1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-31 07:51:21 +03:00
Commit Graph

32538 Commits

Author SHA1 Message Date
Giacomo Longo
a2896612a3 hwdb: Fix Chuwi Hi12 orientation sensor (#8266)
hwdb: Fix Chuwi Hi12 orientation sensor
2018-02-23 19:57:13 +01:00
Lennart Poettering
15eac526e0
Merge pull request #8258 from keszybz/log-issues
Fix some logging issues
2018-02-23 19:54:32 +01:00
Zbigniew Jędrzejewski-Szmek
780747da75 basic/log: add an assert that does not recurse into logging functions
Then it can be used in the asserts in logging functions without causing
infinite recursion. The error is just printed to stderr, it should be
good enough for the common case.
2018-02-23 13:29:03 +01:00
Lennart Poettering
6084c4efa8
Merge pull request #8252 from keszybz/set-property-man
set-property man-page adjust-ments
2018-02-23 12:20:38 +01:00
Zbigniew Jędrzejewski-Szmek
73fc96c8ac udev/net-id: check all snprintf return values
gcc-8 throws an error if it knows snprintf might truncate output and the
return value is ignored:
../src/udev/udev-builtin-net_id.c: In function 'dev_pci_slot':
../src/udev/udev-builtin-net_id.c:297:47: error: '%s' directive output may be truncated writing up to 255 bytes into a region of size between 0 and 4095 [-Werror=format-truncation=]
                 snprintf(str, sizeof str, "%s/%s/address", slots, dent->d_name);
                                               ^~
../src/udev/udev-builtin-net_id.c:297:17: note: 'snprintf' output between 10 and 4360 bytes into a destination of size 4096
                 snprintf(str, sizeof str, "%s/%s/address", slots, dent->d_name);
                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors

Let's check all return values. This actually makes the code better, because there's
no point in trying to open a file when the name has been truncated, etc.
2018-02-23 11:15:42 +01:00
Zbigniew Jędrzejewski-Szmek
cc5bbdb274 udev/net-id: use _cleanup_
This fixes a minor memleak of 'address' if the file could not be read.
2018-02-23 11:15:16 +01:00
Zbigniew Jędrzejewski-Szmek
5b464a18e7 systemctl: do not hint logs when a unit cannot be reloaded
The logs don't contain any additional information.
2018-02-23 11:13:42 +01:00
Zbigniew Jędrzejewski-Szmek
f8e6f4aaed basic/log: make sure header is printed correctly, add test
If log_do_header() was called with overly long parameters, it'd generate
improper output. Essentially, it'd be truncated at random point, in particular
missing a newline at the end, so it'd run with the next field, usually MESSAGE=.

log_do_header is called with parameters from compiled code (file name, lien
nubmer, etc), so in practice this was unlikely to ever be a problem, but it is
possible. In particular, if systemd was compiled from sources in some deeply
nested directory (which happens for example in mock and other build roots), the
filename could be very long.

As a safety measure, let's truncate all parameters to 256 bytes. So we have
5 fields which are 256 bytes (plus the field name prefix), and a few other
fields with fixed width. This must always fit in the 2048 byte buffer.
I don't think there's much gain in calculating the required length precisely,
since it's a lot of fields and a few bytes allocated on the stack don't matter.
2018-02-23 11:13:42 +01:00
Zbigniew Jędrzejewski-Szmek
4dd09c6a1f basic/log: fix confusion with parameters to log_dispatch_internal
log_dispatch_internal has only one caller where the extra_field/extra
params are not null: log_unit_full. When log_unit_full() was called,
when we got to log_dispatch_internal, our header would look like this:
PRIORITY=7
SYSLOG_FACILITY=3
CODE_FILE=../src/core/manager.c
CODE_LINE=2145
CODE_FUNC=manager_invoke_sigchld_event
USER_UNIT=gnome-terminal-server.service
65dffa7a3b984a6d9a46f0b8fb57710bUSER_INVOCATION_ID=
SYSLOG_IDENTIFIER=systemd

It took me a while to understand why I'm not seeing mangled messages in the
journal (after all, "" is a valid rvalue for log messages). The answer is that
journald rejects any field name which starts with a digit, and the MESSAGE_ID
that was used here starts with a digit. Hence, those lines would be silently
filtered out.
2018-02-23 11:13:24 +01:00
Daniele Medri
398141b930 po: update Italian translation 2018-02-23 10:49:07 +01:00
Peter Hutterer
774ff9ba69 udev: don't assign INPUT_ID_MOUSE to a touchpad/joystick/touchscreen (#8259)
If a touchpad has MT axes only but not ABS_X/ABS_Y (DualShock 4 controller),
then we hit both the conditions is_touchpad and the later check for
!has_abs_axes here, assigning is_mouse and ID_INPUT_MOUSE later.

This is a bug, we historically only assigned either of of the pointing device
tags ID_INPUT_MOUSE/TOUCHPAD/JOYSTICK/TOUCHSCREEN, never multiple of them.

Note that we cannot just check for has_abs_axes and has_mt_coordinates because
the apple touch mouse has both. We really need to check if the device has
already been assigned something else.

https://bugs.freedesktop.org/show_bug.cgi?id=105050
2018-02-23 09:36:45 +01:00
antizealot1337
6719ca7211 Add missing double quote from log message (#8257) 2018-02-23 00:18:29 +01:00
Zbigniew Jędrzejewski-Szmek
2af42b9a78 journal: drop left-over header line
Fixup for 53978b98f9.
2018-02-23 00:13:52 +01:00
Zbigniew Jędrzejewski-Szmek
a3bf71378e basic/log: make log_object_internalv static
It makes the code easier to read, because it's obvious that the function
cannot be called from elsewhere.
2018-02-23 00:13:52 +01:00
Zbigniew Jędrzejewski-Szmek
4ad2b562ce basic/log: voidify snprintf statements
The buffers are fixed size, so the message may not fit, but we don't
particularly care.
2018-02-23 00:13:52 +01:00
Zbigniew Jędrzejewski-Szmek
f810b631cd Revert "Replace use of snprintf with xsprintf"
This reverts commit a7419dbc59.

_All_ changes in that commit were wrong.

Fixes #8211.
2018-02-23 00:13:52 +01:00
Alan Jenkins
e8a3144ec4 login: fix user@.service case, so we don't allow nested sessions (#8051)
> logind sessions are mostly bound to the audit session concept, and audit
> sessions remain unaffected by "su", in fact they are defined to be
> "sealed off", i.e. in a way that if a process entered a session once, it
> will always stay with it, and so will its children, i.e. the only way to
> get a new session is by forking off something off PID 1 (or something
> similar) that never has been part of a session.

The code had a gap.  user@.service is a special case PAM session which does
not create a logind session.  Let's remember to check for it.

Fixes #8021
2018-02-22 21:38:44 +01:00
Patrick Uiterwijk
5547c12503 Fix format-truncation compile failure by typecasting USB IDs (#8250)
This patch adds safe_atoux16 for parsing an unsigned hexadecimal 16bit int, and
uses that for parsing USB device and vendor IDs.

This fixes a compile error with gcc-8 because while we know that USB IDs are 2 bytes,
the compiler does not know that.

../src/udev/udev-builtin-hwdb.c:80:38: error: '%04X' directive output may be
truncated writing between 4 and 8 bytes into a region of size between 2 and 6
[-Werror=format-truncation=]

Signed-off-by: Adam Williamson <awilliam@redhat.com>
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
2018-02-22 19:41:30 +01:00
Beniamino Galvani
6afe9046d5 libsystemd-network: fix endianness in ARP BPF filter (#8255)
Commit f11cba7479 ("libsystemd-network: fix unaligned loads (issue #7654)")
changed the way in which the MAC address is read to use native endiannes:

 htobe32(*((uint32_t *)x)  ->  unaligned_read_ne32(x)

This is wrong because loads done with BPF_LD + BPF_ABS are big-endian, as it
can be seen for the ethertype and arp-operation loads above in the
filter.  Also, the same commit changed:

 htobe32(*((unsigned int *)x) -> unaligned_read_be32(x)

in _bind_raw_socket(), which is the correct form.

The commit broke IPv4LL in presence of loops, as the sender now considers its
own packets as conflicting.

Fixes: f11cba7479
2018-02-22 18:09:33 +01:00
Zbigniew Jędrzejewski-Szmek
d156d1d2c9
Merge pull request #8251 from Shuangistan/pr_virt_qnx 2018-02-22 17:06:29 +01:00
Shuang Liu
9bfaf6ea1f man: add bhyve description for ConditionVirtualization=
The description in man is missing in #3840.
2018-02-22 15:29:34 +01:00
Shuang Liu
1fdf07f56c virt: detect QNX hypervisor
Detect QNX hypervisor based on the CPUID.

Fixes: #7239
2018-02-22 15:29:34 +01:00
Zbigniew Jędrzejewski-Szmek
135775c156 systemctl: use VARIABLE as the placeholder for a variable name
The man page was already using VARIABLE=VALUE, so no change there.
2018-02-22 14:53:56 +01:00
Zbigniew Jędrzejewski-Szmek
fbf3283bdd systemctl,man: use PROPERTY as the placeholder for a property name 2018-02-22 14:53:56 +01:00
Zbigniew Jędrzejewski-Szmek
da5e955fbd systemctl,man: use UNIT as the placeholder for a unit name
NAME is kind of meaningless, because everything has a name. "Unit"
makes it more obvious that a name of a unit is necessary. I was always
momentarily baffled by "set-property NAME ASSIGNMENT...", where there
are two objects (the unit and the property), and it's not clear which of
the two "NAME" is supposed to signify.
2018-02-22 14:53:56 +01:00
Zbigniew Jędrzejewski-Szmek
2f75b05c24 man: IPAccounting for slices in now allowed
Also split that description into paragraphs by subject.
2018-02-22 14:53:55 +01:00
Zbigniew Jędrzejewski-Szmek
94be6463bd
Merge pull request #8205 from poettering/bpf-multi
bpf/cgroup improvements
2018-02-22 14:52:48 +01:00
Sergey Ptashnick
e584b2cc45 Update Russian translation (#8248)
Used "in"-form here (i.e. "зарегистрировать службу *в* DNS-SD") because
simply "служба DNS-SD" may be confused with resolved itself (at least in
Russian).
2018-02-22 14:25:11 +01:00
Lennart Poettering
6e11e7e67d nologin: extend the /run/nologin descriptions a bit (#8244)
This is an attempt to improve #8228 a bit, by extending the /run/nologin
a bit, but still keeping it somewhat brief.

On purpose I used the vague wording "unprivileged user" rather than
"non-root user" so that pam_nologin can be updated to disable its
behaviour for members of the "wheel" group one day, and our messages
would still make sense.

See #8228.
2018-02-22 14:21:30 +01:00
Lennart Poettering
c5c07649c2
Merge pull request #8243 from poettering/statx-syscall-unfuck
statx() syscall macro fix + reboot() handling improvements
2018-02-22 13:15:41 +01:00
Lennart Poettering
de0e78f703
Merge pull request #8218 from keszybz/zanata
po: add basic fedora.zanata.org configuration
2018-02-22 11:56:24 +01:00
Zbigniew Jędrzejewski-Szmek
30c81ce2ce pid1: when creating service directories, don't chown existing files (#8181)
This partially reverts 3536f49e8f and
3536f49e8f.

When the user is dynamic, and we are setting up state, cache, or logs dirs,
behaviour is unchanged, we always do a recursive chown. This is necessary
because the user number might change between invocations.

But when setting up a directory for non-dynamic user, or a runtime directory
for a dynamic user, do any ownership or mode changes only when the directory
is initially created. Nothing says that the files under those directories have
to be all recursively owned by our user. This restores behaviour before
3536f49e8f, so modifications to the state of
the runtime directory persist between ExecStartPre's and ExecStart's, and even
longer in case the directory is persistent.

I think it _would_ be a nice property if setting a user would automatically
propagate to ownership of any Runtime/Logs/Cache directories. But this is
incompatible with another nice property, namely preserving changes to those
directories made by an admin, and with allowing change of ownership of files
in those directories by the service (e.g. to allow other users to access them).
Of the two, I think the second property is more important. Also, it's backwards
compatible.

https://bugzilla.redhat.com/show_bug.cgi?id=1508495

There is no need to chmod a directory we just created, so move that step
up into a branch. After that, 'effective' is only used once, so get rid of
it too.
2018-02-22 11:30:59 +01:00
Lennart Poettering
1f409a0cbb shutdown: let's not use exit() needlessly
Generally we prefer 'return' from main() over exit() so that automatic
cleanups and such work correct. Let's do that in shutdown.c too, becuase
there's not really any reason not to.

With this we are pretty good in consistently using return from main()
rather than exit() all across the codebase. Yay!
2018-02-22 10:46:26 +01:00
Lennart Poettering
c01dcddf80 reboot-util: unify reboot with parameter in a single implementation
So far, we had two implementations of reboot-with-parameter doing pretty
much the same. Let's unify that in a generic implementation used by
both.

This is particulary nice as it unifies all /run/systemd/reboot-param
handling in a single .c file.
2018-02-22 10:46:26 +01:00
Lennart Poettering
e3631d1c80 basic: split out update_reboot_parameter_and_warn() into its own .c/.h files
This is primarily preparation for a follow-up commit that adds a common
implementation of the other side of the reboot parameter file, i.e. the
code that reads the file and issues reboot() for it.
2018-02-22 10:46:12 +01:00
Lennart Poettering
118cf9523b tree-wide: voidify reboot() invocations
We use (void) in most cases for reboot() already, let's add it to the
others as well.
2018-02-22 10:42:06 +01:00
Lennart Poettering
c52a937b46 basic: add a common syscall wrapper around reboot()
This mimics the raw_clone() call we have in place already and
establishes a new syscall wrapper raw_reboot() that wraps the kernel's
reboot() system call in a bit more low-level fashion that glibc's
reboot() wrapper. The main difference is that the extra "arg" argument
is supported.

Ultimately this just replaces the syscall wrapper implementation we
currently have at three places in our codebase by a single one.

With this change this means that all our syscall() invocations are
neatly separated out in static inline system call wrappers in our header
functions.
2018-02-22 10:42:06 +01:00
Lennart Poettering
d06f3829cd missing: always use __NR_ as prefix for syscall numbers
Apparently, both __NR_ and SYS_ are useful, but we mostly use __NR_
hence use it for these two cases too, so that we settle on __NR_
exclusively.
2018-02-22 10:42:06 +01:00
Lennart Poettering
fd91e3ef49 missing: Fix statx syscall ifdeffery
Fix a copy/paste mistake.

Fixes: #8238
2018-02-22 10:42:06 +01:00
Zbigniew Jędrzejewski-Szmek
a4896a1f14
Merge pull request #8246 from poettering/wait-for-terminate-eproto
some shutdown logging fixes
2018-02-22 08:27:44 +01:00
Lennart Poettering
0b1f3c768c tree-wide: reopen log when we need to log in FORK_CLOSE_ALL_FDS children
In a number of occasions we use FORK_CLOSE_ALL_FDS when forking off a
child, since we don't want to pass fds to the processes spawned (either
because we later want to execve() some other process there, or because
our child might hang around for longer than expected, in which case it
shouldn't keep our fd pinned). This also closes any logging fds, and
thus means logging is turned off in the child. If we want to do proper
logging, explicitly reopen the logs hence in the child at the right
time.

This is particularly crucial in the umount/remount children we fork off
the shutdown binary, as otherwise the children can't log, which is
why #8155 is harder to debug than necessary: the log messages we
generate about failing mount() system calls aren't actually visible on
screen, as they done in the child processes where the log fds are
closed.
2018-02-22 00:35:00 +01:00
Lennart Poettering
e18805fbd0 shutdown: explicitly set a log target in shutdown.c
We used to set this, but this was dropped when shutdown got taught to
get the target passed in from the regular PID 1. Let's readd this to
make things more explanatory, and cover all grounds, since after all the
target passed is in theory an optional part of the protocol between the
regular PID 1 and the shutdown PID 1.
2018-02-22 00:33:12 +01:00
Lennart Poettering
d405394c5c shutdown: always pass errno to logging functions
We have them, let's propagate them.
2018-02-22 00:32:31 +01:00
Lennart Poettering
e38b8a407a log: only open kmsg on fallback if we actually want to use it
Previously, we'd try to open kmsg on failure of the journal/syslog even
if no automatic fallback to kmsg was requested — and we wouldn't even
use the open connection afterwards...
2018-02-22 00:31:36 +01:00
Lennart Poettering
00adeed99f umount: beef up logging when umount/remount child processes fail
Let's extend what we log if umount/remount doesn't work correctly as we
expect.

See #8155
2018-02-21 23:57:21 +01:00
Lennart Poettering
6079afa9b0 user-sessions: let's simplify our code paths a bit
Let's always go through mac_selinux_finish(), by making our
success/failure codepaths more alike.

This also saves a few lines of code. Yay!
2018-02-21 23:44:39 +01:00
Zbigniew Jędrzejewski-Szmek
ad383382c7 hwdb: drop bad definition for Cordless Wave Pro keyboard (#8230)
[I'm just submitting the solution originally suggested by @barzog.
Nevertheless, this looks pretty straightforward, we don't want to define
any keys on a universal receiver.

Note that this definition was added back in
aedc2eddd1, when we didn't yet have
support for figuring out what hardware is connected behind a logitech
receiver.]

In 60-keyboard.hwdb there is a definition of # Cordless Wave Pro
evdev:input:b0003v046DpC52[9B]*

which in fact not a cordless keyboard but an USB receiver to which different
types of keyboard can be connected. The solution is to completely clean
definition evdev:input:b0003v046DpC52B* from there.

I: Bus=0003 Vendor=046d Product=c52b Version=0111
N: Name="Logitech USB Receiver"
P: Phys=usb-0000:00:1d.0-1.8/input1
S: Sysfs=/devices/pci0000:00/0000:00:1d.0/usb4/4-1/4-1.8/4-1.8:1.1/0003:046D:C52B.0005/input/input20
U: Uniq=
H: Handlers=kbd mouse0 event8
B: PROP=0
B: EV=1f
B: KEY=3007f 0 0 83ffff17aff32d bf54444600000000 ffff0001 130f978b17c000 6773fad941dfed 9ed68000004400 10000002
B: REL=1c3
B: ABS=100000000
B: MSC=10

Fixed #8095.
2018-02-22 08:21:28 +10:00
Lennart Poettering
5128346127 bpf: reset "extra" IP accounting counters when turning off IP accounting for a unit
We maintain an "extra" set of IP accounting counters that are used when
we systemd is reloaded to carry over the counters from the previous run.
Let's reset these to zero whenever IP accounting is turned off. If we
don't do this then turning off IP accounting and back on later wouldn't
reset the counters, which is quite surprising and different from how our
CPU time counting works.
2018-02-21 16:43:36 +01:00
Lennart Poettering
aa2b6f1d2b bpf: rework how we keep track and attach cgroup bpf programs
So, the kernel's management of cgroup/BPF programs is a bit misdesigned:
if you attach a BPF program to a cgroup and close the fd for it it will
stay pinned to the cgroup with no chance of ever removing it again (or
otherwise getting ahold of it again), because the fd is used for
selecting which BPF program to detach. The only way to get rid of the
program again is to destroy the cgroup itself.

This is particularly bad for root the cgroup (and in fact any other
cgroup that we cannot realistically remove during runtime, such as
/system.slice, /init.scope or /system.slice/dbus.service) as getting rid
of the program only works by rebooting the system.

To counter this let's closely keep track to which cgroup a BPF program
is attached and let's implicitly detach the BPF program when we are
about to close the BPF fd.

This hence changes the bpf_program_cgroup_attach() function to track
where we attached the program and changes bpf_program_cgroup_detach() to
use this information. Moreover bpf_program_unref() will now implicitly
call bpf_program_cgroup_detach().

In order to simplify things, bpf_program_cgroup_attach() will now
implicitly invoke bpf_program_load_kernel() when necessary, simplifying
the caller's side.

Finally, this adds proper reference counting to BPF programs. This
is useful for working with two BPF programs in parallel: the BPF program
we are preparing for installation and the BPF program we so far
installed, shortening the window when we detach the old one and reattach
the new one.
2018-02-21 16:43:36 +01:00
Lennart Poettering
e0ad39fc52 bpf-program: make bpf_program_load_kernel() idempotent
Let's "seal" off the BPF program as soo as bpf_program_load_kernel() is
called, which allows us to make it idempotent: since the program can't
be modified anymore after being turned into a kernel object it's safe to
shortcut behaviour if called multiple times.
2018-02-21 16:43:36 +01:00