1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 14:55:37 +03:00
Commit Graph

59566 Commits

Author SHA1 Message Date
Lennart Poettering
71611f2b56 cpio: split out cpio TPM measurement logic from pack_cpio()
No code change, just some refactoring, so that we can reuse the
measurement logic later elsewhere.
2022-08-26 13:08:32 +02:00
Yu Watanabe
93e898d624 test-network: add test for TCPCongestionControlAlgorithm= 2022-08-26 19:47:27 +09:00
Yu Watanabe
dc7c21f001 network: introduce TCPCongestionControlAlgorithm=
Closes #24432.
2022-08-26 19:47:23 +09:00
Lennart Poettering
92686e8fc4
Merge pull request #24457 from poettering/smbios-condition-fix
SMBIOS condition fix
2022-08-26 12:22:29 +02:00
Lennart Poettering
35c18a51f5 tmpfiles: move validation/normalization of path before we use it
We need to normalize/validate the path (i.e. first column) of
tmpfiles.d/ lines before we start using the path, otherwise we'll use it
before it's known to be good. This matters since for some line types the
path is mangled into the argument column (i.e. sevents column), and we
should only do that once we know it's in a good state.
2022-08-26 11:11:48 +02:00
Lennart Poettering
ce610af143 tmpfiles: in C lines, make missing source graceful error
I don't see where it would ever be a good thing that file copies done
via tmpfiles.d/ C lines cause the tmpfiles operation to fail if their
source happens to be missing. It's a problem if we can't set up the
destination properly (which is the job of systemd-tmpfiles after all),
but if the source is simply missing (NB: setting up the source is the job of
of the rules writer) this shouldn't be a problem.

This is useful for copying stuff into place if it happens to exist. For
example, if systemd-stub passes additional data into the initrd's
/.extra/ directory, we can copy it into a better place (e.g. /run/) with
this, where it will survive the initrd→host transition.

This mirrors behaviour of the recently added "^" line modifier which may
be used source "w" lines from credentials – there two the behaviour is
to simply skip the line if the source is missing.
2022-08-26 11:11:48 +02:00
Lennart Poettering
acd3c86624 test: don't accept failure as succes 2022-08-26 10:46:37 +02:00
Lennart Poettering
1dc042ae12 condition: check for last not first ')' in firmware test expressions
I possess a machine with ')' in its BIOS version string, which will
cause the current parser to mistake it as the closing ')' of the
smbios-fields() expression.

Let's make sure we always fo for the last, not the first ')', hence.
2022-08-26 10:46:37 +02:00
Yu Watanabe
1a0e065e9f test: wait for loop device to be removed
Follow-up for bca762ce1a.

Fixes #24450.
2022-08-26 07:38:38 +00:00
Yu Watanabe
5342810bcf test-sd-device: run subsystem filter test several times
The test is quite racy. Let's wait for all queued udev events to be
processed, and run the test several times.

Fixes #24400.
2022-08-26 07:29:36 +00:00
Yu Watanabe
51b8753017 sd-netlink: fix attribute type for RTAX_CC_ALGO 2022-08-26 14:33:54 +09:00
Jacek Migacz
d896260958 resolve: control system hostname synthesis via environment variable 2022-08-26 11:19:17 +09:00
Sonali Srivastava
f13f91f06a sleep: freeze and thaw user.slice to save resource while suspend 2022-08-26 11:16:35 +09:00
Zbigniew Jędrzejewski-Szmek
4ccde410a3 tree-wide: change --kill-who to --kill-whom
getopt allows non-ambiguous abbreviations, so backwards-compat is maintained, and
people can use --kill-who (or even shorter abbreviations). English is flexible,
so in common speach people would use both forms, even if "whom" is technically
more correct. The advantage of using the longer form in the code is that we
effectively allow both forms, so we stop punishing people who DTGCT¹, but still
allow people to use the spoken form if they prefer.

1. Do the gramatically correct thing
2022-08-26 11:15:44 +09:00
Yu Watanabe
2f968def11
Merge pull request #24454 from bluca/ci
Fix Ubuntu/SUSE mkosi
2022-08-26 11:13:53 +09:00
Luca Boccassi
a26e6bf8bf mkosi: add back packages removed from OpenSUSE build
Some packages were removed from the OpenSUSE build, which broke the
unit tests. Add them back.

Fixes: 37d35150cb ("mkosi: Ensure we build all features/components in mkosi")
2022-08-26 00:12:55 +01:00
Luca Boccassi
255963ec3a mkosi: disable isc-dhcp-server again
It's still failing in Ubuntu:

● isc-dhcp-server.service  loaded failed failed ISC DHCP IPv4 server
● isc-dhcp-server6.service loaded failed failed ISC DHCP IPv6 server

Just disable them via the kernel command line masking.
2022-08-25 23:02:29 +01:00
Lennart Poettering
abd6faae80 journal: rename special journal field _SYSTEM_CONTEXT= → _RUNTIME_SCOPE=
Previously the field "_SYSTEM_CONTEXT" knew he values "initrd" + "main". Let's change
this to "_RUNTIME_SCOPE" and "initrd" + "system".

Why? The sysext logic has a very similar concept of "scopes", declaring
whether a sysext image is intended for the initrd or the main system.
Let's thus use the same naming for both.

sysext's extension-release files hence know SYSEXT_SCOPE=initrd|system,
and the journal messages know _RUNTIME_SCOPE=initrd|system, which makes
this reasonably systematic.

Follow-up for: cae8edd93c

(This is not an API break, since no version with this commit has ever
been released.)
2022-08-25 22:27:26 +01:00
Daniel Braunwarth
bf07a12516 pid1: extend "ConditionFirmware=" for checking SMBIOS system identification information 2022-08-25 21:44:21 +01:00
Jan Janssen
de9b57a130 mkosi: Print logs of failing tests 2022-08-25 21:42:57 +01:00
Yu Watanabe
039f42842a core/mount: voidify unit_acquire_invocation_id()
Follow-up for 01400460ae.

Fixes CID#1491960.
2022-08-25 19:58:35 +00:00
Frantisek Sumsal
81d7682af7
Merge pull request #24442 from yuwata/udev-retry-event
udev: make requeued event actually restarted
2022-08-25 19:57:19 +00:00
Yu Watanabe
72715f3d13 virt: fix alignment
Follow-up for f555830674.
2022-08-25 16:23:05 +00:00
Frantisek Sumsal
0f1f562974 test: make TEST-63 more reliable on slower machines
Otherwise we might never hit the trigger limit and wait indefinitely.

Found when trying to run the test on an EC2 xen machine without a nested
virt in CentOS CI (in preparations for some ... unforseseen consequences).
2022-08-25 16:21:39 +00:00
Yu Watanabe
5fab6b7b18 udev: drop unnecessary calls of event_queue_start()
As the subsequent call of on_post() will call it if necessary.

This also drop unnecessary call of event_source_disable() for killing
idle workers, as the event source is disabled in event_queue_start().
2022-08-26 00:40:57 +09:00
Yu Watanabe
4f294ffdf1 udev: certainly restart event for previously locked device
If udevd receives a uevent for a locked block device, then the event
is requeued. However, the queued event will be processed only when at
least one sd_event_source is processed. Hence, if udevd has no event
under processing, or receives no new uevent, etc., then the requeued
event will be never processed.

Follow-up for 400e3d21f8.

Fixes #24439.
2022-08-26 00:40:47 +09:00
Luca Boccassi
80c2f3e4cf mkosi: use the just built systemd-sysusers instead of groupadd
It disappeared again from SUSE Tumbleweed. Just use sysusers since we
just built it.
2022-08-25 13:52:00 +00:00
Lennart Poettering
13be736d1f
Merge pull request #24408 from keszybz/execstart-escape
Properly escape ExecStart= commandlines in transient units
2022-08-25 11:40:57 +02:00
Lennart Poettering
5b9ae04c65
Merge pull request #24242 from msekletar/terminate-idle-sessions
Add option to stop idle sessions after specified timeout
2022-08-25 11:39:42 +02:00
Jan Janssen
13d9616c56 shutdown: Fix last try detection
This was missed in 5125b67742.
2022-08-25 11:38:33 +02:00
Lennart Poettering
2220ef8972
Merge pull request #24429 from poettering/selinux-code-improv
minor selinux-util.c modernization
2022-08-25 11:35:14 +02:00
Devendra Tewari
aa181897cf systemd-growfs: remove dependency on udev symlinks
systemd-growfs currently requires that udev ran first to work (because
/dev/block/ symlinks must exist) but that is not what happens when
we're not using initrd and systemd is PID1.
2022-08-24 21:42:16 +01:00
Lennart Poettering
782c6e5c90 time-util: fix overflow condition in usec_sub_signed()
If the delta specified is INT64_MIN, and we negate that we'd end up at
INT64_MAX+1 which is outside of the int64_t type. Hence let's treat this
case specifically to avoid unintended overflows.
2022-08-24 21:41:40 +01:00
Franck Bui
2306b4656a core: allow disabling system time correction if rtc returns time far in the future
There might be (embedded) systems that get never updated (things like
e.g. entertainment systems of trains, for example) and where the adjustment of
the system clock (introduced by b10abe4bba) would
do the wrong thing even if the difference between the systemd build time and
the rtc is 15 years or more.

This patch allows disabling the adjustment by setting
'clock-valid-range-usec-max' meson option to 0 or to a negative value.
2022-08-24 21:39:46 +01:00
Richard Phibel
34683dbdd0 journald: use rate-limited logging to log 'Failed to write entry' message 2022-08-24 21:39:20 +01:00
Luca Boccassi
298b3de6d4
Merge pull request #24370 from keszybz/sysusers-equivs
Use /bin/bash for root shell and suppress some warnings from sysusers
2022-08-24 21:35:28 +01:00
Lennart Poettering
073597665a selinux-util: add safety size check before doing strdupa() 2022-08-24 17:32:43 +02:00
Lennart Poettering
09f7e8d603 selinux-util: modernizations
Let's no bother with reading return value of libselinux API calls into
r, if the actual error is in errno anyway.

Let's remove one unnecessary strdup()

Let's rename a return parameter ret_xyz
2022-08-24 17:32:12 +02:00
Lennart Poettering
771fe73c75
Merge pull request #24072 from poettering/remove-cgroupsv1-docs
decgroupsv1ification: first steps – remove from docs, and generate warnings
2022-08-24 17:00:53 +02:00
Michal Sekletar
5aa633db22 tests: add test for StopIdleSessionSec= option 2022-08-24 14:50:52 +02:00
Michal Sekletar
82325af3ae logind: add option to stop idle sessions after specified timeout
Thanks to Jan Pazdziora <jpazdziora@redhat.com> for providing a patch
which implemeted a PoC of this feature.
2022-08-24 14:50:48 +02:00
Lennart Poettering
98f3e84342
Merge pull request #24420 from keszybz/mouse-power
Rework on_ac_power()
2022-08-24 10:16:14 +02:00
Zbigniew Jędrzejewski-Szmek
8795d9bacd basic/user-util: rename output param to ret, shorten code 2022-08-24 10:02:46 +02:00
Zbigniew Jędrzejewski-Szmek
36bac2dcba basic/user-util: avoid filesystem access check
The check of u==UID_NOBODY is just a register comparison, but
synthesize_nobody() requires a system call, so let's invert the order in the
condition. Since most calls into this module are not for nobody, we should
save one syscall in the common case.
2022-08-24 10:02:46 +02:00
Zbigniew Jędrzejewski-Szmek
4c795066b6 sysusers: report the original error when writing fails
We have fairly nice error messages for specific operations, but only at debug
level. Instead, we'd print a fairly useless generic message:

Before:
Failed to write files: Invalid argument

After:
Failed to add existing group "users" to temporary group file: Invalid argument

Fixes #10241.
2022-08-24 10:02:46 +02:00
Zbigniew Jędrzejewski-Szmek
8a7adccbdb various: try to use DEFAULT_USER_SHELL for root too
/bin/sh as a shell is punishing. There is no good reason to make
the occasional root login unpleasant.

Since /bin/sh is usually /bin/bash in compat mode, i.e. if one is
available, the other will be too, /bin/bash is almost as good as a default.
But to avoid a regression in the situation where /bin/bash (or
DEFAULT_USER_SHELL) is not installed, we check with access() and fall back
to /bin/sh. This should make this change in behaviour less risky.

(FWIW, e.g. Fedora/RHEL use /bin/bash as default for root.)

This is a follow-up of sorts for 53350c7bba,
which added the default-user-shell option, but most likely with the idea
of using /bin/bash less ;)

Fixes #24369.
2022-08-24 10:02:46 +02:00
Zbigniew Jędrzejewski-Szmek
5f465fda4e sysusers: do not warn about values that equivalent
We'd warn that "-" and "/sbin/nologin" are different, even even though
"/sbin/nologin" is the default we'd use. So let's stop warning in all cases
where the config would lead to the same file, also under different paths,
or when both shells are nologin shells.

The general idea is to avoid warnings when sysusers config is moved between
packages (and not exactly the same), or when it is generated from some template
and the details change in an unimportant way.

We try to chase symlinks. This means that on unmerged-usr systems we'll find
that e.g. /usr/bin/bash and /bin/bash are equivalent if the basic fs structure
is already in place (bash doesn't actually have to be installed, enough that
the /bin symlink exists). I think this is a good result: after all, /bin/bash
and /usr/bin/bash *may* be different things on an unmerged-usr system.

Fixes #24215.
2022-08-24 10:02:46 +02:00
Zbigniew Jędrzejewski-Szmek
24536bebe0 core: escape ExecStart command-line received over d-bus
When some transient unit setting is received over D-Bus, we write it it to a
transient unit file. We escape backslashes and specifiers. For most settings
this is enough, because most settings only do parsing and interpolation of
specifiers. When systemd-run is called (or something equivalent that gives us a
command strv), we write ExecStart=, but when reading it, we not only do parsing
and interpolation of specifiers, but also split on semicolons and do variable
substitution. This results in an ugly situation where the commandline is
interpolated twice, once on the caller side, and once in the manager.

I think we need to treat this as a bug: current behaviour seems to be an
accident of implementation and hard to explain in a reasonable way. If we
*were* doing specifier expansion, then it'd be somewhat reasonable so say that
"the commandline is handled the same as ExecStart=". But since we explicitly
prevent specifier expansion, we best we could say is "the commandline has some
subset of features of ExecStart=". I think this is not useful, and unexpected
by users. Since most people use use a shell to call systemd-run, one level of
variable expansion is already done on the caller side, and having to take into
account another level of expansion (with slightly different rules), creates a
big mental overhead when the commandline needs to include a dollar character or
such. Not doing any expansion is much cleaner and easier to explain or use.
Thus I think it's better to change behaviour here, even though in principle
some people could be relying on current behaviour. I think it's more likely
that nobody noticed, because people generally don't use systemd-run for
complicated commandlines.

Thus this commit adds an additional mode of escaping that prevents variable
explansion and other elements of ExecStart= syntax. I looked over all the
places where unit_escape_setting() is called, and I think that only two need to
be changed to use the new flag.

Fixes #23631.
2022-08-24 09:54:48 +02:00
Zbigniew Jędrzejewski-Szmek
6a6707ce85 man/run: we accept relative paths for run
I think this is a left-over from before we changed ExecStart= to allow
non-absolute paths, *and* changed systemd-run itself to resolve paths too.
2022-08-24 09:54:45 +02:00
Lennart Poettering
e820ca0193
Merge pull request #24071 from bluca/path_trigger_report
path/timer units: export env vars and D-Bus properties with reason that triggered the job
2022-08-24 09:35:59 +02:00