1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

15130 Commits

Author SHA1 Message Date
Lennart Poettering
bd30fdf213 journal-file: always generate the same error when encountering corrupted files
Let's make sure EBADMSG is the one error we throw when we encounter corrupted
data, so that we can neatly test for it.
2016-04-26 12:00:03 +02:00
Lennart Poettering
d00f1d57cc journal: when dumping journal contents, react nicer to lines we can't read
If journal files are not cleanly closed it might happen that intermediaery
journal entries cannot be read. Handle this nicely, skip over the unreadable
entries, and log a debug message about it; after all we generally follow the
logic that we try to make the best of corrupted files.
2016-04-26 12:00:03 +02:00
Lennart Poettering
50809d7a9c sd-journal: detect earlier if we try to read an object from an invalid offset
Specifically, detect early if we try to read from offset 0, i.e. are using
uninitialized offset data.
2016-04-26 12:00:02 +02:00
Zbigniew Jędrzejewski-Szmek
1000522a60 systemd --user: call pam_loginuid when creating user@.service (#3120)
This way the user service will have a loginuid, and it will be inherited by
child services. This shouldn't change anything as far as systemd itself is
concerned, but is nice for various services spawned from by systemd --user
that expect a loginuid.

pam_loginuid(8) says that it should be enabled for "..., crond and atd".
user@.service should behave similarly to those two as far as audit is
concerned.

https://bugzilla.redhat.com/show_bug.cgi?id=1328947#c28
2016-04-26 11:19:10 +02:00
Zbigniew Jędrzejewski-Szmek
47005cf1cf Merge pull request #3109 from poettering/journal-by-fd
rework "journalctl -M"
2016-04-25 15:57:36 -04:00
Zbigniew Jędrzejewski-Szmek
61837e19c6 Merge pull request #3114 from poettering/journalctl-b
Fix endless loops in journalctl --list-boots (closes #617).
2016-04-25 15:56:17 -04:00
Lennart Poettering
f56012a57c machined: generate a nicer error when the user tries "machinectl clone" on non-btrfs file systems (#3117)
Fixes: #2060

(Of course, in the long run, we should probably add a copy-based fall-back. But
given how slow that is, this probably requires some asynchronous forking logic
like the CopyFrom() and CopyTo() method calls already implement.)
2016-04-25 15:37:51 -04:00
Lennart Poettering
0b2de9d90d core: fix description of "resources" service error (#3119)
The "resources" error is really just the generic error we return when
we hit some kind of error and we have no more appropriate error for the case to
return, for example because of some OS error.

Hence, reword the explanation and don't claim any relation to resource limits.

Admittedly, the "resources" service error is a bit of a misnomer, but I figure
it's kind of API now.

Fixes: #2716
2016-04-25 15:36:25 -04:00
Lennart Poettering
e2aa7c3a39 Merge pull request #3113 from ssahani/route-fix
netwotkd: fix address and route conf
2016-04-25 20:02:03 +02:00
Vito Caputo
b8f99e27e1 journal: fix already offline check and thread leak (#2810)
Early in journal_file_set_offline() f->header->state is tested to see if
it's != STATE_ONLINE, and since there's no need to do anything if the
journal isn't online, the function simply returned here.

Since moving part of the offlining process to a separate thread, there
are two problems here:

1. We can't simply check f->header->state, because if there is an
offline thread active it may modify f->header->state.

2. Even if the journal is deemed offline, the thread responsible may
still need joining, so a bare return may leak the thread's resources
like its stack.

To address #1, the helper journal_file_is_offlining() is called prior to
accessing f->header->state.

If journal_file_is_offlining() returns true, f->header->state isn't even
checked, because an offlining journal is obviously online, and we'll
just continue with the normal set offline code path.

If journal_file_is_offlining() returns false, then it's safe to check
f->header->state, because the offline_state is beyond the point of
modifying f->header->state, and there's a memory barrier in the helper.

If we find f->header->state is != STATE_ONLINE, then we call the
idempotent journal_file_set_offline_thread_join() on the way out of the
function, to join a potential lingering offline thread.
2016-04-25 19:58:16 +02:00
Lennart Poettering
52051dd84c journalctl: turn --unit= in combination with --user into --user-unit=
Let's be nice to users, and let's turn the nonsensical "--unit=… --user" into
"--user-unit=…" which the user more likely meant.

Fixes #1621
2016-04-25 19:29:01 +02:00
Lennart Poettering
2daa9cbdda sd-journal: "soft" deprecate sd_journal_open_container()
Let's document the call as deprecated, since it doesn't cover containers with
directories that aren#t visible to the host properly.
2016-04-25 19:29:01 +02:00
Lennart Poettering
d38c62cc76 journalctl: port --machine= switch to use machined's OpenMachineRootDirectory()
This way, the switch becomes compatible with nspawn containers using --image=,
and those which only store journal data in /run (i.e. have persistant logs
off).

Fixes: #49
2016-04-25 19:29:01 +02:00
Lennart Poettering
dc00966228 journalctl: don't trust the per-field entry tables when looking for boot IDs
When appending to a journal file, journald will:

a) first, append the actual entry to the end of the journal file
b) second, add an offset reference to it to the global entry array stored at
   the beginning of the file
c) third, add offset references to it to the per-field entry array stored at
   various places of the file

The global entry array, maintained by b) is used when iterating through the
journal without matches applied.

The per-field entry array maintained by c) is used when iterating through the
journal with a match for that specific field applied.

In the wild, there are journal files where a) and b) were completed, but c)
was not before the files were abandoned. This means, that in some cases log
entries are at the end of these files that appear in the global entry array,
but not in the per-field entry array of the _BOOT_ID= field. Now, the
"journalctl --list-boots" command alternatingly uses the global entry array
and the per-field entry array of the _BOOT_ID= field. It seeks to the last
entry of a specific _BOOT_ID=field by having the right match installed, and
then jumps to the next following entry with no match installed anymore, under
the assumption this would bring it to the next boot ID. However, if the
per-field entry wasn't written fully, it might actually turn out that the
global entry array might know one more entry with the same _BOOT_ID, thus
resulting in a indefinite loop around the same _BOOT_ID.

This patch fixes that, by updating the boot search logic to always continue
reading entries until the boot ID actually changed from the previous. Thus, the
per-field entry array is used as quick jump index (i.e. as an optimization),
but not trusted otherwise.  Only the global entry array is trusted.

This replaces PR #1904, which is actually very similar to this one. However,
this one actually reads the boot ID directly from the entry header, and doesn't
try to read it at all until the read pointer is actually really located on the
first item to read.

Fixes: #617

Replaces: #1904
2016-04-25 18:08:42 +02:00
Lennart Poettering
0808b92f02 journalctl: improve output of --header a bit
Show the various timestamps in hexadecimal too. This is useful for matching the
timestamps included in cursor strings (which are encoded in hex, too), with the
references in the journal header.
2016-04-25 18:06:47 +02:00
Lennart Poettering
d2773e59de nspawn: explicitly remove veth links after use (#3111)
* sd-netlink: permit RTM_DELLINK messages with no ifindex

This is useful for removing network interfaces by name.

* nspawn: explicitly remove veth links we created after use

Sometimes the kernel keeps veth links pinned after the namespace they have been
joined to died. Let's hence explicitly remove veth links after use.

Fixes: #2173
2016-04-25 17:36:51 +02:00
Lennart Poettering
d1bf9dc963 journalctl: simplify discover_next_boot() a bit
Drop the "read_realtime" parameter. Getting the realtime timestamp from an
entry is cheap, as it is a normal header field, hence let's just get this
unconditionally, and simplify our code a bit.
2016-04-25 16:37:09 +02:00
Lennart Poettering
d4723fb501 journalctl: simplify get_boots() a bit, by getting rid of one BootId object
Let's store the reference as simple sd_id128_t, since we don't actually need a
BootId for it.
2016-04-25 16:34:55 +02:00
Lennart Poettering
c4fbc6b6e4 journalctl: add some explanatory comments to get_boots() 2016-04-25 16:34:55 +02:00
Lennart Poettering
d077390cdf sd-journal: add logic to open journal files of a specific OS tree
With this change a new flag SD_JOURNAL_OS_ROOT is introduced. If specified
while opening the journal with the per-directory calls (specifically:
sd_journal_open_directory() and sd_journal_open_directory_fd()) the passed
directory is assumed to be the root directory of an OS tree, and the journal
files are searched for in /var/log/journal, /run/log/journal relative to it.

This is useful to allow usage of sd-journal on file descriptors returned by the
OpenRootDirectory() call of machined.
2016-04-25 15:24:46 +02:00
Lennart Poettering
ae20320785 machined: add new OpenRootDirectory() call to Machine objects
This new call returns a file descriptor for the root directory of a container.
This file descriptor may then be used to access the rest of the container's
file system, via openat() and similar calls. Since the file descriptor returned
is for the file system namespace inside of the container it may be used to
access all files of the container exactly the way the container itself would
see them. This is particularly useful for containers run directly from
loopback media, for example via systemd-nspawn's --image= switch. It also
provides access to directories such as /run of a container that are normally
not accessible to the outside of a container.

This replaces PR #2870.

Fixes: #2870
2016-04-25 15:24:46 +02:00
Lennart Poettering
5d1ce25728 sd-journal: add API for opening journal files or directories by fd
Also, expose this via the "journalctl --file=-" syntax for STDIN. This feature
remains undocumented though, as it is probably not too useful in real-life as
this still requires fds that support mmaping and seeking, i.e. does not work
for pipes, for which reading from STDIN is most commonly used.
2016-04-25 15:24:46 +02:00
Lennart Poettering
cb306f5d50 sd-journal: minor simplification 2016-04-25 12:00:03 +02:00
Lennart Poettering
0f7488722d journalctl: improve error message when we have trouble reading journal files
Let's output the actual error code encountered, and let's not claim this was
purely triggered by files, because it can also be triggered by directories.
2016-04-25 12:00:03 +02:00
Lennart Poettering
f637726130 sd-journal: properly collect errors from readdir()
Let's also collect errors returned by readdir() into our set of errors, like we
do this for all other errors from journal files.
2016-04-25 12:00:03 +02:00
Lennart Poettering
430fbf8e7f journal: add inotify watches by-fd instead of by-path
This is slightly nicer, since we actually watch the directories we opened and
enumerate. However, primarily this is preparation for adding support for
opening journal files by fd without specifying any path, to be added in a later
commit.
2016-04-25 12:00:03 +02:00
Susant Sahani
5215524dbe networkd: Address- initialize the node before adding to list.
It make more sense to initalize the node first then
we add to the list.
2016-04-25 12:38:56 +05:30
Susant Sahani
cacc1dbf17 networkd: Fix route properties.
We are not able to add multiple properties.

wlp3s0.network:
[Match]
Name=wlp3s0

[Route]
Gateway=10.68.5.26
Metric=10

 sudo ./systemd-networkd
Failed to parse file '/usr/lib/systemd/network/wlp3s0.network': File
exists
Could not load configuration files: File exists

This patch fixes it.
2016-04-25 12:37:10 +05:30
Lennart Poettering
368d264387 machinectl: don't parse command line switches after "shell" verb (#3095)
Fixes: #2420
2016-04-22 21:01:55 -04:00
Thomas H. P. Andersen
0f5e13822d tree-wide: remove unused variables (#3098) 2016-04-22 20:49:07 -04:00
Zbigniew Jędrzejewski-Szmek
86ec5e5e29 Merge pull request #3094 from poettering/run-slice
systemd-run: fix --slice= in conjunction with --scope
2016-04-22 14:04:38 -04:00
Klearchos Chaloulos
9ba37525d0 journal-remote : Ensure reallocation of source->buf does not result in source->size < source->filled (#3086)
While the function journal-remote-parse.c:get_line() enforces an assertion that source->filled <= source->size, in function journal-remote-parse.c:process_source() there is a chance that source->size will be decreased to a lower value than source->filled, when source->buf is reallocated. Therefore a check is added that ensures that source->buf is reallocated only when source->filled is smaller than target / 2.
2016-04-22 14:04:17 -04:00
Lennart Poettering
37e605f934 run: make --slice= work in conjunction with --scope
Fixes: #2991
2016-04-22 17:31:40 +02:00
Lennart Poettering
aea529e5b2 core: don't dispatch load queue when setting Slice= for transient units
Let's be more careful when setting up the Slice= property of transient units:
let's use manager_load_unit_prepare() instead of manager_load_unit(), so that
the load queue isn't dispatched right away, because our own transient unit is
in it, and we don#t want to have it loaded until we finished initializing it.
2016-04-22 17:30:08 +02:00
Lennart Poettering
5bda1f47b3 machinectl: fix misplaced newline in --help output 2016-04-22 17:14:30 +02:00
Lennart Poettering
991e274b61 journalctl: add --no-hostname switch
This suppresses output of the hostname for messages from the local system.

Fixes: #2342
2016-04-22 16:16:59 +02:00
Lennart Poettering
bb321ed9a3 journalctl: add output mode where time is shown in seconds since 1st Jan 1970 UTC
aka "UNIX time".

Fixes: #2120
2016-04-22 16:16:59 +02:00
Lennart Poettering
766cd08152 shared: move output_mode_to_string() into output-mode.c
After all, the enum definition is in output-mode.h
2016-04-22 16:16:59 +02:00
Lennart Poettering
03532f0ae0 coredump,basic: generalize O_TMPFILE handling a bit
This moves the O_TMPFILE handling from the coredumping code into common library
code, and generalizes it as open_tmpfile_linkable() + link_tmpfile(). The
existing open_tmpfile() function (which creates an unlinked temporary file that
cannot be linked into the fs) is renamed to open_tmpfile_unlinkable(), to make
the distinction clear. Thus, code may now choose between:

 a) open_tmpfile_linkable() + link_tmpfile()
 b) open_tmpfile_unlinkable()

Depending on whether they want a file that may be linked back into the fs later
on or not.

In a later commit we should probably convert fopen_temporary() to make use of
open_tmpfile_linkable().

Followup for: #3065
2016-04-22 16:16:53 +02:00
Lennart Poettering
f8591ee1b6 systemctl: add two minor assert()s 2016-04-22 16:06:20 +02:00
Lennart Poettering
8f1e0ad415 path-lookup: optimize a common strv copy operation away
Follow-up for:

https://github.com/systemd/systemd/pull/3033#discussion_r59689398
2016-04-22 16:06:20 +02:00
Lennart Poettering
3411372e35 tree-wide: don't assume CLOCK_BOOTIME is generally available
Before we invoke now(CLOCK_BOOTTIME), let's make sure we actually have that
clock, since now() will otherwise hit an assert.

Specifically, let's refuse CLOCK_BOOTTIME early in sd-event if the kernel
doesn't actually support it.

This is a follow-up for #3037, and specifically:

https://github.com/systemd/systemd/pull/3037#issuecomment-210199167
2016-04-22 16:06:20 +02:00
Lennart Poettering
f53d86c929 machine-id-setup: explicitly fsync() the machine ID after writing
As discussed here:

https://github.com/systemd/systemd/issues/2619#issuecomment-184670042

Explicitly syncing /etc/machine-id after writing it, is probably a good idea,
since it has a strong "commit" character and is generally a one-time thing.

Fixes #2619.
2016-04-22 16:06:20 +02:00
Lennart Poettering
20b1644140 shared: move unit-specific code from bus-util.h to bus-unit-util.h
Previously we'd have generally useful sd-bus utilities in bust-util.h,
intermixed with code that is specifically for writing clients for PID 1,
wrapping job and unit handling. Let's split the latter out and move it into
bus-unit-util.c, to make the sources a bit short and easier to grok.
2016-04-22 16:06:20 +02:00
Lennart Poettering
0ff308c8de shared: drop kernel_thread bool from cgroups show code
Make this an output flag instead, so that our function prototypes can lose one
parameter
2016-04-22 16:06:20 +02:00
Lennart Poettering
a0e270198a loginctl,machinectl: also make use of new GetProcesses() bus call
This ports over machinectl and loginctl to also use the new GetProcesses() bus
call to show the process tree of a container or login session. This is similar
to how systemctl already has been ported over in a previous commit.
2016-04-22 16:06:20 +02:00
Lennart Poettering
fa7099927c networkd: consider various IPv6 features as disabled if IPv6 is not available in the kernel 2016-04-22 16:06:20 +02:00
Lennart Poettering
291d565a04 core,systemctl: add bus API to retrieve processes of a unit
This adds a new GetProcesses() bus call to the Unit object which returns an
array consisting of all PIDs, their process names, as well as their full cgroup
paths. This is then used by "systemctl status" to show the per-unit process
tree.

This has the benefit that the client-side no longer needs to access the
cgroupfs directly to show the process tree of a unit. Instead, it now uses this
new API, which means it also works if -H or -M are used correctly, as the
information from the specific host is used, and not the one from the local
system.

Fixes: #2945
2016-04-22 16:06:20 +02:00
Lennart Poettering
2b45d88163 shared: fix minor memory leak in log display code 2016-04-22 16:06:20 +02:00
Torstein Husebø
4f25723c14 treewide: fix typos (#3092) 2016-04-22 14:18:05 +02:00