1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
Commit Graph

70924 Commits

Author SHA1 Message Date
cunshunxia
c18c7e2322 Fix OOMPolicy= version in manpage of systemd.scope
OOMPolicy in scope units is separately supported in
version v253, so I think it cannot be directly used
in the manpage with the version from the service.

fix:#30836
2024-02-12 16:49:42 +00:00
Luca Boccassi
27af7c2b4c
Merge pull request #31162 from poettering/tint-tweaks
ptyfwd: some tweaks to terminal handling
2024-02-12 16:47:09 +00:00
Lennart Poettering
a85daa97d9
Merge pull request #31233 from poettering/pcrlock-varlink
pcrlock: add simple Varlink API + some varlinkctl tweaks
2024-02-12 15:48:03 +01:00
Mike Yuan
eef2b1a7b1
core/load-fragment: fix typo (sanety -> sanity)
Follow-up for 435e1098ee
2024-02-12 21:44:50 +08:00
Lennart Poettering
8b68a199c2
Merge pull request #31242 from poettering/socket-uid-account
pid1: make MaxConnectionsPerSource= do something useful on AF_UNIX sockets
2024-02-12 14:07:51 +01:00
Lennart Poettering
39d69836ad missing: change our close_range() syscall wrapper to map glibc's
So glibc exposes a close_range() syscall wrapper now, but they decided
to use "unsigned" as type for the fds. Which is a bit weird, because fds
are universally understood to be "int". The kernel internally uses
"unsigned", both for close() and for close_range(), but weirdly,
userspace didn't fix that for close_range() unlike what they did for
close()... Weird.

But anyway, let's follow suit, and make our wrapper match glibc's.

Fixes #31270
2024-02-12 14:07:19 +01:00
Michal Koutný
5734d5d04c service: Demote log level of NotifyAccess= messages to debug
The situation is a service like

        Type=notify
        NotifyAccess=main

and the service uses some of the systemd helper utilities, e.g.
coredumpctl. The service process will pass NOTIFY_SOCKET to the helper
child (accidentally) and the result is a spurious notification and
the warning message:

> Jan 18 09:38:01 host systemd[1]: sdnotify.service: Got notification message from PID 13736, but reception only permitted for main PID 13549

Notification from helpers seem like an unintentional composition of the
commit c118b577fa ("coredumpctl: define main through macro") and commit
6b636c2d27 ("main-func: send main exit code to parent via sd_notify() on
exit"). The former used the handy macro for a main function, the latter
equipped any main function with the notification. (Further extended in
the commit 623a00020f ("notify: Add EXIT_STATUS field").)

Since notification from systemd utitilities are meant to extend
rudimentary exit()/wait() pair generally, they may happen to land into
service's NOTIFY_SOCKET. Tone down messages of notification that won't
match NotifyAccess=.
2024-02-12 12:20:39 +01:00
Lennart Poettering
a66ab6d801
Merge pull request #31076 from CodethinkLabs/vmspawn/directory_image_support
[vmspawn] directory type image support
2024-02-12 12:20:16 +01:00
Mike Yuan
d7ececa107
Merge pull request #31028 from yuwata/journalctl-raise
journalctl: call all cleanup functions before raise()
2024-02-12 19:16:15 +08:00
Mike Yuan
4d0b06d535
Merge pull request #31181 from fbuihuu/gpt-auto-more-defensive
gpt-auto-generator: be more defensive when checking the presence of E…
2024-02-12 19:12:17 +08:00
Lennart Poettering
e0abffe600 update TODO 2024-02-12 12:04:18 +01:00
Lennart Poettering
d02018afdb test: add brief test for prclock varlink interfaces and varlinkctl --collect 2024-02-12 12:04:18 +01:00
Lennart Poettering
24835e9933 varlinkctl: if "call" verb is used, imply "-j"
For the other verbs turning off JSON mode makes sense, but for "call"
not so much, after all the contents of a method call reply is JSON we
couldn't really show any other way.

Hence, when JSON output was not configured otherwise in "call", default
to the same as -j.
2024-02-12 12:04:18 +01:00
Lennart Poettering
7781d28fd7 varlinkctl: add new --collect switch
It exposes the varlink_collect() call we internally provide: it collects
all responses of a method call that is issued with the "more" method
call flag. It then returns the result as a single JSON array.
2024-02-12 12:04:18 +01:00
Lennart Poettering
9bca989183 varlink: rework varlink_collect()
This reworks varlink_collect() so that it is not just a wrapper around
varlink_observe(), varlink_bind_reply() and others. It becomes a first
class operation.

This has various benefits:

1. Memory management is normalized: the reply json variant is now
   tracked as part of the varlink object, and thus we do not pass
   ownership to the caller. This is just like we do it for simple method
   calls and removes a lot of confusion.
2. The bind reply/user data pointer can be used for user stuff, we'll
   not silently override this.
3. We enforce an overall time-out operation on the whole thing, so that
   this synchronous operation does no longer block forever.
2024-02-12 12:04:18 +01:00
Lennart Poettering
72226a2f95 varlink: properly return reply flags to callers
We so far have a reply flags return parameter on varlink_call_full(),
but we return 0 always. Let's fix that, and return the actual flags we
see.
2024-02-12 12:04:18 +01:00
Lennart Poettering
0430a11eb4 varlink: enforce a maximum size limit on replies collected via varlink_collect()
We should not allow servers to blow up client's memory without bounds,
hence set a (high) limit on replies we'll collect before failing.
2024-02-12 12:04:18 +01:00
Lennart Poettering
15138e7980 pcrlock: add basic Varlink interface
This can be used to make or delete a PCR policy via Varlink. It can also
be used to query the current event log in CEL format.
2024-02-12 12:04:18 +01:00
Lennart Poettering
9fe15ce84d pcrlock: split out generation of CEL objects into helper func
This way, we can reuse it later to generate Varlink replies

No change in behaviour, just some trivial split out.
2024-02-12 12:04:18 +01:00
Lennart Poettering
8279484a41 pcrlock: use log_setup() 2024-02-12 12:02:27 +01:00
Lennart Poettering
3456c89ac2 test: add a simple test for MaxConnectionsPerSocket= 2024-02-12 11:57:31 +01:00
Lennart Poettering
5d1e8cd3e0 units: enable MaxConnectionsPerSocket= for all our Accept=yes units
Let's make sure that user's cannot DoS services for other users so
easily, and enable MaxConnectionsPerSocket= by default for all of them.

Note that this is mostly paranoia for systemd-pcrextend.socket and
systemd-sysext.socket: the socket is only accessible to root anyway,
hence the accounting shouldn#t change anything. But this is just a
safety net, in preparation that we open up some functionality of these
services sooner or later.
2024-02-12 11:57:24 +01:00
Lennart Poettering
48930a5ded pid1: make MaxConnectionsPerSource= also work for AF_UNIX sockets
The setting currently puts limits on connections per IP address and
AF_UNIX CID. Let's extend it to cover AF_UNIX too, where it puts a limit
on connections per UID.

This is particularly useful for the various Accept=yes Varlink services
we now have, as it means, the number of per-user instance services
cannot grow without bounds.
2024-02-12 11:57:16 +01:00
Yu Watanabe
f43330eace
Merge pull request #30209 from yuwata/sd-journal-reduce-fstat
sd-journal: potentially reduce number of fstat call
2024-02-12 19:38:24 +09:00
Sam Leonard
a8f940c4b5
vmspawn: add support for --bind(-ro)= 2024-02-12 09:46:02 +00:00
Sam Leonard
7fe9c9909d
vmspawn: document --directory and --private-users 2024-02-12 09:46:01 +00:00
Sam Leonard
c05ca33af3
vmspawn: add support for --private-users 2024-02-12 09:46:01 +00:00
Sam Leonard
d4a58877e4
nspawn: use parse_userns_uid_range 2024-02-12 09:46:01 +00:00
Sam Leonard
acdef55ef7
basic/namespace-util: add parse_userns_uid_range 2024-02-12 09:46:00 +00:00
Sam Leonard
5c57a86506
vmspawn: add support for -D/--directory 2024-02-12 09:46:00 +00:00
Eric Daigle
321a8c595e firstboot: validate keymap entry
As described in #30940, systemd-firstboot currently does not perform
any validation on keymap entry, allowing nonexistent keymaps to be
written to /etc/vconsole.conf. This commit adds validation checks
based on those already performed on locale entry, preventing invalid
keymaps from being set.

Closes #30940

m
2024-02-12 10:23:38 +01:00
Frantisek Sumsal
3588c510d3
Merge pull request #31149 from YHNdnzj/restart-force-oneshot
core/service: allow RestartForceExitStatus= for oneshot service
2024-02-12 10:20:09 +01:00
Franck Bui
76c883d34d NEWS: gpt-auto-generator will become more defensive with ESP and XBOOTLDR 2024-02-12 09:31:18 +01:00
Franck Bui
8a1326581d gpt-auto-generator: be more defensive when checking the presence of ESP in fstab
Looking for the ESP node is useful to shortcut things but if we're told that
the node is not referenced in fstab that doesn't necessarily mean that ESP is
not mounted via fstab. Indeed the check is not reliable in all cases. Firstly
because it assumes that udev already set the symlinks up. This is not the case
for initrd-less boots. Secondly the devname of the ESP partition can be wrongly
constructed by the dissect code. For example, the approach which consists in
appending "p<partnum>" suffix to construct the partition devname from the disk
devname doesn't work for DM devices.

Hence this patch makes the logic more defensive and do not mount neither ESP
nor XBOOTLDR automatically if any path in paths that starts with /efi or /boot
exists.
2024-02-12 09:30:35 +01:00
Yu Watanabe
ac5c938006
Merge pull request #30138 from yuwata/udev-processing-flag
udev: introduce ID_PROCESSING flag
2024-02-12 11:38:57 +09:00
Yu Watanabe
78643f26a2 test: show error messages to stderr
Otherwise, 'meson test' hides the messages on failure.
2024-02-11 20:55:47 +01:00
Yu Watanabe
1651c914df repart: fix typo
Follow-up for 1a0541d44c.
2024-02-12 02:52:37 +09:00
Yu Watanabe
63d2c7554e logs-show: get timestamp and boot ID only when necessary
Previously, get_display_timestamp() is unconditionally called even if we
will show logs in e.g. json format.
This drops unnecessary call of get_display_timestamp().

This also makes journal fields in each entry parsed only once in
output_short(). Still output_verbose() twice though.

This should improve performance of dumping journals.

Replaces #29365.

Co-authored-by: Costa Tsaousis <costa@netdata.cloud>
2024-02-12 02:42:36 +09:00
Yu Watanabe
cb2b0326ee sd-journal: drop to use Hashmap to manage journal files per boot ID
As reported at https://github.com/systemd/systemd/pull/30209#issuecomment-1831344431,
using hashmap in frequently called function reduces performance.
Let's replace it with a single array and bsearch.

Replaces #29366.

Co-authored-by: Costa Tsaousis <costa@netdata.cloud>
2024-02-12 02:42:36 +09:00
Yu Watanabe
f7f062bf9f tree-wide: set SD_JOURNAL_ASSUME_IMMUTABLE where appropriate
Co-authored-by: Costa Tsaousis <costa@netdata.cloud>
2024-02-12 02:42:36 +09:00
Yu Watanabe
bd1af1d5fb sd-journal: introduce SD_JOURNAL_ASSUME_IMMUTABLE flag
The flag can be used when it is not necessary to follow journal file
update.

Co-authored-by: Costa Tsaousis <costa@netdata.cloud>
2024-02-12 02:41:28 +09:00
Yu Watanabe
64347b9723 journalctl: call all cleanup functions before raise()
Note, even with this, memory allocated internally by glibc is not freed.
But, at least, memory explicitly allocated by us is freed cleanly even
Ctrl-C is pressed during 'journalctl --follow'.

Closes #30995.
2024-02-12 02:36:20 +09:00
Yu Watanabe
51fb0d30c7 main-func: make _DEFINE_MAIN_FUNC() take short function
No functional change, just refactoring.
2024-02-12 02:18:18 +09:00
Yu Watanabe
51b2bcf835 sd-journal: make journal_file_read_tail_timestamp() notify to the caller that some new journal entries added
Tiny optimization for journal_file_find_newest_for_boot_id().
2024-02-12 01:27:50 +09:00
Yu Watanabe
99e6f682d3 sd-journal: cache last entry offset and journal file state
When the offset of the last entry object (or last object for journal
files generated by an old journald) is not changed, the timestamps
should be updated by journal_file_read_tail_timestamp() are unchanged.
So, we can drop to call fstat() in the function.

As, the journal header is always mapped, so we can read the offset and
journal file state without calling fstat.
Still, when the last entry offset is changed, we may need to call fstat()
to read the entry object. But, hopefully the number of fstat() call
can be reduced.
2024-02-12 01:23:16 +09:00
Yu Watanabe
a89fd4a046 Revert "test: temporarily disable test_sysctl"
This reverts commit 8ed7800d7b.
2024-02-12 01:14:55 +09:00
Yu Watanabe
13176bfedc network: do not enter initialized state when the interface is being processed by udevd
Fixes #30056.
2024-02-12 01:14:55 +09:00
Yu Watanabe
f30a47c45e udev-util: introduce device_is_processing() helper function 2024-02-12 01:14:48 +09:00
Yu Watanabe
1e7c8fe494 udev-util: use device_get_property_bool() at one more place 2024-02-12 01:13:50 +09:00
Yu Watanabe
f6bda694f9 udev: introduce ID_PROCESSING=1 boolean property
This indicates that the device is being processed by udevd.
2024-02-12 01:09:21 +09:00