1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-29 21:55:36 +03:00
Commit Graph

46869 Commits

Author SHA1 Message Date
Lennart Poettering
4934ba2121 socket: fix copy/paste error
Fixes: CID1432653
2020-09-09 20:14:25 +02:00
Lennart Poettering
197db625a3 logind: fix merge issue
The two PRs #16664 and #16635 individually passed CI, but when combined
cannot build. Since both are merged now, let's fix that.
2020-09-09 20:13:57 +02:00
Robert Marko
adbb2b6afe login: Add KEY_RESTART handling
KEY_RESTART is widely used in Linux to indicate device reboot.
So lets handle it in the same fashion as KEY_POWER.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2020-09-09 18:40:13 +02:00
Franck Bui
6e220b4b88 logind.conf: document UserStopDelaySec in logind.conf 2020-09-09 17:46:00 +02:00
Lennart Poettering
12ce0f4173
Merge pull request #16635 from keszybz/do-not-for-each-word
Drop FOREACH_WORD
2020-09-09 17:43:38 +02:00
Lennart Poettering
a6b3be1abf
Merge pull request #16972 from wusto/ambient-and-keep-caps-corrections
Ambient capabilities documenation and keep-caps usage corrections
2020-09-09 17:09:42 +02:00
Zbigniew Jędrzejewski-Szmek
172338d51b systemctl: list unit introspection verbs first, modification second
The list was rather ad hoc, with "reset-failed" sandwiched between
"help" and "list-dependencies". Since a person will usually either want
to introspect state in various ways or modify state in a certain way, let's
put all the introspection commands together and all the ones that actually
have an effect second.
2020-09-09 16:59:18 +02:00
Lennart Poettering
244d9793ee
Merge pull request #16984 from yuwata/make-log_xxx_error-void
Make log_xxx_error() or friends return void
2020-09-09 16:28:51 +02:00
Lennart Poettering
39c4e2c1a1
Merge pull request #16982 from yuwata/socket-buffer-size
Fixes for socket buffer size
2020-09-09 16:28:21 +02:00
Tobias Kaufmann
198dc17845 core: fix set keep caps for ambient capabilities
The securebit keep-caps retains the capabilities in the permitted set
over an UID change (ambient capabilities are cleared though).

Setting the keep-caps securebit after the uid change and before execve
doesn't make sense as it is cleared during execve and there is no
additional user ID change after this point.

Altough the documentation (man 7 capabilities) is ambigious, keep-caps
is reset during execve although keep-caps-locked is set. After execve
only keep-caps-locked is set and keep-caps is cleared.
2020-09-09 11:17:42 +02:00
Tobias Kaufmann
16fcb1918a core: fix comments on ambient capabilities
The comments on the code for ambient capabilities was wrong/outdated.
2020-09-09 11:17:42 +02:00
Zbigniew Jędrzejewski-Szmek
90e30d767a Rename strv_split_extract() to strv_split_full()
Now that _full() is gone, we can rename _extract() to have the usual suffix
we use for the more featureful version.
2020-09-09 09:34:55 +02:00
Zbigniew Jędrzejewski-Szmek
03b62851a9 Remove FOREACH_WORD and friends 2020-09-09 09:34:55 +02:00
Zbigniew Jędrzejewski-Szmek
0645b83a40 tree-wide: replace strv_split_full() with strv_split_extract() everywhere
Behaviour is not identical, as shown by the tests in test-strv.
The combination of EXTRACT_UNQUOTE without EXTRACT_RELAX only appears in
the test, so it doesn't seem particularly important. OTOH, the difference
in handling of squished parameters could make a difference. New behaviour
is what both bash and python do, so I think we can ignore this corner case.

This change has the following advantages:
- the duplication of code paths that do a very similar thing is removed
- extract_one_word() / strv_split_extract() return a proper error code.
2020-09-09 09:34:55 +02:00
Zbigniew Jędrzejewski-Szmek
d59d954d7f test-string-util: stop testing FOREACH_WORD 2020-09-09 09:34:55 +02:00
Zbigniew Jędrzejewski-Szmek
45638a63c0 shared/fstab-util: replace FOREACH_WORD_SEPARATOR() with open-coded loop
The tricky part here is that the function is not allowed to fail in this code
path. Initially, I wanted to change the return value to allow it to fail, but
this cascades through all the places where fstab_test_option() and friends are
used; updating all those sites would be a lot of work. And since quoting is not
allowed here, a simple loop with strcspn() is easy to do.
2020-09-09 09:34:55 +02:00
Zbigniew Jędrzejewski-Szmek
0e8d185938 shared/fstab-util: use free_and_str[n]dup()
No functional change. I'm keeping this separate to make review easier.
2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
ecaf258eb4 Use extract_first_word() in generated conf parsers 2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
087908c140 nspawn: use extract_first_word() 2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
2417658d6a getty-generator: use extract_first_word() 2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
da277e90a4 sd-journal: use extract_first_word() 2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
cc24f0b872 delta: use extract_first_word() 2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
dd2fff3a18 cryptsetup: use extract_first_word() 2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
7896ad8f66 core/load-fragment: use extract_first_word()
This is much nicer, and also fixes a potential overflow when we used
'word' in log_error() as if it was a NUL-terminated string.
2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
dd630d3cac Let sd_machine_get_ifindices() omit the output param too
Nowadays we do that almost everywhere, let's also do it here.
2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
0ef14adc1c Rewrite sd_machine_get_ifindices() to avoid FOREACH_WORD()
If we fail to parse the index, the failure is propogated as -EUNCLEAN.
(-EINVAL would be confused with invalid args to the function itself.)
2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
aa3b40c3f9 Fix output value of sd_seat_get_sessions() and drop FOREACH_WORD use
sd_seat_get_sessions() would return 0 in the 'n_uids' (now 'ret_n_uids') output
parameter when 'uid' (now 'ret_uids') was passed as NULL.

While at it, drop FOREACH_WORD() use.

Also use any whitespace as separator. In practice this shouldn't matter, since
logind always uses spaces, but it seems nicer to not specify this explicitly,
and the default is more flexible.
2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
87a4d416e5 sd-device: use extract_first_word() 2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
ae7ef63f21 basic/cgroup-util: port over to string_contains_word() 2020-09-09 09:34:54 +02:00
Zbigniew Jędrzejewski-Szmek
46ed9f4ce1 logind: use extract_first_word() 2020-09-09 09:34:54 +02:00
Yu Watanabe
e77f52e5f9 udev: warn if failed to set buffer size for device monitor 2020-09-09 06:46:54 +09:00
Yu Watanabe
a725efb08b network: increase receive buffer size for device monitor
If networkd creates huge amount of netdevs, then the buffer of device
monitor becomes easily flowed.

Hopefully fixes #16865.
2020-09-09 06:39:05 +09:00
Yu Watanabe
d31f33e3c9 network: do not start device monitor if /sys is read-only
Follow-up for bf331d8717.
2020-09-09 06:39:05 +09:00
Yu Watanabe
e13af7bdb6 network: honor the buffer size specified in networkd.socket 2020-09-09 06:39:05 +09:00
Yu Watanabe
ded71ab3bc core/socket: use fd_set_{rcv,snd}buf() 2020-09-09 06:39:05 +09:00
Yu Watanabe
2807a79424 sd-device-monitor: use fd_set_rcvbuf() 2020-09-09 06:39:05 +09:00
Yu Watanabe
d9d9b2a0ae util: introduce fd_set_{snd,rcv}buf() 2020-09-09 06:39:05 +09:00
Yu Watanabe
b92f350789 util: try to set with SO_{RCV,SND}BUFFORCE when requested size is larger than the kernel limit
The commit 10ce2e0681 inverts the order of
SO_{RCV,SND}BUFFORCE and SO_{RCV,SND}BUF. However, setting buffer size with
SO_{RCV,SND}BUF does not fail even if the requested size is larger than
the kernel limit. Hence, SO_{RCV,SND}BUFFORCE will not use anymore and
the buffer size is always limited by the kernel limit even if we have
the priviledge to ignore the limit.

This makes the buffer size is checked after configuring it with
SO_{RCV,SND}BUF, and if it is still not sufficient, then try to set it
with FORCE command. With this commit, if we have enough priviledge, the
requested buffer size is correctly set.

Hopefully fixes #14417.
2020-09-09 06:39:05 +09:00
Yu Watanabe
1263c85ef3 util: refuse to set too large value for socket buffer size 2020-09-09 06:39:05 +09:00
Yu Watanabe
8c63924c8d network: ignore error on increasing netlink receive buffer size 2020-09-09 06:39:05 +09:00
Lennart Poettering
a1447e77a7
Merge pull request #16973 from poettering/btrfs-dev-root
print friendly error message if btrfs tells us /dev/root was backing block device of root fs
2020-09-08 19:55:12 +02:00
Lennart Poettering
f3f4abad29
Merge pull request #16979 from keszybz/return-log-debug
Fix 'return log_error()' and 'return log_warning()' patterns
2020-09-08 19:54:38 +02:00
Michal Sekletár
9a1e90aee5 cgroup: freezer action must be NOP when cgroup v2 freezer is not available
Low-level cgroup freezer state manipulation is invoked directly from the
job engine when we are about to execute the job in order to make sure
the unit is not frozen and job execution is not blocked because of
that.

Currently with cgroup v1 we would needlessly do a bunch of work in the
function and even falsely update the freezer state. Don't do any of this
and skip the function silently when v2 freezer is not available.

Following bug is fixed by this commit,

$ systemd-run --unit foo.service /bin/sleep infinity
$ systemctl restart foo.service
$ systemctl show -p FreezerState foo.service

Before (cgroup v1, i.e. full "legacy" mode):
FreezerState=thawing

After:
FreezerState=running
2020-09-08 19:54:13 +02:00
Lennart Poettering
0354029bf5 resolved: don't store udp/tcp fd in DnsPacket object
DnsPacket should better be a "dead" object, i.e. list facts, not track
resources. By including an fd in its fields it started tracking
resources however, without actually taking a ref to the fd (i.e. no
dup() or so was called on it).

Let's hence rework things so that we don#t have to keep track of the fd
a packet came in from. Instead, pass around the DnsStubListenerExtra
object wherever we need to.

This should be useful as soon as we start caching whole DnsPacket
objects to allow replying to DNSSEC/CO packets, i.e. where we have to
keep a copy of the original DnsPacket around for a long time in cache,
potentially much longer than the fds the packet was received on.
2020-09-08 19:47:30 +02:00
Lennart Poettering
ae8f0ec323 resolved: move dns stub definitions to resolved-dns-stub.[ch]
Just some moving around, no logic changes.
2020-09-08 19:47:25 +02:00
Lennart Poettering
36aaabc35e resolve: DNSStubListenerExtra → DnsStubListenerExtra
All our other struct types use the "Dns" spelling, rather than "DNS". Do
the same for this struct.
2020-09-08 19:47:19 +02:00
Yu Watanabe
d157714b68 network: make log_link_error() or friends return void 2020-09-09 02:34:38 +09:00
Yu Watanabe
8ed6f81ba3 core: make log_unit_error() or friends return void 2020-09-09 02:34:38 +09:00
Yu Watanabe
93c5b90459 core/slice: explicitly specify return value 2020-09-09 02:34:38 +09:00
Yu Watanabe
38104ee2a5 udev: do not discard const qualifier 2020-09-09 02:34:38 +09:00