platform/upstream/systemd.git
6 years agojournal-verify: add comment and silence LGTM warning
Zbigniew Jędrzejewski-Szmek [Tue, 2 Oct 2018 10:26:23 +0000 (12:26 +0200)]
journal-verify: add comment and silence LGTM warning

6 years agoboot: change multiplication order
Zbigniew Jędrzejewski-Szmek [Tue, 2 Oct 2018 10:17:21 +0000 (12:17 +0200)]
boot: change multiplication order

LGTM was complaining:
> Multiplication result may overflow 'unsigned int' before it is converted to 'unsigned long'.

6 years agobasic/hexdecoct: check for overflow
Zbigniew Jędrzejewski-Szmek [Tue, 2 Oct 2018 10:15:22 +0000 (12:15 +0200)]
basic/hexdecoct: check for overflow

LGTM was complaining:
> Multiplication result may overflow 'int' before it is converted to 'long'.
Fix this by changing all types to ssize_t and add a check for overflow
while at it.

6 years agodocs: add a simple, auto-generated index.md
Lennart Poettering [Tue, 2 Oct 2018 07:53:05 +0000 (09:53 +0200)]
docs: add a simple, auto-generated index.md

This is useful for the github pages feature

6 years agoSet theme jekyll-theme-modernist
Lennart Poettering [Tue, 2 Oct 2018 08:07:38 +0000 (10:07 +0200)]
Set theme jekyll-theme-modernist

6 years agoSet theme jekyll-theme-tactile
Lennart Poettering [Tue, 2 Oct 2018 08:06:41 +0000 (10:06 +0200)]
Set theme jekyll-theme-tactile

6 years agoMerge pull request #10245 from keszybz/coc-file-rename
Lennart Poettering [Tue, 2 Oct 2018 07:57:09 +0000 (09:57 +0200)]
Merge pull request #10245 from keszybz/coc-file-rename

code-of-conduct file rename

6 years agotest: fix tests for supplementary groups
Yu Watanabe [Sat, 29 Sep 2018 12:05:52 +0000 (21:05 +0900)]
test: fix tests for supplementary groups

Fixes #9881.

6 years agococ: spell systemd in the one-and-only correct way
Zbigniew Jędrzejewski-Szmek [Tue, 2 Oct 2018 07:34:01 +0000 (09:34 +0200)]
coc: spell systemd in the one-and-only correct way

6 years agococ: reword the sentence about individual contact
Zbigniew Jędrzejewski-Szmek [Tue, 2 Oct 2018 07:32:59 +0000 (09:32 +0200)]
coc: reword the sentence about individual contact

It wasn't clear enough:
https://github.com/systemd/systemd/pull/10233#discussion_r221734060

6 years agodocs: rename file to appease github
Zbigniew Jędrzejewski-Szmek [Tue, 2 Oct 2018 07:29:42 +0000 (09:29 +0200)]
docs: rename file to appease github

Hopefully this will be enough to let github notice that we have
a coc now and display the green checkmark:
https://github.com/systemd/systemd/pull/10233#issuecomment-425918447

6 years agopo: update Turkish translation
Muhammet Kara [Mon, 1 Oct 2018 17:24:27 +0000 (20:24 +0300)]
po: update Turkish translation

6 years agoMerge pull request #10218 from keszybz/export-sd-device-hwdb
Yu Watanabe [Mon, 1 Oct 2018 17:45:55 +0000 (19:45 +0200)]
Merge pull request #10218 from keszybz/export-sd-device-hwdb

Export functions in sd-device and sd-hwdb

6 years agotest-sd-hwdb: skip tests if hwdb cannot be opened
Zbigniew Jędrzejewski-Szmek [Mon, 1 Oct 2018 13:22:55 +0000 (15:22 +0200)]
test-sd-hwdb: skip tests if hwdb cannot be opened

6 years agoAdd a simple code of conduct based on ruby community guidelines
Zbigniew Jędrzejewski-Szmek [Sun, 30 Sep 2018 17:18:07 +0000 (19:18 +0200)]
Add a simple code of conduct based on ruby community guidelines

This was discussed at the systemd hackfest during ASG2018, and
we agreed to use the Ruby text [1] with the enforcement clause based on
the "contributor covenant". I obviously modified the text where applicable
to refer to systemd.

[1] https://www.ruby-lang.org/en/conduct/

Fixes 10148.

6 years agotest: try system bus if user bus cannot be opened
Yu Watanabe [Sun, 30 Sep 2018 08:30:45 +0000 (17:30 +0900)]
test: try system bus if user bus cannot be opened

6 years agoMerge pull request #10138 from yuwata/test-check-container
Zbigniew Jędrzejewski-Szmek [Mon, 1 Oct 2018 08:09:54 +0000 (10:09 +0200)]
Merge pull request #10138 from yuwata/test-check-container

test: skip several tests when running in container

6 years agoMerge pull request #10220 from floppym/efi-cc
Zbigniew Jędrzejewski-Szmek [Mon, 1 Oct 2018 07:28:22 +0000 (09:28 +0200)]
Merge pull request #10220 from floppym/efi-cc

meson: use an array option for efi-cc

6 years agoimport: sparse_write() returns negative errno
Yu Watanabe [Sat, 29 Sep 2018 17:58:50 +0000 (02:58 +0900)]
import: sparse_write() returns negative errno

6 years agomeson: avoid calling the shell to resolve efi_libdir
Mike Gilbert [Sun, 30 Sep 2018 20:18:43 +0000 (16:18 -0400)]
meson: avoid calling the shell to resolve efi_libdir

6 years agomeson: use an array option for efi-cc
Mike Gilbert [Sun, 30 Sep 2018 19:41:41 +0000 (15:41 -0400)]
meson: use an array option for efi-cc

Fixes: https://github.com/systemd/systemd/issues/10211

6 years agotrivial: fix spelling in code comments
Thomas Haller [Sun, 30 Sep 2018 19:20:08 +0000 (21:20 +0200)]
trivial: fix spelling in code comments

Based-on-patch-by: Rafael Fontenelle <rafaelff@gnome.org>
6 years agolibsystemd: export all functions in sd-hwdb.h
Zbigniew Jędrzejewski-Szmek [Sun, 30 Sep 2018 18:36:51 +0000 (20:36 +0200)]
libsystemd: export all functions in sd-hwdb.h

sd-hwdb.h is now also installed in /usr/include/systemd.

6 years agotest-sd-hwdb: add a simple test for export sd-hwdb functions
Zbigniew Jędrzejewski-Szmek [Sun, 30 Sep 2018 18:34:11 +0000 (20:34 +0200)]
test-sd-hwdb: add a simple test for export sd-hwdb functions

6 years agolibsystemd: export all functions in sd-device.h
Zbigniew Jędrzejewski-Szmek [Sun, 30 Sep 2018 17:59:07 +0000 (19:59 +0200)]
libsystemd: export all functions in sd-device.h

sd-device.h is now also installed in /usr/include/systemd.

6 years agodhcp6: fix memleak about sd_event
Yu Watanabe [Sat, 29 Sep 2018 13:37:21 +0000 (22:37 +0900)]
dhcp6: fix memleak about sd_event

6 years agotest: Add tests for networkd (#10147)
Susant Sahani [Sat, 29 Sep 2018 12:36:25 +0000 (18:06 +0530)]
test: Add tests for networkd (#10147)

6 years agoMerge pull request #10200 from evverx/fuzz-dhcp6-client
Yu Watanabe [Sat, 29 Sep 2018 11:41:52 +0000 (13:41 +0200)]
Merge pull request #10200 from evverx/fuzz-dhcp6-client

Add a fuzzer for dhcp6-client

6 years agotests: add a reproducer for the heap-buffer-overflow fixed in cb1bdeaf56852275e6b
Evgeny Vereshchagin [Sat, 29 Sep 2018 03:25:34 +0000 (03:25 +0000)]
tests: add a reproducer for the heap-buffer-overflow fixed in cb1bdeaf56852275e6b

==14==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020001c761a at pc 0x000000540abc bp 0x7ffd0caf2c50 sp 0x7ffd0caf2c48
READ of size 2 at 0x6020001c761a thread T0
    #0 0x540abb in client_parse_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:849:73
    #1 0x53f3bc in client_receive_advertise /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1083:13
    #2 0x53d57f in client_receive_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1182:21
    #3 0x7f71d8c3eeee in source_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3042:21
    #4 0x7f71d8c3e431 in sd_event_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3455:21
    #5 0x7f71d8c3fa8d in sd_event_run /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3512:21
    #6 0x531f2b in fuzz_client /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:44:9
    #7 0x531bc1 in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:53:9
    #8 0x57bef8 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:570:15
    #9 0x579d97 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:479:3
    #10 0x57dcc2 in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:707:19
    #11 0x580cd6 in fuzzer::Fuzzer::Loop(std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) /src/libfuzzer/FuzzerLoop.cpp:838:5
    #12 0x55e998 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:764:6
    #13 0x551a4c in main /src/libfuzzer/FuzzerMain.cpp:20:10
    #14 0x7f71d784182f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #15 0x41e928 in _start (/out/fuzz-dhcp6-client+0x41e928)

6 years agotests: add a reproducer for the heap-buffer-overflow fixed in b387d3c1327a3ad2
Evgeny Vereshchagin [Sat, 29 Sep 2018 03:09:23 +0000 (03:09 +0000)]
tests: add a reproducer for the heap-buffer-overflow fixed in b387d3c1327a3ad2

6 years agodhcp6: fix an off-by-one error in dhcp6_option_parse_domainname
Evgeny Vereshchagin [Sat, 29 Sep 2018 03:06:10 +0000 (03:06 +0000)]
dhcp6: fix an off-by-one error in dhcp6_option_parse_domainname

==14==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200055fa9c at pc 0x0000005458f1 bp 0x7ffc78940d90 sp 0x7ffc78940d88
READ of size 1 at 0x60200055fa9c thread T0
    #0 0x5458f0 in dhcp6_option_parse_domainname /work/build/../../src/systemd/src/libsystemd-network/dhcp6-option.c:555:29
    #1 0x54706e in dhcp6_lease_set_domains /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-lease.c:242:13
    #2 0x53fce0 in client_parse_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:984:29
    #3 0x53f3bc in client_receive_advertise /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1083:13
    #4 0x53d57f in client_receive_message /work/build/../../src/systemd/src/libsystemd-network/sd-dhcp6-client.c:1182:21
    #5 0x7f0f7159deee in source_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3042:21
    #6 0x7f0f7159d431 in sd_event_dispatch /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3455:21
    #7 0x7f0f7159ea8d in sd_event_run /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:3512:21
    #8 0x531f2b in fuzz_client /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:44:9
    #9 0x531bc1 in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-dhcp6-client.c:53:9
    #10 0x57bec8 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:570:15
    #11 0x579d67 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:479:3
    #12 0x57dc92 in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:707:19
    #13 0x580ca6 in fuzzer::Fuzzer::Loop(std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) /src/libfuzzer/FuzzerLoop.cpp:838:5
    #14 0x55e968 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:764:6
    #15 0x551a1c in main /src/libfuzzer/FuzzerMain.cpp:20:10
    #16 0x7f0f701a082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #17 0x41e928 in _start (/out/fuzz-dhcp6-client+0x41e928)

6 years agotests: make fuzz-dhcp6-client work in containers provided by the OSS-Fuzz project
Evgeny Vereshchagin [Sat, 29 Sep 2018 02:47:18 +0000 (02:47 +0000)]
tests: make fuzz-dhcp6-client work in containers provided by the OSS-Fuzz project

The containers come with an empty machine-id, which causes the fuzzer
to fail as soon as it starts.

See https://github.com/systemd/systemd/pull/9014#discussion_r189594104

6 years agofuzz: add a fuzzer for dhcp6_client
Evgeny Vereshchagin [Wed, 26 Sep 2018 03:10:53 +0000 (03:10 +0000)]
fuzz: add a fuzzer for dhcp6_client

6 years agoman: add systemctl suspend-then-hibernate (#10194)
Jonas DOREL [Fri, 28 Sep 2018 13:56:48 +0000 (15:56 +0200)]
man: add systemctl suspend-then-hibernate (#10194)

This commit tries to document the systemctl suspend-then-hibernate documentation in the systemctl(1) manpage.

Fixes #10192.

6 years agoMerge pull request #10190 from evverx/fuzz-ndisc-rs
Zbigniew Jędrzejewski-Szmek [Fri, 28 Sep 2018 13:54:04 +0000 (15:54 +0200)]
Merge pull request #10190 from evverx/fuzz-ndisc-rs

Add a fuzzer for sd-ndisc and a reproducer for an infinite loop in ndisc_handle_datagram

6 years agomeson: use the host architecture compiler/linker for src/boot/efi
Helmut Grohne [Thu, 27 Sep 2018 15:17:37 +0000 (17:17 +0200)]
meson: use the host architecture compiler/linker for src/boot/efi

cross building systemd to arm64 presently fails, because the build
system uses plain gcc and plain ld (build architecture compiler and
linker respectively) for building src/boot/efi. These values come from
the efi-cc and efi-ld options respectively. It rather should be using
host tools here.

Fixes: b710072da441 ("add support for building efi modules")

6 years agoMerge pull request #10186 from yuwata/fix-10149
Zbigniew Jędrzejewski-Szmek [Fri, 28 Sep 2018 12:20:12 +0000 (14:20 +0200)]
Merge pull request #10186 from yuwata/fix-10149

network: Fix memleaks found by test

6 years agonetworkd-routing-policy-rule.c: drop unnecessary check
Zbigniew Jędrzejewski-Szmek [Thu, 27 Sep 2018 15:50:25 +0000 (17:50 +0200)]
networkd-routing-policy-rule.c: drop unnecessary check

set_get() already does that.

6 years agodhcp6: fix memleak
Yu Watanabe [Thu, 27 Sep 2018 15:10:26 +0000 (00:10 +0900)]
dhcp6: fix memleak

Let's drop client_set_lease() because just writing what it does in both
places is simpler.

Fixes #10157.

6 years agouft8: add comment, requested by @keszybz
Lennart Poettering [Thu, 27 Sep 2018 15:13:53 +0000 (17:13 +0200)]
uft8: add comment, requested by @keszybz

6 years agoupdate TODO
Lennart Poettering [Thu, 27 Sep 2018 15:11:01 +0000 (17:11 +0200)]
update TODO

6 years agodhcp6: fix buffer size checking
Yu Watanabe [Thu, 27 Sep 2018 14:48:51 +0000 (23:48 +0900)]
dhcp6: fix buffer size checking

6 years agodhcp6: use offsetof instead of sizeof
Yu Watanabe [Thu, 27 Sep 2018 14:31:34 +0000 (23:31 +0900)]
dhcp6: use offsetof instead of sizeof

6 years agosd-dhcp-lease: fix memleaks
Yu Watanabe [Thu, 27 Sep 2018 09:04:59 +0000 (18:04 +0900)]
sd-dhcp-lease: fix memleaks

6 years agosd-dhecp-lease: use free_and_replace() at one more
Yu Watanabe [Thu, 27 Sep 2018 09:04:08 +0000 (18:04 +0900)]
sd-dhecp-lease: use free_and_replace() at one more

6 years agonetwork: fix memleak around Network.dhcp_vendor_class_identifier
Yu Watanabe [Thu, 27 Sep 2018 08:48:11 +0000 (17:48 +0900)]
network: fix memleak around Network.dhcp_vendor_class_identifier

6 years agonetwork: fix alignment
Yu Watanabe [Thu, 27 Sep 2018 08:39:16 +0000 (17:39 +0900)]
network: fix alignment

6 years agonetwork: strdup iif and oif when creating RoutingPolicyRule object
Yu Watanabe [Thu, 27 Sep 2018 08:27:04 +0000 (17:27 +0900)]
network: strdup iif and oif when creating RoutingPolicyRule object

6 years agonetwork: use TAKE_PTR() at one more place
Yu Watanabe [Thu, 27 Sep 2018 08:26:04 +0000 (17:26 +0900)]
network: use TAKE_PTR() at one more place

6 years agonetwork: fix memleak about routing policy
Yu Watanabe [Wed, 26 Sep 2018 16:59:19 +0000 (01:59 +0900)]
network: fix memleak about routing policy

6 years agonetwork: use structured initializer at one more place
Yu Watanabe [Wed, 26 Sep 2018 16:52:04 +0000 (01:52 +0900)]
network: use structured initializer at one more place

6 years agoMerge pull request #10173 from poettering/sd-boot-utf
Zbigniew Jędrzejewski-Szmek [Thu, 27 Sep 2018 06:21:20 +0000 (08:21 +0200)]
Merge pull request #10173 from poettering/sd-boot-utf

the utf8.c changes from PR #9437 (i.e. the boot counting PR)

6 years agonspawn: when --quiet is passed, simply downgrade log messages to LOG_DEBUG (#10181)
Lennart Poettering [Wed, 26 Sep 2018 21:40:39 +0000 (23:40 +0200)]
nspawn: when --quiet is passed, simply downgrade log messages to LOG_DEBUG (#10181)

With this change almost all log messages that are suppressed through
--quiet are not actually suppressed anymore, but simply downgraded to
LOG_DEBUG. Previously we did it this way for some log messages and fully
suppressed them for others. With this it's pretty much systematic.

Inspired by #10122.

6 years agoudev/net: add support for the equivalent of "ethtool advertise" to .link files
Susant Sahani [Sat, 16 Sep 2017 18:36:56 +0000 (00:06 +0530)]
udev/net: add support for the equivalent of "ethtool advertise" to .link files

This work adds support for the equivalent of "ethtool advertise" to .link files?
http://lists.freedesktop.org/archives/systemd-devel/2015-April/030112.html

6 years agotests: add a reproducer for another infinite loop in ndisc_handle_datagram
Evgeny Vereshchagin [Wed, 26 Sep 2018 18:09:09 +0000 (18:09 +0000)]
tests: add a reproducer for another infinite loop in ndisc_handle_datagram

6 years agotests: add a reproducer for an infinite loop in ndisc_handle_datagram
Evgeny Vereshchagin [Wed, 26 Sep 2018 15:10:21 +0000 (15:10 +0000)]
tests: add a reproducer for an infinite loop in ndisc_handle_datagram

=0  ndisc_router_parse (rt=0x60d000000110) at ../src/libsystemd-network/ndisc-router.c:126
=1  0x000055555558dc67 in ndisc_handle_datagram (nd=0x608000000020, rt=0x60d000000110) at ../src/libsystemd-network/sd-ndisc.c:170
=2  0x000055555558e65d in ndisc_recv (s=0x611000000040, fd=4, revents=1, userdata=0x608000000020) at ../src/libsystemd-network/sd-ndisc.c:233
=3  0x00007ffff63913a8 in source_dispatch (s=0x611000000040) at ../src/libsystemd/sd-event/sd-event.c:3042
=4  0x00007ffff6395eab in sd_event_dispatch (e=0x617000000080) at ../src/libsystemd/sd-event/sd-event.c:3455
=5  0x00007ffff6396b12 in sd_event_run (e=0x617000000080, timeout=18446744073709551615) at ../src/libsystemd/sd-event/sd-event.c:3512
=6  0x0000555555583f5c in LLVMFuzzerTestOneInput (data=0x6060000000e0 "\206", size=53) at ../src/fuzz/fuzz-ndisc-rs.c:422
=7  0x0000555555586356 in main (argc=2, argv=0x7fffffffe3d8) at ../src/fuzz/fuzz-main.c:33

6 years agondisc: fix two infinite loops
Yu Watanabe [Fri, 28 Sep 2018 10:28:05 +0000 (19:28 +0900)]
ndisc: fix two infinite loops

6 years agotests: add a fuzzer for sd-ndisc
Evgeny Vereshchagin [Wed, 26 Sep 2018 15:04:26 +0000 (15:04 +0000)]
tests: add a fuzzer for sd-ndisc

6 years agoemergency: make sure console password agents don't interfere with the emergency shell
Franck Bui [Tue, 25 Sep 2018 13:25:08 +0000 (15:25 +0200)]
emergency: make sure console password agents don't interfere with the emergency shell

If for any reason local-fs.target fails at startup while a password is
requested by systemd-cryptsetup@.service, we end up with the emergency shell
competing with systemd-ask-password-console.service for the console.

This patch makes sure that:

 - systemd-ask-password-console.service is stopped before entering in emergency
   mode so it won't make any access to the console while the emergency shell is
   running.

 - systemd-ask-password-console.path is also stopped so any attempts to restart
   systemd-cryptsetup in the emergency shell won't restart
   systemd-ask-password-console.service and kill the emergency shell.

 - systemd-ask-password-wall.path is stopped so
   systemd-ask-password-wall.service won't be started as this service pulls
   the default dependencies in.

Fixes: #10131

6 years agonspawn: chown() the legacy hierarchy when it's used in a container
Evgeny Vereshchagin [Mon, 17 Sep 2018 07:12:38 +0000 (07:12 +0000)]
nspawn: chown() the legacy hierarchy when it's used in a container

This is a follow-up to 720f0a2f3c928cc9379501a52146be9fbb4d9be2.

Closes https://github.com/systemd/systemd/issues/10026
Closes https://github.com/systemd/systemd/issues/9563

6 years agoMake Watchdog Signal Configurable
Anita Zhang [Wed, 19 Sep 2018 19:03:01 +0000 (12:03 -0700)]
Make Watchdog Signal Configurable

Allows configuring the watchdog signal (with a default of SIGABRT).
This allows an alternative to SIGABRT when coredumps are not desirable.

Appropriate references to SIGABRT or aborting were renamed to reflect
more liberal watchdog signals.

Closes #8658

6 years agoMerge pull request #10158 from keszybz/seccomp-log-tightening
Lennart Poettering [Wed, 26 Sep 2018 13:56:32 +0000 (15:56 +0200)]
Merge pull request #10158 from keszybz/seccomp-log-tightening

Seccomp log tightening

6 years agoMerge pull request #10168 from keszybz/coverity-fixes
Lennart Poettering [Wed, 26 Sep 2018 13:37:22 +0000 (15:37 +0200)]
Merge pull request #10168 from keszybz/coverity-fixes

Coverity fixes

6 years agonetworkd-dhcp6: Set initial value of route to NULL
Patrik Flykt [Wed, 26 Sep 2018 00:09:17 +0000 (18:09 -0600)]
networkd-dhcp6: Set initial value of route to NULL

Start with route set to NULL should there be no route created. Remove
the explicit route_free as the _cleanup_ will take care of that after
the continue;.

6 years agolibsystemd: add missing 'global' specifier in libsystemd.sym
Yu Watanabe [Tue, 25 Sep 2018 11:58:24 +0000 (20:58 +0900)]
libsystemd: add missing 'global' specifier in libsystemd.sym

6 years agoRFC tmpfiles: Allow configuration to ignore execution errors
William Douglas [Mon, 10 Sep 2018 19:07:29 +0000 (12:07 -0700)]
RFC tmpfiles: Allow configuration to ignore execution errors

This is an implementation that covers making errors encountered when writing
file content optionally fatal. If this is something that folks would want I'll
add handling of this for all the other directives. I'd appreciate suggestions
on how this might better be structured as well (use of a goto fail or such) as
I'm not super happy with the approach.

6 years agoMerge pull request #10169 from poettering/putenv-error-handling
Zbigniew Jędrzejewski-Szmek [Tue, 25 Sep 2018 17:50:49 +0000 (19:50 +0200)]
Merge pull request #10169 from poettering/putenv-error-handling

add missing putenv() error handling

6 years agoutf8: add utf8_to_utf16() helper
Lennart Poettering [Mon, 25 Jun 2018 17:17:42 +0000 (19:17 +0200)]
utf8: add utf8_to_utf16() helper

6 years agoutf8: let's update utf16_to_utf8() a bit
Lennart Poettering [Mon, 25 Jun 2018 17:16:43 +0000 (19:16 +0200)]
utf8: let's update utf16_to_utf8() a bit

Let's change utf16_to_utf8() prototype to refer to utf16 chars with char16_t rather than void

Let's not cast away a "const" needlessly.

Let's add a few comments.

Let's fix the calculations of the buffer size to allocate, and how long
to run the loop in case of uneven byte numbers

6 years agoutf8: change return type of utf8_encoded_expected_len() to size_t
Lennart Poettering [Wed, 18 Jul 2018 10:30:00 +0000 (12:30 +0200)]
utf8: change return type of utf8_encoded_expected_len() to size_t

After all it returns a lengths of a string in chars, and hence should
return size_t, exactly like strlen().

6 years agoutf8: modernize utf16 inline calls a bit
Lennart Poettering [Wed, 18 Jul 2018 10:23:31 +0000 (12:23 +0200)]
utf8: modernize utf16 inline calls a bit

Let's fix an indentation issue.

Let's avoid yoda comparisons.

Let's drop unnecessary ().

Let's make sure we convert 16bit values to 32bit before shifting them by
10bit to the left, to avoid overflows.

Let's avoid comparisons between signed literals and unsigned variables,
in particular if the literals are outside of the minimum range C
requires for "int".

6 years agoutf8: update utf8_is_valid() a bit
Lennart Poettering [Wed, 18 Jul 2018 10:21:39 +0000 (12:21 +0200)]
utf8: update utf8_is_valid() a bit

Let's avoid a few casts in the function. Also, let's drop the "const"
when returning the string, for similar reasons as strchr() and friends
drop it: so that we don't add a const if the user passes in a non-const
string.

6 years agoMerge pull request #10088 from keszybz/man-systemctl-return
Lennart Poettering [Tue, 25 Sep 2018 10:35:36 +0000 (12:35 +0200)]
Merge pull request #10088 from keszybz/man-systemctl-return

man: add a description of systemctl return codes

6 years agoMerge pull request #10059 from yuwata/env-exec-directory
Lennart Poettering [Tue, 25 Sep 2018 10:34:30 +0000 (12:34 +0200)]
Merge pull request #10059 from yuwata/env-exec-directory

core: introduce $RUNTIME_DIRECTORY= or friends

6 years agoexec-util: add missing logging call
Lennart Poettering [Tue, 25 Sep 2018 10:03:06 +0000 (12:03 +0200)]
exec-util: add missing logging call

This function logs about all errors, but one case was forgotten. Fix
that.

6 years agoexec-util: handle putenv() errors
Lennart Poettering [Tue, 25 Sep 2018 10:02:26 +0000 (12:02 +0200)]
exec-util: handle putenv() errors

Just paranoia, as putenv() can fail and we should catch it, like we
catch all other errors.

Follow-up for #10073

6 years agotest-journal-syslog: initialize variable
Zbigniew Jędrzejewski-Szmek [Tue, 25 Sep 2018 09:34:52 +0000 (11:34 +0200)]
test-journal-syslog: initialize variable

The *priority argument to syslog_parse_priority() needs to be initialized
if the last argument (with_facility) is false.

CID #1394690.

6 years agoudev-builtin-net_id: do not assume "type" attribute exists
Zbigniew Jędrzejewski-Szmek [Tue, 25 Sep 2018 09:29:54 +0000 (11:29 +0200)]
udev-builtin-net_id: do not assume "type" attribute exists

It *should*, but who knows, let's be more defensive here.

CID #1395805.

6 years agojournal-upload: fix off-by-one in assert()
Zbigniew Jędrzejewski-Szmek [Tue, 25 Sep 2018 09:22:13 +0000 (11:22 +0200)]
journal-upload: fix off-by-one in assert()

CID #1394386.

6 years agosd-event: use new cleanup function more
Zbigniew Jędrzejewski-Szmek [Tue, 25 Sep 2018 09:15:27 +0000 (11:15 +0200)]
sd-event: use new cleanup function more

6 years agosd-event: remove dead code and use _cleanup_
Zbigniew Jędrzejewski-Szmek [Tue, 25 Sep 2018 09:10:12 +0000 (11:10 +0200)]
sd-event: remove dead code and use _cleanup_

CID #1393250.

6 years agodocs: clarify controller mount logic in hybrid cgroups mode
Lennart Poettering [Mon, 24 Sep 2018 17:01:37 +0000 (19:01 +0200)]
docs: clarify controller mount logic in hybrid cgroups mode

Fixes: #10107

6 years agoMake bzip2 an optional dependency for systemd-importd
Thiago Macieira [Mon, 24 Sep 2018 20:03:02 +0000 (13:03 -0700)]
Make bzip2 an optional dependency for systemd-importd

Yes, there are still a lot of users of bzip2, but it's fallen out of
favour after LZMA/xz, which can compress a lot more and often
decompresses faster than bzip2 too.

6 years agoMerge pull request #10163 from poettering/inhibit-format-table
Lennart Poettering [Tue, 25 Sep 2018 08:24:30 +0000 (10:24 +0200)]
Merge pull request #10163 from poettering/inhibit-format-table

systemd-inhibit --list: port to format-table.c

6 years agoMerge pull request #10073 from xnox/execve
Zbigniew Jędrzejewski-Szmek [Tue, 25 Sep 2018 08:07:23 +0000 (10:07 +0200)]
Merge pull request #10073 from xnox/execve

Execute generators with manager's environment exported

6 years agoDHCPv6: use unsigned for flags
Zbigniew Jędrzejewski-Szmek [Tue, 25 Sep 2018 07:29:36 +0000 (09:29 +0200)]
DHCPv6: use unsigned for flags

6 years agoMerge pull request #10164 from poettering/btrfs-resize-fix
Zbigniew Jędrzejewski-Szmek [Tue, 25 Sep 2018 07:24:14 +0000 (09:24 +0200)]
Merge pull request #10164 from poettering/btrfs-resize-fix

btrfs resize fix

6 years agoudev: fix some type sloppiness
Lennart Poettering [Mon, 24 Sep 2018 16:59:54 +0000 (18:59 +0200)]
udev: fix some type sloppiness

We use strtoul() which returns an "unsigned long", but then assign this
to int or unsigned in, i.e. drop 32bit silently on 64bit systems. Let's
clean this up a bit, and retain the right types.

6 years agologind: fix blacklist/whitelist confusion in comment (#10165)
Lennart Poettering [Mon, 24 Sep 2018 22:02:41 +0000 (01:02 +0300)]
logind: fix blacklist/whitelist confusion in comment (#10165)

Triggered by this:

https://github.com/systemd/systemd/commit/602a41c22ac2df33b4b5e5083719c1cfaf58acf9#r30575293

6 years agodocs: fix CONTRIBUTING path (#10160)
Lennart Poettering [Mon, 24 Sep 2018 21:25:48 +0000 (00:25 +0300)]
docs: fix CONTRIBUTING path (#10160)

6 years agobtrfs: log at debug log when we ignore errors
Lennart Poettering [Mon, 24 Sep 2018 17:47:42 +0000 (19:47 +0200)]
btrfs: log at debug log when we ignore errors

This stuff is likely to fail in many setups (for example when quota is
not supported by the btrfs version), hence only log at debug
level. Previously we'd silently ignore things altogether which makes
things pretty hard to debug.

6 years agobtrfs: fix loopback resizing code
Lennart Poettering [Mon, 24 Sep 2018 17:44:06 +0000 (19:44 +0200)]
btrfs: fix loopback resizing code

This corrects the block device to use, to the right path, as it was
before 553e15f21bd7b1ecb709edfb5686d5768fe942f2.

Replaces: #10153

6 years agoupdate TODO
Lennart Poettering [Mon, 24 Sep 2018 17:01:08 +0000 (19:01 +0200)]
update TODO

6 years agoinhibit: use format-table to format systemd-inhibit --list
Lennart Poettering [Wed, 19 Sep 2018 18:21:45 +0000 (21:21 +0300)]
inhibit: use format-table to format systemd-inhibit --list

This changes the output a bit, as the previous multi-line output of each
inhibitor is changed to a single line, but it does unify the output look
with the one of our other tools. Moreover this adds proper sorting.

6 years agoinhibit: normalize variable types
Lennart Poettering [Wed, 19 Sep 2018 17:57:42 +0000 (20:57 +0300)]
inhibit: normalize variable types

When we parse an "u" from an sd_bus_message then we need to do that into
a uint32_t, not a pid_t or uid_t, even if this is likely the same.

Also, let's count objects we keep in memory as size_t as usual.

6 years agoinhibit: normalize when we log about failures to list inhibitors
Lennart Poettering [Wed, 19 Sep 2018 17:53:22 +0000 (20:53 +0300)]
inhibit: normalize when we log about failures to list inhibitors

let's print log messages about all types of errors inside of the
function, since otherwise we might sometimes log twice about some
specific cases.

6 years agofs-util: make symlink_idempotent() optionally create relative link
Yu Watanabe [Sun, 23 Sep 2018 07:17:03 +0000 (16:17 +0900)]
fs-util: make symlink_idempotent() optionally create relative link

6 years agoMerge pull request #9989 from yuwata/sd-device-enoent
Zbigniew Jędrzejewski-Szmek [Mon, 24 Sep 2018 15:27:49 +0000 (17:27 +0200)]
Merge pull request #9989 from yuwata/sd-device-enoent

sd-device: make sd_device_get_*() return -ENOENT if the values are not set

6 years agoseccomp: tighten checking of seccomp filter creation
Zbigniew Jędrzejewski-Szmek [Thu, 20 Sep 2018 12:19:41 +0000 (14:19 +0200)]
seccomp: tighten checking of seccomp filter creation

In seccomp code, the code is changed to propagate errors which are about
anything other than unknown/unimplemented syscalls. I *think* such errors
should not happen in normal usage, but so far we would summarilly ignore all
errors, so that part is uncertain. If it turns out that other errors occur and
should be ignored, this should be added later.

In nspawn, we would count the number of added filters, but didn't use this for
anything. Drop that part.

The comments suggested that seccomp_add_syscall_filter_item() returned negative
if the syscall is unknown, but this wasn't true: it returns 0.

The error at this point can only be if the syscall was known but couldn't be
added. If the error comes from our internal whitelist in nspawn, treat this as
error, because it means that our internal table is wrong. If the error comes
from user arguments, warn and ignore. (If some syscall is not known at current
architecture, it is still silently ignored.)

6 years agoseccomp: reduce logging about failure to add syscall to seccomp
Zbigniew Jędrzejewski-Szmek [Mon, 24 Sep 2018 14:59:12 +0000 (16:59 +0200)]
seccomp: reduce logging about failure to add syscall to seccomp

Our logs are full of:
Sep 19 09:22:10 autopkgtest systemd[690]: Failed to add rule for system call oldstat() / -10037, ignoring: Numerical argument out of domain
Sep 19 09:22:10 autopkgtest systemd[690]: Failed to add rule for system call get_thread_area() / -10076, ignoring: Numerical argument out of domain
Sep 19 09:22:10 autopkgtest systemd[690]: Failed to add rule for system call set_thread_area() / -10079, ignoring: Numerical argument out of domain
Sep 19 09:22:10 autopkgtest systemd[690]: Failed to add rule for system call oldfstat() / -10034, ignoring: Numerical argument out of domain
Sep 19 09:22:10 autopkgtest systemd[690]: Failed to add rule for system call oldolduname() / -10036, ignoring: Numerical argument out of domain
Sep 19 09:22:10 autopkgtest systemd[690]: Failed to add rule for system call oldlstat() / -10035, ignoring: Numerical argument out of domain
Sep 19 09:22:10 autopkgtest systemd[690]: Failed to add rule for system call waitpid() / -10073, ignoring: Numerical argument out of domain
...
This is pointless and makes debug logs hard to read. Let's keep the logs
in test code, but disable it in nspawn and pid1. This is done through a function
parameter because those functions operate recursively and it's not possible to
make the caller to log meaningfully.

There should be no functional change, except the skipped debug logs.