1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-25 01:34:28 +03:00
Commit Graph

77631 Commits

Author SHA1 Message Date
Mike Yuan
7eaf5ded61 async: block SIGTERM in asynchronous_rm_rf()
See justifications at https://github.com/systemd/systemd/pull/32235#issuecomment-2062327783
2024-11-14 12:21:25 +00:00
Luca Boccassi
6a479f0d63
network/netdev: follow-ups for reloading .netdev files (#34979)
Follow-ups for #34909.
2024-11-14 11:36:26 +00:00
andre4ik3
6e207b370e
boot/stub: allocate pages for combined initrds below 4GiB only on x86 (#35149)
Outside of x86, some machines (e.g. Apple silicon, AMD Opteron A1100)
have physical memory mapped above 4GiB, meaning this allocation will
fail, causing the entire boot process to fail on these machines.

This commit makes it so that the below-4GB address space allocation
requirement is only set on x86 platforms, and not on other platforms
(that don't have the specific Linux x86 boot protocol), thereby fixing
boot on those that have no memory mapped below 4GiB in their address
space.

Tested on an Apple silicon M1 laptop and an AMD x86_64 desktop tower.

Fixes: #35026
2024-11-14 13:20:09 +09:00
Yu Watanabe
1507899383
fetch-distro: use git log --first-parent and update debian commit (#35151) 2024-11-14 12:15:38 +09:00
Yu Watanabe
300edfd982
logind-session: be more specific about session_kill() errors, plus minor fixes for sd_bus_error handling (#35150) 2024-11-14 12:04:30 +09:00
Yu Watanabe
e06151b494
tmpfiles.d/meson.build: two minor tweaks (#35153) 2024-11-14 12:02:34 +09:00
Yu Watanabe
bdc6edbdab
network: serialize and deserialize current configuration (#34989)
Replaces #34963.

Fixes #26602.
Fixes #32569.
2024-11-14 11:59:44 +09:00
Yu Watanabe
bbef21e4e5 test-network: update KeepConfiguration=dhcp -> dynamic 2024-11-14 10:24:27 +09:00
Yu Watanabe
c8a7c81427 man/network: update documentation for KeepConfiguration= 2024-11-14 10:24:24 +09:00
Yu Watanabe
80a89d1ad5 network: rename KeepConfiguration=dhcp -> dynamic
KeepConfiguration=dhcp keeps not only DHCP configurations but
also SLAAC or IPV4LL. Let's rename the value to 'dynamic'.
2024-11-14 10:23:09 +09:00
Yu Watanabe
d13ce4ea0d network/ipv4ll: use a foreign IPv4LL address when KeepConfiguration=dhcp
This is similar to what we do for DHCPv4 address, but for IPv4LL
address.
2024-11-14 10:23:01 +09:00
Yu Watanabe
4eca221ab8 network: keep all dynamically acquired configurations when KeepConfiguration=dhcp-on-stop
By the previous commit, configuration source of addresses and routes are
saved on stop and restored on start. Hence, we can keep dynamic
configurations on stop.

Co-authored-by: Jian Zhang <zhangjian.3032@bytedance.com>
2024-11-14 10:21:58 +09:00
Yu Watanabe
c321d332e3 network: introduce manager_serialize()/deserialize()
Currently, only configuration sources and providers of addresses and
routes are serialized/deserialized.
This should mostly not change behavior, as dynamic (except for DHCPv4)
configurations will be dropped before stopping networkd, and for DHCPv4
protocol, we have already had another logic to handle DHCPv4
configurations.
Preparation for later commits.
2024-11-14 10:21:55 +09:00
Yu Watanabe
f1ca3479ec networkd-test.py: show current status when wait-online failed
For easier debugging on failure.
2024-11-14 10:17:19 +09:00
Yu Watanabe
5b73edfa7f test-network: add tests for reloading .netdev files for independent netdevs 2024-11-14 10:17:19 +09:00
Yu Watanabe
34e5440fb2 network/tuntap: manage tun/tap fds by manager
Otherwise, when a .netdev file for tun or tap netdev is updated,
reloading the file leaks the previous file descriptor.
2024-11-14 10:17:19 +09:00
Yu Watanabe
69bd661a2d network/bond: do not update several parameters if already up or has slaves
Some bonding parameters cannot be updated when the netdev is already up
or already has at least one slave interface.
2024-11-14 10:17:19 +09:00
Yu Watanabe
422b7c857c network/netdev: do not try to update if not supported
Some netdevs cannot update there properties after created.
Let's skip requests in that case.
2024-11-14 10:17:19 +09:00
Yu Watanabe
f264cd2037 network/netdev: fix counter handling if request is cancelled
Follow-up for 1003093604.

If a netdev is detached for some reasons, then previously the request
was simply cancelled, and the underlying interface never enter the
configured state, as the 'stacked_netdevs_created' flag never set.

This makes the counter decremented manually by the function, and set the
flag. So, the underlying interface can eter the configured state.
2024-11-14 10:17:19 +09:00
Yu Watanabe
259125d53d network/netdev: always queue request of creating netdev then process it later
After PR #34909, networkd tries to update an existing netdev interface if
possible. But, when .netdev files are loaded on start, we have not
enumerate interfaces, so we do not know if the corresponding interface
exists or not. Let's delay processing request a bit.
2024-11-14 10:17:19 +09:00
Yu Watanabe
b0d2ce8342 network/netdev: enter ready state only when it is created by us
Follow-up for PR #34909.

This fixes an issue that network interfaces cannot join a master netdev,
like bond or bridge, when the corresponding .netdev is reloaded.

With PR #34909, networkd supports reloading .netdev files. However,
When a .netdev file is modified and reloaded, ifindex is copied from
the old NetDev object to the new one. Thus, even if the interface is
successfully updated, netdev_set_ifindex_impl() will return 0 and
netdev_enter_ready() will never called. If the netdev is a kind of
master netdev, then port interfaces cannot join the master netdev,
as REQUEST_TYPE_SET_LINK_MASTER requires that the master netdev is
in the ready state.
2024-11-14 10:17:19 +09:00
Yu Watanabe
09db410606 network/netdev: do not update MAC address if netdev is already running
Follow-up for 17c5337f7b.

Older kernels (older than v6.5) refuse RTM_NEWLINK messages with IFLA_ADDRESS
attribute when the netdev already exists and is running, even if the MAC
address is unchanged.

So, let's not set IFLA_ADDRESS or IFLA_MTU if they are unchanged, and
set the attributes only when we can update them.
2024-11-14 10:15:44 +09:00
Yu Watanabe
ab6d427547 network/netdev: set interface name only when creating a new netdev
Otherwise, the kernel older than v6.2 will refuse the netlink message.
2024-11-14 10:01:42 +09:00
Mike Yuan
5b8b32cb09
tmpfiles.d/meson: remove the need of specifying empty condition 2024-11-13 22:51:28 +01:00
Mike Yuan
1c03fda52e
tmpfiles.d/meson: call subdir_done() early if tmpfiles is disabled 2024-11-13 22:51:27 +01:00
Luca Boccassi
1bc3095de8 mkosi: update debian commit reference
* 48fabbd5d2 Install new sd-keyutil binary in sd-repart package
* 6dd9ab10fe Update changelog for 257~rc1-4 release
* 6dd325f04b Backport patch to fix TEST-07-PID1 integration test
* 5988cc60ee Update changelog for 257~rc1-3 release
* cf3a2f7ccc Backport another patch to fix test failure on buildd
* 5d6a226dbb Update changelog for 257~rc1-2 release
* ebe97c52c8 Backport patch to fix unit test failure on buildd
* 21f63b20bb Update changelog for 257~rc1-1 release
* 0dfec51bbb d/copyright: remove pattern for directory that is no longer present
* 337b3bb2dd Ignore Lintian warning dh-exec-script-without-dh-exec-features
* b680e6b448 List new libsystemd0 symbols
* 3c00aa000c gbp.conf: use --first-parent for dch to avoid upstream commits
* d53ecc7769 Install new files
* 546e8c9137 Drop all patches, merged upstream
* 6757597480 Update upstream source from tag 'upstream/257_rc1'
* 4b82805020 gbp.conf: switch upstream branch to full upstream history
* e60c637a95 gbp.conf: enable signing tags by default
* 2ad27b63c4 Update changelog for 256.7-3 release
* a212c36c54 systemd-boot: provide integration with shim
2024-11-13 17:03:45 +00:00
Luca Boccassi
d9822cd859 fetch-distro: use git log --first-parent
We now import the upstream tag in the debian repository, so
this explodes as it tries to walk all upstream commits. Use
--first-parent so that merges only get added via the merge
commit.
2024-11-13 17:03:35 +00:00
Mike Yuan
9c6dc69f3e
logind-session: be more specific about session_kill() errors
When kill_whom == _ALL, there can be two cases that lead to
ESRCH: the session expects no scope at all or the scope is
not active. Let's distinguish the two cases.
2024-11-13 17:49:07 +01:00
Mike Yuan
2f2058da0b
portable: do not use SYNTHETIC_ERRNO for sd_bus_error_set_errno()
The concept of synthetic errnos is about logging, which
is irrelevant irt bus error and we don't do any special
treatment in sd-bus for them, meaning the value propagated
would be spurious.
2024-11-13 17:47:11 +01:00
Mike Yuan
46f2dd800f
sd-bus/bus-common-errors: reorder one pid1 error to group with others 2024-11-13 17:27:10 +01:00
Lennart Poettering
9466fe014f namespace-util: pin pid via pidfd during namespace_open() 2024-11-13 14:18:05 +00:00
Luca Boccassi
4efc556211
network/ndisc: fix removal of unnecessary routes (#35128)
Follow-up for 972f1d17ab.

This fixes the logic of removing unnecessary routes configured by the
previously received RAs. Previously, we wrongly handled existing routes
could be updated, and unexpected routes would be kept.
2024-11-13 14:06:21 +00:00
Yu Watanabe
b4dc8b6415
sd-boot/sd-stub: two log message fixes (#35143)
Fixes: #35033
Fixes: #35100
2024-11-13 10:09:05 +09:00
Yu Watanabe
d762b14e38
audit-util: return -ENODATA from audit_{session|loginuid}_from_pid() if invoked in a container (#35072)
The auditing subsystem is still not virtualized for containers, hence
the two values don't really make sense inside them, they will just leak
information from outside into the container. Hence don't make use of the
data if we detect we are run inside of a container.

This has visible effects: logind will no longer try to reuse the
auditing session ids as its own session ids when run inside a container.

While are at it, modernize the calls in more ways:

1. switch to pidref behaviour, all but one of our uses are using pidref
anyway already.
2. use read_virtual_file() + proc_mounted()
3. reasonably distinguish ENOENT errors when reading the process proc
files: distinguish the case where /proc is not mounted, from the case
where the process is already gone, from where auditing is not enabled in
the kernel build.
2024-11-13 10:08:29 +09:00
Lennart Poettering
ead9ef5027 ptyfwd: ellipsize overly long window titles
Apparently some terminal emulators have problems with overly long
titles, hence truncate them at some safe length (128).

Also, when parsing ANSI sequences ourselves accept longer sequences
(192), after all we should be fine when parsing our own title sequences.

Fixes: #35104
2024-11-13 10:07:25 +09:00
Mike Yuan
e2f82f6151 various: check meson feature flag early
Prompted by https://github.com/systemd/systemd/pull/35110#discussion_r1835885340
2024-11-13 08:21:33 +09:00
Lennart Poettering
f2b4f19881 pe: use PE_SECTION_VECTOR_IS_SET() macro where appropriate 2024-11-12 23:45:15 +01:00
Lennart Poettering
557d9fd5d1 pe: remove unnecessary log message about DT/HWID
Fixes: #35100
2024-11-12 23:45:14 +01:00
Lennart Poettering
1991ffa912 efi: don't log if EFI RNG isn't ready
Apparently this happens IRL on some systems, let's handle this
gracefully and don't log.

Fixes: #35033
2024-11-12 23:44:59 +01:00
Lennart Poettering
c892816ceb run0: when changing privileges to non-root, do not show superhero emoji
Let's show an idcard logo instead, to indicate that we changed ids.
2024-11-12 23:09:21 +01:00
Lennart Poettering
4e0bdf950e dbus-manager: add missing word 'unit' to PK message 2024-11-12 23:09:01 +01:00
Lennart Poettering
dcf5e9a6bf
tree-wide: remove some dead code (#35137) 2024-11-12 23:08:45 +01:00
Lennart Poettering
7bf0149e9b process-util: more gracefully handle oom adjust parsing/setting
Who knows what kind of mount shenanigans people employ, let's gracefully
handle parse failures of proc files, like we alway do otherwsie.
2024-11-12 23:03:40 +01:00
Lennart Poettering
68c554f23a audit-util: modernize use_audit() a bit
Use ERRNO_IS_xyz() macros where appropriate.

Also, reduce indentation a bit by inverted early check.

And log in more error codepaths.
2024-11-12 23:03:40 +01:00
Lennart Poettering
7e02ee98d8 audit-util: return -ENODATA from audit_{session|loginuid}_from_pid() if invoked in a container
The auditing subsystem is still not virtualized for containers, hence the two
values don't really make sense inside them, they will just leak
information from outside into the container. Hence don't make use of the
data if we detect we are run inside of a container.

This has visible effects: logind will no longer try to reuse the
auditing session ids as its own session ids when run inside a container.

While are at it, modernize the calls in more ways:

1. switch to pidref behaviour, all but one of our uses are using pidref
   anyway already.
2. use read_virtual_file() + proc_mounted()
3. reasonable distinguish ENOENT errors when reading the process proc
   files: distinguish the case where /proc is not mounted, from the case
   where the process is already gone, from where auditing is not enabled
   in the kernel build.
2024-11-12 23:03:03 +01:00
Davide Cavalca
fa8a55a914 mkosi: ruff is not available on all distros
Refactor to only install ruff where it is available
2024-11-12 18:05:17 +00:00
Maanya Goenka
68a2a43c9b
TODO: Fix typo (#35138)
Replace confex with confext
2024-11-12 19:00:23 +01:00
Lennart Poettering
4aaabb55c7 nspawn: fix indentation of run_container() parameter list 2024-11-12 18:31:56 +01:00
Lennart Poettering
9c56a3629f mntwork: shorten code 2024-11-12 18:31:56 +01:00
Lennart Poettering
0557f82650 dissect-image: remove dead code 2024-11-12 18:31:56 +01:00