:18 +09:00
Daan De Meyer
a87b151ac0 shared: Extract common LogControl CLI code to verb-log-control.h
Let's reduce duplication by sharing common logic between all
log-target/log-level verbs.
2021-09-10 08:48:57 +09:00
Yu Watanabe
627191c285
Merge pull request #20693 from mcatanzaro/mcatanzaro/nss-buffers
nss-systemd: ensure returned strings point into provided buffer
2021-09-10 08:43:32 +09:00
Michael Catanzaro
47fd7fa6c6 nss-systemd: ensure returned strings point into provided buffer
Jamie Bainbridge found an issue where glib's g_get_user_database_entry()
may crash after doing:

```
error = getpwnam_r (logname, &pwd, buffer, bufsize, &pw);
// ...
pw->pw_name[0] = g_ascii_toupper (pw->pw_name[0]);
```

in order to uppercase the first letter of the user's real name. This is
a glib bug, because there is a different codepath that gets the pwd from
vanilla getpwnam instead of getpwnam_r as shown here. When the pwd
struct is returned by getpwnam, its fields point to static data owned by
glibc/NSS, and so it must not be modified by the caller. After much
debugging, Jamie Bainbridge has fixed this in https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2244
by making a copy of the data before modifying it, and that resolves all
problems for glib. Yay!

However, glib is crashing even when getpwnam_r is used instead of
getpwnam! According to getpwnam_r(3), the strings in the pwd struct are
supposed to be pointers into the buffer passed by the caller, so glib
should be able to safely edit it directly in this case, so long as it
doesn't try to increase the size of any of the strings.

Problem is various functions throughout nss-systemd.c return synthesized
records declared at the top of the file. These records are returned
directly and so contain pointers to static strings owned by
libsystemd-nss. systemd must instead copy all the strings into the
provided buffer.

This crash is reproducible if nss-systemd is listed first on the passwd
line in /etc/nsswitch.conf, and the application looks up one of the
synthesized user accounts "root" or "nobody", and finally the
application attempts to edit one of the strings in the returned struct.
All our synthesized records for the other struct types have the same
problem, so this commit fixes them all at once.

Fixes #20679
2021-09-09 15:07:57 -05:00
Anssi Hannula
dfba45185c cryptsetup-tokens: fix typo in tpm2 token dump output
cryptsetup_token_dump() gets called when the user calls
"cryptsetup luksDump"  for a volume and it prints the token-specific
data.

The tpm2 cryptsetup_token_dump() function misspells tpm2 as tmp2 on two
lines of its output.

Fix that.
2021-09-09 17:54:41 +01:00
Zbigniew Jędrzejewski-Szmek
8fd4d27f3c
Merge pull request #20681 from weblate/weblate-systemd-master
Translations update from Weblate
2021-09-09 09:20:00 +02:00
Jan Kuparinen
d8883cc8ff po: Translated using Weblate (Finnish)
Currently translated at 64.5% (122 of 189 strings)

Co-authored-by: Jan Kuparinen <copper_fin@hotmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/master/fi/
Translation: systemd/main
2021-09-09 05:04:59 +02:00
Takuro Onoue
701bd80ed3 po: Translated using Weblate (Japanese)
Currently translated at 100.0% (189 of 189 strings)

Co-authored-by: Takuro Onoue <kusanaginoturugi@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/master/ja/
Translation: systemd/main
2021-09-09 05:04:59 +02:00
Andika Triwidada
0b30aabd87 po: Translated using Weblate (Indonesian)
Currently translated at 90.4% (171 of 189 strings)

Co-authored-by: Andika Triwidada <andika@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/master/id/
Translation: systemd/main
2021-09-09 05:04:58 +02:00
Michael Catanzaro
92b264676c nss-systemd: pack pw_passwd result into supplied buffer
getpwnam_r() guarantees that the strings in the struct passwd that it
returns are pointers into the buffer allocated by the application and
passed to getpwnam_r(). This means applications may choose to modify the
strings in place, as long as the length of the strings is not increased.
So it's wrong for us to return a static string here, we really do have
to copy it into the application-provided buffer like we do for all the
other strings.

This is only a theoretical problem since it would be very weird for an
application to modify the pw_passwd field, but I spotted this when
investigating a similar crash caused by glib editing a different field.
See also:

https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2244
2021-09-08 16:19:28 -05:00
Luca Boccassi
3f1487f5a0 analyze: ignore dependencies with security --offline
We don't care about validating dependencies here, the security verb is
only checking the unit(s) under test.
2021-09-08 19:46:57 +01:00
Michal Sekletar
9f6ef46781 sd-event: take ref on event loop object before dispatching event sources
Idea is that all public APIs should take reference on objects that get
exposed to user-provided callbacks. We take the reference as a
protection from callbacks dropping it. We used to do this also here in
sd_event_loop(). However, in cleanup portion of f814c871e6 this was
accidentally dropped.
2021-09-09 01:15:57 +09:00
xujing
1509274359 core: fix free undefined pointer when strdup failed in the first loop 2021-09-08 22:42:22 +09:00
Frantisek Sumsal
39e1753673 test: rename dracut_install to image_install
The `dracut_install` is a misnomer, since the systemd integration test
suite is based on the original dracut's test suite, and not all the
references to dracut has been edited out. Let's fix that.
2021-09-08 22:41:20 +09:00
pedro martelletto
b6aa89b0a3 explicitly close FIDO2 devices
FIDO2 device access is serialised by libfido2 using flock().
Therefore, make sure to close a FIDO2 device once we are done
with it, or we risk opening it again at a later point and
deadlocking. Fixes #20664.
2021-09-08 13:42:07 +01:00
Luca Boccassi
afd4814651
Merge pull request #20667 from keszybz/portable-docs
Tweaks to documentation about portable services
2021-09-08 13:41:44 +01:00
Zbigniew Jędrzejewski-Szmek
8c7e2b48c5 docs: polish the text about Portable Services a bit
No semantic changes, just removal of repetitions and unnecessary words, and
some more formatting.
2021-09-08 12:59:08 +02:00