Zbigniew Jędrzejewski-Szmek [Sat, 28 May 2016 20:43:22 +0000 (16:43 -0400)]
man: punctuation fixes
Fixes #3376.
Zbigniew Jędrzejewski-Szmek [Sat, 28 May 2016 20:21:47 +0000 (16:21 -0400)]
tree-wide: remove newlines from unit_write_drop_in
This reverts part of #3329, but all for a good cause.
Zbigniew Jędrzejewski-Szmek [Sat, 28 May 2016 20:06:44 +0000 (16:06 -0400)]
core/unit: append newline when writing drop ins
unit_write_drop_in{,_private}{,_format} are all affected.
We already append a header to the file (and section markers), so those functions
can only be used to write a whole file at once. Including the newline at
the end feels natural.
After this commit newlines will be duplicated. They will be removed in
subsequent commit.
Also, rewrap the "autogenerated" header to fit within 80 columns.
Zbigniew Jędrzejewski-Szmek [Sat, 28 May 2016 15:50:37 +0000 (11:50 -0400)]
Typo fix: s/advertisment/advertisement/
Zbigniew Jędrzejewski-Szmek [Sat, 28 May 2016 14:50:36 +0000 (10:50 -0400)]
systemctl: remove empty line between comment and action
It's harder to miss the comment without the newline ;)
See https://github.com/systemd/systemd/pull/3336#issuecomment-
221749423
for context.
Zbigniew Jędrzejewski-Szmek [Sat, 28 May 2016 15:48:37 +0000 (11:48 -0400)]
Merge pull request #3328 from poettering/ipv4ll-ipv4acd-fixes
various sd-Ipv4ll/sd-ipv4acd fixes
Zbigniew Jędrzejewski-Szmek [Sat, 28 May 2016 14:52:06 +0000 (10:52 -0400)]
Merge pull request #3336 from eworm-de/systemctl-set-default
systemctl: return success for set-default, add-wants, add-requires...
Michael Biebl [Sat, 28 May 2016 09:03:03 +0000 (11:03 +0200)]
login: Fix policy for org.freedesktop.login1.set-self-linger (#3365) (#3373)
We need to explicitly define authorizations for allow_inactive and
allow_active. Otherwise one is getting "Access denied" when run from a
local console:
$ loginctl enable-linger
Could not enable linger: Access denied
Tejun Heo [Fri, 27 May 2016 16:10:18 +0000 (09:10 -0700)]
core: add cgroup memory controller support on the unified hierarchy (#3315)
On the unified hierarchy, memory controller implements three control knobs -
low, high and max which enables more useable and versatile control over memory
usage. This patch implements support for the three control knobs.
* MemoryLow, MemoryHigh and MemoryMax are added for memory.low, memory.high and
memory.max, respectively.
* As all absolute limits on the unified hierarchy use "max" for no limit, make
memory limit parse functions accept "max" in addition to "infinity" and
document "max" for the new knobs.
* Implement compatibility translation between MemoryMax and MemoryLimit.
v2:
- Fixed missing else's in config_parse_memory_limit().
- Fixed missing newline when writing out drop-ins.
- Coding style updates to use "val > 0" instead of "val".
- Minor updates to documentation.
Lennart Poettering [Fri, 27 May 2016 16:06:18 +0000 (18:06 +0200)]
Merge pull request #3329 from htejun/dbus-cgroup-fixes
dbus-cgroup fixes
Tejun Heo [Fri, 27 May 2016 15:41:45 +0000 (08:41 -0700)]
core: fix missing newline when writing drop-in for WorkingDirectory (#3337)
Lennart Poettering [Fri, 27 May 2016 15:37:19 +0000 (17:37 +0200)]
Merge pull request #3356 from OpenDZ/tixxdz/nspawn-quick-v1
nspawn: filesystem uid patching fixes and other minor improvments
Christian Hesse [Fri, 27 May 2016 07:33:27 +0000 (09:33 +0200)]
systemctl: fix code path (and memory leak) on error
Christian Hesse [Fri, 27 May 2016 07:32:41 +0000 (09:32 +0200)]
systemctl: fix return values on success
Christian Hesse [Fri, 27 May 2016 07:21:02 +0000 (09:21 +0200)]
systemctl: remove extra comma
Djalal Harouni [Thu, 26 May 2016 11:06:55 +0000 (13:06 +0200)]
nspawn: rename arg_retain to arg_caps_retain
The argument is about capabilities.
Djalal Harouni [Thu, 26 May 2016 20:42:29 +0000 (22:42 +0200)]
nspawn: split out seccomp call into nspawn-seccomp.[ch]
Split seccomp into nspawn-seccomp.[ch]. Currently there are no changes,
but this will make it easy in the future to share or use the seccomp logic
from systemd core.
Djalal Harouni [Thu, 26 May 2016 10:59:49 +0000 (12:59 +0200)]
nspawn: rename is_procfs_sysfs_or_suchlike() to is_fs_fully_userns_compatible()
Rename is_procfs_sysfs_or_suchlike() to is_fs_fully_userns_compatible()
to give it the real meaning. This may prevent future modifications that
may introduce bugs.
Djalal Harouni [Thu, 26 May 2016 20:38:25 +0000 (22:38 +0200)]
nspawn: a bench of special fileystems that should not be shifted
Add some special filesystems that should not be shifted, most of them
relate to the host and not to containers.
Christian Hesse [Thu, 26 May 2016 13:57:37 +0000 (15:57 +0200)]
{machine,system}ctl: always pass &changes and &n_changes (#3350)
We have to pass addresses of changes and n_changes to
bus_deserialize_and_dump_unit_file_changes(). Otherwise we are hit by
missing information (subsequent calls to unit_file_changes_add() to
not add anything).
Also prevent null pointer dereference in
bus_deserialize_and_dump_unit_file_changes() by asserting.
Fixes #3339
Lennart Poettering [Thu, 26 May 2016 13:32:23 +0000 (15:32 +0200)]
ipv4ll: shorten some checks by using IN_SET a bit
As suggested:
https://github.com/systemd/systemd/pull/3328#discussion-diff-
64285764
Lennart Poettering [Tue, 24 May 2016 19:34:48 +0000 (21:34 +0200)]
sd-ndisc: small coding style fixes
Let's use usec_t internally always, when dealing with time values.
Let's use uint8_t* pointers if we are dealing with generic byte pointers.
Lennart Poettering [Tue, 24 May 2016 19:34:25 +0000 (21:34 +0200)]
sd-ndisc: add more whitespace
Whitespace doesn't hurt and helps structuring things.
Lennart Poettering [Tue, 24 May 2016 19:32:33 +0000 (21:32 +0200)]
sd-ndisc: stop discovery properly when something fails
Lennart Poettering [Tue, 24 May 2016 19:28:11 +0000 (21:28 +0200)]
sd-ndisc: rework size checking in ndisc_ra_parse()
Let's better check the size before we subtract. Also, let's change the size
argument to size_t, as it cannot be signed anyway.
Finally, use EBADMSG for indicating invalid packets, like we do everywhere
else.
Lennart Poettering [Tue, 24 May 2016 19:24:43 +0000 (21:24 +0200)]
sd-ndisc: simplify clamping of router "pref" parameter
Lennart Poettering [Tue, 24 May 2016 19:23:04 +0000 (21:23 +0200)]
sd-ndisc: append "event_source" to event source objects stored in structures
Otherwise it gets too confusing whether "timeout" refers to an event source or
just a timeout time specification.
Lennart Poettering [Tue, 24 May 2016 19:20:30 +0000 (21:20 +0200)]
sd-ndisc: add log_ndisc_errno() macro, to complement log_ndisc() like elsewhere
Also make use of it where appropriate.
Lennart Poettering [Tue, 24 May 2016 19:16:36 +0000 (21:16 +0200)]
sd-ndisc: use the right object to pass to log_ndisc()
There's no "client" object, in both cases. There's only "nd".
This wasn't noticed before, as the context object is currently not actually
used by the log macros.
Lennart Poettering [Tue, 24 May 2016 19:15:49 +0000 (21:15 +0200)]
sd-ndisc: Typo fix: s/advertisment/advertisement/
Lennart Poettering [Mon, 23 May 2016 17:39:44 +0000 (19:39 +0200)]
ipv4acd: rename "ll" parameter to "acd" everywhere
Appears to be a (confusing) left-over from copy/paste when this still was
ipv4ll code.
Lennart Poettering [Mon, 23 May 2016 17:35:54 +0000 (19:35 +0200)]
sd-ipv4ll: add a bit of logging to IPv4LL too
Lennart Poettering [Mon, 23 May 2016 17:35:18 +0000 (19:35 +0200)]
sd-ipv4acd: drop IPV4ACD_NETWORK definition
Appears to be a copy/paste mistake from sd-ipv4ll. Let's get rid of this.
Lennart Poettering [Mon, 23 May 2016 17:24:21 +0000 (19:24 +0200)]
ipv4acd: rework how we pick ipv4ll addresses
Let's make the seed actually work as stable seed, and use siphash24 to generate
the series of addresses, instead of the opaque libc random_r().
This not only makes the seed truly work as stable, portable seed, but also
makes the code quite a bit shorter, and removes a couple of memory allocations.
Lennart Poettering [Mon, 23 May 2016 16:33:17 +0000 (18:33 +0200)]
ipv4ll: change "seed" parameter to be uint64_t
Let's make clear this always has the same size, since otherwise it's not useful
for reproducible runs, which this is really about however.
Lennart Poettering [Mon, 23 May 2016 16:26:49 +0000 (18:26 +0200)]
ipv4acd: make sure our event handler callbacks never check uninitialized "r" for errors
Lennart Poettering [Mon, 23 May 2016 16:18:04 +0000 (18:18 +0200)]
ipv4acd: normalize time types to usec_t
We try to stick to usec_t for encoding time information, do that here too. In
particular, get rid of "int" second specifications, since signed timespans are
a weird thing.
Lennart Poettering [Mon, 23 May 2016 16:07:51 +0000 (18:07 +0200)]
ipv4acd: in case the state engine is reused, reset n_conflict timer to 0
Lennart Poettering [Mon, 23 May 2016 16:07:42 +0000 (18:07 +0200)]
ipv4acd: no need to memcpy() where assignment suffices
Lennart Poettering [Mon, 23 May 2016 16:06:33 +0000 (18:06 +0200)]
ipv4acd: introduce new "started" state
This state is active immediately after the state engine was started, but before
the first timer hits.
This way multiple _start() invocations on the same object are always detected
correctly.
Lennart Poettering [Mon, 23 May 2016 15:52:08 +0000 (17:52 +0200)]
ipv4acd: rename ipv4acd_stop() → ipv4acd_reset()
This is much less confusing, since there's also sd_ipv4acd_stop(), which was
idfferent from ipv4acd_stop().
After renaming it, let's also use the funciton when destroying ipv4acd objects,
as the code is pretty much the same for that.
Lennart Poettering [Mon, 23 May 2016 15:32:18 +0000 (17:32 +0200)]
ipv4acd: add "_event_source" suffix to event source objects
Otherwise the field "receive_message" is a bit too confusing, as it suggests it
actually stores a message object of some kind.
Lennart Poettering [Mon, 23 May 2016 15:23:40 +0000 (17:23 +0200)]
ipv4acd: make the iteration and conflict fields unsigned
They are counters after all, and can never go below zero, hence don't pretend
with the chose type that they could.
Also, prefix their name with "n_", to indicate that they are counters.
Lennart Poettering [Mon, 23 May 2016 15:19:35 +0000 (17:19 +0200)]
ipv4l-{acd,ll}: make sure ipv4 addresses are unsigned
And some other minor fixes.
Lennart Poettering [Mon, 23 May 2016 15:18:58 +0000 (17:18 +0200)]
ipv4acd: library code should never log
Or actually, not at any level higher than debug.
Lennart Poettering [Mon, 23 May 2016 15:17:37 +0000 (17:17 +0200)]
sd-ipv4{acl,ll}: don't make use of RefCnt objects
These objects are only useful when multiple threads are involved, as they
operate with atomic operations. Given that our libraries are explicitly not
thread-safe don't make use of RefCnt here, and make things a bit simpler.
Lennart Poettering [Mon, 23 May 2016 14:48:56 +0000 (16:48 +0200)]
sd-network: don't needlessly abbreviate "callback" as "cb" in struct members
It's OK to abbreviate this in the local scope, but otherwise, let's not be
needlessly terse.
Lennart Poettering [Mon, 23 May 2016 14:46:50 +0000 (16:46 +0200)]
dhcp: fix operator precedence issue with macro
Lennart Poettering [Mon, 23 May 2016 14:27:59 +0000 (16:27 +0200)]
sd-ndisc: make the _stop() call idempotent
It's a good idea to make stopcalls idempotent, so that they become nops if the
object is already stopped.
Lennart Poettering [Mon, 23 May 2016 14:27:05 +0000 (16:27 +0200)]
sd-network: fix up assertion chaos
assert_return() should only be used to validate user-facing parameters and
state, assert() should be used for checking our own internal state and
parameters.
Lennart Poettering [Mon, 23 May 2016 14:15:04 +0000 (16:15 +0200)]
sd-ndisc: rename sd_ndisc_init() to sd_ndisc_reset()
After all, it's actually used for resetting the state, not only for the initial
initialization.
While we are at it, also simplify the error path for
sd_ndisc_discovery_start().
Lennart Poettering [Mon, 23 May 2016 14:13:18 +0000 (16:13 +0200)]
sd-network: rename "index" field of the various clients to "ifindex"
A field "index" is not particularly precise and also might conflict with libc's
index() function definition. Also, pretty much everywhere else we call this
concept "ifindex", including in networkd, the primary user of these libraries.
Hence, let's fix this up and call this "ifindex" everywhere here too.
Lennart Poettering [Mon, 23 May 2016 13:57:39 +0000 (15:57 +0200)]
sd-ndisc: properly make various parameters unsigned
Lennart Poettering [Mon, 23 May 2016 13:57:31 +0000 (15:57 +0200)]
sd-dhcp: shorten NUL initialization a bit
Lennart Poettering [Mon, 23 May 2016 13:57:18 +0000 (15:57 +0200)]
manager: remove spurious newline
Lennart Poettering [Mon, 23 May 2016 13:56:01 +0000 (15:56 +0200)]
sd-network: unify packet processing logic a bit
Let's always check for errno being EAGAIN/EINTR the same way, and always log if
we receive weirdly short packets.
Ansgar Burchardt [Thu, 26 May 2016 08:44:35 +0000 (10:44 +0200)]
Typo: systemd-nspaw -> systemd-nspawn (#3354)
Lennart Poettering [Tue, 24 May 2016 10:14:21 +0000 (12:14 +0200)]
Merge pull request #3247 from fbuihuu/ask-passowrd-on-all-consoles
ask-password: ask for passphrases not only on the first console
Zbigniew Jędrzejewski-Szmek [Tue, 24 May 2016 10:07:42 +0000 (06:07 -0400)]
Udevadm trivial cleanups (#3331)
* udevadm-info: use _cleanup_
* udevadm-info: propagate return value from export_devices()
* sd-device: add comment and remove unnecessary braces
Werner Fink [Wed, 18 Nov 2015 11:28:30 +0000 (12:28 +0100)]
ask-password: ask for passphrases not only on the first console of /dev/console
but also on all other consoles. This does help on e.g. mainframes
where often a serial console together with other consoles are
used. Even rack based servers attachted to both a serial console
as well as having a virtual console do sometimes miss a connected
monitor.
To be able to ask on all terminal devices of /dev/console the devices
are collected. If more than one device are found, then on each of the
terminals a inquiring task for passphrase is forked and do not return
to the caller.
Every task has its own session and its own controlling terminal.
If one of the tasks does handle a password, the remaining tasks
will be terminated.
Also let contradictory options on the command of
systemd-tty-ask-password-agent fail.
Spwan for each device of the system console /dev/console a own process.
Replace the system call wait() with with system call waitid().
Use SIGTERM instead of SIGHUP to get unresponsive childs down.
Port the collect_consoles() function forward to a pulbic and strv
based function "get_kernel_consoles()" in terminal-util.c and use this
in tty-ask-password-agent.c.
Zbigniew Jędrzejewski-Szmek [Tue, 24 May 2016 09:32:30 +0000 (05:32 -0400)]
Revert "rules: allow users to access frame buffer devices" (#3333)
This reverts commit
483d8bbb4c0190f419bf9fba57fb0feb1a56bea6.
In [1] Michel Dänzer and Daniel Vetter wrote:
>> The scenario you describe isn't possible if the Wayland compositor
>> directly uses the KMS API of /dev/dri/card*, but it may be possible if
>> the Wayland compositor uses the fbdev API of /dev/fb* instead (e.g. if
>> weston uses its fbdev backend).
>
> Yeah, if both weston and your screen grabber uses native fbdev API you can
> now screenshot your desktop. And since fbdev has no concept of "current
> owner of the display hw" like the drm master, I think this is not fixable.
> At least not just in userspace. Also even with native KMS compositors
> fbdev still doesn't have the concept of ownership, which is why it doesn't
> bother clearing it's buffer before KMS takes over. I agree that this
> should be reverted or at least hidden better.
TBH, I think that privilege separation between processes running under the same
UID is tenuous. Even with drm, in common setups any user process can ptrace the
"current owner of the display" and call DROP_MASTER or do whatever. It *is*
possible to prevent that, e.g. by disabling ptrace using yama.ptrace_scope, or
selinux, and so on, but afaik this is not commonly done. E.g. all Fedora
systems pull in elfutils-default-yama-scope.rpm through dependencies which sets
yama.ptrace_scope=0. And even assuming that ptrace was disabled, it is trivial
to modify files on disk, communicate through dbus, etc; there is just to many
ways for a non-sandboxed process to interact maliciously with the display shell
to close them all off. To achieve real protection, some sort of sandboxing
must be implemented, and in that case there is no need to rely on access mode
on the device files, since much more stringent measures have to be implemented
anyway.
The situation is similar for framebuffer devices. It is common to add
framebuffer users to video group to allow them unlimited access to /dev/fb*.
Using uaccess would be better solution in that case. Also, since there is no
"current owner" limitation like in DRM, processes running under the same UID
should be able to access /proc/<pid-of-display-server>/fd/* and gain access to
the devices. Nevertheless, weston implements a suid wrapper to access the
devices and then drop privileges, and this patch would make this daemon
pointless. So if the weston developers feel that this change reduces security,
I prefer to revert it.
[1] https://lists.freedesktop.org/archives/wayland-devel/2016-May/029017.html
Tom Gundersen [Mon, 23 May 2016 23:34:29 +0000 (01:34 +0200)]
sd-device: udev-db - handle properties with empty value (#3330)
The statemachine was unable to parse properties with empty values,
reported in [0].
When reaching the start of the KEY, we would unconditionally read
one more character before starting to look for the end-of-line.
Simply look for the end-of-line from the first character.
[0]: <https://bugzilla.redhat.com/show_bug.cgi?id=1338823>
Tejun Heo [Mon, 23 May 2016 20:48:46 +0000 (16:48 -0400)]
core: fix missing newlines when writing out drop-ins for cgroup settings
Except for per-device BlockIO, IO and DeviceAllow/Deny settings, all were
missing newline causing the next drop-in to be concatenated at the end of the
line. Fix it.
Tejun Heo [Mon, 23 May 2016 20:48:46 +0000 (16:48 -0400)]
core: fix the reversed sanity check when setting StartupBlockIOWeight over dbus
bus_cgroup_set_property() was rejecting if the input value was in range.
Reverse it.
Zbigniew Jędrzejewski-Szmek [Mon, 23 May 2016 13:33:44 +0000 (09:33 -0400)]
man: explain what list-units does a bit better (#3324)
https://bugzilla.redhat.com/show_bug.cgi?id=1338584
Susant Sahani [Mon, 23 May 2016 09:13:57 +0000 (14:43 +0530)]
networkd: networkd: ndisc set SO_BINDTODEVICE on socket (#3294)
From the issue #2004 we are receiving packet even if this
packet is not intended for this interface.
This can be reproduced.
lp3s0: Updating address: 2001:db8:1:0:7e7a:91ff:fe6d:ffe2/64 (valid for 1d)
wlp3s0: Updating address: fe80::7e7a:91ff:fe6d:ffe2/64 (valid forever)
NDisc CLIENT: Received RA from non-link-local address ::. Ignoring.
NDisc CLIENT: Received RA on wrong interface: 2 != 6. Ignoring.
NDisc CLIENT: Received RA on wrong interface: 2 != 3. Ignoring.
enp0s25: Updating address: 2001:db8:1:0:2ad2:44ff:fe6a:ae07/64 (valid for 1d)
enp0s25: Updating address: fe80::2ad2:44ff:fe6a:ae07/64 (valid forever)
NDisc CLIENT: Sent Router Solicitation
NDisc CLIENT: Sent Router Solicitation
NDisc CLIENT: Sent Router Solicitation
NDisc CLIENT: Received RA on wrong interface: 3 != 2. Ignoring.
NDisc CLIENT: Received RA on wrong interface: 3 != 6. Ignoring.
NDisc CLIENT: Received RA from non-link-local address ::. Ignoring.
NDisc CLIENT: Received RA on wrong interface: 2 != 6. Ignoring.
NDisc CLIENT: Received RA on wrong interface: 2 != 3. Ignoring.
enp0s25: Updating address: 2001:db8:1:0:2ad2:44ff:fe6a:ae07/64 (valid for 1d)
enp0s25: Updating address: fe80::2ad2:44ff:fe6a:ae07/64 (valid forever)
Add SO_BINDTODEVICE to socket
fixes #2004
Dave Reisner [Mon, 23 May 2016 08:31:47 +0000 (10:31 +0200)]
Mention initrd-root-device.target in NEWS (#3325)
Evgeny Vereshchagin [Mon, 23 May 2016 08:19:14 +0000 (11:19 +0300)]
resolved: don't stop handle messages after receiving a zero length UDP packet (#3323)
Fixes:
-bash-4.3# ss --udp -l -p
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 *:5355 *:* users:(("systemd-resolve",pid=601,fd=12))
UNCONN 0 0 :::5355 :::* users:(("systemd-resolve",pid=601,fd=14))
-bash-4.3# nping --udp -p 5355 --data-length 0 -c 1 localhost
-bash-4.3# journalctl -u systemd-resolved -b --no-hostname
...
May 21 14:59:22 systemd-resolved[601]: Event source llmnr-ipv4-udp (type io) returned error, disabling: Input/output error
...
-bash-4.3# nping --udp -p 5355 --data-length 1000 -c 1 localhost
-bash-4.3# ss --udp -l
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 2304 0 *:5355 *:*
UNCONN 0 0 :::5355 :::*
Tom Gundersen [Sun, 22 May 2016 22:16:28 +0000 (00:16 +0200)]
Merge pull request #3322 from poettering/random-ipv4acd-fixes
Random ipv4acd fixes
Lennart Poettering [Sun, 22 May 2016 12:26:36 +0000 (14:26 +0200)]
ipv4acd/ipv4ll: stop using read() on SOCK_DGRAM sockets
This is a follow-up to
cf447cb62d01137f4cbd1cd14b83b88823542bbf.
Let's generally follow the rule to not use read() on SOCK_DGRAM sockets, let's
always use recv() on that.
Also, don't abort IPV4ACD logic in case we read a short packet. Simply log and
ignore.
Lennart Poettering [Sun, 22 May 2016 12:26:06 +0000 (14:26 +0200)]
sd-ipv4acd: do not define ether_addr_is_nul() redundantly
we already have ether_addr_is_null() in ether-addr-util.h, let's use it here,
too.
Lennart Poettering [Sun, 22 May 2016 12:25:02 +0000 (14:25 +0200)]
sd-ipv4acd: drop HASH_KEY definition, as it is unused
Zbigniew Jędrzejewski-Szmek [Sun, 22 May 2016 11:02:41 +0000 (07:02 -0400)]
nspawn: remove unreachable return statement (#3320)
Zbigniew Jędrzejewski-Szmek [Sat, 21 May 2016 22:12:17 +0000 (18:12 -0400)]
networkd-ndisc: do not return value from void function
Fixup for #3304.
Only warn, and not return, because that's what sd_dhcp6_client_start()
does right below the call to sd_dhcp6_client_set_local_address().
Zbigniew Jędrzejewski-Szmek [Sat, 21 May 2016 21:58:30 +0000 (17:58 -0400)]
build-sys: bump so version
Zbigniew Jędrzejewski-Szmek [Sat, 21 May 2016 21:51:13 +0000 (17:51 -0400)]
NEWS: final updates for v230
Zbigniew Jędrzejewski-Szmek [Sat, 21 May 2016 22:30:33 +0000 (18:30 -0400)]
run: do not try to use reply after freeing it (#3318)
We'd call sd_bus_message_unref and then proceed to use
variables pointing into the reply buffer (fd and char*).
dup the fd and copy the string before destorying the reply.
This makes systemd-run run again for me.
https://bugzilla.redhat.com/show_bug.cgi?id=1337636
Lennart Poettering [Sat, 21 May 2016 21:09:18 +0000 (23:09 +0200)]
units: restore ConditionNeesUpdate=/etc in ldconfig.service (#3311)
In order to support stateless systems that support offline /usr updates
properly, let's restore the ConditionNeesUpdate=/etc line that makes sure we
are run when /usr is updated and this update needs to be propagated to the
/etc/ld.so.conf file stored in /etc.
This reverts part of #2859, which snuck this change in, but really shouldn't
have.
Tom Gundersen [Sat, 21 May 2016 21:00:32 +0000 (23:00 +0200)]
libsystemd-network: use recv(..., 0) instead of read(...) (#3317)
According to recv(2) these should be the same, but that is not true.
Passing a buffer of length 0 to read is defined to be a noop according
to read(2), but passing a buffer of length 0 to recv will discard the
pending pacet.
We can easily hit this as we allocate our buffer size depending on
the size of the incoming packet (using FIONREAD). As pointed out in
issue #3299 simply sending an empty UDP packet to the DHCP client
port will trigger a busy loop in networkd as we are polling on the
socket but never discarding the empty packet.
This reverts
ad5ae47a0d159ea473c9730d7e0298a3e5d31cf6 but fixes the
same issue.
Evgeny Vereshchagin [Sat, 21 May 2016 16:40:34 +0000 (19:40 +0300)]
core: set all log fds to -1 when freezing (#3314)
Fixes:
-bash-4.3# echo core >/proc/sys/kernel/core_pattern
-bash-4.3# kill -ABRT 1
-bash-4.3# kill -ABRT 1
[ 61.373922] systemd[1]: segfault at
7fff1d0a8f48 ip
00007fc9ca91b1c3 sp
00007fff1d0a8f50 error 6 in libc-2.23.so[
7fc9ca8ce000+1c0000]
[ 61.768017] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000008b
[ 61.768017]
...
Recursive ABRT and segfault:
PID 1 - core
TID 1:
...
#153905 0x00005575fc3f829d log_dispatch
#153906 0x00005575fc3f8aa3 log_assert
#153907 0x00005575fc3f8ae9 log_assert_failed
#153908 0x00005575fc3e7eb1 safe_close
#153909 0x00005575fc3f6d5e log_close_journal
#153910 0x00005575fc3f829d log_dispatch
#153911 0x00005575fc3f85a1 log_internalv
#153912 0x00005575fc3f86a1 log_internal
#153913 0x00005575fc31c4c1 crash
#153914 0x00007fb26f2cf3d0 __restore_rt
#153915 0x00007fb26f2ced00 pause
#153916 0x00005575fc403944 freeze
#153917 0x00005575fc31bf7b freeze_or_reboot
...
Tejun Heo [Fri, 20 May 2016 20:46:42 +0000 (13:46 -0700)]
core: put opening curly braces on the same line as function names (#3313)
Recently added cgroup helper functions break the style convention. Fix them
up.
Lennart Poettering [Fri, 20 May 2016 20:36:22 +0000 (22:36 +0200)]
Revert "core/dbus: further simplify branch code" (#3307)
Tom Gundersen [Fri, 20 May 2016 17:00:08 +0000 (19:00 +0200)]
Merge pull request #3304 from tomty89/master
[networkd] ndisc DHCPv6 triggering fixes
Tom Gundersen [Fri, 20 May 2016 16:54:49 +0000 (18:54 +0200)]
Merge pull request #3276 from ssahani/issue-3264
networkd: Drop IPv6LL address when link is down.
Lennart Poettering [Fri, 20 May 2016 16:53:11 +0000 (18:53 +0200)]
Merge pull request #3290 from htejun/cgroup2-io-compat
Implement compat translation between IO* and BlockIO* settings
Tom Gundersen [Fri, 20 May 2016 15:27:58 +0000 (17:27 +0200)]
Merge pull request #3235 from dkg/hwaddr-cleanup
minor improvements for dealing with MAC Addresses
Jonathan Boulle [Fri, 20 May 2016 14:20:00 +0000 (16:20 +0200)]
core/dbus: revert oversimplification (#3309)
free_and_strdup handles NULL but not empty strings.
See also:
https://github.com/systemd/systemd/pull/3283#issuecomment-
220603145
https://github.com/systemd/systemd/pull/3307
Zbigniew Jędrzejewski-Szmek [Fri, 20 May 2016 13:12:42 +0000 (09:12 -0400)]
Make the fix for net/if.h fuckup even worse (#3287)
The original conflict is fixed in the kernel in v4.6-rc7-40-g4a91cb61bb,
but now our work-around causes a compilation failure.
Keep the workaround to support 4.5 kernels for now, and layer
more ugliness on top.
Tested with:
kernel-headers-4.6.0-1.fc25.x86_64
glibc-devel-2.23.90-18.fc25.x86_64
kernel-headers-4.5.4-300.fc24.x86_64
glibc-devel-2.23.1-7.fc24.x86_64
kernel-headers-4.4.9-300.fc23.x86_64
glibc-devel-2.22-16.fc23.x86_64
kernel-headers-4.1.13-100.fc21.x86_64
glibc-devel-2.20-8.fc21.x86_64
Zbigniew Jędrzejewski-Szmek [Fri, 20 May 2016 13:11:58 +0000 (09:11 -0400)]
resolved: fix accounting of dns serves on a link (#3291)
After a few link up/down events I got this warning:
May 17 22:05:10 laptop systemd-resolved[2983]: Failed to read DNS servers for interface wlp3s0, ignoring: Argument list too long
Jonathan Boulle [Fri, 20 May 2016 13:09:14 +0000 (15:09 +0200)]
core/dbus: expose SELinuxContext property (#3284)
Adds support to core for systemd D-Bus clients to send the
`SELinuxContext` property . This means `systemd-run -p
SELinuxContext=foo` should now work.
Evgeny Vereshchagin [Fri, 20 May 2016 13:08:24 +0000 (16:08 +0300)]
basic: remove rm_rf_and_free, add rm_rf_physical_and_free, use rm_rf_physical_and_freep in tests (#3292)
Some distros don't mount /tmp as tmpfs.
For example:
https://lists.ubuntu.com/archives/ubuntu-cloud/2016-January/001009.html
Some tests:
* print 'Attempted to remove disk file system, and we can't allow that.'
* don't really cleanup /tmp
Thomas H. P. Andersen [Fri, 20 May 2016 13:04:01 +0000 (15:04 +0200)]
NEWS: typo fix and american english (#3301)
sadag [Fri, 20 May 2016 11:26:27 +0000 (04:26 -0700)]
sd-dhcp-client: fix busy loop reading zero sized DHCP UDP packets. (#3299)
tomty89 [Fri, 20 May 2016 10:28:30 +0000 (18:28 +0800)]
[networkd-dhcp6] do not call sd_dhcp6_client_start() from dhcp6_request_address()
Starting the DHCP client doesn't seem like dhcp6_request_address()'s responsibility anyway. Whenever it's called, sd_dhcp6_client_start() is unconditionally called outside of it as well. See ndisc_router_handler() and ndisc_handler() in networkd-ndisc.c.
tomty89 [Fri, 20 May 2016 10:20:24 +0000 (18:20 +0800)]
[networkd-ndisc] set IPv6LL address in DHCP client
Fix issue #3256 and probably #1982. Referenced link_acquire_ipv6_conf() in networkd-link.c.
Zbigniew Jędrzejewski-Szmek [Thu, 19 May 2016 19:08:41 +0000 (15:08 -0400)]
systemctl: suppress no-[Install] hint when --quiet is used (#3295)
https://bugzilla.redhat.com/show_bug.cgi?id=1336960
Franck Bui [Thu, 19 May 2016 14:37:04 +0000 (16:37 +0200)]
systemctl: reload configuration when enabling sysv units too (#3297)
After enabling/disabling a unit, the daemon configuration is expected
to be unless '--no-reload' option is passed.
However this is not done when enabling a sysv units. This can lead to
the following scenario:
$ cp /etc/init.d/named /etc/init.d/foo
$ systemctl enable foo
foo.service is not a native service, redirecting to systemd-sysv-install
Executing /usr/lib/systemd/systemd-sysv-install enable foo
$ systemctl start foo
Failed to start foo.service: Unit foo.service failed to load: No such file or directory.
This can also be seen after installing a package providing a sysv
service: the service can't be started unless 'daemon-reload' is called
manually. This shouldn't be needed and this patch will fix this case
too since during package installation, the service is expected to be
enabled/disabled.
tblume [Thu, 19 May 2016 14:35:27 +0000 (16:35 +0200)]
systemctl: restore the no-sync option for legacy halt (#3249)
The sync() call on shutdown had been removed with commit
57371e5829a61e5ee6c9f98404dfc729d6c62608
together with the no-sync option for the shutdown commands.
The sync call was restored in commit
4a3ad39957399c4a30fc472a804e72907ecaa4f9 but the no-sync option
wasn't re-added.
I think we should restore this option at least for the legacy halt command.
Zbigniew Jędrzejewski-Szmek [Thu, 19 May 2016 13:38:00 +0000 (09:38 -0400)]
Merge pull request #3293 from michaelolbrich/partuuid
rules: add /dev/disk/by-partuuid symlinks also for dos partition tables
Uwe Kleine-König [Mon, 9 May 2016 09:24:55 +0000 (11:24 +0200)]
rules: add /dev/disk/by-partuuid symlinks also for dos partition tables
blkid reports PARTUUID values also for partitions that are defined by a
dos partitioning scheme. Instead of limiting the partitioning scheme to
"gpt or dos" just drop the test for the partitioning scheme and trust
blkid to do the right thing.