1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-25 10:04:04 +03:00

67959 Commits

Author SHA1 Message Date
Lennart Poettering
6fa09278b8 varlink: refuse empty () structs/enums
If we encounter an empty struct in the varlink IDL it could also be an
empty enum. Refuse this to avoid the ambiguity.

The spec doesn't cover this case clearly, hence let's better be on the
safe side and refuse it rather than making a decision what it means.
2023-10-12 15:25:16 +02:00
Yu Watanabe
558dc668f6
Merge pull request #29544 from yuwata/network-dhcp-bus-command
network: several fixlets for DBus methods for DHCP client and server
2023-10-12 22:06:50 +09:00
Luca Boccassi
c3166b25e2 core: add cgroup_add_or_update_device_allow() 2023-10-12 13:37:22 +01:00
Luca Boccassi
665c6e46e3 serialize: add serialize_image_policy() 2023-10-12 13:37:22 +01:00
Luca Boccassi
81b913f076 serialize: add open_serialization_file() 2023-10-12 13:37:22 +01:00
Luca Boccassi
1b30ccd81b serialize: add serialize_string_set() 2023-10-12 13:37:22 +01:00
Luca Boccassi
5612426d7b serialize: add serialize_item_tristate() 2023-10-12 13:37:22 +01:00
Luca Boccassi
6dae20ec41 serialize: add serialize_item_base64mem() 2023-10-12 13:37:22 +01:00
Luca Boccassi
3f12c5ff2e serialize: add serialize_item_hexmem() 2023-10-12 13:37:22 +01:00
Luca Boccassi
b646fc324a core: ensure execute/spawn functions can work without Unit object
When switching to serialization later, the Unit object will not be
serialized, move parameters around instead
2023-10-12 13:37:22 +01:00
Luca Boccassi
154eb43f38 core: ensure execute/spawn functions can work without manager object
When switching to serialization later, the Manager object will not be
serialized, move parameters around instead
2023-10-12 13:37:22 +01:00
Luca Boccassi
97f53fecd6 core: add exec_params_dump helper 2023-10-12 13:37:22 +01:00
Luca Boccassi
6ecdfe7d10 process-util: add posix_spawn helper
This provides CLONE_VM + CLONE_VFORK semantics, so it is useful to
avoid CoW traps and other issues around doing work between fork()
and exec().
2023-10-12 13:37:22 +01:00
Luca Boccassi
58cb36e56b env-util: add helper to replace env block 2023-10-12 13:37:22 +01:00
Luca Boccassi
ef7af0acf2 test: add space-separated test for LogFilterPatterns 2023-10-12 13:11:42 +01:00
Luca Boccassi
5897469a08 core: fix checking for extension-releases for ExtensionImages/Directories
The parsing is done after the image has been opened, not before, as it
cannot be done on an block device. Also fix returning on any error for
ExtensionDirectories, not just ENOENT.

Follow-up for 55ea4ef096543d2bceea9315868d5aca945d7a57
2023-10-12 12:17:58 +01:00
Lennart Poettering
97046f2fc0 update TODO 2023-10-12 12:34:10 +02:00
Reto Schneider
b1b16aa977 man/systemd.exec: Update service result table
exec-condition and oom-kill were added without updating this table.
2023-10-12 12:30:21 +02:00
Zbigniew Jędrzejewski-Szmek
fed0a899b2 hibernate-resume: remove kernel/image version comparison when resuming
We already had a similar check that was removed, see
8340b762e4f597e98a72de1385e74b9be04e521d (*). The kernel supports loading of a
resume image from a different kernel version. This makes sense, because the
goal of "resume" is to replace the running system by a saved memory image, so
it doesn't really matter that the short-lived kernel is different.

By removing the check, we make the process more reliable: for example, the user
may select a different kernel from a list, or not have the previously running
kernel in /boot at all, etc. Requiring the exact same kernel version makes the
process more fragile for no benefit.

Similar reasoning holds for the image version: the image may be updated, and
for example an older kernel+initrd might be used, with an embedded VERSION_ID
that is not the latest. This is fine, and the check is not useful.

I left the check for ID/IMAGE_ID: we probably don't want to use the resume
image if the hibernation was done from a different installation.

(Note: why not check VERSION_ID/IMAGE_VERSION? Because of the following
scenario: a user has an installation of Fedora 35, and they upgrade to Fedora
36, which means that the os-release file on disk gets replaced and now
specifies VERSION_ID=36. But the running kernel is not replaced, and its
package is not removed because the running kernel version is never removed, so
we still have a boot entry that in initrd-release says VERSION_ID=35. Without
rebooting, the user does hibernation. When resuming, we want to resume, no
matter if one of the new entries with VERSION_ID=36 or one of the old entries
with VERSION_ID=35 is picked in the boot loader menu.

If the installation is image-based, i.e. it has IMAGE_ID+IMAGE_VERSION, the
situation is similar: after an upgrade, we may still have an boot entry from
before the upgrade. Using an older kernel+initrd to boot and switch-root into a
newer installation is supported and is rather common.

In fact, it is a rather common situation that the version reported by the boot
entry (or stored internally in the initrd-release in the initrd) does not match
the actual system on disk. Generally, this metadata is saved when the boot menu
entry is written and does not reflect subsequent upgrades. Various
distributions generally keep at least 3 kernels after a upgrade, and during an
upgrade only install one new, which means that after a major upgrade, generally
there will be at least two kernels which have mismatched version information.)

OTOH, I think it is useful to *write* all the details to the EFI var. As
discussed in https://github.com/systemd/systemd/issues/29037, we may want to
show this information in the boot loader. It is also useful for debugging.

(*) Also again discussed and verified in
https://github.com/systemd/systemd/pull/27330#discussion_r1234332080.

", ignored" is dropped, since this failure is likely to cause the following
check to fail. Better not to say anything then to say the misleading thing.
2023-10-12 12:30:12 +02:00
Jordan Williams
465104b4d4 Revert "Revert "meson: use c_args in generator scripts (#10289)""
This reverts commit 0e3cc902faec4f18d5fa606396f602b08bc94e27.

Fixes #10288.
I have confirmed that this does now fix cross-compilation.
It appears that changes upstream in Meson, probably mesonbuild/meson#5263, have made the original MR, #10289, work now.

This needs to be tested to ensure that it doesn't break Travis CI like when it was reverted in #10361.
2023-10-12 12:24:57 +02:00
Zbigniew Jędrzejewski-Szmek
0502bd7e5e efi/boot: rename ConfigEntry to BootEntry
Some of the entries are really configured, but we also have a bunch
of automatic entries. Calling them "config entries" is misleading, let's
use the more natural "boot entry".

While at it, rename:
  config_load_entries() → config_load_type1_entries()
  config_entry_add_unified() → config_load_type2_entries()
  config_title_generate() → generate_boot_entry_titles()
  config_entry_add_<type>() → config_add_entry_<type>()

No functional change.
2023-10-12 12:13:56 +02:00
Zbigniew Jędrzejewski-Szmek
6438161187 efi/boot: adjust grammar and punctuation in comments 2023-10-12 12:13:56 +02:00
Zbigniew Jędrzejewski-Szmek
a7af63f130 efi/boot: use "else if" instead of explicit "continue"
No functional change.
2023-10-12 12:13:56 +02:00
Zbigniew Jędrzejewski-Szmek
1cd26e5e56 efi/boot: make timeout changes relative to current value
When the user pressed + or -, we would set the efivar override, starting
from the default of 0. Instead, set an override that starts at the current
value. This means that when user has e.g. a configured override of 5 s, and
they press +, they get an override of 6 s. I think this is leads to a much
smoother experience for a user, who does not necessarilly need to know that
we have three levels of overrides, they just want to easily configure the
timeout with keys. If they press +, the timeout should increase, and not
jump to some low value.

Also, once an override has been set via the boot menu, i.e. the efivar is set,
do not allow unsetting the efivar from the boot menu. This way we also avoid
an unexpected "jump" to whatever the other sources of configuration specify.
The user can configure any value with the keys that they want, so we don't
need to allow unsetting.
2023-10-12 12:13:56 +02:00
Zbigniew Jędrzejewski-Szmek
1f6dbf7021 efi/boot: split out helper to reduce duplicate formatting code
No functional change.
2023-10-12 12:13:56 +02:00
Zbigniew Jędrzejewski-Szmek
56747a1f13 sd-boot: when rebooting or powering off, save config state
The menu_run() function allows the user to set/unset default entry, or to
increase/decrease menu timeout. After a keypress, status like
  "Menu timeout set to 5 s"
is printed, but there actually isn't any immediate effect. The value is only
written right right before booting a menu entry to avoid unnecessary wear&tear
on the nvram storage. This delayed write is supposed to be invisible to the
user.

Nevertheless, operations like reboot into firmware, reboot, or shutdown were
done immediately. We need to exit the loop first, save the state, and only do
the op afterwards.

Fixup for f6531b11d21931b3952d566ceded672ba21681cc and
e6cab77eca8f6556f381c348b0452b526a752ab7.
Also reverts 498d0cc426afc13fdadb0a385fd16c005645e0cf.
2023-10-12 12:13:56 +02:00
Zbigniew Jędrzejewski-Szmek
6ad3dc409b man: use consistent label for "Reboot Into Firmware Interface"
That is what sd-boot actually displays.
2023-10-12 12:13:56 +02:00
Zbigniew Jędrzejewski-Szmek
c650bbb8a3 efi/boot: use DEFINE_TRIVIAL_CLEANUP_FUNC() in one more place
No functional change.
2023-10-12 12:13:56 +02:00
Yu Watanabe
d311f5e277 network: do not trigger assertion by forcerenew command
When DHCP server is not running, sending force-renew command triggers
assertion.
2023-10-12 18:38:04 +09:00
Yu Watanabe
39ba10f19e sd-dhcp-server: make sd_dhcp_server_is_running() silently work with NULL
We already do in the same way for sd-dhcp-client and friends.
2023-10-12 18:35:59 +09:00
Yu Watanabe
cb0e97e7de test-network: drop unnecessary explicit stop of dnsmasq 2023-10-12 18:34:20 +09:00
Yu Watanabe
aa7336f1d3 test-network: add test case for renewing DHCP lease 2023-10-12 18:33:52 +09:00
Yu Watanabe
9bd91e34aa network: restart dhcp4 client when renewing lease is requested but the client is stopped
Follow-up for fc35a9f8d1632c4e7a279228f869bfc77d8f5b9c.

Fixes the issue https://github.com/systemd/systemd/pull/29472#issuecomment-1759092138.
2023-10-12 18:14:11 +09:00
Lennart Poettering
9ff6876555
Merge pull request #29523 from keszybz/kernel-install-dtb-files
Do not look for dtb files in /boot, add support in 60-ukify.install
2023-10-12 10:43:24 +02:00
Yu Watanabe
9a551ccd1f
Merge pull request #29472 from yuwata/network-dhcp-ipv6-only-mode
network/dhcp: add IPv6 only mode support
2023-10-12 13:06:54 +09:00
Michael Biebl
6f9409eebb test: use kill-whom instead of kill-who (the latter is deprecated) 2023-10-12 13:06:12 +09:00
Mike Yuan
242fc1427a
Merge pull request #29537 from poettering/varlink-tweaks
varlink: some smaller usability tweaks + bugfixes
2023-10-12 02:36:37 +08:00
Mike Yuan
2cb6b3b734 core/exec-credential: use rmdir_and_freep at one more place 2023-10-12 02:36:15 +08:00
Yu Watanabe
3bb424c837 core/execute: suppress logs if LogLevelMax= is specified
Fixes #29532.
2023-10-12 02:35:57 +08:00
Daan De Meyer
fe2a6dce6c sd-device: Support matching all properties
Let's support enumerating over devices that match all of the given
properties instead of any of the given properties by adding a new
function sd_device_enumerator_add_match_property_required() which
specifies properties that should all be matched instead of just one.

Fixes #28372
2023-10-11 19:57:49 +02:00
Lennart Poettering
9f3ed6fd19 update TODO 2023-10-11 18:20:16 +02:00
Lennart Poettering
80f6507c83 varlink: use the right validator for error replies 2023-10-11 18:19:36 +02:00
Lennart Poettering
041a66b843 varlink: didn't generate a varlink error reply if a failed method call handler already did
It might happen that a method call handler already generated an error
reply and then still propagated the error back to the varlink logic.
Let's not try to generate a 2nd reply from that error code then, but
simply proceed without. This simplifies handling of errors in method
call handlers, because they can uniformly return errno-style error
codes, and only if they want return a full Varlink errror.
2023-10-11 18:19:36 +02:00
Lennart Poettering
c270fc448e varlink: don't bother replying about validation errors on method calls with 'oneway' set 2023-10-11 18:19:36 +02:00
Lennart Poettering
47c9bbb1ab varlink: automatically send ExpectedMore error message back when we were called without more=true set, but need it
Various Varlink calls only make sense if they are called with more=true
(i.e. in a mode where multiple replies are expected to be sent). If a
method call assumes it is called with more (manifested in the fact it
calls varlink_notify(), the call to reply to such messages) let's return
a recognizable error code for the violated expectation.

This adds a new error for this, org.varlink.service.ExpectedMore. Note
we are squatting the official org.varlink.service namespace, but for
such a basic thing it makes sense to add it there.
2023-10-11 18:19:36 +02:00
Zbigniew Jędrzejewski-Szmek
02d8d787f3 kernel-install/60-ukify: also support the convention with 'devicetree' file
Requested in https://github.com/systemd/systemd/pull/28582#issuecomment-1673300596.
The is the last requested changed, so fixes #28771.

90-loaderentry.install is modified to also check $KERNEL_INSTALL_CONF_ROOT
when looking for the devicetree file. For normal use this is probably not
needed, but it's nice to be consistent and it also makes it much easier to
write the tests.

In tests, also do 'ukify inspect' now that we have it.
2023-10-11 17:34:43 +02:00
Zbigniew Jędrzejewski-Szmek
e3696e6f63 ukify: fix .dtb section name in 'inspect'
Fixup for df4a46733a609f1673de0bebb38e89fffd70c16c.
2023-10-11 17:34:43 +02:00
Zbigniew Jędrzejewski-Szmek
40c0c9d4bc kernel-install/60-ukify: add helper function for locating input files
Also rename config_file_location() to uki_conf_location() to make
it obvious which config file was meant.
2023-10-11 17:34:43 +02:00
Zbigniew Jędrzejewski-Szmek
7a9d86bceb man/kernel-install: fix formatting and document /etc/kernel/devicetree
Each filename should be a separate <term>, so that they separated in the
formatted text. Also, we list files in documentation in priority order, but
here they were in reverse order. Also, rework the description of
$KERNEL_INSTALL_CONF_ROOT to say that it makes kernel-install not look at the
other files. This requires some more words, so make this a separate paragraph
and refer from individual items to it. Also, drop some sentences with "Read by
...", they were already outdated.

Partial fix for #28771.

Co-authored-by: Emil Renner Berthing <systemd@esmil.dk>
2023-10-11 17:34:43 +02:00
Zbigniew Jędrzejewski-Szmek
91767ab082 kernel-install/90-loaderentry: do not read dtbs from /boot
/boot is not trusted, so we shouldn't use load files from there. Also, space in
/boot is limited, so it doesn't make sense to install the files under one
location there and then copy them to a different location. We should only copy
the files from /usr somewhere and then install it in the appropriate place under
/boot.

Also use "/usr/lib" instead of the "/lib" prefix. We don't support unmerged-user
anymore.

Addresses some of the feedback in
https://github.com/systemd/systemd/pull/28582#discussion_r1285820556.
2023-10-11 17:28:29 +02:00