1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-05 13:18:06 +03:00
Commit Graph

78223 Commits

Author SHA1 Message Date
Yu Watanabe
fbee22c237 journalctl: show coredumps again when --unit= is specified
This is a revised version of cbd5f5d7d6,
which is reverted by 560412148f.

The filter condition for _UID= field was added by
fdcd37df3b. However, after
888e378da2, coredumps for system services are
stored by systemd-coredump user. Hence, _UID=0 does not match anything anymore.

When we are reading the system journal, let's set _UID=<systemd-coredump>,
then we can show coredumps for system services again. When we are reading
an external journal, then the uid of systemd-coredump may be different
from the one on the current system, so let's drop the filter condition
for _UID= in that case.
2024-12-09 15:18:55 +01:00
Lennart Poettering
9cbd4f9b61 systemctl: use correct runtime scope 2024-12-09 14:16:37 +00:00
Zbigniew Jędrzejewski-Szmek
423de11f04 boot: exclude the trailing padding from initrd size in initrd_prepare()
This is a follow-up for f8fa4222c9 (boot: Make
initrd_prepare() semantically equivalent to combine_initrds()). That commit
changed the way that the initrd is prepared for type#1 boot loader entries,
also effectively rounding up the sizes to a multiple of 4. In [1], downstream
packagers report that the trailing zeroes result in the calculated hash being
different. To restore compatibility with previous hash calculations and
signatures, change the reported size by excluding the trailing padding. This
should restore the calculation results for the case where only one initrd is
used.

This patch doesn't touch the stub, i.e. doesn't change behaviour for UKIs. The
seems fine, since we didn't change that recently, so any changes there would
break compatiblity. The measurement results for type#1 and type#2 entries are
generally going to be different anyway. ukify and systemd-measure are also out
of scope here, because they are for UKIs.

Fixes https://github.com/systemd/systemd/issues/35439.
The other changes to the way the initrd is constructed are kept, so hopefully
the original issue with booting in qemu is not recreated.

[1] https://bugzilla.suse.com/show_bug.cgi?id=1233752

My simple test: I'm booting a QEMU VM with systemd-boot and a type#1 entry.
With old systemd-boot:
$ sudo systemd-pcrlock log | grep 'kernel-initrd.*event-tag'
  9 █ kernel-initrd  event-tag  - a337a8321bf81de5c53a842843e8f9a926f73a676e5620ff76df94d1c66bc931 F   - Linux: kernel command line
  9 █ kernel-initrd  event-tag  - aec1aee5358bde36f5498f2dc243dec2b103f81242de57b887a11f53677f1272 F   - Linux: initrd
With updated systemd-boot:
$ sudo systemd-pcrlock log | grep 'kernel-initrd.*event-tag'
  9 █ kernel-initrd  event-tag  - a337a8321bf81de5c53a842843e8f9a926f73a676e5620ff76df94d1c66bc931 F   - Linux: kernel command line
  9 █ kernel-initrd  event-tag  - 3ccaa710304aef8734a20265ea7fd3dd67d5461c6b3309c6d30d5c7d2a3ae7f9 F   - Linux: initrd
This matches the initrd hash:
$ sudo sha256sum /efi//26f948d2082e4ae89f5a3af351b63149/6.12.0-rc4+/initrd-dracut
3ccaa710304aef8734a20265ea7fd3dd67d5461c6b3309c6d30d5c7d2a3ae7f9  /efi//26f948d2082e4ae89f5a3af351b63149/6.12.0-rc4+/initrd-dracut
2024-12-09 15:14:03 +01:00
Daan De Meyer
f7f5ba0192
mkosi: various improvements (#35491) 2024-12-08 16:12:21 +01:00
Daan De Meyer
e469add21e mkosi: Set meson --max-lines= to 300 in CI
By default meson only shows the last 100 lines of output for failed
tests. Let's bump this to 300 with the new --max-lines= option I added
so we get more useful output on test failures.
2024-12-08 12:55:43 +01:00
Daan De Meyer
71d19c5b56 mkosi: Use mkosi sandbox in CI with Fedora tools tree
This gives us a newer meson which will allow us to use the new
--max-lines= feature I added in meson 1.5.0.
2024-12-08 12:55:43 +01:00
Daan De Meyer
8f51cf6981 test: Set kernel loglevel to INFO when running tests unattended
This makes sure all kernel log messages are logged to the console.
This should be helpful during shutdown to detect possible issues with
journald when the logs can't be written to the journal itself anymore
but are written to kmsg.
2024-12-08 12:55:43 +01:00
Daan De Meyer
d82a93f3e1 mkosi: Move leak sanitizer supressions file to sanitizers extra tree 2024-12-08 12:55:43 +01:00
Daan De Meyer
ade7d04479 mkosi: Reduce kernel command line size
The kernel command line has a size limit and we've hit it before so
let's move some stuff to configuration files or scripts to reduce the
kernel command line size a bit.
2024-12-08 12:55:43 +01:00
Daan De Meyer
2ebb4c3991 mkosi: Update to latest 2024-12-08 12:55:35 +01:00
Yu Watanabe
261a3d191e test: tentatively disable SELinux tests
Currently, mkosi GitHub action complains the following:
===
Could not find 'setfiles' which is required to relabel files.
===
Let's tentatively disable SELinux test.
2024-12-08 12:59:08 +09:00
Abderrahim Kitouni
912ef24b66 sysupdate: fix typo in DBus config 2024-12-07 11:33:29 +00:00
Ryan Wilson
cf48bde7ae core: Add ProtectHostname=private
This allows an option for systemd exec units to enable UTS namespaces
but not restrict changing hostname via seccomp. Thus, units can change
hostname without affecting the host.

Fixes: #30348
2024-12-06 13:34:04 -08:00
Ryan Wilson
6746f28854 core: Migrate ProtectHostname to use enum vs boolean
Migrating ProtectHostname to enum will set the stage for adding more
properties like ProtectHostname=private in future commits.

In addition, we add PrivateHostnameEx property to dbus API which uses
string instead of boolean.
2024-12-06 13:33:49 -08:00
Daan De Meyer
ead814a0b0 test: Remove old bash test runner
We put a timeline of 257 to remove the old bash test runner so since
we're about to release 257, let's remove the old bash test runner in
favor of the meson + mkosi test runner.
2024-12-06 18:54:10 +00:00
Zbigniew Jędrzejewski-Szmek
560412148f Revert "journalctl: show coredumps again when --unit= is specified"
This reverts commit cbd5f5d7d6.
2024-12-07 02:21:51 +09:00
Yu Watanabe
cbd5f5d7d6 journalctl: show coredumps again when --unit= is specified
This effectively reverts fdcd37df3b.

After 888e378da2, coredumps for system
services are stored by systemd-coredump user. Henve, _UID=0 does not
match anything anymore.

Before:
```
$ build/journalctl -u systemd-networkd.service -p2 -n1
-- No entries --
```

After:
```
$ build/journalctl -u systemd-networkd.service -p2 -n1
Dec 06 05:39:55 H systemd-coredump[4187]: [🡕] Process 4145 (systemd-network) of user 192 dumped core.
(snip)
```
2024-12-06 09:56:09 +00:00
Sergey A
2715cf6d96 po: Translated using Weblate (Russian)
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Sergey A <Ser82-png@yandex.ru>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/ru/
Translation: systemd/main
2024-12-06 18:26:40 +09:00
Luca Boccassi
3e3c5739f0
More assert macros (#35471) 2024-12-06 00:50:07 +00:00
Daan De Meyer
272efe34d4 mkosi: Make sure the /coverage directory exists 2024-12-05 22:03:07 +01:00
Zbigniew Jędrzejewski-Szmek
5c0132a4cd test-parse-util: use ASSERT_* macros 2024-12-05 20:14:15 +01:00
Zbigniew Jędrzejewski-Szmek
ebb89ae6f6 test-condition: use xsprintf and drop pointless cast 2024-12-05 20:14:12 +01:00
Zbigniew Jędrzejewski-Szmek
1526396807 test-condition: use ASSERT_* macros
Some strange asserts are dropped.
2024-12-05 20:14:08 +01:00
Luca Boccassi
3f86ce166d mkosi: install util-linux-script in F42 too 2024-12-05 20:03:37 +01:00
Ryan Wilson
705cc82938 core: Add PrivateUsers=full
Recently, PrivateUsers=identity was added to support mapping the first
65536 UIDs/GIDs from parent to the child namespace and mapping the other
UID/GIDs to the nobody user.

However, there are use cases where users have UIDs/GIDs > 65536 and need
to do a similar identity mapping. Moreover, in some of those cases, users
want a full identity mapping from 0 -> UID_MAX.

Note to differentiate ourselves from the init user namespace, we need to
set up the uid_map/gid_map like:
```
0 0 1
1 1 UINT32_MAX - 1
```

as the init user namedspace uses `0 0 UINT32_MAX` and some applications -
like systemd itself - determine if its a non-init user namespace based on
uid_map/gid_map files. Note systemd will remove this heuristic in
running_in_userns() in version 258 and uses namespace inode. But some users
may be running a container image with older systemd < 258 so we keep this
hack until version 259.

To support this, we add PrivateUsers=full that does identity mapping for
all available UID/GIDs.

Fixes: #35168
2024-12-05 10:34:32 -08:00
Septatrix
5857f31c2c man: clarify wording regarding MONITOR_* envs 2024-12-06 03:01:19 +09:00
Tristan F.-R.
26dd4d3dd7 docs/MEMORY_PRESSURE: fix typo
corrects "focusses" -> "focuses"
2024-12-05 17:32:58 +00:00
Zbigniew Jędrzejewski-Szmek
3cf362f6f5 test-time-util: do more suppression of time zone checks
The issue is directly triggered by tzdata-2024b, where the setting of timezone
started to fail and the tests stopped passing. But those timestamps in 1/1/1970
appear to have some problems already before:

  $ sudo date -s 'Thu 1970-01-01 13:00:01 WET'
  Thu Jan  1 03:00:01 PM EET 1970
  $ sudo date -s 'Thu 1970-01-01 12:00:01 WET'
  date: cannot set date: Invalid argument
  Thu Jan  1 02:00:01 PM EET 1970
  $ rpm -q tzdata
  tzdata-2024a-9.fc41.noarch

The same issue appears with other timezones. So move the first timestamp one
day forward to avoid the issue.

After the previous problem is solved, we also get the problem already seen
previously where the roundtrip returns a time that is off by one hour:

@86401000000 → Fri 1970-01-02 00:00:01 WET → @82801000000 → Thu 1970-01-01 23:00:01 WET
Assertion 'x / USEC_PER_SEC == y / USEC_PER_SEC' failed at src/test/test-time-util.c:415, function test_format_timestamp_impl(). Aborting.

Extend the override to suppress this.
2024-12-05 16:12:12 +00:00
Daan De Meyer
e022e73e3f test: Implement TEST_PREFER_QEMU and use it in one of the mkosi jobs
We want to make sure the integration tests that don't require qemu
can run successfully both in an nspawn container and in a qemu VM.
So let's add one more knob TEST_PREFER_QEMU=1 to run jobs that normally
require nspawn in qemu instead.

Running these tests in qemu is also possible by not running as root but
that's very implicit so we add an explicit knob instead to make it explicit
that we want to run these in qemu instead of nspawn.
2024-12-05 16:43:11 +01:00
Luca Boccassi
82d00f0cc6 mkosi: update opensuse packaging commit due to force push 2024-12-05 15:41:11 +01:00
Zbigniew Jędrzejewski-Szmek
40238aeee2 meson: avoid error message if git is not installed
[1/9] Generating version.h with a custom command
/home/zbyszek/src/systemd/tools/vcs-tag.sh: line 17: git: command not found

If git is not available, do not try to call it.
2024-12-05 12:49:50 +00:00
Daan De Meyer
900ac3a76a
ci: Implement coverage on top of mkosi (#35407) 2024-12-05 10:47:45 +01:00
Zbigniew Jędrzejewski-Szmek
2eb8aeb442 test-cgroup: use ASSERT_* macros
The test for inode_same_at() is tightened to a specific value.
2024-12-05 10:42:15 +01:00
Zbigniew Jędrzejewski-Szmek
c96e272e4f test-bus-util: use ASSERT_* macros 2024-12-05 10:42:15 +01:00
Zbigniew Jędrzejewski-Szmek
274f7c00f5 test-acl-util: use ASSERT_* macros 2024-12-05 10:40:27 +01:00
Daan De Meyer
c45174f05d ci: Implement coverage on top of mkosi 2024-12-05 00:21:57 +01:00
Andreas Schwab
f5083b209c dmi: add RISC-V 64bit support 2024-12-05 03:59:32 +09:00
Zbigniew Jędrzejewski-Szmek
156a77ddbc docs/CONTRIBUTING: adjust grammar, info about tests and labels
Unfortunately our CI fails pretty much constantly, so instead of saying that
"tests don't pass", weasel this into "unit tests don't pass". Also fix grammar.

Labels are adjusted automatically now, so remove that sentence.
2024-12-04 14:21:01 +00:00
Zbigniew Jędrzejewski-Szmek
9b4919011e mkosi: update fedora commit reference
* 433efb38f4 Only apply the new Recommends in fedora
* 8dc31eaf04 Recommend qemu-kvm-core instead of qemu-kvm
* 53cfdea02a Update tmpfiles --destroy-data patch
* 04f0a692da Version 257~rc3
* 243a055429 Make systemd-network-generator co-owned by -udev and -networkd
* 37c10f5b03 Pull in qemu from systemd-container
2024-12-04 14:19:55 +00:00
Luca Boccassi
162760f16c
Use nicer syntax in two places in CI (#35455) 2024-12-04 13:32:28 +00:00
Daan De Meyer
e69d724aff test-execute: Make /coverage writable in DynamicUser= tests
DynamicUser=yes implies ProtectSystem=yes, so let's explicitly make
sure the coverage directory is writable in these tests.
2024-12-04 14:04:24 +01:00
Daan De Meyer
561a3786b7 test-execute: Don't make rootfs read-only if we're collecting coverage
The test needs to be able to write coverage data to the rootfs so don't
make / read-only.
2024-12-04 14:04:24 +01:00
Daan De Meyer
820a9373fc test: Skip TEST-38-FREEZER if coverage is enabled
The test freezes regularly when run with coverage so let's skip it
if coverage is enabled.
2024-12-04 11:12:50 +01:00
Daan De Meyer
eb11048744 creds-util: Improve one log message 2024-12-04 11:12:50 +01:00
Daan De Meyer
157198d9ec test-creds: Migrate to new assertion macros 2024-12-04 11:12:50 +01:00
Luca Boccassi
0a7fda3b45
mkosi: disable Fedora specific drop-in config when running with sanitizers (#35460)
Hopefully fixes #35335.
2024-12-04 10:09:37 +00:00
Zbigniew Jędrzejewski-Szmek
92e43e5c53 TEST-64: use more idiomatic loop syntax 2024-12-04 09:58:52 +01:00
Zbigniew Jędrzejewski-Szmek
f5292d63af mkosi/ci: use a bash array to pass options
This patch initially also changed the configuration, but that'll be done in a
different way, so all that remains is the syntax change.
An array is nicer because the array definition can have inline comments and
doesn't use continuation symbols which are easy to mess up in edits.
2024-12-04 09:57:34 +01:00
Martin Srebotnjak
295a53a1a4 po: Translated using Weblate (Slovenian)
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Martin Srebotnjak <miles@filmsi.net>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/sl/
Translation: systemd/main
2024-12-04 16:32:24 +09:00
Geraldo S. Simião Kutz
8da38567c8 po: Translated using Weblate (Portuguese (Brazil))
Currently translated at 100.0% (257 of 257 strings)

Co-authored-by: Geraldo S. Simião Kutz <geraldo.simiao.kutz@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/main/pt_BR/
Translation: systemd/main
2024-12-04 16:32:24 +09:00