1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

47095 Commits

Author SHA1 Message Date
Lennart Poettering
8cf7b161eb update TODO 2020-10-05 11:40:48 +02:00
Lennart Poettering
db2db708d8 add stuff to NEWS for 247 2020-10-05 11:40:48 +02:00
Lucas Werkmeister
7c57a030e0 shell-completion: add missing completions to meson.build
Completions for systemd-id128 and homectl have been available for a
while, but weren’t being installed.
2020-10-05 08:05:41 +02:00
Zbigniew Jędrzejewski-Szmek
12bab3579f
Merge pull request #17230 from mrc0mmand/coccinelle_fixes
coccinelle: fix the incorrect transformation/isomorphisms
2020-10-05 08:03:40 +02:00
Daan De Meyer
8e4a44c585
Merge pull request #17239 from ferivoz/typos
Fix typos
2020-10-04 18:19:26 +01:00
Frantisek Sumsal
1d6cc5d0e5 tree-wide: coccinelle fixes 2020-10-04 12:32:21 +02:00
Frantisek Sumsal
135a9868a7 coccinelle: skip strjoin transformation in test_strjoin() 2020-10-04 12:32:21 +02:00
Frantisek Sumsal
1813613fed coccinelle: limit the # of expressions in in_set/not_in_set
transformations. Otherwise the time and resources to generate all
possible permutations is simply unreasonable for running on local
machines.
2020-10-04 12:32:21 +02:00
Frantisek Sumsal
cb60571b31 coccinelle: skip the xsprintf transformation on man pages
since we don't expose xsprintf to users.
2020-10-04 12:32:21 +02:00
Frantisek Sumsal
aad54dbc74 coccinelle: disable flags-set where it doesn't make sense 2020-10-04 12:32:21 +02:00
Frantisek Sumsal
473de9b708 coccinelle: fix the equals-null transformation
The original issue with this transformation was that we were replacing
the whole if statement instead of just the expression inside. That
caused the code to be weirdly formatted, as Coccinelle put a new block
around each replaced if statement.

This version replaces just the inner expression if it's in its incorrect
form, otherwise it just accepts it (to avoid recursion).
2020-10-04 12:32:21 +02:00
Frantisek Sumsal
3bc3c734c6 coccinelle: drop the custom isomorphisms
My former dumb me didn't read the documentation properly, so with the
introduction of custom isomorphisms I caused two issues:

1) Masked all standard isomorphisms defined by Coccinelle
2) Replace the original issue with a completely new one
2020-10-04 12:32:21 +02:00
Daan De Meyer
d62e09c1eb
Merge pull request #17233 from poettering/nspawn-reopen-fix
nspawn: reopen stdin/stdout + chmod fixes for stdin/stdout
2020-10-03 13:26:54 +01:00
Samanta Navarro
5e2b0e1cfa man: fix typos 2020-10-03 11:56:50 +00:00
Samanta Navarro
7b121df640 seccomp-util: fix typo in help message 2020-10-03 11:56:40 +00:00
Lennart Poettering
278c13431b github: ask for arch+kernel in bug report form
Quite often we see kernel and arch specific issues, let's ask for the
version right-away when people file the issue.

Other tweaks.
2020-10-02 12:38:28 +02:00
Lennart Poettering
3462d773d2 nspawn: don't chown() stdin/stdout passed in when --console=pipe is used
We should chown what we allocate ourselves, i.e. any pty we allocate
ourselves. But for stuff we propagate, let's avoid that: we shouldn't
make more changes than necessary.

Fixes: #17229
2020-10-02 12:05:08 +02:00
Lennart Poettering
781fa474d8 ptyfwd: reopen stdin/sdout before setting O_NONBLOCK
If we set O_NONBLOCK on stdin/stdout directly this means the flag is
left set when we abort abnormally, as we don't get the chance to reset
it again on exit. This might confuse progrms invoking us. Moreover, if
programs invoking us continue to write to the stdout passed to us, they
might be confused by non-blocking mode too.

Hence, let's avoid this if possible: let's reopen stdin/stdout and set
O_NONBLOCK only on the reopend fds, leaving the original fds as they
are.

Prompted-by: https://github.com/systemd/systemd/pull/17070#issuecomment-702304802
2020-10-02 12:04:20 +02:00
Lennart Poettering
c14ebe07a9
Merge pull request #17172 from keszybz/read-login-defs
Read /etc/login.defs
2020-10-02 11:01:30 +02:00
Zbigniew Jędrzejewski-Szmek
a53d1b17e3
Merge pull request #17219 from poettering/exec-root-dir
minor tweaks to execute.[ch]
2020-10-01 20:01:46 +02:00
Zbigniew Jędrzejewski-Szmek
4b6f9b202e sysusers: emit warnings about login.defs overrides on first user or group creation
*** Running /home/zbyszek/src/systemd-work/test/test-sysusers/test-14.input (with login.defs symlinked)
login.defs specifies UID allocation range 401–555 that is different than the built-in defaults (201–998)
login.defs specifies GID allocation range 405–666 that is different than the built-in defaults (201–990)
2020-10-01 19:53:45 +02:00
Zbigniew Jędrzejewski-Szmek
a3709e3709 tests: when creating temp dirs, include test name in path
This makes it easier to figure out which directory we want to look at
when tests fail, and also which test left behind a directory when it
shouldn't.
2020-10-01 19:53:45 +02:00
Zbigniew Jędrzejewski-Szmek
aa25270cb2 sysusers: look at login.defs when setting the default range to allocate users
Also, even if login.defs are not present, don't start allocating at 1, but at
SYSTEM_UID_MIN.

Fixes #9769.

The test is adjusted. Actually, it was busted before, because sysusers would
never use SYSTEM_GID_MIN, so if SYSTEM_GID_MIN was different than
SYSTEM_UID_MIN, the tests would fail. On all "normal" systems the two are
equal, so we didn't notice. Since sysusers now always uses the minimum of the
two, we only need to substitute one value.
2020-10-01 19:53:45 +02:00
Zbigniew Jędrzejewski-Szmek
044df624aa test-sysusers: fix how paths are calculated
We were looking at ${f%.*}, i.e. the $f with any suffix starting with a dot removed.
This worked fine for paths like /some/path/test-11.input. It also worked
for paths like /some/path/inline (there were no dots, so we got $f back unscathed).
But in the ubuntu CI the package is built in a temporary directory like
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.UfW/ (yes, it has a dot, even two.).
That still worked for the first case, but in the second case we truncated things
after the first dot, and we would try to get
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build and try to load
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.expected-password, which obviously
didn't work as expected. To avoid this issue, do the suffix removal only when
we know that there really is a suffix.

A second minor issue was that we would try to copy $1.expected-*, and sometimes
$1 would be given, and sometimes not. Effectively we were relying on there
not being any files matching .expected-*. There weren't any such files, but let's
avoid this ugliness and always pass $1.
2020-10-01 17:52:51 +02:00
Zbigniew Jędrzejewski-Szmek
69a7c5fb1f test-sysusers: sort examples
This shouldn't affect the outcome, but makes outputs easier to compare.
2020-10-01 17:52:51 +02:00
Zbigniew Jędrzejewski-Szmek
bd7e6aa73a test/TEST-21-SYSUSERS: turn into a unit test
All this test does is manipulate text files in a subdir specified with --testroot.
It can be a normal unittest without the overhead of creating a machine image.

As a bonus, also test the .standalone version.
2020-10-01 17:52:51 +02:00
Zbigniew Jędrzejewski-Szmek
d338bfff4a basic/fileio: add chase_symlinks_and_fopen_unlocked() 2020-10-01 17:52:50 +02:00
Zbigniew Jędrzejewski-Szmek
196b596867 shared/uid-range: reduce scope of iterator variables 2020-10-01 17:52:50 +02:00
Zbigniew Jędrzejewski-Szmek
fc1a5d1a70 Also parse the minimum uid/gid values
We don't (and shouldn't I think) look at them when determining the type of the
user, but they should be used during user/group allocation. (For example, an
admin may specify SYS_UID_MIN==200 to allow statically numbered users that are
shared with other systems in the range 1–199.)
2020-10-01 17:52:41 +02:00
Zbigniew Jędrzejewski-Szmek
53393c894d Look at /etc/login.defs for the system_max_[ug]id values
It makes little sense to make the boundary between systemd and user guids
configurable. Nevertheless, a completely fixed compile-time define is not
enough in two scenarios:
- the systemd_uid_max boundary has moved over time. The default used to be
  500 for a long time. Systems which are upgraded over time might have users
  in the wrong range, but changing existing systems is complicated and
  expensive (offline disks, backups, remote systems, read-only media, etc.)
- systems are used in a heterogenous enviornment, where some vendors pick
  one value and others another.
So let's make this boundary overridable using /etc/login.defs.

Fixes #3855, #10184.
2020-10-01 17:49:31 +02:00
Lennart Poettering
14eb3285ab execute: use empty_to_root() a bit more 2020-10-01 11:02:11 +02:00
Lennart Poettering
74e1252072 execute: add helper for checking if root_directory/root_image are set in ExecContext 2020-10-01 11:02:11 +02:00
Lennart Poettering
36296ae2ad
Merge pull request #17152 from keszybz/make-mountapivfs-default
Make MountAPIVFS=yes default
2020-10-01 11:00:02 +02:00
Franck Bui
8ce3de991b
Merge pull request #17214 from poettering/log-generator-fix
fix logging in generators
2020-10-01 10:51:19 +02:00
Lennart Poettering
fabf877705
Merge pull request #17154 from keszybz/crypttab-commas
Allow escaping commas in crypttab
2020-10-01 10:26:24 +02:00
Lennart Poettering
9230f5774a
Merge pull request #17213 from keszybz/man-cleanups
Fix links in man pages
2020-10-01 10:24:44 +02:00
Lennart Poettering
7ea3024b50 bootspec: don't fail with EIO if searching for ESP and finding one without an enveloping partition table
If this happens this should just mean: we couldn't find the ESP.

Fixes: #17122
2020-10-01 10:21:02 +02:00
Lennart Poettering
dee29aeb59 generator: use kmsg in system-level generators, journal otherwise
Fixes: #17129.
2020-09-30 16:28:34 +02:00
Lennart Poettering
ef9bddb799 log: normalize log target condition check
THis doesn't change the condition's logic at all, but is an attempt to
make things a bit more readable: instead of checking log_target !=
LOG_TARGET_AUTO let's actually list the targets where we want to
consider journal/syslog/kmsg, to make things a bit less confusing. After
all the message here is not to avoid them if LOG_TARGET_AUTO is set, but
to definitely do them in the other cases.
2020-09-30 16:17:12 +02:00
Lennart Poettering
27ffec0831 log: update comment
The logic was changed in bc694c06e6, let's
update the comment accordingly.
2020-09-30 16:06:55 +02:00
Jan Schlüter
644af26285 Add Aiptek Hyperpen 6000U to hwdb 2020-09-30 15:02:31 +02:00
Lennart Poettering
533ee38b56 man: mention that sd_bus_send() buffers locally, and sd_bus_process() is needed to flush it out
Prompted-by: #17128
2020-09-30 15:01:17 +02:00
Zbigniew Jędrzejewski-Szmek
21556381ff man: correct various links
As usual, linkchecker ftw!
2020-09-30 14:57:21 +02:00
Zbigniew Jędrzejewski-Szmek
a9d99f6e3d man: update rules
Fixup for 278fdd064d.
2020-09-30 14:52:48 +02:00
Zbigniew Jędrzejewski-Szmek
550f3ba68d man/html: fix invocation for pages which are *not* symlinks
It seems I tested that redirects work, but I forgot to check that non-redirects
are still fine too ;(
2020-09-30 14:43:12 +02:00
Lennart Poettering
d1f6e01e47 homed: explicitly deactivate all home directories on shutdown
Let's explicitly deactivate all home dirs on shutdown, in order to
properly synchronizing unmounting and avoiding blocking devices.

Previously, we'd rely on automatic deactivation when home directories
become unused. However, that scheme is asynchronous, and ongoing
deactviations might conflicts with attempts to unmount /home. Let's fix
that by providing an explicit service systemd-homed-activate.service
whose only job is to have a ExecStop= line that explicitly deactivates
all home directories on shutdown. This service can the be ordered after
home.mount and similar, ensuring that we'll first deactivate all homes
before deactivating /home itself during shutdown.

This is kept separate from systemd-homed.service so that it is possible
to restart systemd-homed.service without deactivating all home
directories.

Fixes: #16842
2020-09-30 14:37:52 +02:00
Lennart Poettering
626fb9f301
Merge pull request #17203 from poettering/resolv-conf-mode
expose resolv.conf mode bus property
2020-09-30 14:37:24 +02:00
Lennart Poettering
54565e509d
Merge pull request #17195 from keszybz/man-cleanups
Man page cleanups
2020-09-30 14:16:05 +02:00
Lennart Poettering
24d86fdb2f
Merge pull request #17087 from yuwata/man-initial-congestion-window
man: update InitialCongestionWindow= and InitialAdvertisedReceiveWindow=
2020-09-30 10:55:18 +02:00
Lennart Poettering
b3ffa2b5f3 resolved: turn off that a search domain is derived from the host's fqdn
If the hostname of a system is set to an fqdn, glibc traditionally
derives a search domain from it if none is explicitly configured.

This is a bit weird, and we currently don't do that in our own search
path logic.

Following #17193 let's turn this behaviour off for now.

Yes, this has a slight chance of pissing people off who think this
behaviour is good. If this is indeed an issue, we can revisit the issue
but in that case if we readd the concept we should do it properly:
derive the search domain from the fqdn in our codebase too and report it
in resolvectl, and in our generated stub files. But I have the suspicion
most people who set the hostname to an fqdn aren#t even aware of this
behaviour nor want it, so let's wait until people complain.

Fixes: #17193
2020-09-30 10:37:59 +02:00