1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-01 09:21:26 +03:00
Commit Graph

27884 Commits

Author SHA1 Message Date
Lennart Poettering
8d6e80343a util-lib: improve container detection logic
Previously, systemd-detect-virt was unable to detect "systemd-nspawn -a"
container environments, i.e. where PID 1 is a stub process running in host
context, as in that case /proc/1/environ was inherited from the host. Let's
improve that, and add an additional check for container environments where
/proc/1/environ is not cleaned up and does not contain the $container
environment variable:

The /proc/1/sched file shows the host PID in the first line. if this is not
1, we know we are running in a PID namespace (but not which implementation).

With these changes we should be able to detect container environments that
don't set $container at all.
2016-12-14 18:29:30 +01:00
Zbigniew Jędrzejewski-Szmek
f6f372d2f4 Add sd_is_socket_sockaddr (#4885)
Fixes #1188.
2016-12-14 11:51:26 +01:00
Ronny Chevalier
80d8b5bc1f Merge pull request #4889 from evverx/fix-test-fs-util-memleak
test-fs-util: fix memleak
2016-12-14 11:34:48 +01:00
Lennart Poettering
0900593e86 generator: order fsck service After= the device
Otherwise we might get started too early.
2016-12-14 10:13:52 +01:00
Lennart Poettering
ad2706db7c core: rework logic to determine when we decide to add automatic deps for mounts
This adds a concept of "extrinsic" mounts. If mounts are extrinsic we consider
them managed by something else and do not add automatic ordering against
umount.target, local-fs.target, remote-fs.target.

Extrinsic mounts are considered:

- All mounts if we are running in --user mode

- API mounts such as everything below /proc, /sys, /dev, which exist from
  earliest boot to latest shutdown.

- All mounts marked as initrd mounts, if we run on the host

- The initrd's private directory /run/initrams that should survive until last
  reboot.

This primarily merges a couple of different exclusion lists into a single
concept.
2016-12-14 10:13:52 +01:00
Lennart Poettering
33e2818093 core: make sure targets that get a default Conflicts=shutdown.target are also ordered against it
Let's tweak the automatic dependency generation of target units: not only add a
Conflicts= towards shutdown.target but also an After= line for it, so that we
can be sure the new target is not started when the old target is still up.

Discovered in the context of #4733

(Also, exclude dependency generation if for shutdown.target itself. — This is
strictly speaking redundant, as unit_add_two_dependencies_by_name() detects
that and becomes a NOP, but let's make this explicit for readability.)
2016-12-14 10:13:52 +01:00
Lennart Poettering
4549fcdb1d Add a bit of documentation for the various undocumented environment variables we honour 2016-12-14 10:13:52 +01:00
Lennart Poettering
295ee9845c util: Fine tune running_in_chroot() a bit
Let's be a bit more careful when detecting chroot() environments, so that we
can discern them from namespaced environments.

Previously this would simply check if the root directory of PID 1 matches our
own root directory. With this commit, we also check whether the namespaces of
PID 1 and ourselves are the same. If not we assume we are running inside of a
namespaced environment instead of a chroot() environment.

This has the benefit that systemctl (which uses running_in_chroot()) will work
as usual when invoked in a namespaced service.
2016-12-14 10:13:52 +01:00
Zbigniew Jędrzejewski-Szmek
4014818d53 Merge pull request #4806 from poettering/keyring-init
set up a per-service session kernel keyring, and store the invocation ID in it
2016-12-13 23:24:42 -05:00
Zbigniew Jędrzejewski-Szmek
9cf314f34d Merge pull request #4727 from poettering/exec-bind
More namespace improvements
2016-12-13 22:30:07 -05:00
Evgeny Vereshchagin
f4b85a0fb6 test-fs-util: fix memleak
Fixes:
```
$ ./libtool --mode=execute valgrind --leak-check=full ./test-fs-util
...
==22871==
==22871== 27 bytes in 1 blocks are definitely lost in loss record 1 of 1
==22871==    at 0x4C2FC47: realloc (vg_replace_malloc.c:785)
==22871==    by 0x4E86D05: strextend (string-util.c:726)
==22871==    by 0x4E8F347: chase_symlinks (fs-util.c:712)
==22871==    by 0x109EBF: test_chase_symlinks (test-fs-util.c:75)
==22871==    by 0x10C381: main (test-fs-util.c:305)
==22871==
```
Closes #4888
2016-12-14 00:31:53 +00:00
Lennart Poettering
f59d1da8cd update TODO 2016-12-14 00:55:12 +01:00
Lennart Poettering
4ea0d7f431 core: make "Restart" service property accessible via the transient API
Fixes: #4402
2016-12-14 00:54:13 +01:00
Lennart Poettering
d2d6c096f6 core: add ability to define arbitrary bind mounts for services
This adds two new settings BindPaths= and BindReadOnlyPaths=. They allow
defining arbitrary bind mounts specific to particular services. This is
particularly useful for services with RootDirectory= set as this permits making
specific bits of the host directory available to chrooted services.

The two new settings follow the concepts nspawn already possess in --bind= and
--bind-ro=, as well as the .nspawn settings Bind= and BindReadOnly= (and these
latter options should probably be renamed to BindPaths= and BindReadOnlyPaths=
too).

Fixes: #3439
2016-12-14 00:54:10 +01:00
Lennart Poettering
8fceda937f namespace: instead of chasing mount symlinks a priori, do so as-we-go
This is relevant as many of the mounts we try to establish only can be followed
when some other prior mount that is a prefix of it is established. Hence: move
the symlink chasing into the actual mount functions, so that we do it as late
as possibly but as early as necessary.

Fixes: #4588
2016-12-14 00:51:37 +01:00
Lennart Poettering
34de407a4f core: rename BindMount structure → MountEntry
After all, these don#t strictly encapsulate bind mounts anymore, and we are
preparing this for adding arbitrary user-defined bind mounts in a later commit,
at which point this would become really confusing. Let's clean this up, rename
the BindMount structure to MountEntry, so that it is clear that it can contain
information about any kind of mount.
2016-12-14 00:48:52 +01:00
Lennart Poettering
cfbeb4ef8d namespace: add explicit read-only flag
This reworks handling of the read-only management for mount points. This will
become handy as soon as we add arbitrary bind mount support (which comes in a
later commit).
2016-12-14 00:42:01 +01:00
Lennart Poettering
ddbe041277 namespace: reindent protect_system_strict_table[] as well
All other tables got reindented, but one was forgotten. Fix that.
2016-12-13 21:22:13 +01:00
Lennart Poettering
835552511e core: hook up MountFlags= to the transient unit logic
This makes "systemd-run -p MountFlags=shared -t /bin/sh" work, by making
MountFlags= to the list of properties that may be accessed transiently.
2016-12-13 21:22:13 +01:00
Lennart Poettering
ab79099d16 pam: include pam_keyinit.so in our PAM fragments
We want that systemd --user gets its own keyring as usual, even if the
barebones PAM snippet we ship upstream is used. If we don't do this we get the
basic keyring systemd --system sets up for us.
2016-12-13 20:59:36 +01:00
Lennart Poettering
b3415f5dae core: store the invocation ID in the per-service keyring
Let's store the invocation ID in the per-service keyring as a root-owned key,
with strict access rights. This has the advantage over the environment-based ID
passing that it also works from SUID binaries (as they key cannot be overidden
by unprivileged code starting them), in contrast to the secure_getenv() based
mode.

The invocation ID is now passed in three different ways to a service:

- As environment variable $INVOCATION_ID. This is easy to use, but may be
  overriden by unprivileged code (which might be a bad or a good thing), which
  means it's incompatible with SUID code (see above).

- As extended attribute on the service cgroup. This cannot be overriden by
  unprivileged code, and may be queried safely from "outside" of a service.
  However, it is incompatible with containers right now, as unprivileged
  containers generally cannot set xattrs on cgroupfs.

- As "invocation_id" key in the kernel keyring. This has the benefit that the
  key cannot be changed by unprivileged service code, and thus is safe to
  access from SUID code (see above). But do note that service code can replace
  the session keyring with a fresh one that lacks the key. However in that case
  the key will not be owned by root, which is easily detectable. The keyring is
  also incompatible with containers right now, as it is not properly namespace
  aware (but this is being worked on), and thus most container managers mask
  the keyring-related system calls.

Ideally we'd only have one way to pass the invocation ID, but the different
ways all have limitations. The invocation ID hookup in journald is currently
only available on the host but not in containers, due to the mentioned
limitations.

How to verify the new invocation ID in the keyring:

 # systemd-run -t /bin/sh
 Running as unit: run-rd917366c04f847b480d486017f7239d6.service
 Press ^] three times within 1s to disconnect TTY.
 # keyctl show
 Session Keyring
  680208392 --alswrv      0     0  keyring: _ses
  250926536 ----s-rv      0     0   \_ user: invocation_id
 # keyctl request user invocation_id
 250926536
 # keyctl read 250926536
 16 bytes of data in key:
 9c96317c ac64495a a42b9cd7 4f3ff96b
 # echo $INVOCATION_ID
 9c96317cac64495aa42b9cd74f3ff96b
 # ^D

This creates a new transient service runnint a shell. Then verifies the
contents of the keyring, requests the invocation ID key, and reads its payload.
For comparison the invocation ID as passed via the environment variable is also
displayed.
2016-12-13 20:59:36 +01:00
Lennart Poettering
74dd6b515f core: run each system service with a fresh session keyring
This patch ensures that each system service gets its own session kernel keyring
automatically, and implicitly. Without this a keyring is allocated for it
on-demand, but is then linked with the user's kernel keyring, which is OK
behaviour for logged in users, but not so much for system services.

With this change each service gets a session keyring that is specific to the
service and ceases to exist when the service is shut down. The session keyring
is not linked up with the user keyring and keys hence only search within the
session boundaries by default.

(This is useful in a later commit to store per-service material in the keyring,
for example the invocation ID)

(With input from David Howells)
2016-12-13 20:59:10 +01:00
Lennart Poettering
9ef4e1e5a2 Merge pull request #4877 from evverx/fix-machine-id
handle corrupted /etc/machine-id nicer
2016-12-13 20:31:09 +01:00
Evgeny Vereshchagin
069a254f9b test: check that we can boot with broken machine-id 2016-12-13 13:03:14 +00:00
Evgeny Vereshchagin
da2d142114 sd-id128: id128_write overwrites target file 2016-12-13 13:03:14 +00:00
Evgeny Vereshchagin
a6f72863ad machine-id-setup: --print --commit respects the --root option 2016-12-13 13:03:13 +00:00
Evgeny Vereshchagin
fcb2427055 core: machine_id_setup overwrites broken machine-id 2016-12-13 12:58:42 +00:00
Andrey Ulanov
6916b16464 nspawn: when getting SIGCHLD make sure it's from the first child (#4855)
When getting SIGCHLD we should not assume that it was the first
child forked from system-nspawn that has died as it may also be coming
from an orphan process. This change adds a signal handler that ignores
SIGCHLD unless it came from the first containerized child - the real
child.

Before this change the problem can be reproduced as follows:

$ sudo systemd-nspawn --directory=/container-root --share-system
Press ^] three times within 1s to kill container.
[root@andreyu-coreos ~]# { true & } &
[1] 22201
[root@andreyu-coreos ~]#
Container root-fedora-latest terminated by signal KILL
2016-12-13 02:38:18 +01:00
Sylvain Plantefève
bbc5d5286b catalog: update french translation following 5a1d6cb (#4872) 2016-12-12 16:17:51 -05:00
Piotr Drąg
560273fa9a catalog: update Polish translation (#4874) 2016-12-12 16:04:50 -05:00
Martin Pitt
142a1afbb9 Merge pull request #4771 from keszybz/udev-property-ordering
Udev property ordering
2016-12-12 16:03:52 +01:00
Martin Pitt
e3e30d2a44 Merge pull request #4868 from keszybz/man
Ellipsization
2016-12-12 08:12:10 +01:00
Lennart Poettering
161f1ee134 Merge pull request #4867 from keszybz/catalog-messages
Catalog message improvements
2016-12-12 00:02:01 +01:00
Zbigniew Jędrzejewski-Szmek
7a100dce9d hwdb: emit warning when matches are specified at the very end of file
This is also an error, but it wasn't caught.

[/tmp/tmp.YWeKax4fMI/etc/udev/hwdb.d/10-bad.hwdb:26] Property expected, ignoring record with no properties
2016-12-11 18:01:26 -05:00
Zbigniew Jędrzejewski-Szmek
2a03116da2 man: two trivial formatting fixes 2016-12-11 17:17:17 -05:00
Zbigniew Jędrzejewski-Szmek
1eecafb8c1 man: use unicode ellipsis in more places
As requested in
https://github.com/systemd/systemd/pull/4864#pullrequestreview-12372557.

docbook will substitute triple dots for the ellipsis in man output, so this has
no effect on the troff output, only on HTML, making it infinitesimally nicer.

In some places we show output from programs, which use dots, and those places
should not be changed. In some tables, the alignment would change if dots were
changed to the ellipsis which is only one character. Since docbook replaces the
ellipsis automatically, we should leave those be. This patch changes all other
places.
2016-12-11 17:13:19 -05:00
Zbigniew Jędrzejewski-Szmek
b457b33ddc basic/log: CODE_FUNCTION → CODE_FUNC
systemd.journal-fields(7) documents CODE_FUNC=. Internally, we were
inconsistent: sd_journal_print uses CODE_FUNC=, log.h has CODE_FUNCTION=,
python-systemd and bootchart also used CODE_FUNC=, when they were internal.
Most external projects use sd_journal_* functions, so CODE_FUNC=,
python-systemd still uses CODE_FUNC=, as does systemd-bootchart, and
independent reimplementations in golang-github-coreos-go-systemd, qtbase,
network manager, glib, pulseaudio. Hence, I don't think there's much
choice.
2016-12-11 15:43:16 -05:00
Zbigniew Jędrzejewski-Szmek
e697dfef64 share/log: change log_syntax from "[a:b] " to "a🅱️ "
Those square brackets don't fit how our other messages look like; we use colons
everywhere else. The "[a:b]" format was originally added in
ed5bcfbe3c, and remained unchanged for 7 years,
but in the meantime other conventions evolved.

The new version is also one character shorter.

[/etc/systemd/system/systemd-networkd.service.d/override.conf:2] Failed to parse sec value, ignoring: ...
  ↓
/etc/systemd/system/systemd-networkd.service.d/override.conf:2: Failed to parse sec value, ignoring: ...
2016-12-11 15:43:16 -05:00
Zbigniew Jędrzejewski-Szmek
c2dec70292 basic/log: merge two big log_struct_internal invocations into one
We can take advantage of the fact a NULL argument terminates the list.
2016-12-11 15:43:16 -05:00
Zbigniew Jędrzejewski-Szmek
ba9534535e tools/catalog-report.py: a script to scour the journal for bad catalog entries
I think it can be a useful tool to find such issues.

SD_MESSAGE_UNIT_STARTING 7d4958e842da4a758f6c1cdc7b36dcc5: no field UNIT
../src/core/unit.c:1239 unit_status_log_starting_stopping_reloading
    Starting Paths.
    SYSLOG_FACILITY=3
    SYSLOG_IDENTIFIER=systemd
    PRIORITY=6
    USER_UNIT=paths.target

SD_MESSAGE_UNIT_STARTED 39f53479d3a045ac8e11786248231fbf: no field UNIT
../src/core/job.c:721 job_log_status_message
    Reached target Paths.
    SYSLOG_FACILITY=3
    SYSLOG_IDENTIFIER=systemd
    PRIORITY=6
    RESULT=done
    USER_UNIT=paths.target

SD_MESSAGE_STARTUP_FINISHED b07a249cd024414a82dd00cd181378ff: no field KERNEL_USEC
../src/core/manager.c:2532 manager_check_finished
    Startup finished in 19ms.
    SYSLOG_FACILITY=3
    SYSLOG_IDENTIFIER=systemd
    PRIORITY=6
    USERSPACE_USEC=19670

SD_MESSAGE_STARTUP_FINISHED b07a249cd024414a82dd00cd181378ff: no field INITRD_USEC
../src/core/manager.c:2532 manager_check_finished
    Startup finished in 19ms.
    SYSLOG_FACILITY=3
    SYSLOG_IDENTIFIER=systemd
    PRIORITY=6
    USERSPACE_USEC=19670

unknown 0ce153587afa4095832d233c17a88001: no catalog entry
gsm-manager.c:1366 start_phase
    Entering running state
    SYSLOG_IDENTIFIER=gnome-session
    PRIORITY=5

SD_MESSAGE_UNIT_STOPPING de5b426a63be47a7b6ac3eaac82e2f6f: no field UNIT
../src/core/unit.c:1239 unit_status_log_starting_stopping_reloading
    Stopping Default.
    SYSLOG_FACILITY=3
    SYSLOG_IDENTIFIER=systemd
    PRIORITY=6
    USER_UNIT=default.target

SD_MESSAGE_UNIT_STOPPED 9d1aaa27d60140bd96365438aad20286: no field UNIT
../src/core/job.c:729 job_log_status_message
    Stopped target Default.
    SYSLOG_FACILITY=3
    SYSLOG_IDENTIFIER=systemd
    PRIORITY=6
    RESULT=done
    USER_UNIT=default.target

SD_MESSAGE_TIME_CHANGE c7a787079b354eaaa9e77b371893cd27: no field REALTIME
src/core/manager.c:2049 manager_dispatch_time_change_fd
    Time has been changed
    SYSLOG_FACILITY=3
    SYSLOG_IDENTIFIER=systemd
    PRIORITY=6

unknown f3ea493c22934e26811cd62abe8e203a: no catalog entry
shell-global.c:1375 shell_global_log_structured
    GNOME Shell started at Sat Jun 11 2016 12:37:46 GMT-0400 (EDT)
    SYSLOG_IDENTIFIER=gnome-shell

SD_MESSAGE_UNIT_FAILED be02cf6855d2428ba40df7e9d022f03d: no field UNIT
src/core/job.c:803 job_log_status_message
    Failed to start GNOME Terminal Server.
    SYSLOG_FACILITY=3
    SYSLOG_IDENTIFIER=systemd
    RESULT=failed
    PRIORITY=3
    USER_UNIT=gnome-terminal-server.service

SD_MESSAGE_LID_CLOSED b72ea4a2881545a0b50e200e55b9b070: no catalog entry
src/login/logind-button.c:198 button_dispatch
    Lid closed.
    SYSLOG_FACILITY=4
    SYSLOG_IDENTIFIER=systemd-logind
    PRIORITY=6

SD_MESSAGE_LID_OPENED b72ea4a2881545a0b50e200e55b9b06f: no catalog entry
src/login/logind-button.c:219 button_dispatch
    Lid opened.
    SYSLOG_FACILITY=4
    SYSLOG_IDENTIFIER=systemd-logind
    PRIORITY=6

SD_MESSAGE_SUSPEND_KEY b72ea4a2881545a0b50e200e55b9b072: no catalog entry
src/login/logind-button.c:177 button_dispatch
    Suspend key pressed.
    SYSLOG_FACILITY=4
    SYSLOG_IDENTIFIER=systemd-logind
    PRIORITY=6

SD_MESSAGE_CONFIG_ERROR c772d24e9a884cbeb9ea12625c306c01: no catalog entry
src/shared/conf-parser.c:469 config_parse_sec
    [/etc/systemd/system/systemd-networkd.service.d/override.conf:2] Failed to parse sec value, ignoring:
    UNIT=systemd-networkd.service
    SYSLOG_FACILITY=3
    ERRNO=22
    SYSLOG_IDENTIFIER=systemd
    PRIORITY=3
    CONFIG_LINE=2
    CONFIG_FILE=/etc/systemd/system/systemd-networkd.service.d/override.conf

unknown 10dd2dc188b54a5e98970f56499d1f73: no catalog entry
gsm-manager.c:308 on_display_server_failure
    Unrecoverable failure in required component org.gnome.Shell.desktop
    PRIORITY=3
    SYSLOG_IDENTIFIER=gnome-session-binary

unknown 52fb62f99e2c49d89cfbf9d6de5e3555: no catalog entry
src/journal/test-journal-send.c:85 main
    Hello World!
    PAGE_SIZE=4096
    TERM=xterm-256color
    SYSLOG_IDENTIFIER=lt-test-journal-send
    PRIORITY=5
    N_CPUS=2
    HOME=/home/zbyszek

unknown 9348174c5cc74001a71ef26bd79d302e: no catalog entry
/usr/lib/python3.5/site-packages/dnf-plugins/system_upgrade.py:422 log_status
    Download finished.
    SYSLOG_IDENTIFIER=python3
    DNF_VERSION=1.1.10
    TARGET_RELEASEVER=25
    SYSTEM_RELEASEVER=24
    PRIORITY=5

unknown fef1cc509d5047268b83a3a553f54b43: no catalog entry
/usr/lib/python3.5/site-packages/dnf-plugins/system_upgrade.py:422 log_status
    Rebooting to perform upgrade.
    SYSLOG_IDENTIFIER=python3
    DNF_VERSION=1.1.10
    TARGET_RELEASEVER=25
    SYSTEM_RELEASEVER=24
    PRIORITY=5

unknown 3e0a5636d16b4ca4bbe5321d06c6aa62: no catalog entry
/usr/lib/python3.5/site-packages/dnf-plugins/system_upgrade.py:422 log_status
    Starting system upgrade. This will take a while.
    SYSLOG_IDENTIFIER=python3
    DNF_VERSION=1.1.10
    SYSTEM_RELEASEVER=24
    PRIORITY=5
    TARGET_RELEASEVER=25

unknown 0123456789abcdef0123456789abcdef: no catalog entry
<doctest systemd.journal.JournalHandler[9]>:1 <module>
    Message with ID
    SYSLOG_IDENTIFIER=/usr/lib/python2.7/site-packages/py/test.py
    LOGGER=custom_logger_name
    PRIORITY=4
    THREAD_NAME=MainThread
2016-12-11 15:43:16 -05:00
Lennart Poettering
15ffcc3456 Merge pull request #4859 from keszybz/networkd
Networkd man page update and fixes for the fallout
2016-12-11 20:38:15 +01:00
Lennart Poettering
4682047cf2 Merge pull request #4864 from keszybz/build-sys
Fix some build issues and warnings
2016-12-11 20:12:32 +01:00
Lennart Poettering
280b29ac84 Merge pull request #4861 from keszybz/dissect-tweaks
A prettification of the dissect code, mkosi and TODO updates
2016-12-11 20:09:04 +01:00
Zbigniew Jędrzejewski-Szmek
5a1d6cb19d pid1,catalog: use a different MESSAGE_ID for user manager startup
This add a new message id for the end of user instance startup.
User manager startup is a different beast then the system startup.
Their descriptions are completely different too. Let's just separate
them.

Partially fixes #3351.

Also remove "successful" from the description, since we don't know if
the startup was successful or not.
2016-12-11 12:41:23 -05:00
Zbigniew Jędrzejewski-Szmek
330785f5ca basic/extract-word,man: clarify "correction" of invalid escapes
Our warning message was misleading, because we wouldn't "correct" anything,
we'd just ignore unkown escapes. Update the message.

Also, print just the extracted word (which contains the offending sequences) in
the message, instead of the whole line.

Fixes #4697.
2016-12-11 00:21:36 -05:00
Zbigniew Jędrzejewski-Szmek
007f48bb89 pid1: remove unnecessary counter
The loop must terminate after at most three iterations anyway.
2016-12-11 00:21:35 -05:00
AsciiWolf
cb8ac9646f Added Debian config for mkosi (#4865) 2016-12-11 00:14:19 -05:00
Zbigniew Jędrzejewski-Szmek
2dc95d98e1 shared/firewall-util: remove warning about net/if.h workaround
This is already fixed upstream, so warning is not useful.
Let's keep the workaround until the fix has percolated downstream.
2016-12-10 13:55:13 -05:00
Zbigniew Jędrzejewski-Szmek
691b90d465 journal: fix warning about LZ4_compress_limitedOutput 2016-12-10 13:52:49 -05:00
Zbigniew Jędrzejewski-Szmek
4f8b86e307 dissect: assume GPT_ROOT_SECONDARY_VERITY is defined when GPT_ROOT_SECONDARY is
We define those macros, and there's no reason to have one without
the other.
2016-12-10 13:35:47 -05:00