1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-12 13:18:14 +03:00
Commit Graph

52774 Commits

Author SHA1 Message Date
Jan Janssen
43ee1fe086 sd-boot: Add memmem_safe and memory_startswith 2021-08-16 10:50:58 +02:00
Jan Janssen
12450f2e77 sd-boot: Try harder to detect ourselves
By moving our magic string into its own PE section, we can forego
grepping for it.
2021-08-16 10:49:18 +02:00
Jan Janssen
1328150d85 sd-boot: Fix PE section parsing
We only need the PE header offset from the DOS header, not
its size. Previously, the section table could be cut off in the middle.

While we are at it, also modernize the remaining code.
2021-08-16 10:49:12 +02:00
Yu Watanabe
b40b8b06cb network: check validity before copying the input string
Prompted by https://github.com/systemd/systemd/pull/20440#discussion_r689136337.
2021-08-16 13:48:15 +09:00
Yu Watanabe
634815762d network: rebreak conf parser arguments 2021-08-16 12:54:09 +09:00
Yu Watanabe
952508abda network: can: move function 2021-08-16 01:07:06 +09:00
Yu Watanabe
4931217a67 basic/linux: update linux uapi headers 2021-08-16 01:07:06 +09:00
Milo Turner
d64441b669 Don't open /var journals in volatile mode when runtime_journal==NULL 2021-08-13 21:43:59 +02:00
Yu Watanabe
8908ceb7a8
Merge pull request #20432 from yuwata/network-recreate-stacked-netdevs
network: recreate stacked netdevs when underlying device is re-added
2021-08-13 17:31:28 +09:00
Jan Janssen
702d40270a meson: Make unused-function an error 2021-08-13 09:23:45 +02:00
Steven Siloti
8a33aa199d resolved: retry on SERVFAIL before downgrading feature level
The SERVFAIL RCODE can be generated for many reasons which may not be related
to lack of feature support. For example, the Stubby resolver generates
SERVFAIL when a request times out. Such transient failures can cause
unnecessary downgrades to both the transaction and the server's feature level.
The consequences of this are especially severe if the server is in DNSSEC
strict mode. In this case repeated downgrades eventually cause the server to
stop resolving entirely with the error "incompatible-server".

To avoid unnecessary downgrades the request should be retried once with the
current level before the transaction's feature level is downgraded.
2021-08-13 09:23:12 +02:00
Lennart Poettering
d8151fb949
Merge pull request #20233 from maanyagoenka/log-error
systemd-analyze: add option to return an error value when unit verification fails
2021-08-13 09:22:48 +02:00
Lennart Poettering
2c3735d6ba
Merge pull request #20350 from medhefgo/boot
Grab bag of sd-boot improvements
2021-08-13 09:22:12 +02:00
Maanya Goenka
3cc3dc7736 systemd-analyze: option to exit with an error when 'verify' fails
The commit introduces a callback invoked from log_syntax_internal.
Use it from systemd-analyze to gather a list of units that contain
syntax warnings. A new command line option is added to make use of this.

The new option --recursive-errors takes in three possible modes:

1. yes - which is the default. systemd-analyze exits with an error when syntax warnings arise during verification of the
	 specified units or any of their dependencies.
3. no - systemd-analyze exits with an error when syntax warnings arise during verification of only the selected unit.
	Analyzing and loading any dependencies will be skipped.
4. one - systemd-analyze exits with an error when syntax warnings arise during verification
	 of only the selected units and their direct dependencies.

Below are two service unit files that I created for the purposes of testing:

1. First, we run the commands on a unit that does not have dependencies but has a non-existing key-value setting (i.e. foo = bar).

> cat <<EOF>testcase.service

[Unit]
foo = bar

[Service]
ExecStart = echo hello
EOF

OUTPUT:

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify testcase.service
/home/maanya-goenka/systemd/testcase.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=yes testcase.service
/home/maanya-goenka/systemd/testcase.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=no testcase.service
/home/maanya-goenka/systemd/testcase.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=one testcase.service
/home/maanya-goenka/systemd/testcase.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

2. Next, we run the commands on a unit that is syntactically valid but has a non-existing dependency (i.e. foo2.service)

> cat <<EOF>foobar.service

[Unit]
Requires = foo2.service

[Service]
ExecStart = echo hello
EOF

OUTPUT:

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify foobar.service
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
foobar.service: Failed to create foobar.service/start: Unit foo2.service not found.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=yes foobar.service
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
foobar.service: Failed to create foobar.service/start: Unit foo2.service not found.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=no foobar.service
maanya-goenka@debian:~/systemd (log-error)$ echo $?
0

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=one foobar.service
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
foobar.service: Failed to create foobar.service/start: Unit foo2.service not found.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1
2021-08-12 07:22:15 -07:00
Maanya Goenka
f14d6810e0 manager: add a test flag to ignore dependencies
The MANAGER_TEST_RUN_IGNORE_DEPENDENCIES flag was added in order to allow the caller
to skip the recursive loading of dependency units when loading specific
unit files. This includes the default dependencies, the specified dependencies, the slice.
This will be used by systemd-analyze to allow checking individual unit files in isolation.
2021-08-12 07:22:15 -07:00
Maanya Goenka
1545051c79 manager: use FLAGS_SET when checking for MANAGER_TEST_RUN_MINIMAL
Allows multiple flags to be set, for example, in systemd-analyze.
2021-08-12 07:22:15 -07:00
Jan Janssen
dba0c9832b sd-boot: Allow on/off and t/f for booleans too 2021-08-12 16:10:06 +02:00
Jan Janssen
ec97e40c29 sd-boot: Provide error messages when parsing a config option fails 2021-08-12 16:10:06 +02:00
Jan Janssen
e98d271e57 sd-boot: Rework console input handling
Fixes: #15847
Probably fixes: #19191
2021-08-12 16:10:02 +02:00
Lennart Poettering
ced10d4838
Merge pull request #20199 from ddstreet/unit_cgroup_catchup
cgroup: do 'catchup' for unit cgroup inotify watch files
2021-08-12 16:04:40 +02:00
Maanya Goenka
3da57008e7 systemd-analyze: parse ip_filters_custom_egress correctly
Fixed bug in original assignment of security_info variable: ip_filters_custom_egress.
2021-08-12 13:36:42 +02:00
Yu Watanabe
1e8cce8f1e network: fix configuring of CAN devices
Fix a bug introduced by 7558f9e717.

Fixes #20428.
2021-08-12 11:44:13 +02:00
Jan Janssen
b3fc3a3ced sd-boot: Use StrSize where it makes sense 2021-08-12 09:48:37 +02:00
Jan Janssen
508df915b6 sd-boot: Assert all the things! 2021-08-12 09:48:37 +02:00
Jan Janssen
7a7267bf55 sd-boot: Add assert implementation
There is a ASSERT() macro from gnu-efi, but that does not show any
output to ConOut. Having to do some additional setup just to get
some debug output is tedious and outright difficult on real hardware.
2021-08-12 09:48:37 +02:00
Jan Janssen
b52fafb26d sd-boot: Fix possible null pointer dereference
Auto entries are showing garbage for the version in print_status()
because StrDuplicate does not expect null pointers.
2021-08-12 09:48:37 +02:00
Jan Janssen
b2cf9922a4 sd-boot: Don't use magic integer constants 2021-08-12 09:48:37 +02:00
Jan Janssen
8aba0eec49 sd-boot: Unify error handling
log_error_stall() and log_error_status_stall() will ensure the user has
a chance to catch an error message by stalling and also forcing a
lightred/black color on it. Also, convert several Print() calls to it
since they are actually error messages.
2021-08-12 09:48:27 +02:00
Lennart Poettering
da9c8911b4
Merge pull request #20418 from yuwata/hostnamed-fix-20417
hostname: fix off-by-one issue in gethostname()
2021-08-12 09:34:21 +02:00
Yu Watanabe
1d0c9bd753 test-network: add a testcase for recreating stacked netdevs 2021-08-12 15:03:50 +09:00
Yu Watanabe
2f117922d4 network: recreate stacked netdevs when underlying device is re-added
Closes #20430.
2021-08-12 15:03:47 +09:00
Yu Watanabe
b14686ff3a network: adjust log messages, function names, etc. 2021-08-12 14:39:39 +09:00
Yu Watanabe
8f65304c5d network: use netdev_enter_failed() instead of netdev_drop() on error
Preparation for later commits to support reconfiguring netdevs.
2021-08-12 14:23:57 +09:00
Yu Watanabe
798e5dc8ae network: introduce a helper function netdev_is_stacked_and_independent() 2021-08-12 14:10:45 +09:00
Yu Watanabe
0995accdfd hostname: introduce gethostname_full() and use it in various gethostname() variants 2021-08-12 13:48:15 +09:00
Yu Watanabe
ccdf235464 hostname: fix off-by-one issue in gethostname()
gethostname() returns null-terminated hostname.

Fixes #20309 and #20417.
2021-08-12 13:48:15 +09:00
Luca Boccassi
4e2a772438
Merge pull request #20423 from yuwata/dhcp-server-static-lease-outside-pool
sd-dhcp-server: support static lease outside of pool
2021-08-11 18:40:00 +01:00
Andrej Lajovic
23e026de25 shared/copy: add a new flag COPY_ALL_XATTRS
When the flag COPY_ALL_XATTRS is set, it causes the complete set of xattrs
to be copied. If the flag is unset, only xattrs from the "user" namespace
are copied.

Fixes #17178.
2021-08-11 17:48:10 +02:00
Lennart Poettering
a0c5a3f0c0
Merge pull request #20419 from keszybz/setenv-no-value
Allow --setenv=FOO in various programs
2021-08-11 17:47:45 +02:00
Jan Janssen
f862e84724 macro: Move some macros to macro-fundamental.h
Also, make sure STRLEN works with wide strings too.
2021-08-11 14:59:46 +02:00
Zbigniew Jędrzejewski-Szmek
76e68b3db3 activate: simplify/rework implementation of --setenv
Previous implementation is simplified by using the new helper. The new code
does more looping, but considering that it's unlikely that people set more
than a handful of variables through commandline options, this should be OK.

If a variable is specified on the command line, it overrides any automatically
set variable. Effective behaviour was already were like this, because we would
specify two variables, both would be set, and since glibc will return
the first matching entry.
('systemd-socket-activate -E TERM=FOO -l 2000 --inetd -a env' would give
'TERM=FOO TERM=xterm-256color PATH=...', and getenv("TERM") returns "FOO".)
But it's nicer to filter out any duplicate entries and only pass the intended
variable to the child process.
2021-08-11 10:17:50 +02:00
Lennart Poettering
d178203d8e
Merge pull request #20079 from maanyagoenka/img-support
systemd-analyze: root validation and verify support for root arg and discrete images
2021-08-11 10:02:46 +02:00
Yu Watanabe
af0d4e6ef5 test-network: test static lease outside of pool 2021-08-11 16:43:26 +09:00
Yu Watanabe
b713a99b1a sd-dhcp-server: support static lease outside of address pool
Closes #20341.
2021-08-11 16:43:26 +09:00
Yu Watanabe
3dc8fb0eb8 sd-dhcp-server: fix possible double-free or use-after-free 2021-08-11 16:43:25 +09:00
Yu Watanabe
cedf6a8da5 sd-dhcp-server: use hashmap_ensure_put() 2021-08-11 16:43:25 +09:00
MertsA
bbd239f67a Get rid of dangling setutxent()
utmp_wall() and utmp_put_dead_process() called setutxent() directly instead of the stub in utmp-wtmp.h and never called endutxent(). This would leave /run/utmp left open by PID 1 or journald. This can be reproduced by e.g. lsof /run/utmp and systemd-cat -p 0 echo test. For utmp_put_dead_process() it would only leave it open if it returned early before calling write_utmp_wtmp()
2021-08-11 09:40:10 +02:00
Zbigniew Jędrzejewski-Szmek
2f400671da activate: use global variable instead of passing char **envp around
The effect should be the same, but the code is less verbose.
In particular, the variable was called envp in parts of the code,
but in other parts, we had a local envp variable, and envp was called
env.
2021-08-11 09:34:45 +02:00
Zbigniew Jędrzejewski-Szmek
89bf86e015 machinectl: allow --setenv=FOO 2021-08-11 09:34:45 +02:00
Zbigniew Jędrzejewski-Szmek
0337b3d51c run: allow --setenv=FOO 2021-08-11 09:34:45 +02:00