IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This patch changes the naming scheme for sas disks. The original names used
disk's sas address and lun, the new scheme uses sas address of the
nearest expander (if available) and a phy id of the used connection.
If no expander is used, the phy id of hba phy is used.
Note that names that refer to RAID or other abstract devices are
unchanged.
Name in raid configuration:
hba_pci_address-sas-raid_sas_address-lunY-partZ
Name in expander bare disk configuration:
hba_pci_address-sas-expander_sas_address-phyX-lunY-partZ
Name format without expanders:
hba_pci_address-sas-phyX-lunY-partZ
Signed-off-by: Maurizio Lombardi <mlombard@redhat.com>
This patch add support to specify path cost of the
bridge port to be configured via conf file.
Exampe: conf
file: br.netdev
[NetDev]
Name=br-test
Kind=bridge
file: br.network
[Match]
Name=em1
[Network]
Bridge=br-test
[BridgePort]
Cost=332
bridge link
2: em1 state UP : <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master
br-test state disabled priority 32 cost 332
We need original socket_fd around otherwise mac_selinux_get_child_mls_label
fails with -EINVAL return code. Also don't call setexeccon twice but rather pass
context value of SELinuxContext option as an extra argument.
This is useful inside of containers or local networks to intrdouce a
stable name of the default gateway host (in case of containers usually
the host, in case of LANs usually local router).
The errors are prefixed with "libxkbcommon" to provide some context,
because they are quite confusing without it. With the prefix, we at
least know where they come from.
If /etc was read only at boot time with an empty /etc/machine-id, the latter
will be mounted as a tmpfs and get reset at each boot. If the system becomes rw
later, this functionality enables to commit in a race-free manner the
transient machine-id to disk.
Generate the file name from ID_PATH plus the rfkill type (wlan,
bluetooth, ...) and ignore the rfkill device name, since it apparently
is not a stable identifier.
Also, ensure that devices disappearing don't result in broken services,
simply exit cleanly.
During upgrades and when transitioning between different systemd
versions in initrd and on the host we have to expect that some
serialization fields are unknown or parse incorrectly. This shouldn't
really be considered an error, hence downgrade the log messages about
it to debug. This way we can still trace it, but it doesn't confuse
users.
This kinda reverts 46849c3f.
This is the IP address of the default route on the link, if present. A
description is printed when available (the manufacturer of the gateway NIC based
on its MAC address).
In the future we should prefer LLDP information over MAC info.
The RFC says to encode an single empty TXT string instead of an empty
TXT array. It also says to treat a zero-length TXT RR as a TXT array
with a single zero-length string.
This is mostly likely the audit socket, and we really should close it
if we cannot make sense of it, since as long as it is open the kernel
might disable the kmsg forwarding of audit msgs, and we should avoid
that, since audit msgs might get completely lost then.
I also downgraded the log message we show a bit, after all things should
really work fine, and we proceed fine with it.
systemd-delta man page promises that multiple types of deltas will be
concatenated if they are listed with a comma as separator. Replace
FOREACH_WORD() with FOREACH_WORD_SEPARATOR() to restore the functionality.
It helps editing units by either creating a drop-in file, like
/etc/systemd/system/my.service.d/override.conf, or by copying the
original unit from /usr/lib/systemd/ to /etc/systemd/ if the --full
option is specified.
It invokes an editor on temporary files related to the unit files and
if the editor exited successfully, then it renames the temporary files
to their original names (e.g. my.service or override.conf) and
daemon-reload is invoked.
If the temporary file is empty the modification is canceled.
See https://bugzilla.redhat.com/show_bug.cgi?id=906824
Also accept '\r' as newline character.
This dropps warnings of the type:
invalid key/value pair in file /usr/lib/udev/rules.d/40-usb-media-players.rules
on line 26, starting at character 25 ('')
The current code would print the character following the first invalid
character.
Given an udev rules-file without a trailing newline we would otherwise print
garbage:
invalid key/value pair in file /usr/lib/udev/rules.d/40-usb-media-players.rules
on line 26, starting at character 25 ('m')
This is now changed to print
invalid key/value pair in file /usr/lib/udev/rules.d/40-usb-media-players.rules
on line 26, starting at character 25 ('')
(still not very good as printing \0 just gives the empty string)
Currently a property in the form of
FOO=bar
is stored as " FOO=bar", i.e. the property name contains a leading space.
That's quite hard to spot.
This patch discards all extra whitespaces but the first one which is required
by libudev's hwdb_add_property.
[zj: modify the check a bit]
https://bugs.freedesktop.org/show_bug.cgi?id=82311
When creating a new mount unit after an event on /proc/self/mountinfo,
check the mount options as well as the fstype to determine if this is a
remote mount that requires network access.
This is an attempt to add it the remote-fs dependencies to a mount unit
if the options change, like when the utab options are picked up after
mountinfo has already been processed. It just adds the remote-fs
dependencies, leaving the local-fs ones in place.
With this change I always get mount units with proper remote-fs
dependencies when mounted with the _netdev option.
Parsing the mount table with libmount races against the mount command,
which will handle the actual mounting before updating utab. This means
the poll event on /proc/self/mountinfo can kick of a reparse in systemd
before the utab information is available.
This change adds in an additional event source using inotify to watch
for changes to utab. It only watches for IN_MOVED_TO events, matching
libmount behavior of always overwriting this file using rename(2).
This does add a second pass through the mount table parsing when utab is
updated.
Let's do this right from the beginning, to prepare ground for udev
messages that most likely want to store list of strings (for device
tags) in messages, and filter on them.
The ID returned really doesn't identify the owner, but the bus instance,
hence fix this misnaming.
Also, update "busctl status" to show the ID in its output.
If the format string contains %m, clearly errno must have a meaningful
value, so we might as well use log_*_errno to have ERRNO= logged.
Using:
find . -name '*.[ch]' | xargs sed -r -i -e \
's/log_(debug|info|notice|warning|error|emergency)\((".*%m.*")/log_\1_errno(errno, \2/'
Plus some whitespace, linewrap, and indent adjustments.
Using:
find . -name '*.[ch]' | while read f; do perl -i.mmm -e \
'local $/;
local $_=<>;
s/(if\s*\([^\n]+\))\s*{\n(\s*)(log_[a-z_]*_errno\(\s*([->a-zA-Z_]+)\s*,[^;]+);\s*return\s+\g4;\s+}/\1\n\2return \3;/msg;
print;'
$f
done
And a couple of manual whitespace fixups.
Simplify unit_name_mangle() and unit_name_mangle_with_suffix() to
always behave the same, and only append a suffix if there is no
type suffix. If a user says 'isolate blah.device' it is better to
return an error that the type cannot be isolated, than to try to
isolate blah.device.target.
In show_all_names(), bus_map_all_properties() returns 1 on success which is
then used as the return code of show_all_names() and eventually main(). Exit
with zero in main() on all nonnegative results to guard against similar errors.
As a followup to 086891e5c1 "log: add an "error" parameter to all
low-level logging calls and intrdouce log_error_errno() as log calls
that take error numbers", use sed to convert the simple cases to use
the new macros:
find . -name '*.[ch]' | xargs sed -r -i -e \
's/log_(debug|info|notice|warning|error|emergency)\("(.*)%s"(.*), strerror\(-([a-zA-Z_]+)\)\);/log_\1_errno(-\4, "\2%m"\3);/'
Multi-line log_*() invocations are not covered.
And we also should add log_unit_*_errno().
This enables us to write things like this:
int open_some_file(void) {
fd = open("/dev/foobar", O_RDWR|O_CLOEXEC);
if (fd < 0)
return log_error_errno(errno, "Failed to reboot: %m");
return fd;
}
Which is function that returns -errno on failure, as well as printing an
error message, all in one line.
- Rename log_meta() → log_internal(), to follow naming scheme of most
other log functions that are usually invoked through macros, but never
directly.
- Rename log_info_object() to log_object_info(), simply because the
object should be before any other parameters, to follow OO-style
programming style.
This change has two benefits:
- The format string %m will now resolve to the specified error (or to
errno if the specified error is 0. This allows getting rid of a ton of
strerror() invocations, a function that is not thread-safe.
- The specified error can be passed to the journal in the ERRNO= field.
Now of course, we just need somebody to convert all cases of this:
log_error("Something happened: %s", strerror(-r));
into thus:
log_error_errno(-r, "Something happened: %m");
- actually return permission errors to clients
- use the right ucreds field
- fix error paths when we cannot keep track of locally acquired names
due to OOM
- avoid unnecessary global variables
- log when the policy denies access
- enforce correct policy rule order
- always request all the metadata its we need to make decisions
We got the following error when running systemd on a device with many ports:
"rtnl: kernel receive buffer overrun
Event source 'rtnl-receive-message' returned error, disabling: No buffer space
available"
I think the kernel socket receive buffer queue should be increased. The default
value is taken from:
"/proc/sys/net/core/rmem_default", but we can overwrite it using SO_RCVBUF
socket option.
This is already done in networkd for other sockets.
For example, the bus socket (sd-bus/bus-socket.c) has a receive queue of 8MB.
In our case, the default is 208KB.
Increasing the buffer receive queue for manager socket to 512KB should be enough
to get rid of the above error.
[tomegun: bump the limit even higher to 8M]
TXT records should have at least one character, so enforce this.
Before 0f84a72 parser SIGSEGV'd on ->txt.strings being NULL, but
even if this is fixed we should reject invalid TXT records.
Loops in RR compression were only detected for the first entry.
Multiple redirections should be allowed, each one checking for an
infinite loop on its own starting point.
Also update the pointer on each redirection to avoid longer loops of
labels and redirections, in names like:
(start) [len=1] "A", [ptr to start]
(David: rename variable to "jump_barrier" and add reference to RFC)
The previous fix e0312f4db "core: fix check for transaction
destructiveness" broke test-engine (noticed by Zbyszek).
Apparently I had a wrong idea of the intended semantics of --fail.
The manpage says the operation should fail if it "conflicts with a
pending job (more specifically: causes an already pending start job to
be reversed into a stop job or vice versa)".
So let's check job_type_is_conflicting, instead of !is_superset.
This makes both test-engine and TEST-03-JOBS pass again.
A strv might be NULL if it is empty. The txt.strings comparison doesn't
take that into account. Introduce strv_equal() to provide a proper helper
for this and fix resolve to use it.
Thanks to Stanisław Pitucha <viraptor@gmail.com> for reporting this!
The kdbus module will later get a policy that endpoint-names are
restricted to "<uid>-<name>" just like bus-names. Make sure that systemd
is already compatible to that.
Make screened character set consistent with unit_name_mangle() by splitting off
the escaping loop into a separate function.
Before this fix, unit names such as `foo@bar.target` would get transformed
into `foo\x40bar.target` when unit_name_mangle_with_suffix() is used.
https://bugs.freedesktop.org/show_bug.cgi?id=86711
When I tryed to run journalctl with --follow and --since arguments it
behaved very strangely.
First It prints logs from what I specified in --since argument, then
printed 10 lines (as is default in --follow) and when app put something
new in to log journalctl printed everithing from the last printed line.
How to reproduce:
1. run: journalctl -m --since 14:00 --follow
Then you'll see 10 lines of logs since 14:00. After that wait until some
app add something in the journal or just run `systemd-cat echo test`
2. After that journalctl will print every single line since 14:00 and will
follow as expected.
As long as --since and --follow will eventually print all relevant
lines, I seen no reason why not to print them right away and not after
first new message in journal.
Relevant bugzillas:
https://bugs.freedesktop.org/show_bug.cgi?id=71546https://bugs.freedesktop.org/show_bug.cgi?id=64291
For IPv6, the kernel returns EINVAL if a route is added with the
RTA_GATEWAY attribute set to in6addr_any (::). A route without a
gateway is useful in some situations, such as layer 3 tunneling
(sit, gre, etc.).
This patch prevents the RTA_GATEWAY attribute from being added
when route.in_addr is ip6addr_any (::).
This makes it possible to drop in logind configuration snippets from a
package or other configuration management mechanism.
Add documentation to the header of /etc/logind.conf pointing the user at
/etc/logind.conf.d/*.conf.
Introduce a new helper, conf_parse_many, to parse configuration files in
a search path.
Several different systemd tools define a nulstr containing a standard
series of configuration file directories, in /etc, /run, /usr/local/lib,
/usr/lib, and (#ifdef HAVE_SPLIT_USR) /lib. Factor that logic out into
a new helper macro, CONF_DIRS_NULSTR.
systemd-journald would refuse to start if it received an unknown
socket from systemd. This is annoying, because the failure more for
systemd-journald is unpleasant: systemd will keep restarting journald,
but most likely the same error will occur every time. It is better
to continue. journald will try to open missing sockets on its own,
so things should mostly work.
One question is whether to close the sockets which cannot be parsed or
to keep them open. Either way we might lose some messages. This
failure is most likely for the audit socket (selinux issues), which
can be opened multiple times so this not a problem, so I decided to
keep them open because it makes it easier to debug the issue after the
system is fully started.
systemd stops adding automatic dependencies on swap.target to swap
units. If a dependency is required, it has to be added by unit
configuration. fstab-generator did that already, except that now it is
modified to create a Requires or Wants type dependency, depending on
whether nofail is specified in /etc/fstab. This makes .swap units
obey the nofail/noauto options more or less the same as .mount units.
Documentation is extended to clarify that, and to make
systemd.mount(5) and system.swap(5) more similar. The gist is not
changed, because current behaviour actually matches existing
documentation.
https://bugs.freedesktop.org/show_bug.cgi?id=86488
This adds a new log_emergency() function, which is equivalent to
log_error() for non-PID-1, and logs at the highest priority for PID 1.
Some messages which occur before freezing are converted to use it.
When checking if the transaction is destructive, we need to check if the
previously installed job is a superset of the new job (and hence the new
job will fold into the installed one without changing it), not the other
way around.
Several functions called from transaction_activate() need to correctly
handle the case where a JOB_NOP job is being checked against a unit's
pending job. The assumption that JOB_NOP never merges with other job
types was correct, but since the job_type_is_*() functions are
implemented using the merge lookup, they need to special-case JOB_NOP
to avoid hitting assertion failures.
This makes udevadm trigger mirror udevadm info, except that multiple
device names can be specified. Instructions in 60-keyboard.hwdb should
now actually work.
udevadm(8) is updated, but it could use a bit more polishing.
https://bugs.freedesktop.org/show_bug.cgi?id=82311
On the system and user busses we create it's the receiver that chooses
which metadata is attched, not the sender, hence set the requirement
mask to ANY, to allow any current of future credential bit to be
attached.
Also:
- adds support for euid, suid, fsuid, egid, sgid, fsgid fields.
- makes augmentation of creds with data from /proc explicitly
controllable to give apps better control over this, given that this is
racy.
- enables augmentation for kdbus connections (previously we only did it
for dbus1). This is useful since with recent kdbus versions it is
possible for clients to control the metadata they want to send.
- changes sd_bus_query_sender_privilege() to take the euid of the client
into consideration, if known
- when we don't have permissions to read augmentation data from /proc,
don't fail, just don't add the data in
Properly forward all XKB messages. You can use XKB_LOG_VERBOSITY= to
control the amount of messages sent by XKB. We explicitly set
XKB_LOG_LEVEL to 7 you can use SYSTEMD_LOG_LEVEL to control the log-level
generically.
Before forwarding keyboard events, feed them into possible compose tables.
This enables Compose-key and Dead-key features.
Few notes:
* REPEAT events are never fed into compose tables. It just doesn't make
sense and is usually not wanted. Compose-sequences are usually hard to
remember and take time to type. Thus, the REPEAT event of the
Compose-key itself would often cancel the compose sequence already.
* Stop resolving symbols for UP events. Anything but keycodes is never
associated to a physical key, but is a one-time action. There is
nothing like UP events for key-symbols!
* Cancel compose-sequences on Multi-Key UP. See the inline comment. We
should make this configurable!
Add support for compose files to idev-keyboard. This requires
libxkbcommon-0.5.0, which is pretty new, but should be fine.
We don't use the compose-files, yet. Further commits will put life into
them.
In service file, if the file has some of special SMACK label in
ExecStart= and systemd has no permission for the special SMACK label
then permission error will occurred. To resolve this, systemd should
be able to set its SMACK label to something accessible of ExecStart=.
So introduce new SmackProcessLabel. If label is specified with
SmackProcessLabel= then the child systemd will set its label to
that. To successfully execute the ExecStart=, accessible label should
be specified with SmackProcessLabel=.
Additionally, by SMACK policy, if the file in ExecStart= has no
SMACK64EXEC then the executed process will have given label by
SmackProcessLabel=. But if the file has SMACK64EXEC then the
SMACK64EXEC label will be overridden.
[zj: reword man page]
Introduce a new optional dependency on libxkbcommon for systemd-localed.
Whenever the x11 keymap settings are changed, use libxkbcommon to compile
the keymap. If the compilation fails, print a warning so users will get
notified.
On compilation failure, we still update the keymap settings for now. This
patch just introduces the xkbcommon infrastructure to have keymap
validation in place. We can later decide if/how we want to enforce this.
For plain dm-crypt devices, the behavior of cryptsetup package is to
ignore the hash algorithm when a key file is provided. It seems wrong
to ignore a hash when it is explicitly specified, but we should default
to no hash if the keyfile is specified.
https://bugs.freedesktop.org/show_bug.cgi?id=52630
strv_extend returns 0 in the case of success which means that
else if (bus_track_deserialize_item(&m->deserialized_subscribed, l) == 0)
log_warning("Unknown serialization item '%s'", l);
will be printed when value is added correctly.
commit 79d80fc146 introduced a regression that
prevents mounting a tmpfs if the mount point already exits in the container's
root file system. This commit fixes the problem by ignoring EEXIST.
systemd-run would fail when run with -M or -H and an absolute path,
if this path did not exists locally. Allow it to continue, since we
don't have a nice way of checking if the binary exists remotely.
The case where -M or -H is used and a local path is unchanged, and we
still iterate over $PATH to find the binary. We need to convert to an
absolute path, and we don't have a nice mechanism to check remotely,
so we assume that the binary will be located in the same place locally
and remotely.
http://lists.freedesktop.org/archives/systemd-devel/2014-November/025418.html
Mips has getrandom() too, but there's just too many variants
for me too care. Either someone who cares does it, or they get
compile-time warnings with old kernel headers.
--link-journal={host,guest} fail if the host does not have persistent
journalling enabled and /var/log/journal/ does not exist. Even worse, as there
is no stdout/err any more, there is no error message to point that out.
Introduce two new modes "try-host" and "try-guest" which don't fail in this
case, and instead just silently skip the guest journal setup.
Change -j to mean "try-guest" instead of "guest", and fix the wrong --help
output for it (it said "host" before).
Change systemd-nspawn@.service.in to use "try-guest" so that this unit works
with both persistent and non-persistent journals on the host without failing.
https://bugs.debian.org/770275
