1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-01 09:21:26 +03:00
Commit Graph

37960 Commits

Author SHA1 Message Date
Yu Watanabe
e1f717d4a0 network: wireguard: rename and split set_wireguard_interface()
This does not change the behavior except for fixing the issue #11404.

Fixes #11404.
2019-01-14 10:08:40 +09:00
Yu Watanabe
33c2ea8019 netlink: set maximum size of WGDEVICE_A_IFNAME 2019-01-14 09:47:31 +09:00
Yu Watanabe
227bcd91b4 man: fix reference
Fixes #11396.
2019-01-13 11:12:20 +01:00
Zbigniew Jędrzejewski-Szmek
0d432661fa
Merge pull request #11409 from yuwata/udev-synthetic-errno
udev: update logs
2019-01-13 11:11:22 +01:00
Yu Watanabe
8d6c4b310d udev: use ENODATA when 'No entry found from hwdb'
Before:
IMPORT builtin 'hwdb' fails: No such file or directory

After:
IMPORT builtin 'hwdb' fails: No data available

Previous log is confusing and may be understood as hwdb file not exist.
2019-01-13 18:04:10 +09:00
Yu Watanabe
a119328608 udev: use SYNTHETIC_ERRNO() macro in log_device_*_errno() 2019-01-13 17:50:47 +09:00
Evgeny Vereshchagin
9bbcfac1cf
Merge pull request #11393 from mrc0mmand/fix-service-masking-in-TEST-01-BASIC
test: drop service masking in TEST-01-BASIC
2019-01-13 04:45:48 +03:00
Yu Watanabe
40f116f53d README: mention that meson-0.49 is required to build PIEs
Follow-up for 4e4bbc439e.
2019-01-13 09:47:10 +09:00
Yu Watanabe
bd36ef0a7c NEWS: add more entries 2019-01-13 09:47:10 +09:00
Zbigniew Jędrzejewski-Szmek
455027c98f NEWS: document deprecation of PermissionsStartOnly= in v240
https://github.com/systemd/systemd/pull/10802#issuecomment-453772058
2019-01-13 09:47:10 +09:00
Zbigniew Jędrzejewski-Szmek
b4ff3dbb66 NEWS: update for v241 2019-01-13 09:47:10 +09:00
Topi Miettinen
7ae3561a5a Delete duplicate lines
Found by inspecting results of running this small program:

int main(int argc, const char **argv) {
	for (int i = 1; i < argc; i++) {
		FILE *f;
		char line[1024], prev[1024], *r;
		int lineno;

		prev[0] = '\0';
		lineno = 1;
		f = fopen(argv[i], "r");
		if (!f)
			exit(1);
		do {
			r = fgets(line, sizeof(line), f);
			if (!r)
				break;
			if (strcmp(line, prev) == 0)
				printf("%s:%d: error: dup %s", argv[i], lineno, line);
			lineno++;
			strcpy(prev, line);
		} while (!feof(f));
		fclose(f);
	}
}
2019-01-12 16:02:26 +01:00
Zbigniew Jędrzejewski-Szmek
899072c0cd
Merge pull request #11196 from yuwata/udevd-tiny-cleanups
udev: tiny cleanups
2019-01-12 16:00:52 +01:00
Frantisek Sumsal
d7283fc157 test: limit environments for systemd-hwdb-update under ASan 2019-01-12 11:44:39 +01:00
Frantisek Sumsal
5b2172ee50 test: bump QEMU_SMP to 4 when running under ASan/UBSan 2019-01-12 11:38:21 +01:00
Frantisek Sumsal
670bec2b07 test: bump QEMU memory to 1536M when running under ASan/UBSan 2019-01-12 11:38:21 +01:00
Yu Watanabe
e0b7a5d151 udevd: refuse devices which do not have ACTION property 2019-01-12 09:32:20 +09:00
Yu Watanabe
33ad742a84 udevd: drop unnecessary brackets 2019-01-12 09:32:20 +09:00
Yu Watanabe
c0ff3d6cbc udevd: make worker also log ACTION property 2019-01-12 09:32:20 +09:00
Yu Watanabe
25d4f5b071 udevd: reject devices which do not have SEQNUM 2019-01-12 09:32:20 +09:00
Yu Watanabe
956833b417 udevd: provide worker_hash_ops and drop manager_workers_free() 2019-01-12 09:32:20 +09:00
Yu Watanabe
d40534643b udevd: use structured initializer at one more place 2019-01-12 09:32:20 +09:00
Yu Watanabe
1f3f6bd007 udevd: use worker_free() on failure in worker_new()
Otherwise, worker_monitor may not unrefed correctly.
2019-01-12 09:32:20 +09:00
Yu Watanabe
ee0b9e721a sd-device-monitor: fix ordering of setting buffer size
By b1c097af8d (#10239), the receive buffer
size for uevents was set by SO_RCVBUF at first, and fallback to
use SO_RCVBUFFORCE. So, as SO_RCVBUF limits to the buffer size
net.core.rmem_max, which is usually much smaller than 128MB udevd requests,
uevents buffer size was not sufficient.

This fixes the ordering of the request: SO_RCVBUFFORCE first, and
fallback to SO_RCVBUF. Then, udevd's uevent buffer size can be set to
128MB.

This also revert 903893237a.

Fixes #11314 and #10754.
2019-01-11 21:52:23 +01:00
Yu Watanabe
28daa1d10d
Merge pull request #11400 from ffontaine/master
Fix build with older kernels
2019-01-12 05:51:37 +09:00
Fabrice Fontaine
5269db454f lockfile-util.c: fix build without F_OFD_SETLK
systemd fails to build on kernel without F_OFD_SETLK since
9714c020fc

So put include missing_fcntl.h

Fixes:
 - http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2019-01-11 17:37:36 +01:00
Fabrice Fontaine
e2d94d0c16 missing_syscall.h: include errno.h
This include is needed for errno and ENOSYS

Fixes:
 - http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2019-01-11 17:37:36 +01:00
Fabrice Fontaine
6a9eb11b8a missing_if_link.h: add IFLA_BOND_MODE
systemd fails to build on kernel without IFLA_BOND_MODE (< 3.13) since
9714c020fc

So put back IFLA_BOND_MODE definition

Fixes:
 - http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2019-01-11 17:37:36 +01:00
Fabrice Fontaine
3ee57870d6 basic/tmpfile-util.c: fix build without O_TMPFILE
systemd fails to build on kernel without O_TMPFILE (< 3.11) since
dea72eda9c

To fix this error, include missing_fcntl.h

Fixes:
 - http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2019-01-11 17:37:36 +01:00
Fabrice Fontaine
a22692d718 capability: fix build without PR_CAP_AMBIENT
systemd fails to build on kernel without PR_CAP_AMBIENT (< 4.3) since
2a03bb3e65

To fix this error, include missing_prctl.h in all files using
PR_CAP_AMBIENT

Fixes:
 - http://autobuild.buildroot.org/results/699c078aa078240c6741da4dbd0871450ceeca92

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
2019-01-11 17:37:20 +01:00
Frantisek Sumsal
3071b3ff6e test: introduce QEMU_MEM
Some tests (mainly under ASan/UBSan) require more than 512M of memory,
so let's make it configurable (but still default to 512M).
2019-01-11 16:23:53 +01:00
Frantisek Sumsal
e47df8232a test: drop service masking in TEST-01-BASIC
This test should ensure all systemd starts correctly, so masking them is
counter-productive in this case.
2019-01-11 13:45:08 +01:00
Zbigniew Jędrzejewski-Szmek
0192cbdb2c Revert "nss: prevent PROTECT_ERRNO from squashing changes to *errnop"
This reverts commit b26c904113.

I don't see anythign wrong, but Ubuntu autopkgtest CI started failing fairly
consistently since this was merged. Let's see if reverting fixes things.
2019-01-10 21:23:14 +01:00
Sam Morris
8e44f5710b docs: note that udev doesn't deal with binary attribute values (#11383)
Related to #5329.
2019-01-10 18:05:34 +01:00
Michael Biebl
4e4bbc439e meson: stop setting -fPIE globally
Setting -fPIE globally can lead to miscompilations on certain
architectures.
This is caused by both -fPIE and -fPIC options being added to various
compilation commands. Only -fPIC is being recorded in the LTO options
section of the object. The gcc-8 LTO plugin merges -fPIC + -fPIE to
nothing. So, the compilations done by the plugin are not
position-independent and fail to link with -pie.

The simplest solution is to stop setting -fPIE globally and instead
using meson's b_pie=true option. This requires meson 0.49 or later.

Since we don't set this option in meson.build but leave it up to the
distro maintainer to set this option, do not bump the meson version
requirement.

Fixes: #10548
2019-01-10 16:00:10 +01:00
Franck Bui
c0f34168d4 Revert "logind: become the controlling terminal process before restoring VT"
This reverts commit ad96887a12.

Commit adb8688 alone should be enough to fix issue #9754.

Fixes #11269
2019-01-10 15:59:13 +01:00
Zbigniew Jędrzejewski-Szmek
c7e93c4d15 pam_systemd: reword message about not creating a session
The message is changed from
  Cannot create session: Already running in a session...
to
  Not creating session: Already running in a session...

This is more neutral and avoids suggesting a problem.

"Will not create session: ..." was suggested, but it sounds like the action
would have yet to be performed. I think Using present continuous is better.

Fixes #10822 (for good now, I hope).
2019-01-10 15:56:02 +01:00
Sam Morris
b26c904113 nss: prevent PROTECT_ERRNO from squashing changes to *errnop
glibc passes in &errno for errnop, which means PROTECT_ERRNO ends up
squashing our intentional changes to *errnop.

Fixes #11321.
2019-01-10 11:08:42 +01:00
Zbigniew Jędrzejewski-Szmek
a1b939dfc7
Merge pull request #11376 from yuwata/11365-v2
udev: initialize sockets before fork()
2019-01-10 09:08:57 +01:00
Yu Watanabe
5497239f95
Merge pull request #11350 from yuwata/logind-inhibitwhat-cleanups
login: cleanups for enum InhibitWhat
2019-01-10 14:26:21 +09:00
Yu Watanabe
8f44e0f419
Merge pull request #11361 from yuwata/follow-up-11352
core/socket: two follow-ups for #11352
2019-01-10 14:25:58 +09:00
Yu Watanabe
943179fe2a
Merge pull request #11366 from keszybz/a-few-unrelated-cleanups
A few unrelated cleanups
2019-01-10 14:25:25 +09:00
Zbigniew Jędrzejewski-Szmek
65641b3cdc logind: do not pass negative number to strerror 2019-01-10 14:22:28 +09:00
Zbigniew Jędrzejewski-Szmek
b5af8c8cdf udev: open control and netlink sockets before daemonization
c4b69e990f effectively moved the initalization of socket.
Before that commit:
run → listen_fds → udev_ctrl_new → udev_ctrl_new_from_fd → socket()
After:
run → main_loop → manager_new → udev_ctrl_new_from_fd → socket()

The problem is that main_loop was called after daemonization. Move manager_new
out of main_loop and before daemonization.

Fixes #11314 (hopefully ;)).

v2: Yu Watanabe
sd_event is initialized in main_loop().
2019-01-10 14:09:15 +09:00
Zbigniew Jędrzejewski-Szmek
44dcf454b6 udevd: drop redundant call to sd_event_get_exit_code
sd_event_loop returns the same thing anyway.
2019-01-10 14:09:01 +09:00
Zbigniew Jędrzejewski-Szmek
a685c049c0
Merge pull request #11374 from keszybz/journal-fixes
Journal/journal-remote/coredump fixes
2019-01-10 01:12:22 +01:00
Zbigniew Jędrzejewski-Szmek
ef4d6abe7c journal-remote: set a limit on the number of fields in a message
Existing use of E2BIG is replaced with ENOBUFS (entry too long), and E2BIG is
reused for the new error condition (too many fields).

This matches the change done for systemd-journald, hence forming the second
part of the fix for CVE-2018-16865
(https://bugzilla.redhat.com/show_bug.cgi?id=1653861).
2019-01-09 23:44:17 +01:00
Zbigniew Jędrzejewski-Szmek
7fdb237f54 journal-remote: verify entry length from header
Calling mhd_respond(), which ulimately calls MHD_queue_response() is
ineffective at point, becuase MHD_queue_response() immediately returns
MHD_NO signifying an error, because the connection is in state
MHD_CONNECTION_CONTINUE_SENT.

As Christian Grothoff kindly explained:
> You are likely calling MHD_queue_repsonse() too late: once you are
> receiving upload_data, HTTP forces you to process it all. At this time,
> MHD has already sent "100 continue" and cannot take it back (hence you
> get MHD_NO!).
>
> In your request handler, the first time when you are called for a
> connection (and when hence *upload_data_size == 0 and upload_data ==
> NULL) you must check the content-length header and react (with
> MHD_queue_response) based on this (to prevent MHD from automatically
> generating 100 continue).

If we ever encounter this kind of error, print a warning and immediately
abort the connection. (The alternative would be to keep reading the data,
but ignore it, and return an error after we get to the end of data.
That is possible, but of course puts additional load on both the
sender and reciever, and doesn't seem important enough just to return
a good error message.)

Note that sending of the error does not work (the connection is always aborted
when MHD_queue_response is used with MHD_RESPMEM_MUST_FREE, as in this case)
with libµhttpd 0.59, but works with 0.61:
https://src.fedoraproject.org/rpms/libmicrohttpd/pull-request/1
2019-01-09 23:44:17 +01:00
Zbigniew Jędrzejewski-Szmek
d101fb24eb µhttpd: use a cleanup function to call MHD_destroy_response 2019-01-09 23:44:17 +01:00
Zbigniew Jędrzejewski-Szmek
6670c9de19 journald: lower the maximum entry size limit to ½ for non-sealed fds
We immediately read the whole contents into memory, making thigs much more
expensive. Sealed fds should be used instead since they are more efficient
on our side.
2019-01-09 23:41:53 +01:00