IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Systemctl is special because it is required for many tasks that may need to
be performed when the system is not fully configured and/or partially
broken:
1. Installing/Uninstalling services during OS installs and upgrades
2. Shutting down the system
Therefore reduce the number of dependencies that systemctl pulls in, by
not linking to systemd-shared. This brings a bit of resilience to
systemctl (and its aliases shutdown, reboot, etc), by linking against
less external libraries.
Because this extra resilience comes at a cost of approximately 580 KB
extra space, this is done behind a meson build option.
This is in preparation to reusing the RemoteServer in other concepts.
I tried to keep changes to minimum:
- arg_* global variables are now passed as state in RemoteServer
- exported functions get the "journal_remote_" prefix
- some variables are renamed
In particular, there is an ugly global RemoveServer* variable. It was originally
added because µhttpd did not allow state to be passed to the callbacks. I'm not
sure if this has been remediated in µhttpd, but either way, this is not changed
here, the global variable is only renamed for clarity.
This makes it easier to link the nspawn implementation to the tests.
Right now this just means that nspawn-patch-uid.c is not compiled
twice, which is nice, but results in test-patch-uid being slightly bigger,
which is not nice. But in general, we should use convenience libs to
compile everything just once, as far as possible. Otherwise, once we
start compiling a few files here twice, and a few file there thrice, we
soon end up in a state where we are doing hundreds of extra compilations.
So let's do the "right" thing, even if is might not be more efficient.
This adds a small service "systemd-portabled" and a matching client
"portablectl", which implement the "portable service" concept.
The daemon implements the actual operations, is PolicyKit-enabled and is
activated on demand with exit-on-idle.
Both the daemon and the client are an optional build artifact, enabled
by default rhough.
In https://github.com/systemd/systemd/pull/6561, `run_target`
was changed to `custom_target`, which inadvertently caused
relative paths to be passed to ctags due to
https://github.com/mesonbuild/meson/issues/3589.
The switch to `run_target` causes absolute paths to be
passed again and makes it easier to jump from file to
file, hopefully delaying the need to exit Vim :-)
Configuration through environment variable is inconvenient with meson, because
they cannot be convieniently changed and/or are not preserved during
reconfiguration (https://github.com/mesonbuild/meson/issues/1503).
This adds -Dvalgrind=true/false, which has the advantage that it can be set
at any time with meson configure -Dvalgrind=... and ninja will rebuild targets
as necessary. Additional minor advantages are better consistency with the
options for hashmap debugging, and typo avoidance with '#if' instead of '#ifdef'.
This means that when those targets are built, all the sources are built again,
instead of reusing the work done to create libbasic.a and other convenience static
libraries. It would be nice to not do this, but there seems to be no support in
our toolchain for joining multiple static libraries into one. When linking
a static library, any -l arguments are simply ignored by ar/gcc-ar, and .a
libraries given as positional arguments are copied verbatim into the archive
so they objects in them cannot be accessed.
https://stackoverflow.com/questions/2157629/linking-static-libraries-to-other-static-libraries
suggests either unzipping all the archives and putting them back togather,
or using a linker script. Unzipping and zipping back together seems ugly.
The other option is not very nice. The linker script language does not
allow "+" to appear in the filenames, and filenames that meson generates
use that, so files would have to be renamed before a linker script was used.
And we would have to generate the linker script on the fly. Either way, this
doesn't seem attractive. Since those static libraries are a niche use case,
it seems reasonable to just go with the easiest and safest solution and
recompile all the source files. Thanks to ccache, this is probably almost as
cheap as actually reusing the convenience .a libraries.
test-libsystemd-sym.c and test-libudev-sym.c compile fine with the generated
static libs, so it seems that they indeed provide all the symbols they should.
This fixes the following warning with clang and meson-0.46.0,
```
WARNING: Passed invalid keyword argument "name".
WARNING: This will become a hard error in the future.
WARNING: Passed invalid keyword argument "name".
WARNING: This will become a hard error in the future.
Compiler for C supports arguments -Wno-typedef-redefinition: YES
WARNING: Passed invalid keyword argument "name".
WARNING: This will become a hard error in the future.
WARNING: Passed invalid keyword argument "name".
WARNING: This will become a hard error in the future.
Compiler for C supports arguments -Wno-gnu-variable-sized-type-not-at-end: YES
```
Unfortunately this needs a new binary to do the mount because there's just
too many special steps to outsource this to systemd-mount:
- EPERM needs to be treated specially
- UserRuntimeDir= setting must be obeyed
- SELinux label must be adjusted
This allows user@.service to be started independently of logind.
So 'systemctl start user@nnn' will start the user manager for user nnn.
Logind will start it too when the user logs in, and will stop it (unless
lingering is enabled) when the user logs out.
Fixes#7339.
Files which are installed as-is (any .service and other unit files, .conf
files, .policy files, etc), are left as is. My assumption is that SPDX
identifiers are not yet that well known, so it's better to retain the
extended header to avoid any doubt.
I also kept any copyright lines. We can probably remove them, but it'd nice to
obtain explicit acks from all involved authors before doing that.
Use `systemctl --user --force exit` to implement the systemd-exit
user service.
This removes our dependence on an external `kill` binary and the
concerns about whether they recognize SIGRTMIN+n by name or what their
interpretation of SIGRTMIN is.
Tested: `systemctl --user start systemd-exit.service` kills the
`systemd --user` instance for my user.
This is analogous to 8d3ae2bd4c, except that now
src/core/umount.c not src/core/mount.c is converted.
Might help with https://bugzilla.redhat.com/show_bug.cgi?id=1554943, or not.
In the patch, mnt_free_tablep and mnt_free_iterp are declared twice. It'd
be nicer to define them just once in mount-setup.h, but then libmount.h would
have to be included there. libmount.h seems to be buggy, and declares some
defines which break other headers, and working around this is more pain than
the two duplicate lines. So let's live with the duplication for now.
This fixes memleak of MountPoint in mount_points_list_get() on error, not that
it matters any.
We currently have just one sanitizer for tests, asan, but we may add more in
the future. So let's keep the loop over the sanitizers in meson.build, but
just enable all regression cases under all sanitizers. If it fails under one
of them, it might fail under a different one.
In subsequent commits I'll add test cases which might not fail under asan,
but it's good to commit them for future use.
The test names are made more verbose:
256/257 fuzz-dns-packet:oss-fuzz-5465:address OK 0.04 s
257/257 fuzz-dns-packet:issue-7888:address OK 0.03 s
meson.build:2907: WARNING: Trying to compare values of different types (bool, str) using ==.
The result of this is undefined and will become a hard error in a future Meson release.
This turns resolve-tool into a multi-call binary. When invoked as
"resolvconf" it provides minimal compatibility with the resolvconf(8)
tool of various distributions (and FreeBSD as it appears).
This new interface understands to varying degrees features of the two
major implementations of resolvconf(8): Debian's original one and
"openresolv". Specifically:
Fully supported:
-a -d (supported by all implementations)
-f (introduced by openresolv)
Somewhat supported:
-x (introduced by openresolv, mapped to a '~.' domain entry)
Unsupported and ignored:
-m -p (introduced by openresolv, not really necessary for us)
Unsupported and resulting in failure:
-u (supported by all other implementations)
-I -i -l -R -r -v -V
(all introduced by openresolv)
--enable-updates --disable-updates --updates-are-enabled
(specific to Debian's implementation)
Of course, resolvconf(8) is a tool with multiple backends, in our
implementation systemd-resolved is the only backend.
Fixes: #7202
Follow-up for ba7f4ae617.
By default, we detect if the real root has a separate /usr/sbin directory, but
this can be overrides with -Dsplit-bin=true|false. The check assumes that
/usr/sbin is split if it is not a symlink, so it'll return a false negative
with some more complicated setups. But that's OK, in those cases this should be
configured explicitly.
This will copy the structure of the directories in the root file system to
$DESTDIR. If a directory is a directory in $DESTDIR but a symlink in the root
file system, this script will fail. This means that it's not possible to reuse
a $DESTDIR from between ba7f4ae61 and this patch.
I figure sooneror later we'll have more of these docs, hence let's give
them a clean place to be.
This leaves NEWS and README/README.md as well as the LICENSE texts in
the root directory of the project since that appears to be customary for
Free Software projects.
There isn't much difference, but in general we prefer to use the standard
functions. glibc provides reallocarray since version 2.26.
I moved explicit_bzero is configure test to the bottom, so that the two stdlib
functions are at the bottom.
The Linux kernel exposes the birth time now for files through statx()
hence make use of it where available. We keep the xattr logic in place
for this however, since only a subset of file systems on Linux currently
expose the birth time. NFS and tmpfs for example do not support it. OTOH
there are other file systems that do support the birth time but might
not support xattrs (smb…), hence make the best of the two, in particular
in order to deal with journal files copied between file system types and
to maintain compatibility with older file systems that are updated to
newer version of the file system.
Apply defaults for system_{uid,gid}_max even if the /etc/login.defs file
doesn't exist (e.g. in Clear Linux with no changes).
awk returns an empty string in case the file doesn't exist, causing meson to
fail in to_int(). So set the default if output is empty. This makes the BEGIN{}
blocks unnecessary, so remove them.
The single quote working with multiple lines is likely to be unintended. With
current versions of meson, it also causes error messages after it to report the
wrong line number. Use the documented syntax instead.
I used 'tags' before because this way we avoided a unnecessary
line about 'env' detection. But we cannot use 'env' in test(), so
previous commit added 'env' detection. We might just as well use
it in custom_target().
This is a bit painful because a separate build of systemd is necessary. The
tests are guarded by tests!=false and slow-tests==true. Running them is not
slow, but compilation certainly is. If this proves unwieldy, we can add a
separate option controlling those builds later.
The build for each sanitizer has its own directory, and we build all fuzzer
tests there, and then pull them out one-by-one by linking into the target
position as necessary. It would be nicer to just build the desired fuzzer, but
we need to build the whole nested build as one unit.
[I also tried making systemd and nested meson subproject. This would work
nicely, but meson does not allow that because the nested target names are the
same as the outer project names. If that is ever fixed, that would be the way
to go.]
v2:
- make sure things still work if memory sanitizer is not available
v3:
- switch to syntax which works with meson 0.42.1 found in Ubuntu
Add a new -Dllvm-fuzz=true option that can be used to build against
libFuzzer and update the oss-fuzz script to work outside of the
oss-fuzz build environment.
The fuzz targets are intended to be fast and only target systemd
code, so they don't need to call out to any dependencies. They also
shouldn't depend on shared libraries outside of libc, so we disable
every dependency when compiling against oss-fuzz. This also
simplifies the upstream build environment significantly.
The fuzzers will be used by oss-fuzz to automatically and
continuously fuzz systemd.
This commit includes the build tooling necessary to build fuzz
targets, and a fuzzer for the DNS packet parser.
Currently there is no way to prevent tests from building using meson.
This introduces two problems:
1) It adds a extra 381 files to compile.
2) One of these tests explicitly requires libgcrypt to be built even if systemd
is not using it.
3) It adds C++ to the requirements to build systemd.
When cross-compiling, this is uneccessary.
On a typical system running systemd, the telinit in PATH is very likely to be a symlink
to systemctl. Setting TELINIT to this may result in an infinite recursion if telinit is called
and sd_booted() == 0. This may commonly occur in a chroot environment.
Bug: https://bugs.gentoo.org/642724
[zj:
The path was originally hardcoded as "/lib/upstart/telinit", but was made configurable without
changing the default in 4ad61fd180. Then the default was
changed to `/lib/sysvinit/telinit` in abaaabf40a. Then it
started being autodetected when meson support was added in
5c23128dab. This patch restores the behaviour that was
implemented in configure.ac at the time of its removal.]
This reduces the man=false meson target count from 1281 to 1253.
--
A fully scientific test:
git grep _sources, :/*.build|cut -d: -f2|tr -d ' '|sort|uniq -c
reveals that libudev_sources is the only source list now reused twice. There's
some ugly circular dependency between libudev and libshared, and anyway I'm not
sure if we don't want to use different compilation options (LOG_REALM_…) in
those two cases, so I'm leaving that alone for now.
This reduces the meson man=false target count to 1281.
v2:
- link test-engine with libshared instead of libsystemd_static
Previous version built fine on F27, but fails on F26 with the following error:
/usr/bin/ld: /tmp/ccr8HRGw.ltrans6.ltrans.o: undefined reference to symbol '__start_BUS_ERROR_MAP@@SD_SHARED'
/home/zbyszek/fedora/systemd/systemd-9d5aae75c64f5583a110f03b94816aacc03bbf4d/x86_64-redhat-linux-gnu/src/shared/libsystemd-shared-236.so: error adding symbols: DSO missing from command line
v3:
- add libudev_basic
Instead of compiling those files twice, once for libsystemd and once for
libshared, compile once as a static archive and then link into both.
This reduce the meson target for man=no compile to 1291.
We were including gcrypt-util.[ch] by hand in the few places where it
was used. Create a convenience library to avoid compiling the same
files multiple times.
v2:
- use a separate static library instead of mergin into libbasic
gcrypt_util_sources had to be moved because otherwise they appeared twice
in libshared.so halfproducts, causing an error.
-fvisibility=default is added to libbasic, libshared_static so that the symbols
appear properly in the exported symbol list in libshared.
The advantage is that files are not compiled twice. When configured with -Dman=false,
the ninja target list is reduced from 1588 to 1347 targets. The difference in compilation
time is small (<10%). I think this is because of -O0 and ccache and multiple cores, and
in different settings the compilation time could be reduced. The main advantage is that
errors and warnings are not reported twice.
We of course don't know in which header glibc will export pivot_root()
and if it ever will. But there's a good chance they'll place it where
chroot() is located, given the similarity in the operations, hence let's
try our luck and look for it at the same place.
If we are lucky this means we don't have to patch our code if glibc
decides to expose the call one day.
This reworks how we set _GNU_SOURCE when checking for the availability
of functions:
1. We set it for most of the functions we look for. After all we set it
for our entire built anyway, and it's usually how Linux-specific
definitions in glibc are protected these days. Given that we usually
have checks for such modern stuff only anyway, let's just blanket enable
it.
2. Use "args" instead of "prefix" to set the macro. This is what is
suggested in the meson docs, hence let's do it.
Follow-up for bad7a0c81f501fbbcc79af9eaa4b8254441c4a1f of git
repository for glibc.
Recently glibc added `copy_file_range()`, but to use it,
`_GNU_SOURCE` needs to be defined. This adds the flag in
meson.build to detect the function by meson correctly.
This gets rid of recompilation, making things faster and avoids duplicated warnings.
The result seems to be the same:
$ ls -l build/libsystemd.so.0.20.0 build2/libsystemd.so.0.20.0
-rwxrwxr-x. 1 zbyszek zbyszek 3071312 Dec 19 11:45 build2/libsystemd.so.0.20.0
-rwxrwxr-x. 1 zbyszek zbyszek 3071760 Dec 19 11:11 build/libsystemd.so.0.20.0
$ diff -U1 <(objdump -T build/libsystemd.so.0.20.0|sed -r 's/[0-9a-f]{16}/________________/g') <(objdump -T build2/libsystemd.so.0.20.0|sed -r 's/[0-9a-f]{16}/________________/g')
-build/libsystemd.so.0.20.0: file format elf64-x86-64
+build2/libsystemd.so.0.20.0: file format elf64-x86-64
We already use the "_static" suffix for libshared_static ("shared" is the name
of the library, "static" is the format) and other libs, so let's rename for
consistency.
Also change libsystemd_static_sources to libsystemd_sources, since the same
list is used for both and shorter is better.
Otherwise, setting udev_log=debug in /etc/udev/udev.conf has no effects since
systemd-udevd is built with LOG_REALM=LOG_REALM_UDEV.
However using LOG_REALM_UDEV (for libudev_core) reveals another similar bug for
udevadm which should also define LOG_REALM_UDEV.
We might end up allocating mempools, and when we are unloaded we might
orphan them, thus leaking them. Hence, let's just stick around for good,
so the mempools remain referenced continously and for good, and thus no
memory is leaked (though the memory isn't cleaned up either).
Fixes: #7596
I want to add presets/user/ later. This mirrors the layout for units:
we have units/ and units/user. The advantage is that we avoid having yet
another directory at the top level.
To allow better integration with distributions requiring an explicitly
set gid for the `users` group, provide the new `-Dusers-gid` option to
set to a new numeric value.
In the absence of a specified gid, we'll fallback to the default existing
behaviour of `-` as the gid value, to automatically assign the next available
gid on the system.
In this way, individual errors in files can be treated differently than a
failure of the whole service.
A test is added to check that the expected value is returned.
Some parts are commented out, because it is not. This will be fixed in
a subsequent commit.
I opted to completely generate a unit for both mount points and swaps. For
swaps, it would be possible to use fixed template unit like systemd-mkswap@.service,
because there's no information passed except the device name. For mount points,
that's not possible because both the device name and file system type need to
be passed. Nevertheless, I expect that options will need to passed to both mkfs
and mkswap, in which case it'll be necessary to create units of both types
anyway.
Similar to the virtual ethernet driver veth, vxcan implements a
local CAN traffic tunnel between two virtual CAN network devices.
When creating a vxcan, two vxcan devices are created as pair
When one end receives the packet it appears on its pair and vice
versa. The vxcan can be used for cross namespace communication.
At some point before gcc-7 was released, -Wimplicit-fallthrough=3 was included
in -Wextra. The documentation for gcc-7.2.1-2.fc27.x86_64 still says that, but
empirical testing shows that it's not. The documentation also misstates that
-Wimplicit-fallthrough is equivalent to -Wimplicit-fallthrough=3.
Let's add -Wimplicit-fallthrough=3 explicitly to get the warnings if we regress.
Prompted by #7389.
So far I avoided adding license headers to meson files, but they are pretty
big and important and should carry license headers like everything else.
I added my own copyright, even though other people modified those files too.
But this is mostly symbolic, so I hope that's OK.
- Remove the uaccess tag from /dev/dri/renderD*.
- Change the owning group from video to render.
- Change default mode to 0666.
- Add an option to allow users to set the access mode for these devices at
compile time.
kmod upstream uses /lib/modprobe.d which means we need to use rootprefix
instead of prefix for installing the modprobe configuration file as
otherwise split-usr systems are broken.
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879191
The configuration option was called -Dresolve, but the internal define
was …RESOLVED. This options governs more than just resolved itself, so
let's settle on the version without "d".
The advantage is that is the name is mispellt, cpp will warn us.
$ git grep -Ee "conf.set\('(HAVE|ENABLE)_" -l|xargs sed -r -i "s/conf.set\('(HAVE|ENABLE)_/conf.set10('\1_/"
$ git grep -Ee '#ifn?def (HAVE|ENABLE)' -l|xargs sed -r -i 's/#ifdef (HAVE|ENABLE)/#if \1/; s/#ifndef (HAVE|ENABLE)/#if ! \1/;'
$ git grep -Ee 'if.*defined\(HAVE' -l|xargs sed -i -r 's/defined\((HAVE_[A-Z0-9_]*)\)/\1/g'
$ git grep -Ee 'if.*defined\(ENABLE' -l|xargs sed -i -r 's/defined\((ENABLE_[A-Z0-9_]*)\)/\1/g'
+ manual changes to meson.build
squash! build-sys: use #if Y instead of #ifdef Y everywhere
v2:
- fix incorrect setting of HAVE_LIBIDN2
This is a legacy of autotools, where one detection routine used a different
prefix then the others.
$ git grep -e HAVE_DECL_ -l|xargs sed -i s/HAVE_DECL_/HAVE_/g
Fixes#4871.
The new libmount has two changes relevant for us:
- x-* options are propagated to /run/mount/utab and are visible through
libmount (fixes#4817).
- umount -c now really works (partially solves #6115).
Routing Policy rule manipulates rules in the routing policy database control the
route selection algorithm.
This work supports to configure Rule
```
[RoutingPolicyRule]
TypeOfService=0x08
Table=7
From= 192.168.100.18
```
```
ip rule show
0: from all lookup local
0: from 192.168.100.18 tos 0x08 lookup 7
```
V2 changes:
1. Added logic to handle duplicate rules.
2. If rules are changed or deleted and networkd restarted
then those are deleted when networkd restarts next time
V3:
1. Add parse_fwmark_fwmask
Seems to be some kind of confusion in gcc. Insteading of playing whack-a-mole and
adding work-arounds in code, let's adjust the compilation options instead.
Fixes#6119, replaces #6657.
some run_target() calls were using params from custom_target()
example message:
WARNING: Passed invalid keyword argument "input". This will become a hard error in the future.
New way to call targets:
ninja man/man
ninja man/html
ninja man/update-man-rules