1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-02 02:21:44 +03:00
Commit Graph

47282 Commits

Author SHA1 Message Date
Samanta Navarro
5e2b0e1cfa man: fix typos 2020-10-03 11:56:50 +00:00
Samanta Navarro
7b121df640 seccomp-util: fix typo in help message 2020-10-03 11:56:40 +00:00
Lennart Poettering
278c13431b github: ask for arch+kernel in bug report form
Quite often we see kernel and arch specific issues, let's ask for the
version right-away when people file the issue.

Other tweaks.
2020-10-02 12:38:28 +02:00
Lennart Poettering
3462d773d2 nspawn: don't chown() stdin/stdout passed in when --console=pipe is used
We should chown what we allocate ourselves, i.e. any pty we allocate
ourselves. But for stuff we propagate, let's avoid that: we shouldn't
make more changes than necessary.

Fixes: #17229
2020-10-02 12:05:08 +02:00
Lennart Poettering
781fa474d8 ptyfwd: reopen stdin/sdout before setting O_NONBLOCK
If we set O_NONBLOCK on stdin/stdout directly this means the flag is
left set when we abort abnormally, as we don't get the chance to reset
it again on exit. This might confuse progrms invoking us. Moreover, if
programs invoking us continue to write to the stdout passed to us, they
might be confused by non-blocking mode too.

Hence, let's avoid this if possible: let's reopen stdin/stdout and set
O_NONBLOCK only on the reopend fds, leaving the original fds as they
are.

Prompted-by: https://github.com/systemd/systemd/pull/17070#issuecomment-702304802
2020-10-02 12:04:20 +02:00
Lennart Poettering
c14ebe07a9
Merge pull request #17172 from keszybz/read-login-defs
Read /etc/login.defs
2020-10-02 11:01:30 +02:00
Zbigniew Jędrzejewski-Szmek
a53d1b17e3
Merge pull request #17219 from poettering/exec-root-dir
minor tweaks to execute.[ch]
2020-10-01 20:01:46 +02:00
Zbigniew Jędrzejewski-Szmek
4b6f9b202e sysusers: emit warnings about login.defs overrides on first user or group creation
*** Running /home/zbyszek/src/systemd-work/test/test-sysusers/test-14.input (with login.defs symlinked)
login.defs specifies UID allocation range 401–555 that is different than the built-in defaults (201–998)
login.defs specifies GID allocation range 405–666 that is different than the built-in defaults (201–990)
2020-10-01 19:53:45 +02:00
Zbigniew Jędrzejewski-Szmek
a3709e3709 tests: when creating temp dirs, include test name in path
This makes it easier to figure out which directory we want to look at
when tests fail, and also which test left behind a directory when it
shouldn't.
2020-10-01 19:53:45 +02:00
Zbigniew Jędrzejewski-Szmek
aa25270cb2 sysusers: look at login.defs when setting the default range to allocate users
Also, even if login.defs are not present, don't start allocating at 1, but at
SYSTEM_UID_MIN.

Fixes #9769.

The test is adjusted. Actually, it was busted before, because sysusers would
never use SYSTEM_GID_MIN, so if SYSTEM_GID_MIN was different than
SYSTEM_UID_MIN, the tests would fail. On all "normal" systems the two are
equal, so we didn't notice. Since sysusers now always uses the minimum of the
two, we only need to substitute one value.
2020-10-01 19:53:45 +02:00
Zbigniew Jędrzejewski-Szmek
044df624aa test-sysusers: fix how paths are calculated
We were looking at ${f%.*}, i.e. the $f with any suffix starting with a dot removed.
This worked fine for paths like /some/path/test-11.input. It also worked
for paths like /some/path/inline (there were no dots, so we got $f back unscathed).
But in the ubuntu CI the package is built in a temporary directory like
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.UfW/ (yes, it has a dot, even two.).
That still worked for the first case, but in the second case we truncated things
after the first dot, and we would try to get
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build and try to load
/tmp/autopkgtest-lxc.nnnfqb26/downtmp/build.expected-password, which obviously
didn't work as expected. To avoid this issue, do the suffix removal only when
we know that there really is a suffix.

A second minor issue was that we would try to copy $1.expected-*, and sometimes
$1 would be given, and sometimes not. Effectively we were relying on there
not being any files matching .expected-*. There weren't any such files, but let's
avoid this ugliness and always pass $1.
2020-10-01 17:52:51 +02:00
Zbigniew Jędrzejewski-Szmek
69a7c5fb1f test-sysusers: sort examples
This shouldn't affect the outcome, but makes outputs easier to compare.
2020-10-01 17:52:51 +02:00
Zbigniew Jędrzejewski-Szmek
bd7e6aa73a test/TEST-21-SYSUSERS: turn into a unit test
All this test does is manipulate text files in a subdir specified with --testroot.
It can be a normal unittest without the overhead of creating a machine image.

As a bonus, also test the .standalone version.
2020-10-01 17:52:51 +02:00
Zbigniew Jędrzejewski-Szmek
d338bfff4a basic/fileio: add chase_symlinks_and_fopen_unlocked() 2020-10-01 17:52:50 +02:00
Zbigniew Jędrzejewski-Szmek
196b596867 shared/uid-range: reduce scope of iterator variables 2020-10-01 17:52:50 +02:00
Zbigniew Jędrzejewski-Szmek
fc1a5d1a70 Also parse the minimum uid/gid values
We don't (and shouldn't I think) look at them when determining the type of the
user, but they should be used during user/group allocation. (For example, an
admin may specify SYS_UID_MIN==200 to allow statically numbered users that are
shared with other systems in the range 1–199.)
2020-10-01 17:52:41 +02:00
Zbigniew Jędrzejewski-Szmek
53393c894d Look at /etc/login.defs for the system_max_[ug]id values
It makes little sense to make the boundary between systemd and user guids
configurable. Nevertheless, a completely fixed compile-time define is not
enough in two scenarios:
- the systemd_uid_max boundary has moved over time. The default used to be
  500 for a long time. Systems which are upgraded over time might have users
  in the wrong range, but changing existing systems is complicated and
  expensive (offline disks, backups, remote systems, read-only media, etc.)
- systems are used in a heterogenous enviornment, where some vendors pick
  one value and others another.
So let's make this boundary overridable using /etc/login.defs.

Fixes #3855, #10184.
2020-10-01 17:49:31 +02:00
Lennart Poettering
14eb3285ab execute: use empty_to_root() a bit more 2020-10-01 11:02:11 +02:00
Lennart Poettering
74e1252072 execute: add helper for checking if root_directory/root_image are set in ExecContext 2020-10-01 11:02:11 +02:00
Lennart Poettering
36296ae2ad
Merge pull request #17152 from keszybz/make-mountapivfs-default
Make MountAPIVFS=yes default
2020-10-01 11:00:02 +02:00
Franck Bui
8ce3de991b
Merge pull request #17214 from poettering/log-generator-fix
fix logging in generators
2020-10-01 10:51:19 +02:00
Lennart Poettering
fabf877705
Merge pull request #17154 from keszybz/crypttab-commas
Allow escaping commas in crypttab
2020-10-01 10:26:24 +02:00
Lennart Poettering
9230f5774a
Merge pull request #17213 from keszybz/man-cleanups
Fix links in man pages
2020-10-01 10:24:44 +02:00
Lennart Poettering
7ea3024b50 bootspec: don't fail with EIO if searching for ESP and finding one without an enveloping partition table
If this happens this should just mean: we couldn't find the ESP.

Fixes: #17122
2020-10-01 10:21:02 +02:00
Lennart Poettering
dee29aeb59 generator: use kmsg in system-level generators, journal otherwise
Fixes: #17129.
2020-09-30 16:28:34 +02:00
Lennart Poettering
ef9bddb799 log: normalize log target condition check
THis doesn't change the condition's logic at all, but is an attempt to
make things a bit more readable: instead of checking log_target !=
LOG_TARGET_AUTO let's actually list the targets where we want to
consider journal/syslog/kmsg, to make things a bit less confusing. After
all the message here is not to avoid them if LOG_TARGET_AUTO is set, but
to definitely do them in the other cases.
2020-09-30 16:17:12 +02:00
Lennart Poettering
27ffec0831 log: update comment
The logic was changed in bc694c06e6, let's
update the comment accordingly.
2020-09-30 16:06:55 +02:00
Jan Schlüter
644af26285 Add Aiptek Hyperpen 6000U to hwdb 2020-09-30 15:02:31 +02:00
Lennart Poettering
533ee38b56 man: mention that sd_bus_send() buffers locally, and sd_bus_process() is needed to flush it out
Prompted-by: #17128
2020-09-30 15:01:17 +02:00
Zbigniew Jędrzejewski-Szmek
21556381ff man: correct various links
As usual, linkchecker ftw!
2020-09-30 14:57:21 +02:00
Zbigniew Jędrzejewski-Szmek
a9d99f6e3d man: update rules
Fixup for 278fdd064d.
2020-09-30 14:52:48 +02:00
Zbigniew Jędrzejewski-Szmek
550f3ba68d man/html: fix invocation for pages which are *not* symlinks
It seems I tested that redirects work, but I forgot to check that non-redirects
are still fine too ;(
2020-09-30 14:43:12 +02:00
Lennart Poettering
d1f6e01e47 homed: explicitly deactivate all home directories on shutdown
Let's explicitly deactivate all home dirs on shutdown, in order to
properly synchronizing unmounting and avoiding blocking devices.

Previously, we'd rely on automatic deactivation when home directories
become unused. However, that scheme is asynchronous, and ongoing
deactviations might conflicts with attempts to unmount /home. Let's fix
that by providing an explicit service systemd-homed-activate.service
whose only job is to have a ExecStop= line that explicitly deactivates
all home directories on shutdown. This service can the be ordered after
home.mount and similar, ensuring that we'll first deactivate all homes
before deactivating /home itself during shutdown.

This is kept separate from systemd-homed.service so that it is possible
to restart systemd-homed.service without deactivating all home
directories.

Fixes: #16842
2020-09-30 14:37:52 +02:00
Lennart Poettering
626fb9f301
Merge pull request #17203 from poettering/resolv-conf-mode
expose resolv.conf mode bus property
2020-09-30 14:37:24 +02:00
Lennart Poettering
54565e509d
Merge pull request #17195 from keszybz/man-cleanups
Man page cleanups
2020-09-30 14:16:05 +02:00
Lennart Poettering
24d86fdb2f
Merge pull request #17087 from yuwata/man-initial-congestion-window
man: update InitialCongestionWindow= and InitialAdvertisedReceiveWindow=
2020-09-30 10:55:18 +02:00
Lennart Poettering
b3ffa2b5f3 resolved: turn off that a search domain is derived from the host's fqdn
If the hostname of a system is set to an fqdn, glibc traditionally
derives a search domain from it if none is explicitly configured.

This is a bit weird, and we currently don't do that in our own search
path logic.

Following #17193 let's turn this behaviour off for now.

Yes, this has a slight chance of pissing people off who think this
behaviour is good. If this is indeed an issue, we can revisit the issue
but in that case if we readd the concept we should do it properly:
derive the search domain from the fqdn in our codebase too and report it
in resolvectl, and in our generated stub files. But I have the suspicion
most people who set the hostname to an fqdn aren#t even aware of this
behaviour nor want it, so let's wait until people complain.

Fixes: #17193
2020-09-30 10:37:59 +02:00
Zbigniew Jędrzejewski-Szmek
885a4e6ca7 man: assorted small fixes
This is almost all of #17177.
2020-09-30 10:31:21 +02:00
Zbigniew Jędrzejewski-Szmek
0558f3035f man/systemd.network(5): unify descriptions of MUDURL=
Let's write one good description and refer to it from the other two
spots.
2020-09-30 10:30:03 +02:00
Zbigniew Jędrzejewski-Szmek
9e7600cfd7 man: in systemd-nspawn(1), refer to systemd.exec(5) for the shared stuff
We should avoid duplicating lengthy description of very similar concepts.
--root-hash-sig follows the same semantics as RootHashSig=, so just refer
the reader to the other man page. --root-hash doesn't implement the same
features as RootHash=, so we can't fully replace the description, but let's
give the user a hint to look at the other man page too.

For #17177.
2020-09-30 10:30:03 +02:00
Zbigniew Jędrzejewski-Szmek
0b4d17c9a5 man: link to fork(2) more prominently
For #17177.
2020-09-30 10:30:03 +02:00
Zbigniew Jędrzejewski-Szmek
211c99c761 man: do not index various /foobar/ paths
For #17177.
2020-09-30 10:30:03 +02:00
Zbigniew Jędrzejewski-Szmek
ab1a8ff57d man: refer to the right man page for Environment=
For #17177.
2020-09-30 10:30:03 +02:00
Zbigniew Jędrzejewski-Szmek
32520ff3de man: reword description of "-" in sysctl.d(5)
For #17177.
2020-09-30 10:30:03 +02:00
Zbigniew Jędrzejewski-Szmek
7fd897c51c man: explain why TZ=: is used
Also, reword the description a bit. "As a string" is meaningless in the context
of commandline arguments, where evyrything is a string. This is not a
strongly-typed programming language where 5 is a number but "5" is something
completely different. Here both 5 and "5" are indistinguishable. The original
text was trying to say that a location name should be given and not a number,
so say "time zone location name".

For #17177.
2020-09-30 10:30:03 +02:00
Zbigniew Jędrzejewski-Szmek
fa26ff47f7 man: adjustments in file-hierarchy(7)
In table titles, capitalize only the first word (they are rather long and
it is easier to read when it looks like a normal sentence).

Adjust some phrases to make them clearer when reported as unclear in #17177.
2020-09-30 10:30:03 +02:00
Zbigniew Jędrzejewski-Szmek
21006e0e3e man,units: link to the new dbus-api man pages 2020-09-30 10:30:03 +02:00
Zbigniew Jędrzejewski-Szmek
5ced292d10
Merge pull request #17199 from poettering/log-tid
include thread ID in log output
2020-09-30 10:28:51 +02:00
Lennart Poettering
147a5046aa resolvectl: show resolv.conf mode in resolvectl output 2020-09-30 10:27:51 +02:00
Lennart Poettering
4261ab654c resolved: expose a new bus property that informs about the /etc/resolv.conf mode
It can be one of "foreign", "missing", "stub", "static", "uplink",
depending on how /etc/resolv.conf is set up:

foreign → someone/something else manages /etc/resolv.conf,
    systemd-resolved is just the consumer

missing → /etc/resolv.conf is missing altogether

stub/static/uplink → the file is managed by resolved, with the
    well-known modes

Fixes: #17159
2020-09-30 10:27:50 +02:00