1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-25 01:34:28 +03:00
Commit Graph

70786 Commits

Author SHA1 Message Date
Yu Watanabe
738ad08b0d copy: do not ignore chattr_flags and friends passed to copy_file_atomic_full()
Fixes a bug introduced by 427d9c34e6.
2024-02-08 22:06:16 +09:00
Yu Watanabe
8334b1c762
Merge pull request #31245 from yuwata/network-ndisc-adjust-log-messages
network/ndisc: slightly update log messages
2024-02-08 22:05:55 +09:00
Yu Watanabe
e2382ef005 wait-online: split out get_state_range()
Follow-up for 2d70878162.

After the conversion from FOREACH_POINTER() to FOREACH_ARGUMENT(),
the iterator is never set to POINTER_MAX.
2024-02-08 16:59:04 +08:00
Sludge
02c127b344 hwdb: add resolution setting for GAOMON S620 2024-02-08 13:12:10 +09:00
Yu Watanabe
1847a544af dissect-image: fix typo
Follow-up for b387778c5b.
2024-02-08 11:37:20 +09:00
Yu Watanabe
5ac0345329 nspawn: fix typo
Follow-up for f94025a136.
2024-02-08 11:36:08 +09:00
Yu Watanabe
d9b8acda2a test: fix typo
Follow-up for 38a80ba108 and
a39d8396a9.
2024-02-08 11:34:36 +09:00
Yu Watanabe
0627b29e0a
Merge pull request #31171 from yuwata/sd-ndisc-invalid-dnssl
sd-ndisc: handle invalid DNSSL option gracefully
2024-02-08 09:10:38 +09:00
Yu Watanabe
7dc431839e network/dhcp4: disable IPv6OnlyMode= by default
As explained in #30891, IPv6OnlyMode= should be enabled with 464XLAT
support, but we do not support it yet. Let's disable by default.

Fixes #30891.
2024-02-07 23:30:17 +00:00
Yu Watanabe
a39d8396a9 test: add test case for invalid DNSSL option 2024-02-08 06:46:48 +09:00
Yu Watanabe
b409ac6c77 network/ndisc: sd_ndisc_router_get_{icmp6_ratelimit,retransmission_time}() should never fail
This also fixes use of '%m' specifier without passign error code.
2024-02-08 06:24:31 +09:00
Yu Watanabe
34acdf9074 network/ndisc: slightly adjust log messages 2024-02-08 06:24:31 +09:00
Yu Watanabe
38a80ba108 test: add short comment for RA message 2024-02-08 05:39:21 +09:00
Yu Watanabe
6244184e3f sd-ndisc: make sd_ndisc_router_dnssl_get_domains() return -EBADMSG when received invalid domain name
Fixes #31168.
2024-02-08 05:39:21 +09:00
Yu Watanabe
3092bd7aa1
Merge pull request #31176 from yuwata/network-required-for-online
network: adjust default value of RequiredForOnline=
2024-02-08 05:26:12 +09:00
Fernando Fernandez Mancera
5c9afd93a9 sd-dhcp6-client: allow setting send-release when client is running
The send-release option only affects to the client when STOPPING. There
is no reason to do not allow this option to be set while the client is
running.

An user might want to delay the decision of sending a RELEASE message to
a later stage where the client is already running.
2024-02-08 05:24:20 +09:00
Keian
e23d7aa193
60-evdev.hwdb: Add support for Huion Inspiroy 2 L (#31241)
Also fixed a spelling mistake on the HUION Inspiroy H420X
2024-02-08 04:14:09 +08:00
Yu Watanabe
fe0acbf7e0 network: set 'removing' flag to remembered object
Previously, if address_remove() or friends called with a temporary
object, the removing flag is assigned to the temporary object, and is
not set to the remembered object. Hence, e.g.
route_is_ready_to_configure() wrongly judge a required address for a
route is (still) ready, hence networkd fails to configure the route.

Fixes #28009.
2024-02-07 10:25:19 +00:00
Yu Watanabe
10aedb6f9d network/address: do not configure with IFA_F_TENTATIVE
Follow-up for 0a0c2672db.

After the commit, remembered Address objects by Link are always given by
kernel. Hence, it is not necessary to set the flag, as it is always
ignored by the kernel, and the kernel set the flag on notification if it
is necessary.
2024-02-07 10:21:12 +00:00
Luca Boccassi
9182658d3b
Merge pull request #31202 from YHNdnzj/creds-reuse
core: reuse credential dir across start and start-post if populated
2024-02-07 10:17:07 +00:00
Franck Bui
e374109efb test: systemd-update-utmp is optional
It can be disabled with '-Dutmp=false'
2024-02-07 11:00:20 +01:00
Maanya Goenka
34e17203bd
preset: enable confext and sysext by default (#31211) 2024-02-07 04:19:59 +08:00
Zbigniew Jędrzejewski-Szmek
d44934f378 NEWS: announce plan to drop support for nscd
This is in preparation for https://github.com/systemd/systemd/pull/30360 to be
merged in a future release. As described there:

  nscd is known to be racy [1] and it was already deprecated and later dropped
  in Fedora a while back [1,2]. We don't need to support obsolete stuff in
  systemd, and the cache in systemd-resolved provides a better solution anyway.

  [1] https://fedoraproject.org/wiki/Changes/DeprecateNSCD
  [2] https://fedoraproject.org/wiki/Changes/RemoveNSCD

Note that our "support" is only the signal to flush the cache that we send at
various points. Nscd itself may still exist, dropping it is a decision to be
made in glibc.
2024-02-06 18:34:56 +01:00
Mike Yuan
cfbf7538d8
core: reuse credential dir across start and start-post if populated,
fresh otherwise

Currently, exec_setup_credential() always rewrite all credentials
upon exec_invoke(), i.e. invocation of each ExecCommand, and within
a single tmpfs instance. This is problematic though:

* When writing each tmp cred file, we essentially double the size
  of the credential. Therefore, if one cred is bigger than half
  of CREDENTIALS_TOTAL_SIZE_MAX, confusing ENOSPC occurs (see also
  https://github.com/systemd/systemd/pull/24734#issuecomment-1925440546)

* Credential is a unit-wide thing and thus should not change
  during the whole lifetime of main process. However, if e.g.
  a on-disk credential or SetCredential= in unit file
  changes between ExecStart= and ExecStartPost=,
  the credentials are overwritten when the latter gets to run,
  and the already-running main process is suddenly seeing
  completely different creds.

So, let's try to reuse final cred dir if the main process has started
and the tmpfs has been populated, so that the creds used is stable
across all ExecStart= and ExecStartPost=-s. We still want to retain
the ability of updating creds through ExecStartPre= though, therefore
we forcibly use a fresh cred dir for those. 'Fresh' means to actually
unmount the old tmpfs first, so the first problem goes away, too.
2024-02-07 00:43:33 +08:00
Mike Yuan
1221ba0f6f
core: introduce exec_params_need_credentials
Also rename EXEC_WRITE_CREDENTIALS to EXEC_SETUP_CREDENTIALS.
2024-02-07 00:43:33 +08:00
Mike Yuan
54c3546188
TEST-54-CREDS: add test for ExecStartPost= (#31194) 2024-02-07 00:43:32 +08:00
Mike Yuan
0f781376c0
core/exec-credential: use FOREACH_ARRAY at one more place 2024-02-07 00:43:32 +08:00
Mike Yuan
3a0f6c217d
core/exec-credential: add missing assertions 2024-02-07 00:43:32 +08:00
Yu Watanabe
6f412c00cf wait-online: by default not all interface need to be online
Fixes an issue caused by ab3aed4a03 (v253).

By default, all managed interface need to be configured, and at least
one interface need to be online. Hence, offline interface should be ignored.

Fixes #29506.
2024-02-06 12:45:37 +00:00
Felix Riemann
0119370cbb cryptenroll: Fix reading keyfile from socket
systemd-cryptenroll uses the READ_FULL_FILE_CONNECT_SOCKET flag when
reading the keyfile to also allow reading it from a socket. But it also
sets the offset to 0, causing an unnecessary seek to the beginning of
the newly opened keyfile and disables socket support again, as these do
not support seeking.

Disable seeking entirely to remove the unneeded seek and restore support
for reading the keyfile from a socket again as with systemd-cryptsetup.
2024-02-06 12:44:42 +00:00
Luca Boccassi
d50f58d641
Merge pull request #31210 from poettering/chdir-hardening
WorkingDirectory= hardening
2024-02-06 12:41:43 +00:00
Luca Boccassi
33d7fedca9
Merge pull request #31205 from YHNdnzj/path-is-mount-point
mountpoint-util: expose root and flags as path_is_mount_point_full
2024-02-06 12:37:20 +00:00
Zbigniew Jędrzejewski-Szmek
85a84772a1 units: drop userdbd from homed's Also=
Also= lists units which should be enabled/disabled together with the first unit.
But userdbd is independent of homed, we shouldn't e.g. disable it even if homed
is disabled.
2024-02-06 12:36:04 +00:00
Mike Yuan
c90335403c process-util: minor follow-up for pidfd_spawn 2024-02-06 12:26:38 +00:00
Lennart Poettering
83d5dab4de nspawn: and also add comment, making clear chdir() should come late 2024-02-06 11:13:28 +01:00
Lennart Poettering
f94025a136 nspawn: also refuse paths below API VFS in nspawn's --chdir= field 2024-02-06 11:13:28 +01:00
Lennart Poettering
8049bce619 load-fragment: set PATH_CHECK_NON_API_VFS flag at various other places
I tried to be conservative here, and hence in doubt I left the flag off,
but in some cases I really can't see any reason why it would make sense
to specifiy paths into API VFS, hence add it there, to lock things down
a bit.
2024-02-06 11:13:28 +01:00
Lennart Poettering
e0f6eaeb4f parse-helpers: adjust log level when we say we ignore to LOG_WARNING 2024-02-06 11:13:28 +01:00
Lennart Poettering
14631951ce dbus: make dbus property parsing of WorkingDirectory= equally strict as loading it from the unit files 2024-02-06 11:13:28 +01:00
Lennart Poettering
a13fb98ba7 exec-invoke: extend comment on placement of apply_working_directory() call
Inspired by CVE-2024-21626, let's add a longer comment explaining why
the code really shouldn#t be moved any earlier.

Just in the hope that anyone who feels tempted to move this around maybe
actually reads the comment and reconsiders.
2024-02-06 11:13:28 +01:00
Lennart Poettering
0d1332841e parse-helpers: add new PATH_CHECK_NON_API_VFS flag
In various contexts it's a bit icky to allow paths below /proc/, /sys/,
/dev/ i.e. file hierarchies where API VFS are placed. Let's add a new
flag for path_simplify_and_warn() to check for this and refuse a path if
in these paths.

Enable this when parsing WorkingDirectory=.

This is inspired by CVE-2024-21626, which uses trickery around the cwd
and /proc/self/fd/.

AFAICS we are not actually vulnerable to the same issue as explained in
the CVE since we execute the WorkingDirectory= setting very late, i.e.
long after we set up the new mount namespace. But let's filter out icky
stuff better earlier than later, as extra safety precaution.
2024-02-06 11:13:28 +01:00
Lennart Poettering
0fb08bd5e3 mountpoint-util: add small helper that checks if a path is below the API VFS hierarchies 2024-02-06 11:13:28 +01:00
Lennart Poettering
b63e3bd308 exec-invoke: rework apply_working_directory() around chase()
let's be more careful and get rid of one more prefix_roota() use, in
favour of the safe chase().
2024-02-06 10:28:30 +01:00
Lennart Poettering
e66766ead8 parse-helpers: indent according to coding style 2024-02-06 10:28:30 +01:00
Mike Yuan
027d9f9096
Merge pull request #31209 from bluca/pidfd_spawn
core: add support for pidfd_spawn
2024-02-06 15:14:17 +08:00
Mike Yuan
b409aacb0a
mountpoint-util: introduce path_is_mount_point_full 2024-02-06 15:09:28 +08:00
Mike Yuan
561d879305
login/user-runtime-dir: properly check for mount point 2024-02-06 15:08:58 +08:00
Luca Boccassi
76e00ba2e5 TODO: drop clone3 item 2024-02-05 21:52:36 +00:00
Luca Boccassi
2e106312e2 core: add support for pidfd_spawn
Added in glibc 2.39, allows cloning into a cgroup and to get
a pid fd back instead of a pid. Removes race conditions for
both changing cgroups and getting a reliable reference for the
child process.

Fixes https://github.com/systemd/systemd/pull/18843
Replaces https://github.com/systemd/systemd/pull/16706
2024-02-05 21:52:36 +00:00
Luca Boccassi
9ca13d60db executor: really set POSIX_SPAWN_SETSIGDEF for posix_spawn
posix_spawnattr_setflags() doesn't OR the input to the current set of flags,
it overwrites them, so we are currently losing POSIX_SPAWN_SETSIGDEF.

Follow-up for: 6ecdfe7d10
2024-02-05 16:26:01 +00:00