1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 06:25:37 +03:00
Commit Graph

62521 Commits

Author SHA1 Message Date
Lennart Poettering
a38cf9fb96 sd-event: allocate event source objects with the actually needed size
Currently we allocate fixed-size memory for event sources: the largest
any of the event source type needs. Discrepancy in the sizes needed for
the various event sources is quite major however: it's 144 bytes on
x86_64, i.e. more than two cache lines.

hence, let's be a tiny bit more careful, and allocate exactly as much as
we need, but not more.
2023-02-17 10:09:30 +01:00
Lennart Poettering
d6e9e8c7b9 macro: add macro for determining size of struct with trailing union 2023-02-17 10:09:30 +01:00
Yu Watanabe
d51e31ac41 test-execute: also mount tmpfs on /dev/shm
Otherwise, if /dev/shm has a directory that cannot be accessible by
unprivileged user, then we cannot pick a dynamic user, and test service
may fail with unexpected error code:
---
Failed to enter shared memory directory /dev/shm/systemd-watch-bind-BqAGlN: Permission denied
exec-dynamicuser-supplementarygroups.service: Failed to update dynamic user credentials: Device or resource busy
exec-dynamicuser-supplementarygroups.service: Failed at step USER spawning /bin/sh: Device or resource busy
src/test/test-execute.c:885:test_exec_dynamicuser: exec-dynamicuser-supplementarygroups.service: can_unshare=no: exit status 217, expected 216
---

Follow-up for 4e032f654b.
2023-02-17 09:55:05 +01:00
Yu Watanabe
8c2264abb9 cryptsetup: check the existence of salt by salt_size > 0
Follow-up for 504d0acf61.

The function may be called with non-NULL salt and salt_size == 0.
2023-02-17 09:46:25 +01:00
Lennart Poettering
79c8e46d23
Merge pull request #26453 from yuwata/activate-main
activate: use DEFINE_MAIN_FUNCTION() macro
2023-02-17 09:45:52 +01:00
Lennart Poettering
2610de2f84
Merge pull request #26452 from yuwata/journalctl-main-func
journalctl: use DEFINE_MAIN_FUNCTION() macro
2023-02-17 09:44:19 +01:00
Yu Watanabe
9c9e1ceecc activate: use _cleanup_close_ attribute 2023-02-17 09:49:51 +09:00
Yu Watanabe
a723521fd2 activate: use log_set_open_when_needed()
Otherwise, several error logs may not be shown.
2023-02-17 09:49:51 +09:00
Yu Watanabe
a601e702d5 activate: fix typo 2023-02-17 09:49:51 +09:00
Yu Watanabe
8f3d186549 activate: use DEFINE_MAIN_FUNC() macro 2023-02-17 09:49:51 +09:00
Yu Watanabe
d6467dc604 journalctl: fix fd leak 2023-02-17 09:13:22 +09:00
Yu Watanabe
9556e79be5 journalctl: use DEFINE_MAIN_FUNCTION() macro 2023-02-17 09:12:06 +09:00
Frantisek Sumsal
ca8b1d68c5 test: avoid matching other fields than __SEQNUM=
The current unanchored grep sometimes matches MESSAGE=/_CMDLINE= fields
that contain "__SEQNUM=" instead of just the __SEQNUM= field, causing
spurious test fails:

[  721.546372] testsuite-04.sh[1013]: ++ cut -d= -f2
[  721.555858] testsuite-04.sh[1011]: ++ journalctl -o export -n 1
[  721.573037] testsuite-04.sh[1012]: ++ grep -a __SEQNUM=
[  721.767294] testsuite-04.sh[562]: + SEQNUM1='495773
[  721.769671] testsuite-04.sh[562]: ++ grep -a __SEQNUM
[  721.771323] testsuite-04.sh[562]: grep -a __SEQNUM'
[  721.772938] testsuite-04.sh[562]: + systemd-cat echo yo
[  721.921413] testsuite-04.sh[562]: + journalctl --sync
[  722.088945] testsuite-04.sh[1018]: ++ journalctl -o export -n 1
[  722.104040] testsuite-04.sh[1019]: ++ grep -a __SEQNUM=
[  722.117239] testsuite-04.sh[1020]: ++ cut -d= -f2
[  722.314936] testsuite-04.sh[562]: + SEQNUM2=495786
[  722.317906] testsuite-04.sh[562]: + test 495786 -gt '495773
[  722.319737] testsuite-04.sh[562]: ++ grep -a __SEQNUM
[  722.321609] testsuite-04.sh[562]: grep -a __SEQNUM'
[  722.323536] testsuite-04.sh[562]: /usr/lib/systemd/tests/testdata/units/testsuite-04.sh: line 276: test: 495773
[  722.325744] testsuite-04.sh[562]: ++ grep -a __SEQNUM
[  722.327498] testsuite-04.sh[562]: grep -a __SEQNUM: integer expression expected
[  722.329528] testsuite-04.sh[562]: + journalctl --rotate --vacuum-size=16M

$ build/journalctl --file /var/tmp/systemd-test.0HpVjt/system.journal -o export | grep -a __SEQNUM=
...
__SEQNUM=214849
__SEQNUM=214850
MESSAGE=++ grep -a __SEQNUM=
_CMDLINE=grep -a __SEQNUM=
__SEQNUM=214851
...
__SEQNUM=214860
MESSAGE=++ grep -a __SEQNUM=
_CMDLINE=grep -a __SEQNUM=
__SEQNUM=214861
__SEQNUM=214862
__SEQNUM=214863
...

Let's anchor the expression to avoid this.

Follow-up to f28ed2c1be.
2023-02-17 07:03:00 +09:00
Yu Watanabe
b038a44d44
Merge pull request #26271 from d-hatayama/fix_sulogin_shell
sulogin: fix control lost of the current terminal when default.target…
2023-02-17 06:52:03 +09:00
Jan Janssen
f92428eae5 boot: Fix assertion failure
The TPM code expects a description unless the PCR index indicates that
no measurements have to take place. The assert was preempting this
check from happening.

Fixes: #26428
2023-02-17 05:01:53 +09:00
Samanta Navarro
2d5ccb0818 bootctl: Fix debug messages
Remove duplicate KERNEL_INSTALL_MACHINE_ID from message and also
specify the correct origin of layout variable.

Signed-off-by: Samanta Navarro <ferivoz@riseup.net>
2023-02-16 16:37:02 +00:00
Lennart Poettering
1e344c1dc7 log: add common helper log_set_target_and_open()
quite often we want to set a log target and immediately open it. Add a
common helper for that.
2023-02-16 16:32:41 +01:00
Luca Boccassi
05dd602e50
Merge pull request #26435 from poettering/pid1-seccomp-disable-fix
pid1: fix handling of SystemCallArchitectures= if seccomp is off
2023-02-16 14:49:52 +00:00
Yu Watanabe
dbfc096095 core/mount: fix default target for /sysusr/usr and its child
Follow-up for 29a24ab28e.
2023-02-16 14:49:30 +00:00
Paul Barker
7f9a6295c3 man: Fix spelling mistake 2023-02-16 15:43:47 +01:00
Lennart Poettering
1334070157 update TODO 2023-02-16 14:07:03 +01:00
HATAYAMA Daisuke
937ca8330d sulogin: fix control lost of the current terminal when default.target is rescue.target
When default.target is rescue.target, exiting from the single-user shell
results in lost of the control of the current terminal. This is because the
operation performed to continue to boot is systemctl default but default.target
is now rescue.target and it is already active. Hence, no new process that
controls the current terminal is created. Users need to make hardware reset to
recover the situation.

This sounds like a bit corner case issue and some might feel configuring
default.target as rescue.target is odd because there are several other ways to
transition to rescue.mode without configuring default.target to rescue.target
such as systemctl rescue or systemd.unit=rescue.target something like
that. However, users unfamiliar with systemd operations tend to come up with
systemctl set-default rescue.target.

To fix this issue, let's transition to default.target only when default.target
is inactive. Otherwise, invoke the single-user shell again to keep control of
the current terminal for users.

This new logic depends on whether D-Bus working well. Exiting without any check
of result of systemctl default could lead to again the control lost of the
current terminal. Hence, add checking results of each D-Bus operations
including systemctl default and invoke the single-user shell if they fail.
2023-02-16 07:22:23 -05:00
Lennart Poettering
2264a20d91 execute: drop spurious empty line 2023-02-16 11:48:18 +01:00
Lennart Poettering
6aa2c55522 pid1: generate compat warning for SystemCallArchitectures= if seccomp is off 2023-02-16 11:48:18 +01:00
Luca Boccassi
bbb40c4e6f mkosi: configure multiarch libdir in debian/ubuntu builds
Debian/Ubuntu use /usr/lib/<triplet> instead of /usr/lib64, so configure it
accordingly. This is especially important for cryptsetup token plugins,
as cryptsetup comes from the distro and is configured to look into those
directories.
2023-02-16 11:30:32 +01:00
Dan Streetman
0d7009d35d tpm2: fix build failure without openssl 2023-02-16 10:02:58 +01:00
Daan De Meyer
7f3e4c9489 mkosi: Enable debug logging in CI
"Failed to dissect image: connection timed out" messages have been
appearing sporadically in mkosi CI. Let's enable debug logging to
help figure out why.
2023-02-15 20:02:54 +00:00
Frantisek Sumsal
9259d71d50 journalctl: actually run the static destructors
In journalctl we don't run the static destructors defined via
the STATIC_DESTRUCTOR_REGISTER() macro, since it requires a corresponding
static_destruct() call. In most cases this is handled by
the DEFINE_(TEST_)?MAIN*() macros, but journalctl defines its own main
function, so let's handle that as well.

$ valgrind --suppressions=valgrind.supp --show-leak-kinds=all --leak-check=full build/journalctl --no-pager -u system.slice -n 10 >/dev/null
==2778093== Memcheck, a memory error detector
==2778093== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==2778093== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
==2778093== Command: build/journalctl --no-pager -u system.slice -n 10
==2778093==
==2778093==
==2778093== HEAP SUMMARY:
==2778093==     in use at exit: 8,221 bytes in 4 blocks
==2778093==   total heap usage: 458 allocs, 454 frees, 255,182 bytes allocated
==2778093==
==2778093== 13 bytes in 1 blocks are still reachable in loss record 1 of 4
==2778093==    at 0x484586F: malloc (vg_replace_malloc.c:381)
==2778093==    by 0x4DA256D: strdup (strdup.c:42)
==2778093==    by 0x4ADB747: strv_extend_with_size (strv.c:544)
==2778093==    by 0x405386: strv_extend (strv.h:45)
==2778093==    by 0x40816F: parse_argv (journalctl.c:933)
==2778093==    by 0x40EAB5: main (journalctl.c:2111)
==2778093==
==2778093== 16 bytes in 1 blocks are still reachable in loss record 2 of 4
==2778093==    at 0x484578A: malloc (vg_replace_malloc.c:380)
==2778093==    by 0x484A70B: realloc (vg_replace_malloc.c:1437)
==2778093==    by 0x4ADB2A3: strv_push_with_size (strv.c:423)
==2778093==    by 0x4ADB620: strv_consume_with_size (strv.c:496)
==2778093==    by 0x4ADB770: strv_extend_with_size (strv.c:548)
==2778093==    by 0x405386: strv_extend (strv.h:45)
==2778093==    by 0x40816F: parse_argv (journalctl.c:933)
==2778093==    by 0x40EAB5: main (journalctl.c:2111)
==2778093==
==2778093== LEAK SUMMARY:
==2778093==    definitely lost: 0 bytes in 0 blocks
==2778093==    indirectly lost: 0 bytes in 0 blocks
==2778093==      possibly lost: 0 bytes in 0 blocks
==2778093==    still reachable: 29 bytes in 2 blocks
==2778093==         suppressed: 8,192 bytes in 2 blocks
==2778093==
==2778093== For lists of detected and suppressed errors, rerun with: -s
==2778093== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
2023-02-15 20:01:54 +00:00
Joan Bruguera
3dd6336ad0 resolved: Fall back to TCP if UDP is blocked
If UDP is blocked on the system (e.g. by iptables or BPF), the kernel will
return EPERM on some or all of the system calls (connect, sendmsg, etc.).
In this case, try to fall back to TCP, which hopefully will not be blocked.
2023-02-15 20:01:39 +00:00
Luca Boccassi
53fda560dc core: add support for Startup memory limits
We support separate Startup configurations for CPU and I/O, so
add it for memory too. Only cover cgroupsv2 settings.
2023-02-15 20:01:16 +00:00
Mike Yuan
f129d0e77c vconsole: allow setting default keymap through build option
Allow defining the default keymap to be used by
vconsole-setup through a build option. A template
vconsole.conf also gets populated by tmpfiles if
it doesn't exist.
2023-02-15 20:00:51 +00:00
Mike Yuan
0688bea163 journal: cat: set JOURNAL_STREAM before exec-ing
Make the behavior of systemd-cat match
that of core/execute.

Closes #25880
2023-02-15 19:59:50 +00:00
Luca Boccassi
010c73c68e
Merge pull request #26307 from yuwata/test-execute-credentials
test-execute: drop capabilities when testing with user manager
2023-02-15 19:59:28 +00:00
Luca Boccassi
6f97aae029
Merge pull request #26213 from poettering/journal-rework-seqnum
journal sequence number rework
2023-02-15 19:58:58 +00:00
Luca Boccassi
8dcfecc833
Merge pull request #26410 from DaanDeMeyer/xattr-symlink
Copy symlink xattrs
2023-02-15 19:55:04 +00:00
Luca Boccassi
477fdc5afe NEWS: finalize 2023-02-15 19:11:52 +00:00
Luca Boccassi
3c145b7d04
Merge pull request #26427 from bluca/hwdb
Update news and hwdb
2023-02-15 19:08:36 +00:00
Luca Boccassi
0c1f5d50be hwdb: update 2023-02-15 18:05:43 +00:00
Luca Boccassi
1233a7cf1b NEWS: update contributors list 2023-02-15 18:03:15 +00:00
Luca Boccassi
504d0acf61 cryptsetup: do not assert when unsealing token without salt
Salt was added in v253. We are not checking whether it was actually found
(non-zero size), so when an old tpm+pin enrollment is opened things go boom.
For good measure, check both the buffer and the size in both places.

Assertion 'saltlen > 0' failed at src/shared/tpm2-util.c:2490, function tpm2_util_pbkdf2_hmac_sha256(). Aborting.
2023-02-15 18:01:28 +00:00
Yu Watanabe
c126c8ac81 ukify: fix padding length 2023-02-15 18:01:02 +00:00
Luca Boccassi
9ecf865433
Merge pull request #26417 from yuwata/sysusers-root-group
sysusers: also create root group
2023-02-15 17:03:59 +00:00
Yu Watanabe
fff1edc9f9
Merge pull request #26424 from ldv-alt/fix-typos
Fix a few typos in NEWS, docs and comments
2023-02-16 00:10:18 +09:00
Raul Tambre
6b4dc4d2f8 man/tc: Fix hexadecimals being with an O 2023-02-15 16:03:28 +01:00
Dmitry V. Levin
30fd9a2dab treewide: fix a few typos in NEWS, docs and comments 2023-02-15 10:41:03 +00:00
Yu Watanabe
729045ffae NEWS: mention that the default mDNS mode is now "yes"
C.f. issue #25252, PR #25255, and
RHBZ#2169786 (https://bugzilla.redhat.com/show_bug.cgi?id=2169786).
2023-02-15 10:41:03 +00:00
Dmitry V. Levin
8d3473f01d src: fix several typos in log messages 2023-02-15 10:41:03 +00:00
HATAYAMA Daisuke
2ffbf44344 sulogin: use DEFINE_MAIN_FUNCTION()
Let's use DEFINE_MAIN_FUNCTION() as the other commands for consistency.

This commit should be no functional change.
2023-02-14 22:10:13 -05:00
Yu Watanabe
6f31095105 test-sysusers: add test for basic.conf 2023-02-15 10:54:25 +09:00
Yu Watanabe
9361a712f8 sysusers: also add root group
Follow-up for 49bb7fe5f8.

Fixes an issue reported at
https://github.com/systemd/systemd/pull/26270#issuecomment-1428945403.
2023-02-15 10:29:10 +09:00