1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 06:25:37 +03:00
Commit Graph

52637 Commits

Author SHA1 Message Date
Yu Watanabe
8f65304c5d network: use netdev_enter_failed() instead of netdev_drop() on error
Preparation for later commits to support reconfiguring netdevs.
2021-08-12 14:23:57 +09:00
Yu Watanabe
798e5dc8ae network: introduce a helper function netdev_is_stacked_and_independent() 2021-08-12 14:10:45 +09:00
Luca Boccassi
4e2a772438
Merge pull request #20423 from yuwata/dhcp-server-static-lease-outside-pool
sd-dhcp-server: support static lease outside of pool
2021-08-11 18:40:00 +01:00
Andrej Lajovic
23e026de25 shared/copy: add a new flag COPY_ALL_XATTRS
When the flag COPY_ALL_XATTRS is set, it causes the complete set of xattrs
to be copied. If the flag is unset, only xattrs from the "user" namespace
are copied.

Fixes #17178.
2021-08-11 17:48:10 +02:00
Lennart Poettering
a0c5a3f0c0
Merge pull request #20419 from keszybz/setenv-no-value
Allow --setenv=FOO in various programs
2021-08-11 17:47:45 +02:00
Zbigniew Jędrzejewski-Szmek
76e68b3db3 activate: simplify/rework implementation of --setenv
Previous implementation is simplified by using the new helper. The new code
does more looping, but considering that it's unlikely that people set more
than a handful of variables through commandline options, this should be OK.

If a variable is specified on the command line, it overrides any automatically
set variable. Effective behaviour was already were like this, because we would
specify two variables, both would be set, and since glibc will return
the first matching entry.
('systemd-socket-activate -E TERM=FOO -l 2000 --inetd -a env' would give
'TERM=FOO TERM=xterm-256color PATH=...', and getenv("TERM") returns "FOO".)
But it's nicer to filter out any duplicate entries and only pass the intended
variable to the child process.
2021-08-11 10:17:50 +02:00
Lennart Poettering
d178203d8e
Merge pull request #20079 from maanyagoenka/img-support
systemd-analyze: root validation and verify support for root arg and discrete images
2021-08-11 10:02:46 +02:00
Yu Watanabe
af0d4e6ef5 test-network: test static lease outside of pool 2021-08-11 16:43:26 +09:00
Yu Watanabe
b713a99b1a sd-dhcp-server: support static lease outside of address pool
Closes #20341.
2021-08-11 16:43:26 +09:00
Yu Watanabe
3dc8fb0eb8 sd-dhcp-server: fix possible double-free or use-after-free 2021-08-11 16:43:25 +09:00
Yu Watanabe
cedf6a8da5 sd-dhcp-server: use hashmap_ensure_put() 2021-08-11 16:43:25 +09:00
MertsA
bbd239f67a Get rid of dangling setutxent()
utmp_wall() and utmp_put_dead_process() called setutxent() directly instead of the stub in utmp-wtmp.h and never called endutxent(). This would leave /run/utmp left open by PID 1 or journald. This can be reproduced by e.g. lsof /run/utmp and systemd-cat -p 0 echo test. For utmp_put_dead_process() it would only leave it open if it returned early before calling write_utmp_wtmp()
2021-08-11 09:40:10 +02:00
Zbigniew Jędrzejewski-Szmek
2f400671da activate: use global variable instead of passing char **envp around
The effect should be the same, but the code is less verbose.
In particular, the variable was called envp in parts of the code,
but in other parts, we had a local envp variable, and envp was called
env.
2021-08-11 09:34:45 +02:00
Zbigniew Jędrzejewski-Szmek
89bf86e015 machinectl: allow --setenv=FOO 2021-08-11 09:34:45 +02:00
Zbigniew Jędrzejewski-Szmek
0337b3d51c run: allow --setenv=FOO 2021-08-11 09:34:45 +02:00
Zbigniew Jędrzejewski-Szmek
4bbafcc359 homectl: allow --setenv=FOO 2021-08-11 09:34:45 +02:00
Zbigniew Jędrzejewski-Szmek
0d2a017986 nspawn: allow --setenv=FOO as equivalent to --setenv=FOO=$FOO
systemd-socket-activate has supported such a mode since
5e65c93a43. '--setenv=FOO=$FOO' is a fairly
common use in scripts, and it's nicer to do this automatically without worrying
about quoting and whatnot.

https://github.com/systemd/mkosi/pull/765 added the same to 'mkosi --environment='.
2021-08-11 09:34:45 +02:00
Zbigniew Jędrzejewski-Szmek
a14af47e64 basic/env-util: add a mode where we pull in the variable value from environment 2021-08-11 09:16:05 +02:00
Zbigniew Jędrzejewski-Szmek
43cadb64d4 test-env-util: extend the test for strv_env_merge() a bit 2021-08-11 09:11:58 +02:00
Zbigniew Jędrzejewski-Szmek
4ab3d29ff0 Add implicit sentinel to strv_env_merge()
Just to make it a tiny bit nicer to use.
2021-08-11 09:11:42 +02:00
Lennart Poettering
5afcf89ca2 alloc-util: make mfree() typesafe
Make sure we return the same type as we accept.

One incorrect use of mfree() is discovered and fixed this way.
2021-08-11 04:47:10 +09:00
Luca Boccassi
76f226d71b
Merge pull request #20414 from yuwata/sd-dhcp6-client-trivial-fixes
sd-dhcp6-client: several fixes and cleanups
2021-08-10 20:32:29 +01:00
Luca Boccassi
06e8d75a5d
Merge pull request #20413 from poettering/mempmen
add and use mempmem_safe()
2021-08-10 20:31:36 +01:00
Lennart Poettering
9cbf128202 core: don't go to disk for masked unit state if we know it anyway
This should speed up our selinux checks a bit, since in most cases we
already know if a unit is masked, so use that info.
2021-08-10 20:30:41 +01:00
Maanya Goenka
ed80366139 systemd-analyze: add root to find and verify executable 2021-08-10 10:14:12 -07:00
Maanya Goenka
36f4af0568 path-util: teach find_executable_full how to look into the root directory
When the root parameter in find_executable_full is set, chase_symlinks prefixes this root
to every check of the path name to find the complete path of the execuatble in case the
path provided is not absolute. This is only done for the non NULL root because otherwise
the chase_symlinks function would alter the behavior of some of the callers which would
in turn alter the outputs in a way that is undesirable. The find_execuatble_full function is
invoked by the verify_executable function in analyze-verify.
2021-08-10 10:14:01 -07:00
Yegor Alexeyev
836fb00f21 units: added factory-reset.target 2021-08-10 17:08:00 +02:00
Jack Dähn
b553abd8ae resolved: Don't omit AD bit in reply if DO is set in the query
Set the AD bit in the response if the data is authenticated and AD or DO is set in the query, as suggested by section 5.8 of RFC6840.

Fixes #20332
2021-08-10 16:41:33 +02:00
Michael Biebl
d84f316cce test: fix TEST-10-ISSUE-2467
Depending on the timing, socat will either get ECONNREFUSED oder EPIPE
from systemd. The latter will cause it to exit(1) and subsequently the
test to fail.
We are not actually interested in the return code of socat though. The
test is supposed to check, whether rate limiting of a socket unit works
properly.

So ignore any failures from the socat invocation and instead check, if
test10.socket is in state "failed" with result "trigger-limit-hit" after
it has been triggered.

TriggerLimitIntervalSec= by default is set to 2s. A "sleep 10" should
give systemd enough time even on slower machines, to reach the trigger
limit.

For better readability, break the test into separate ExecStart lines.

Fixes #19154.
2021-08-10 23:24:35 +09:00
Lennart Poettering
9a6549f6f8 update TODO 2021-08-10 15:07:44 +02:00
Yu Watanabe
0eec7f5ffa sd-dhcp6-client: use SYNTHETIC_ERRNO() 2021-08-10 21:57:42 +09:00
Lennart Poettering
e8b08edcdf tree-wide: use memmem_safe()
Let's be paranoid and do something useful if we operate with empty
haystack/needle. This doesn't actually fix anything, as the places as
far as I can see check for non-emptyness already beforehand, but I will
sleep safer at night, if we don't even allow the trap to be fallen in,
ever, even if the code is changed sooner or later.
2021-08-10 14:55:50 +02:00
Lennart Poettering
d8782cc5c2 memory-util: add mempmem_safe()
This is like memmem_safe() but returns a pointer after the needle,
instead to the beginning of the needle.

This is then used at one place. Not much, but it makes me sleep safer at
night, as it avoids the manual counting done so far.
2021-08-10 14:55:50 +02:00
Yu Watanabe
de949e911e sd-dhcp6-client: cirtainly adjust T1 and T2
This fixes a bug introduced by 99f1d3fc50.
Note that in the information requesting mode, the lease has neither
addresses nor PD prefixes.
2021-08-10 21:39:30 +09:00
Yu Watanabe
0c42b61348 sd-dhcp6-client: fix copy-and-paste mistake
Fix bug introduced by b47fb949b3.
2021-08-10 21:36:07 +09:00
Zbigniew Jędrzejewski-Szmek
b2efed520b fstab-generator: put What= before Where=
All units in units/ follow this pattern, as do all other generators that we
provide. The question of the order was raised in
https://github.com/systemd/zram-generator/pull/90#discussion_r684965984,
and I think it's nice to make it consistent everywhere
(What= before Where= matches mount(8) and fstab(5)).
2021-08-10 13:29:08 +02:00
Lennart Poettering
a7a04de0ec
Merge pull request #19959 from yuwata/udev-reduce-loop
udev: reduce number of times checking event dependency
2021-08-10 13:28:48 +02:00
Yu Watanabe
76b34df91f
Merge pull request #20410 from yuwata/network-ndisc-cleanups
network: several NDisc cleanups
2021-08-10 19:44:39 +09:00
Yu Watanabe
8fd9920273
Merge pull request #19939 from yuwata/network-dhcp-client-use-request-queue
network: use request queue to configure DHCP clients
2021-08-10 19:44:14 +09:00
Yu Watanabe
5e739f7eed
Merge pull request #19901 from yuwata/network-reconfigure-after-sleep
network: reconfigure interface after coming back from sleep
2021-08-10 19:43:54 +09:00
Maanya Goenka
e5ea5c3a17 systemd-analyze: support discrete images for 'verify' verb
Adding --image parameter for verify verb using the dissect image functionality

-----------------------------------------------------------------------------------
Example Run:

I created a unit service file testrun.service with an invalid key-value pairing
(foo = bar) and a squashfs image run.raw to test the code.

maanya-goenka@debian:~/systemd (img-support)$ cat <<EOF>img/usr/lib/systemd/system/testrun.service
> [Unit]
> foo = bar
>
> [Service]
> ExecStart = /opt/script0.sh
> EOF

maanya-goenka@debian:~/systemd (img-support)$ mksquashfs img/ run.raw
Parallel mksquashfs: Using 4 processors
Creating 4.0 filesystem on run.raw, block size 131072.
[==============================================================================================================================|] 6/6 100%

Exportable Squashfs 4.0 filesystem, gzip compressed, data block size 131072
        compressed data, compressed metadata, compressed fragments, compressed xattrs
        duplicates are removed
Filesystem size 0.60 Kbytes (0.00 Mbytes)
        52.32% of uncompressed filesystem size (1.14 Kbytes)
Inode table size 166 bytes (0.16 Kbytes)
        43.01% of uncompressed inode table size (386 bytes)
Directory table size 153 bytes (0.15 Kbytes)
        58.40% of uncompressed directory table size (262 bytes)
Number of duplicate files found 1
Number of inodes 12
Number of files 6
Number of fragments 1
Number of symbolic links  0
Number of device nodes 0
Number of fifo nodes 0
Number of socket nodes 0
Number of directories 6
Number of ids (unique uids + gids) 1
Number of uids 1
        maanya-goenka (1000)
Number of gids 1
        maanya-goenka (1000)
maanya-goenka@debian:~/systemd (img-support)$ sudo build/systemd-analyze verify --image=run.raw testrun.service
/tmp/.#systemd-analyzec71c7297a936b91c/usr/lib/systemd/system/testrun.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
testrun.service: Failed to create testrun.service/start: Unit sysinit.target not found.

The 'Unit sysinit.target not found' error that we see here is due to recursive dependency searching during
unit loading and has been addressed in a different PR:
systemd-analyze: add option to return an error value when unit verification fails #20233
2021-08-10 02:41:12 -07:00
Maanya Goenka
2a7cf953e1 systemd-analyze: add --root option for 'verify' verb and allow path parsing
-------------------------------------------------------------------------------
Example Run:

foobar.service created below is a service unit file that has a non-existing key-value
pairing (foo = bar) and is thus, syntactically invalid.

maanya-goenka@debian:~/systemd (img-support)$ cat <<EOF>img/usr/lib/systemd/system/foobar.service
> [Unit]
> foo = bar
>
> [Service]
> ExecStart = /opt/script0.sh
> EOF

The failure to create foobar.service because of the recursive dependency searching and verification has been addressed
in a different PR: systemd-analyze: add option to return an error value when unit verification fails #20233

maanya-goenka@debian:~/systemd (img-support)$ sudo build/systemd-analyze verify --root=img/ foobar.service
/home/maanya-goenka/systemd/img/usr/lib/systemd/system/foobar.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
foobar.service: Failed to create foobar.service/start: Unit sysinit.target not found.
2021-08-10 02:41:12 -07:00
Maanya Goenka
782671bc8f systemd-analyze: validate root argument 2021-08-10 02:41:12 -07:00
Yu Watanabe
c6f78234d1 udev: skip event when its dependency cannot be checked 2021-08-10 15:35:57 +09:00
Yu Watanabe
044ac33c35 udev: do not try to find blocker again when no blocker found previously 2021-08-10 15:35:01 +09:00
Yu Watanabe
bd335c961f list: introduce LIST_FOREACH_BACKWARDS() macro and drop LIST_FOREACH_AFTER/BEFORE() 2021-08-10 15:32:27 +09:00
Yu Watanabe
a1fa99d841 udev: rename is_device_busy() -> event_is_blocked()
Also this rename delaying_seqnum -> blocker_seqnum.
2021-08-10 15:19:41 +09:00
Yu Watanabe
5f4bca9dcc udev: do not try to process events if there is no free worker 2021-08-10 15:19:41 +09:00
Yu Watanabe
f2a5412bf2 udev: propagate error on spawning a worker 2021-08-10 15:19:41 +09:00
Yu Watanabe
92fd70addf udev: add usec_add() at one more place 2021-08-10 15:19:41 +09:00