1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-27 18:04:05 +03:00

50444 Commits

Author SHA1 Message Date
Pjotr Vertaalt
798c65cf1f po: Added translation using Weblate (Dutch)
Co-authored-by: Pjotr Vertaalt <pjotrvertaalt@gmail.com>
2021-03-23 11:06:02 +01:00
David Tardon
f055cf7786 man: document differences in clean exit status for Type=oneshot
See commit 1f0958f640b87175cd547c1e69084cfe54a22e9d .
2021-03-23 09:33:23 +01:00
Christian Hesse
3babb81625 man: rate limited services can be restartet from timer or socket
If rate limiting kicks in for Restart= logic it is still possible for a
timer or socket to restart the service.
2021-03-23 09:16:30 +01:00
Zbigniew Jędrzejewski-Szmek
39f756d3ae sd-event: disable epoll_pwait2 for now
This reverts the gist of commit 798445ab84cff51bde7fcf936f0fb19c37cf858c.

Unfortunately the new syscall causes test-event to hang. 32 bit architectures
seem affected: i686 and arm32 in fedora koji. 32 bit build of test-event hangs
reliably under valgrind:

$ PKG_CONFIG_LIBDIR=/usr/lib/pkgconfig meson build-32 -Dc_args=-m32 -Dc_link_args=-m32 -Dcpp_args=-m32 -Dcpp_link_args=-m32 && ninja -C build-32 test-event && valgrind build/test-event

If I set epoll_pwait2_absent=true, so the new function is never called, then
the issue does not reproduce. It seems to be strictly tied to the syscall.

On amd64, the syscall is not used, at least with the kernel that Fedora
provides. The kernel patch 58169a52ebc9a733aeb5bea857bc5daa71a301bb says:

  For timespec, only support this new interface on 2038 aware platforms
  that define __kernel_timespec_t. So no CONFIG_COMPAT_32BIT_TIME.

And Fedora sets CONFIG_COMPAT_32BIT_TIME=y. I expect most other distros will too.

On amd64: epoll_wait_usec: epoll_pwait2: ret=-1 / errno=38
On i686 (same kernel): epoll_wait_usec: epoll_pwait2: ret=2 / errno=0

Is this some kind of emulation? Anyway, it seems that this is what is going wrong.

So let's disable the syscall until it becomes more widely available and the
kinks have been ironed out.

Fixes test-event issue in #19052.
2021-03-23 09:10:29 +01:00
Zbigniew Jędrzejewski-Szmek
ca83c7f88c
Merge pull request #19075 from keszybz/calendarspec-loop
Fix infinite loop in calendarspec calculation when timezone has negative DST save value
2021-03-23 09:06:16 +01:00
Yu Watanabe
0c4363a005 firewall-util: refuse IPv6 firewall rules when kernel does not support IPv6 2021-03-23 15:17:44 +09:00
Yu Watanabe
175bc86315 firewall-util: gracefully handle -EOVERFLOW returned from older kernel 2021-03-23 15:17:44 +09:00
Yu Watanabe
5ee7c719e1 firewall-util: do not use goto for retrying 2021-03-23 15:17:44 +09:00
Yu Watanabe
84af90ba5d firewall-util: add missing return value check 2021-03-23 15:17:44 +09:00
Yu Watanabe
dfb433f2a7 firewall-util: probe firewall backend in fw_ctx_new()
FirewallContext is used by networkd and nspawn. Both allocates the
context when it is really necessary. Hence, it is not necessary to delay
probing backend.

Moreover, if iptables backend is not enabled on build, and nftables is
not supported by kernel, previously `fw_nftables_init()` is called
everytime when we try to configure masquerade or dnat. It causes
significant performance loss.

Fixes test-firewall-util issue in #19052.
2021-03-23 15:17:34 +09:00
Yu Watanabe
4fb8a48ff0 network: allocate FirewallContext lazily 2021-03-23 14:41:13 +09:00
Yu Watanabe
da00b84087 firewall-util: logs which backend will be used
This also modernizes code a bit.
2021-03-23 14:40:50 +09:00
Zbigniew Jędrzejewski-Szmek
129cb6e249 shared/calendarspec: when mktime() moves us backwards, jump forward
When trying to calculate the next firing of 'Sun *-*-* 01:00:00', we'd fall
into an infinite loop, because mktime() moves us "backwards":

Before this patch:
tm_within_bounds: good=0 2021-03-29 01:00:00 → 2021-03-29 00:00:00
tm_within_bounds: good=0 2021-03-29 01:00:00 → 2021-03-29 00:00:00
tm_within_bounds: good=0 2021-03-29 01:00:00 → 2021-03-29 00:00:00
...

We rely on mktime() normalizing the time. The man page does not say that it'll
move the time forward, but our algorithm relies on this. So let's catch this
case explicitly.

With this patch:
$ TZ=Europe/Dublin faketime 2021-03-21 build/systemd-analyze calendar --iterations=5 'Sun *-*-* 01:00:00'
Normalized form: Sun *-*-* 01:00:00
    Next elapse: Sun 2021-03-21 01:00:00 GMT
       (in UTC): Sun 2021-03-21 01:00:00 UTC
       From now: 59min left
       Iter. #2: Sun 2021-04-04 01:00:00 IST
       (in UTC): Sun 2021-04-04 00:00:00 UTC
       From now: 1 weeks 6 days left           <---- note the 2 week jump here
       Iter. #3: Sun 2021-04-11 01:00:00 IST
       (in UTC): Sun 2021-04-11 00:00:00 UTC
       From now: 2 weeks 6 days left
       Iter. #4: Sun 2021-04-18 01:00:00 IST
       (in UTC): Sun 2021-04-18 00:00:00 UTC
       From now: 3 weeks 6 days left
       Iter. #5: Sun 2021-04-25 01:00:00 IST
       (in UTC): Sun 2021-04-25 00:00:00 UTC
       From now: 1 months 4 days left

Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1941335.
2021-03-23 00:35:02 +01:00
Luca Boccassi
e6fda8f675
Merge pull request #19079 from poettering/resolved-ipv6-cache-fix
fix CNAME/DNAME following in combined A/AAAA replies
2021-03-22 23:20:11 +00:00
Luca Boccassi
d4bb2b0b4e
Merge pull request #19081 from keszybz/three-comment-updates
Three comment updates
2021-03-22 22:36:01 +00:00
Zbigniew Jędrzejewski-Szmek
ccd593a61c man: say that .device units need udev
This was implied by the need to tag them with "systemd", but let's make this
obvious, since it's rather easy to trip over this as a user.

Inspired by https://bugzilla.redhat.com/show_bug.cgi?id=1941458.
2021-03-22 21:48:45 +01:00
Zbigniew Jędrzejewski-Szmek
d229704743 Reword and reindent comment
Follow-up for 0e557eef37.
2021-03-22 21:48:17 +01:00
Zbigniew Jędrzejewski-Szmek
de0b89913c Partially revert "correct incorrect command in NEWS (#19048)"
This reverts commit 6d18c13e79a0b3374599a3416a644a7837d5a1e6.

The syntax like "0666" is very unclear. It only makes sense for some subset of
people who do C programming. Let's use the much more sensible modern python
syntax instead.
2021-03-22 21:33:03 +01:00
Zbigniew Jędrzejewski-Szmek
965984240e
Merge pull request #19058 from bugaevc/log-open-protect-errno
Save errno over log_open() calls
2021-03-22 21:28:28 +01:00
Yu Watanabe
c23bb96b38 shell-completion: systemd-run: add missing options
Closes #19044.
2021-03-22 21:20:17 +01:00
Lennart Poettering
24063ba16a update TODO 2021-03-22 21:17:58 +01:00
Zbigniew Jędrzejewski-Szmek
47b0b65766 test-calendarspec: do not convert timezone "" to ":"
I *think* it doesn't actually make any difference, because ":" will be ignored.
437f48a471f51ac9dd2697ee3b848a71b4f101df added prefixing with ":", but didn't
take into account the fact that we also use "" with a different meaning than
NULL here. But let's restore the original behaviour of specifying the empty
string.
2021-03-22 20:08:16 +01:00
Zbigniew Jędrzejewski-Szmek
f035bb1b7a test-calendarspec: print offending line in output
The output is rather long at this makes it easier to jump to the right place.
Also use normal output routines and set_unset_env() to make things more
compact.
2021-03-22 20:08:16 +01:00
Zbigniew Jędrzejewski-Szmek
462f15d92d shared/calendarspec: constify parameter and simplify assignments to variable
The scope of start & stop is narrowed down, and they are assigned only once.
No functional change, but I think the code is easier to read this way.
Also add a comment to make the code easier to read.
2021-03-22 20:08:16 +01:00
Lennart Poettering
7e7b0e2198 update TODO 2021-03-22 19:07:34 +01:00
Lennart Poettering
1a71fe4ee5 resolved: don't accept responses to query unless they completely answer our questions
When we checking if the responses we collected for a DnsQuery are
sufficient to complete it we previously only check if one of the
collected response RRs matches at least one of the question RR keys.

This changes the logic to require that there must be at least one
response RR matched *each* of the question RR keys before considering
the answer complete.

Otherwise we might end up accepting an A reply as complete answer for an
A/AAAA query and vice versa, but we want to make sure we wait until we
get a reply on both types before returning this to the user in all
cases.

This has been broken for basically forever, but didn't surface until
b1eea703e01da1e280e179fb119449436a0c9b8e since until then we'd basically
ignore the auxiliary RRs included in CNAME/DNAME replies. Once that
commit was made we'd start using the auxiliary RRs included in
CNAME/DNAME replies but those typically included only A or only AAAA
which we then took for complete.

Fixe: #19049
2021-03-22 18:40:06 +01:00
Lennart Poettering
4cba52cc7a resolved: propagate correct error variable 2021-03-22 18:27:36 +01:00
Sergey Bugaev
fbdacd7268 homework: use FORK_CLOSE_ALL_FDS in a few more places
And make sure to reopen the log appropriately.
2021-03-22 19:34:07 +03:00
Sergey Bugaev
7e0ed2e9a2 tree-wide: reopen log after fork when needed
This follows up on 0b1f3c768ce1bd1490a5e53f539976dcef8ca765, adding more places
where we should reopen the log after forking with FORK_CLOSE_ALL_FDS.

When immediately calling exec in the child, prefer to explicitly reopen the log
after exec fails. In other cases, just use FORK_REOPEN_LOG.
2021-03-22 19:34:07 +03:00
Sergey Bugaev
0e557eef37 log: protect errno in log_open()
Commit 0b1f3c768ce1bd1490a5e53f539976dcef8ca765 has introduced log_open()
calls after exec fails post-fork. However, the log_open() call itself could
change the value of errno, which, for me, manifested in:

$ coredumpctl gdb
...
Failed to invoke gdb: Success

Fix this by using PROTECT_ERRNO in log_open().
2021-03-22 19:34:03 +03:00
Yu Watanabe
dcb6061e1c meson: fix warning about comparison between different types
Follow-up for e39288193fcdf3a36dbc49b78e6c9bf86a764e31.
2021-03-22 14:40:46 +01:00
Zbigniew Jędrzejewski-Szmek
169615c9a8 shared/calendarspec: abort calculation after 1000 iterations
We have a bug where we seem to enter an infinite loop when running in the
Europe/Dublin timezone. The timezone is "special" because it has negative SAVE
values. The handling of this should obviously be fixed, but let's use a
belt-and-suspenders approach, and gracefully fail if we fail to find an answer
within a specific number of attempts. The code in this function is rather
complex, and it's hard to rule out another bug in the future.
2021-03-22 13:44:57 +01:00
Antonio Terceiro
17e9000164 logs-show: add missing newline in warning message 2021-03-21 17:52:07 +00:00
Yu Watanabe
fcc3c20ca3 meson: fix build error of test-dnssec-complex
Fixes #19065.
2021-03-21 13:18:44 +01:00
tpgxyz
e39288193f systemd-boot: LLVM/lld does not support PE/COFF relocations. Bail out with an error message 2021-03-19 19:42:47 +00:00
Lennart Poettering
c68fc3514d blockdev-util: fix access to possibly invalidated dirent struct
Let's copy out the string we need from the dirent, there's no reason to
believe the dirent struct might live for longer than one loop iteration.
2021-03-19 18:13:17 +01:00
Lennart Poettering
f9b3afae96 repart: make sure to grow partition table after growing backing loopback file
This fixes the --size= switch, i.e. where we grow a disk image: after
growing it we need to expand the partition table so that its idea of the
the medium size matches the new reality. Otherwise our disk size
calculations in the subsequent steps might still use the original
ungrown size.

(This used to work, I guess this was borked when libfdisk learnt the
concept of "minimized" partition tables)
2021-03-19 18:11:26 +01:00
Michael Gisbers
6d18c13e79
correct incorrect command in NEWS (#19048)
* for /dev/vsock a file permission of 0o666 was mentioned but 0666 is probably better understood, so let's use that
* correct non existing command 'ip dev'
2021-03-19 11:38:53 +01:00
Sam Lunt
6f50c94dfd Wrong index in error message 2021-03-19 09:53:25 +00:00
Yu Watanabe
5cdb3f70eb udev: do not try to assign invalid ifname
Fixes #19038.
2021-03-19 09:52:21 +00:00
Lennart Poettering
7f966edbda homepage: fix year in footer to 2021
(And while we are at it, let's fix the "Sources" link in the footer to point to the right git repo subdir)
2021-03-18 23:31:55 +01:00
Luca Boccassi
dc4c1d4434
Merge pull request #19030 from dtardon/rhel9-covscan
a bunch of small fixes and clenups based on initial RHEL-9 covscan run
2021-03-18 16:28:46 +00:00
Luca Boccassi
12854a6ed5
Merge pull request #19036 from mrc0mmand/cocci-fixes
tree-wide: coccinelle fixes
2021-03-18 14:26:04 +00:00
David Tardon
eba1eb9066 resolved-dns-rr: drop unneeded braces 2021-03-18 13:19:13 +01:00
David Tardon
037e5b1547 resolved-dns-rr: use already existing variable 2021-03-18 13:19:13 +01:00
David Tardon
516a00e9cf resolved-dns-rr: avoid unnecessary reassignment 2021-03-18 13:19:00 +01:00
David Tardon
bc83340176 resolved-dns-rr: don't leak s if base64_append fails 2021-03-18 13:13:04 +01:00
Frantisek Sumsal
ca21d59a3f coccinelle: filter out a couple of 'false-positive' transformations
* flag-set.cocci: perform the transformation only if the second
    argument is a constant
  * sd-journal/lookup3.c: skip the cocci completely for this file, since
    it's not "ours"
  * strjoina.cocci: skip the transformation on the "test_strjoina" test,
    since it intentionally tests the "incorrect" expression we're trying to
    transform (the same thing was already done in strjoin.cocci)
2021-03-18 11:59:53 +01:00
Frantisek Sumsal
57ac6959f5 tree-wide: coccinelle fixes
Another batch of fixes (mostly) generated by Coccinelle.
2021-03-18 11:59:31 +01:00
Ulrich Ölmann
2c0c1b095c shutdown: fix typo 2021-03-18 09:43:08 +00:00