platform/upstream/systemd.git
7 years agosystemctl: fix masking of template units
Zbigniew Jędrzejewski-Szmek [Sun, 3 Sep 2017 14:45:54 +0000 (17:45 +0300)]
systemctl: fix masking of template units

systemctl would try to load the properties of the unit, which is impossible
for template names, and the whole operation would fail. It seems that this
regression was introduced in 00c83b430020914499bebf22be6b258f518ae291.

Export the part of unit_find_paths() responsible for locating instance unit
fragments and reuse it from unit_exists() to fix the handling of template
units.

Fixes #6412.

7 years agosystemctl: check existence of all units, not just the first one
Zbigniew Jędrzejewski-Szmek [Sat, 2 Sep 2017 14:37:08 +0000 (17:37 +0300)]
systemctl: check existence of all units, not just the first one

7 years agocore: introduce a restart counter (#6495)
Lennart Poettering [Wed, 9 Aug 2017 19:12:55 +0000 (21:12 +0200)]
core: introduce a restart counter (#6495)

This adds a per-service restart counter. Each time an automatic
restart is scheduled (due to Restart=) it is increased by one. Its
current value is exposed over the bus as NRestarts=. It is also logged
(in a structured, recognizable way) on each restart.

Note that this really only counts automatic starts triggered by Restart=
(which it nicely complements). Manual restarts will reset the counter,
as will explicit calls to "systemctl reset-failed". It's supposed to be
a tool for measure the automatic restart feature, and nothing else.

Fixes: #4126

7 years agoMerge pull request #6467 from yuwata/journal-remote-units
Lennart Poettering [Wed, 9 Aug 2017 19:09:13 +0000 (21:09 +0200)]
Merge pull request #6467 from yuwata/journal-remote-units

units: use {State,Logs}Directory= if they are applicable

7 years agotmpfiles: Allow create symlink on directories (#6039)
William Douglas [Wed, 9 Aug 2017 15:53:03 +0000 (08:53 -0700)]
tmpfiles: Allow create symlink on directories (#6039)

Currently if tmpfiles is run with force on symlink creation but there already
exists a directory at that location, the creation will fail. This change
updates the behavior to remove the directory with rm_fr and then attempts to
create the symlink again.

7 years agoMerge pull request #6497 from yuwata/bus-prop
Lennart Poettering [Wed, 9 Aug 2017 15:06:26 +0000 (17:06 +0200)]
Merge pull request #6497 from yuwata/bus-prop

core: add missing properties in bus_exec_context_set_transient_property()

7 years agotests: when running a manager object in a test, migrate to private cgroup subroot...
Lennart Poettering [Wed, 9 Aug 2017 13:42:49 +0000 (15:42 +0200)]
tests: when running a manager object in a test, migrate to private cgroup subroot first (#6576)

Without this "meson test" will end up running all tests in the same
cgroup root, and they all will try to manage it. Which usually isn't too
bad, except when they end up clearing up each other's cgroups. This race
is hard to trigger but has caused various CI runs to fail spuriously.

With this change we simply move every test that runs a manager object
into their own private cgroup. Note that we don't clean up the cgroup at
the end, we leave that to the cgroup manager around it.

This fixes races that become visible by test runs throwing out errors
like this:

```
exec-systemcallfilter-failing.service: Passing 0 fds to service
exec-systemcallfilter-failing.service: About to execute: /bin/echo 'This should not be seen'
exec-systemcallfilter-failing.service: Forked /bin/echo as 5693
exec-systemcallfilter-failing.service: Changed dead -> start
exec-systemcallfilter-failing.service: Failed to attach to cgroup /exec-systemcallfilter-failing.service: No such file or directory
Received SIGCHLD from PID 5693 ((echo)).
Child 5693 ((echo)) died (code=exited, status=219/CGROUP)
exec-systemcallfilter-failing.service: Child 5693 belongs to exec-systemcallfilter-failing.service
exec-systemcallfilter-failing.service: Main process exited, code=exited, status=219/CGROUP
exec-systemcallfilter-failing.service: Changed start -> failed
exec-systemcallfilter-failing.service: Unit entered failed state.
exec-systemcallfilter-failing.service: Failed with result 'exit-code'.
exec-systemcallfilter-failing.service: cgroup is empty
Assertion 'service->main_exec_status.status == status_expected' failed at ../src/src/test/test-execute.c:71, function check(). Aborting.
```

BTW, I tracked this race down by using perf:

```
        # perf record -e cgroup:cgroup_mkdir,cgroup_rmdir
        …
        # perf script
```

Thanks a lot @iaguis, @alban for helping me how to use perf for this.

Fixes #5895.

7 years agobuild-sys: fix invalid args detected by meson 0.42 (#6561)
userwithuid [Wed, 9 Aug 2017 13:41:44 +0000 (13:41 +0000)]
build-sys: fix invalid args detected by meson 0.42 (#6561)

some run_target() calls were using params from custom_target()

example message:
WARNING: Passed invalid keyword argument "input". This will become a hard error in the future.

New way to call targets:
ninja man/man
ninja man/html
ninja man/update-man-rules

7 years agounits: do not perform m4 if not necessary (#6575)
Yu Watanabe [Wed, 9 Aug 2017 13:13:41 +0000 (22:13 +0900)]
units: do not perform m4 if not necessary (#6575)

7 years agorfkill: fix typo (#6574)
Xiang Fan [Wed, 9 Aug 2017 10:51:53 +0000 (05:51 -0500)]
rfkill: fix typo (#6574)

7 years agoMerge pull request #6568 from sourcejedi/test
Lennart Poettering [Wed, 9 Aug 2017 07:47:33 +0000 (09:47 +0200)]
Merge pull request #6568 from sourcejedi/test

sd-login: test - fix failure when run from non-graphical seat

7 years agoAdd rpm macro %_userpresetdir (#6571)
Zbigniew Jędrzejewski-Szmek [Wed, 9 Aug 2017 07:45:02 +0000 (03:45 -0400)]
Add rpm macro %_userpresetdir (#6571)

https://bugzilla.redhat.com/show_bug.cgi?id=1479580

7 years agodhcp-network: adjust sockaddr length for addresses longer than 8 bytes (#6527)
bengal [Tue, 8 Aug 2017 16:55:31 +0000 (18:55 +0200)]
dhcp-network: adjust sockaddr length for addresses longer than 8 bytes (#6527)

An infiniband hardware address is 20 bytes, but sockaddr_ll.sll_addr is only 8
bytes. Explicitly ensure that sockaddr_union has enough space for infiniband
addresses, even if they run over sockaddr_ll and add a macro to compute the
proper size to pass to kernel.

7 years agosd-login: test - fix failure when run from non-graphical seat
Alan Jenkins [Tue, 8 Aug 2017 15:13:52 +0000 (16:13 +0100)]
sd-login: test - fix failure when run from non-graphical seat

Observed when running from the console of a systemd nspawn container
(see failure below).

The value of r was tested, when r was last set by
sd_session_can_graphical().  This did not correspond to the value expected.

Fix the code, so we compare relevant values now.  Hopefully :).

Test failure
------------

/* Information printed is from the live system */
sd_pid_get_unit(0, …) → "session-13.scope"
sd_pid_get_user_unit(0, …) → "n/a"
sd_pid_get_slice(0, …) → "user-1000.slice"
sd_pid_get_session(0, …) → "13"
sd_pid_get_owner_uid(0, …) → 1000
sd_pid_get_cgroup(0, …) → "/user.slice/user-1000.slice/session-13.scope"
sd_uid_get_display(1000, …) → "13"
sd_uid_get_sessions(1000, …) → [2] "15 13"
sd_uid_get_seats(1000, …) → [1] "seat0"
sd_session_is_active("13") → yes
sd_session_is_remote("13") → no
sd_session_get_state("13") → "active"
sd_session_get_uid("13") → 1000
sd_session_get_type("13") → "tty"
sd_session_get_class("13") → "user"
sd_session_get_display("13") → "n/a"
sd_session_get_remote_user("13") → "n/a"
sd_session_get_remote_host("13") → "n/a"
sd_session_get_seat("13") → "seat0"
sd_session_can_multi_seat("seat0") → no
sd_session_can_tty("seat0") → no
sd_session_can_graphical("seat0") → no
sd_uid_get_state(1000, …) → active
Assertion '!!k == !!r' failed at ../src/libsystemd/sd-login/test-login.c:191, function test_login(). Aborting.

7 years agosd-login: test - fix function name in output
Alan Jenkins [Tue, 8 Aug 2017 14:54:15 +0000 (15:54 +0100)]
sd-login: test - fix function name in output

7 years agotreewide: fix typos (#6566)
Torstein Husebø [Tue, 8 Aug 2017 14:05:29 +0000 (16:05 +0200)]
treewide: fix typos (#6566)

7 years agosd-bus: free everything when bus_set_address_user fails (#6552)
Evgeny Vereshchagin [Tue, 8 Aug 2017 06:42:51 +0000 (09:42 +0300)]
sd-bus: free everything when bus_set_address_user fails (#6552)

Fixes:
```
$ env -i valgrind --leak-check=full ./build/test-bus-chat
...
==7763== 1,888 (1,824 direct, 64 indirect) bytes in 1 blocks are
definitely lost in loss record 2 of 2
==7763==    at 0x4C2FA50: calloc (vg_replace_malloc.c:711)
==7763==    by 0x4F8FF9A: sd_bus_new (sd-bus.c:175)
==7763==    by 0x4F938BF: sd_bus_open_user (sd-bus.c:1138)
==7763==    by 0x109ACD: server_init (test-bus-chat.c:70)
==7763==    by 0x10BCF8: main (test-bus-chat.c:526)
==7763==
```

Closes #6481

7 years agorules: split the rfkill subsystem rule (#6556)
Xiang Fan [Tue, 8 Aug 2017 06:41:15 +0000 (01:41 -0500)]
rules: split the rfkill subsystem rule (#6556)

This patch makes sure both rules are applied to rfkill devices.
Otherwise the ENV rule may be skipped if path_id fails.

Fixes: #6528

7 years agounit: remove redundant options
Yu Watanabe [Wed, 2 Aug 2017 09:06:47 +0000 (18:06 +0900)]
unit: remove redundant options

7 years agotmpfiles: drop systemd-remote.conf
Yu Watanabe [Thu, 27 Jul 2017 09:05:29 +0000 (18:05 +0900)]
tmpfiles: drop systemd-remote.conf

The directories are only used by the specific services, and
created before the services are started. So, it is not necessary
to create them by systemd-tmpfiles.

7 years agounits: use {State,Logs}Directory= if they are applicable
Yu Watanabe [Wed, 2 Aug 2017 08:35:11 +0000 (17:35 +0900)]
units: use {State,Logs}Directory= if they are applicable

7 years agocore: add missing properties in D-Bus API
Yu Watanabe [Mon, 7 Aug 2017 15:37:02 +0000 (00:37 +0900)]
core: add missing properties in D-Bus API

Closes #6466.

7 years agoseccomp-util: add parse_syscall_archs()
Yu Watanabe [Wed, 2 Aug 2017 04:46:45 +0000 (13:46 +0900)]
seccomp-util: add parse_syscall_archs()

7 years agoprocess-util: add sched_{policy,priority}_is_valid()
Yu Watanabe [Wed, 2 Aug 2017 04:43:44 +0000 (13:43 +0900)]
process-util: add sched_{policy,priority}_is_valid()

7 years agocpu-set-util: add parse_cpu_set()
Yu Watanabe [Wed, 2 Aug 2017 04:42:13 +0000 (13:42 +0900)]
cpu-set-util: add parse_cpu_set()

7 years agosecurebits-util: add secure_bits_{from_string,to_string_alloc}()
Yu Watanabe [Mon, 7 Aug 2017 14:40:25 +0000 (23:40 +0900)]
securebits-util: add secure_bits_{from_string,to_string_alloc}()

7 years agocap-list: add capability_set_{from_string,to_string_alloc}()
Yu Watanabe [Mon, 7 Aug 2017 14:25:11 +0000 (23:25 +0900)]
cap-list: add capability_set_{from_string,to_string_alloc}()

7 years agobuild-sys: Fix Makefile wrapper for install target (#6548)
Benjamin Robin [Mon, 7 Aug 2017 09:29:20 +0000 (11:29 +0200)]
build-sys: Fix Makefile wrapper for install target (#6548)

7 years agocore: propagate reload from RELOADING=1 notification (#6550)
Jouke Witteveen [Mon, 7 Aug 2017 09:27:24 +0000 (11:27 +0200)]
core: propagate reload from RELOADING=1 notification (#6550)

7 years agotests: use ninja-build if ninja is not available (#6544)
Evgeny Vereshchagin [Mon, 7 Aug 2017 09:06:07 +0000 (12:06 +0300)]
tests: use ninja-build if ninja is not available (#6544)

This makes the tests work on CentOS, which currently has ninja-build
only.

7 years agoman: DynamicUser= does not imply PrivateDevices= (#6510)
Yu Watanabe [Mon, 7 Aug 2017 09:02:47 +0000 (18:02 +0900)]
man: DynamicUser= does not imply PrivateDevices= (#6510)

Follow-up for effbd6d2eadb61bd236d118afc7901940c4c6b37.

7 years agoMerge pull request #6549 from yuwata/pedantic-checks
Lennart Poettering [Mon, 7 Aug 2017 08:52:27 +0000 (10:52 +0200)]
Merge pull request #6549 from yuwata/pedantic-checks

journal-remote: remove MHD_USE_PEDANTIC_CHECKS from the default flags

7 years agomicrohttpd-util: add comment
Yu Watanabe [Mon, 7 Aug 2017 01:35:05 +0000 (10:35 +0900)]
microhttpd-util: add comment

7 years agoMerge pull request #6536 from yuwata/fix-warning
Zbigniew Jędrzejewski-Szmek [Sun, 6 Aug 2017 20:19:49 +0000 (16:19 -0400)]
Merge pull request #6536 from yuwata/fix-warning

Core: cleanups

7 years agocore: do not ignore returned values
Yu Watanabe [Sun, 6 Aug 2017 14:34:55 +0000 (23:34 +0900)]
core: do not ignore returned values

7 years agojournal-remote: remove MHD_USE_PEDANTIC_CHECKS from the default flags
Yu Watanabe [Sun, 6 Aug 2017 14:25:41 +0000 (23:25 +0900)]
journal-remote: remove MHD_USE_PEDANTIC_CHECKS from the default flags

Follow-up for 010585873454d07625ee962ffa2ef2823624bfbe.

7 years agocore: evaluate presets after generators have run (#6526)
Luca Bruno [Sun, 6 Aug 2017 13:24:24 +0000 (13:24 +0000)]
core: evaluate presets after generators have run (#6526)

This commit moves the first-boot system preset-settings evaluation out
of main and into the manager startup logic itself. Notably, it reverses
the order between generators and presets evaluation, so that any changes
performed by first-boot generators are taken into the account by presets
logic.

After this change, units created by a generator can be enabled as part
of a preset.

7 years agocore: replace strcmp() == 0 with streq()
Yu Watanabe [Mon, 31 Jul 2017 23:55:15 +0000 (08:55 +0900)]
core: replace strcmp() == 0 with streq()

7 years agocore: fix typo
Yu Watanabe [Fri, 21 Jul 2017 12:29:59 +0000 (21:29 +0900)]
core: fix typo

7 years agocore: define variables only when they are required
Yu Watanabe [Wed, 2 Aug 2017 05:38:08 +0000 (14:38 +0900)]
core: define variables only when they are required

Follow-up for 7f18ef0a555a3c3cef08e0965dc453fe5954b5a7.

7 years agobus-util: do not print (uint64_t) -1 as is (#6522)
Yu Watanabe [Sun, 6 Aug 2017 00:37:25 +0000 (09:37 +0900)]
bus-util: do not print (uint64_t) -1 as is (#6522)

Closes #4295 and #6511.

7 years agotest-condition: fix test_condition_test_group() (#6531)
Alan Jenkins [Sat, 5 Aug 2017 23:25:19 +0000 (00:25 +0100)]
test-condition: fix test_condition_test_group() (#6531)

I hit a test failure with the `max_gid+1` test.  Problem is that we loop
over 0..r, but set `r` again within the loop (to 1).  So max_gid is only
set based on the first supplementary GID.

ConditionGroup=1000 → 1
ConditionGroup=4 → 1
ConditionGroup=adm → 1
ConditionGroup=1001 → 1
Assertion 'r == 0' failed at ../src/test/test-condition.c:462, function
test_condition_test_group(). Aborting.

$ id
uid=1000(alan-sysop) gid=1000(alan-sysop) groups=1000(alan-sysop),4(adm),
10(wheel),1001(sshlogin)

7 years agoman: document socket requirement for systemd-socket-proxyd (#6535)
dkg [Sat, 5 Aug 2017 23:19:09 +0000 (19:19 -0400)]
man: document socket requirement for systemd-socket-proxyd (#6535)

Without this requirement, if proxy-to-nginx.socket was down, and the sysadmin
were to do:

    systemctl start proxy-to-nginx.service

then the service would come up without a configured socket, which doesn't make
sense.  Normally this isn't how we expect a socket-activated service to start,
but it's possible for an admin to do this (if the .socket were already running,
the systemd-socket-proxyd process will start effectively idle).  But the
.service shouldn't end up in a broken state if the .socket isn't already
listening.

Adding the explicit Requires: should ensure that an admin with this
configuration state can't accidentally break their system.

7 years agoRevert "README: document that gperf 3.1 is required for building now" (#6541)
Mike Gilbert [Sat, 5 Aug 2017 22:30:37 +0000 (18:30 -0400)]
Revert "README: document that gperf 3.1 is required for building now" (#6541)

This reverts commit 4f5e972279d9ee6192930a0392f49cae9ad45daa.

Building with gperf 3.0 works just fine; we had an autoconf check to
determine the correct data types, and this check was ported to meson.

7 years agotest: Factorize common integration test functions (#6540)
Martin Pitt [Fri, 4 Aug 2017 12:34:14 +0000 (14:34 +0200)]
test: Factorize common integration test functions (#6540)

All test/TEST* but TEST-02-CRYPTSETUP share the same check_result_qemu()
and test_cleanup(), so move them into test_functions and only override
them in TEST-02-CRYPTSETUP.

Also provide a common test_run() which by default assumes that both QEMU
and nspawn tests are run. Particular tests which don't support either
need to explicitly opt out by setting $TEST_NO_{QEMU,NSPAWN}. Do it this
way around to avoid accidentally forgetting to opt in, and to encourage
test authors to at least always support nspawn.

7 years agoMerge pull request #6518 from joukewitteveen/process-rename
Evgeny Vereshchagin [Fri, 4 Aug 2017 11:54:47 +0000 (14:54 +0300)]
Merge pull request #6518 from joukewitteveen/process-rename

process-util: update the end pointer of the process name on rename

7 years agotest-process-util: test multiple invocations of rename_process
Jouke Witteveen [Thu, 3 Aug 2017 20:31:46 +0000 (22:31 +0200)]
test-process-util: test multiple invocations of rename_process

7 years agoprocess-util: update the end pointer of the process name on rename (#6492)
Jouke Witteveen [Wed, 2 Aug 2017 15:08:31 +0000 (17:08 +0200)]
process-util: update the end pointer of the process name on rename (#6492)

We only updated the end pointer when allocating new memory, i.e. on the first
call to rename_process.

7 years agoman: fix typos (#6532)
Jakub Wilk [Thu, 3 Aug 2017 21:36:21 +0000 (23:36 +0200)]
man: fix typos (#6532)

7 years agomeson: fix modprobedir (#6523)
Yu Watanabe [Thu, 3 Aug 2017 12:01:38 +0000 (21:01 +0900)]
meson: fix modprobedir (#6523)

Follow-up for 582faeb461aa0dd01b55bf6c9b1433532fc927d3.

7 years agoRevert "units: set ConditionVirtualization=!private-users on journald audit socket...
Lennart Poettering [Wed, 2 Aug 2017 14:39:54 +0000 (16:39 +0200)]
Revert "units: set ConditionVirtualization=!private-users on journald audit socket" (#6513)

* Revert "modprobe.d: ship drop-in to set bonding max_bonds to 0 (#6448)"

This reverts commit 582faeb461aa0dd01b55bf6c9b1433532fc927d3.

* Revert "units: set ConditionVirtualization=!private-users on journald audit socket (#6508)"

This reverts commit d2a1ba103b4ea22764953d795c36db3d492d50c9.

7 years agomodprobe.d: ship drop-in to set bonding max_bonds to 0 (#6448)
Dimitri John Ledkov [Wed, 2 Aug 2017 12:41:18 +0000 (13:41 +0100)]
modprobe.d: ship drop-in to set bonding max_bonds to 0 (#6448)

This allows networkd to correctly manage bond0 using networkd, when requested
by the user.

Fixes #5971 #6184

7 years agounits: set ConditionVirtualization=!private-users on journald audit socket (#6508)
Dimitri John Ledkov [Wed, 2 Aug 2017 08:15:26 +0000 (09:15 +0100)]
units: set ConditionVirtualization=!private-users on journald audit socket (#6508)

It fails to start in an unprivileged container as audit is not namespace aware.

7 years agoscsi_id: add missing options to getopt_long() (#6501)
Jan Synacek [Wed, 2 Aug 2017 08:12:33 +0000 (10:12 +0200)]
scsi_id: add missing options to getopt_long() (#6501)

7 years agonetworkd: add scope to address section (#6449)
Susant Sahani [Tue, 1 Aug 2017 07:44:08 +0000 (07:44 +0000)]
networkd: add scope to address section (#6449)

This work allows to configure address Scope to

host | link | global or a number.

Closes #6446

7 years agoMerge pull request #6420 from keszybz/gateway-name
Lennart Poettering [Tue, 1 Aug 2017 07:43:41 +0000 (09:43 +0200)]
Merge pull request #6420 from keszybz/gateway-name

Rename "gateway" to "_gateway" and other resolved changes

7 years agocore: check which MACs to use before a new mount ns is created (#6498)
Fabio Kung [Tue, 1 Aug 2017 07:15:18 +0000 (00:15 -0700)]
core: check which MACs to use before a new mount ns is created (#6498)

/sys is not guaranteed to exist when a new mount namespace is created.
It is only mounted under conditions specified by
`namespace_info_mount_apivfs`.

Checking if the three available MAC LSMs are enabled requires a sysfs
mounted at /sys, so the checks are moved to before a new mount ns is
created.

7 years agoresolved: add debug message about stub listener
Zbigniew Jędrzejewski-Szmek [Tue, 11 Jul 2017 12:50:56 +0000 (08:50 -0400)]
resolved: add debug message about stub listener

7 years agoresolved,nss-myhostname: use _gateway for the gateway
Zbigniew Jędrzejewski-Szmek [Tue, 11 Jul 2017 06:15:08 +0000 (02:15 -0400)]
resolved,nss-myhostname: use _gateway for the gateway

This changes the symbolic name for the default gateway from "gateway" to
"_gateway". A new configuration option -Dcompat-gateway-hostname=true|false
is added. If it is set, the old name is also supported, but the new name
is used as the canonical name in either case. This is intended as a temporary
measure to make the transition easier, and the option should be removed
after a few releases, at which point only the new name will be used.

The old "gateway" name mostly works OK, but hasn't gained widespread acceptance
because of the following (potential) conflicts:
- it is completely legal to have a host called "gateway"
- there is no guarantee that "gateway" will not be registered as a TLD, even
  though this currently seems unlikely. (Even then, there would be no
  conflict except for the case when the top-level domain itself was being resolved.
  The "gateway" or "_gateway" labels have only special meaning when the
  whole name consists of a single label, so resolution of any subdomain
  of the hypothetical gateway. TLD would still work OK. )
Moving to "_gateway" avoids those issues because underscores are not allowed
in host names (RFC 1123, §2.1) and avoids potential conflicts with local or
global names.

v2:
- simplify the logic to hardcode "_gateway" and allow
  -Dcompat-gateway-hostname=true as a temporary measure.

7 years agoMerge pull request #6392 from poettering/journal-cache
Lennart Poettering [Mon, 31 Jul 2017 18:01:05 +0000 (20:01 +0200)]
Merge pull request #6392 from poettering/journal-cache

add limited metadata caching to journald and other journal improvements

7 years agojournald: add minimal client metadata caching
Lennart Poettering [Mon, 17 Jul 2017 21:36:35 +0000 (23:36 +0200)]
journald: add minimal client metadata caching

Cache client metadata, in order to be improve runtime behaviour under
pressure.

This is inspired by @vcaputo's work, specifically:

https://github.com/systemd/systemd/pull/2280

That code implements related but different semantics.

For a longer explanation what this change implements please have a look
at the long source comment this patch adds to journald-context.c.

After this commit:

        # time bash -c 'dd bs=$((1024*1024)) count=$((1*1024)) if=/dev/urandom | systemd-cat'
        1024+0 records in
        1024+0 records out
        1073741824 bytes (1.1 GB, 1.0 GiB) copied, 11.2783 s, 95.2 MB/s

        real 0m11.283s
        user 0m0.007s
        sys 0m6.216s

Before this commit:

        # time bash -c 'dd bs=$((1024*1024)) count=$((1*1024)) if=/dev/urandom | systemd-cat'
        1024+0 records in
        1024+0 records out
        1073741824 bytes (1.1 GB, 1.0 GiB) copied, 52.0788 s, 20.6 MB/s

        real 0m52.099s
        user 0m0.014s
        sys 0m7.170s

As side effect, this corrects the journal's rate limiter feature: we now
always use the unit name as key for the ratelimiter.

7 years agostring-util: optimize strshorten() a bit
Lennart Poettering [Thu, 20 Jul 2017 12:17:30 +0000 (14:17 +0200)]
string-util: optimize strshorten() a bit

There's no reason to determine the full length of the string, it's
sufficient to know whether it is larger than the intended size...

7 years agoalloc-util: add new helpers memdup_suffix0() and newdup_suffix0()
Lennart Poettering [Thu, 20 Jul 2017 12:14:55 +0000 (14:14 +0200)]
alloc-util: add new helpers memdup_suffix0() and newdup_suffix0()

These are similar to memdup() and newdup(), but reserve one extra NUL
byte at the end of the new allocation and initialize it. It's useful
when copying out data from fixed size character arrays where NUL
termination can't be assumed.

7 years agostring-util: add strlen_ptr() helper
Lennart Poettering [Thu, 20 Jul 2017 09:38:15 +0000 (11:38 +0200)]
string-util: add strlen_ptr() helper

strlen_ptr() is to strlen() what streq_ptr() is to streq(): i.e. it
handles NULL strings in a smart way.

7 years agoprocess-util: slightly optimize querying of our own process metadata
Lennart Poettering [Mon, 17 Jul 2017 21:35:25 +0000 (23:35 +0200)]
process-util: slightly optimize querying of our own process metadata

When we are checking our own data, we can optimize things a bit.

7 years agojournald: only accept valid unit names for log streams
Lennart Poettering [Fri, 14 Jul 2017 17:03:32 +0000 (19:03 +0200)]
journald: only accept valid unit names for log streams

Let's be a bit stricter in what we end up logging: ignore invalid unit
name specifications. Let's validate all input!

As we ignore unit names passed in from unprivileged clients anyway the
effect of this additional check is minimal.

(Also, no need to initialize the identifier/unit_id fields of stream
objects to NULL if empty strings are passed, the default is NULL
anyway...)

7 years agojournald: add comment explaining journal rate limit return codes
Lennart Poettering [Fri, 14 Jul 2017 17:01:25 +0000 (19:01 +0200)]
journald: add comment explaining journal rate limit return codes

This is not obvious, hence let's add a comment.

7 years agoexecute: don't pass unit ID in --user mode to journald for stream logging
Lennart Poettering [Fri, 14 Jul 2017 16:59:41 +0000 (18:59 +0200)]
execute: don't pass unit ID in --user mode to journald for stream logging

When we create a log stream connection to journald, we pass along the
unit ID. With this change we do this only when we run as system
instance, not as user instance, to remove the ambiguity whether a user
or system unit is specified. The effect of this change is minor:
journald ignores the field anyway from clients with UID != 0. This patch
hence only fixes the unit attribution for the --user instance of the
root user.

7 years agoexecute: make some code shorter
Lennart Poettering [Fri, 14 Jul 2017 16:58:57 +0000 (18:58 +0200)]
execute: make some code shorter

Let's simplify some lines to make it shorter.

7 years agoparse-util: introduce pid_is_valid()
Lennart Poettering [Fri, 14 Jul 2017 16:57:54 +0000 (18:57 +0200)]
parse-util: introduce pid_is_valid()

Checking for validity of a PID is relatively easy, but let's add a
helper cal for this too, in order to make things more readable and more
similar to uid_is_valid(), gid_is_valid() and friends.

7 years agocore, sd-bus, logind: make use of uid_is_valid() in more places
Lennart Poettering [Fri, 14 Jul 2017 16:57:04 +0000 (18:57 +0200)]
core, sd-bus, logind: make use of uid_is_valid() in more places

7 years agoaudit: introduce audit_session_is_valid() and make use of it everywhere
Lennart Poettering [Fri, 14 Jul 2017 16:42:17 +0000 (18:42 +0200)]
audit: introduce audit_session_is_valid() and make use of it everywhere

Let's add a proper validation function, since validation isn't entirely
trivial. Make use of it where applicable. Also make use of
AUDIT_SESSION_INVALID where we need a marker for an invalid audit
session.

7 years agoescape: fix systemd-escape description text
Lennart Poettering [Fri, 14 Jul 2017 16:39:18 +0000 (18:39 +0200)]
escape: fix systemd-escape description text

The long man page paragraph got it right: the tool is for escaping systemd unit
names, not just system unit names. Also fix the short man page paragraph
and the --help text.

Follow-up for 303608c1bcf9568371625fbbd9442946cadba422

7 years agonamespace: keep selinuxfs mounted read-write with ProtectKernelTunables (#5741)
Nicolas Iooss [Mon, 31 Jul 2017 15:45:33 +0000 (17:45 +0200)]
namespace: keep selinuxfs mounted read-write with ProtectKernelTunables (#5741)

When a service unit uses "ProtectKernelTunables=yes", it currently
remounts /sys/fs/selinux read-only. This makes libselinux report SELinux
state as "disabled", because most SELinux features are not usable. For
example it is not possible to validate security contexts (with
security_check_context_raw() or /sys/fs/selinux/context). This behavior
of libselinux has been described in
http://danwalsh.livejournal.com/73099.html and confirmed in a recent
email, https://marc.info/?l=selinux&m=149220233032594&w=2 .

Since commit 0c28d51ac849 ("units: further lock down our long-running
services"), systemd-localed unit uses ProtectKernelTunables=yes.
Nevertheless this service needs to use libselinux API in order to create
/etc/vconsole.conf, /etc/locale.conf... with the right SELinux contexts.
This is broken when /sys/fs/selinux is mounted read-only in the mount
namespace of the service.

Make SELinux-aware systemd services work again when they are using
ProtectKernelTunables=yes by keeping selinuxfs mounted read-write.

7 years agomount-setup: mount xenfs filesystem (#6491)
vliaskov [Mon, 31 Jul 2017 13:59:02 +0000 (15:59 +0200)]
mount-setup: mount xenfs filesystem (#6491)

7 years agocore: Do not fail perpetual mount units without fragment (#6459)
Abdó Roig-Maranges [Mon, 31 Jul 2017 10:32:09 +0000 (12:32 +0200)]
core: Do not fail perpetual mount units without fragment (#6459)

mount_load does not require fragment files to be present in order to
load mount units which are perpetual, or come from /proc/self/mountinfo.

mount_verify should do the same, otherwise a synthesized '-.mount' would
be marked as failed with "No such file or directory", as it is perpetual
but not marked to come from /proc/self/mountinfo at this point.

This happens for the user instance, and I suspect it was the cause of #5375
for the system instance, without gpt-generator.

7 years agoMerge pull request #6472 from yuwata/journal-gateway-fix
Lennart Poettering [Mon, 31 Jul 2017 10:11:48 +0000 (12:11 +0200)]
Merge pull request #6472 from yuwata/journal-gateway-fix

Some journal-gateway and journal-remote related fixes

7 years agorfkill: fix erroneous behavior when polling the udev monitor (#6489)
S. Fan [Mon, 31 Jul 2017 10:10:10 +0000 (05:10 -0500)]
rfkill: fix erroneous behavior when polling the udev monitor (#6489)

Comparing udev_device_get_sysname(device) and sysname will always return
true. We need to check the device received from udev monitor instead.

Also, fd_wait_for_event() sometimes never exits. Better set a timeout
here.

7 years agocryptsetup: fix infinite timeout (#6486)
Andrew Soutar [Mon, 31 Jul 2017 06:19:16 +0000 (02:19 -0400)]
cryptsetup: fix infinite timeout (#6486)

0004f698d causes `arg_timeout` to be infinity instead of 0 when timeout=0. The
logic here now matches this change.

Fixes #6381

7 years agocore: properly handle deserialization of unknown unit types (#6476)
Zbigniew Jędrzejewski-Szmek [Mon, 31 Jul 2017 06:05:35 +0000 (02:05 -0400)]
core: properly handle deserialization of unknown unit types (#6476)

We just abort startup, without printing any error. Make sure we always
print something, and when we cannot deserialize some unit, just ignore it and
continue.

Fixup for 4bc5d27b942afa83cc3d95debd2ad48d42ac07a8. Without this, we would hang
in daemon-reexec after upgrade.

7 years agoMerge pull request #6462 from keszybz/man-tweaks
Martin Pitt [Fri, 28 Jul 2017 09:49:44 +0000 (11:49 +0200)]
Merge pull request #6462 from keszybz/man-tweaks

Some small man page fixes

7 years agoman: do not recommend rescue.target for alt-↑
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jul 2017 20:04:52 +0000 (16:04 -0400)]
man: do not recommend rescue.target for alt-↑

rescue.target does not work well, and we don't have a suitable emergency
shell unit that can be started on existing systems right now. So let's just
remove the recommendation for now.

Fixes #6451.

7 years agoman: do not encourgage starting of poweroff/halt/reboot/kexec targets directly
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jul 2017 19:53:30 +0000 (15:53 -0400)]
man: do not encourgage starting of poweroff/halt/reboot/kexec targets directly

Going through logind and systemd allows polkit to be used,
the job mode will be set properly, and is generally easier
to get correct.

Fixes #6452.

7 years agoman: describe which units types are stopped on isolate
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jul 2017 19:25:50 +0000 (15:25 -0400)]
man: describe which units types are stopped on isolate

Fixes #6455.

7 years agoMerge pull request #6365 from keszybz/fast-tests
Martin Pitt [Fri, 28 Jul 2017 09:09:50 +0000 (11:09 +0200)]
Merge pull request #6365 from keszybz/fast-tests

Make tests faster by default

7 years agoMerge pull request #6461 from keszybz/meson-options-fix
Martin Pitt [Fri, 28 Jul 2017 07:51:29 +0000 (09:51 +0200)]
Merge pull request #6461 from keszybz/meson-options-fix

Meson options fix

7 years agoboot/efi: don't hard fail on error for tpm measure (#6473)
Harald Hoyer [Fri, 28 Jul 2017 07:46:05 +0000 (09:46 +0200)]
boot/efi: don't hard fail on error for tpm measure (#6473)

Display the error for a small amount of time, but don't fail hard.

In case of a faulty BIOS, a TPM error should not prevent the boot.
If something cares about the PCM measurement, it will be noticed
anyway later on.

Especially important now, that TPM measurement is the default now on
some distribution builds.

https://bugzilla.redhat.com/show_bug.cgi?id=1411156

7 years agotest-timesync: ignore failure to listen on /run/systemd/netif/links/ (#6463)
Zbigniew Jędrzejewski-Szmek [Fri, 28 Jul 2017 07:33:43 +0000 (03:33 -0400)]
test-timesync: ignore failure to listen on /run/systemd/netif/links/ (#6463)

Fixes #6353.

7 years agoMerge pull request #6465 from keszybz/drop-kdbus
Martin Pitt [Fri, 28 Jul 2017 07:29:07 +0000 (09:29 +0200)]
Merge pull request #6465 from keszybz/drop-kdbus

Drop kdbus-dependent code

7 years agomkosi.arch: fix comment (#6470)
AsciiWolf [Fri, 28 Jul 2017 07:24:12 +0000 (09:24 +0200)]
mkosi.arch: fix comment (#6470)

libidn -> libidn2

7 years agojournal-remote: use MHD_OPTION_STRICT_FOR_CLIENT if MHD_USE_PEDANTIC_CHECKS is deprecated
Yu Watanabe [Fri, 28 Jul 2017 07:22:14 +0000 (16:22 +0900)]
journal-remote: use MHD_OPTION_STRICT_FOR_CLIENT if MHD_USE_PEDANTIC_CHECKS is deprecated

The option MHD_OPTION_STRICT_FOR_CLIENT is provided since libmicrohttpd-0.9.54, and
MHD_USE_PEDANTIC_CHECKS will be deprecated in future.
This makes support both option.

7 years agojournal-gateway: use MHD_USE_POLL_INTERNAL_THREAD instead of MHD_USE_POLL
Yu Watanabe [Fri, 28 Jul 2017 04:21:34 +0000 (13:21 +0900)]
journal-gateway: use MHD_USE_POLL_INTERNAL_THREAD instead of MHD_USE_POLL

The option MHD_USE_THREAD_PER_CONNECTION requires MHD_USE_POLL_INTERNAL_THREAD
since libmicrohttpd-0.9.53.
If MHD_USE_POLL is used instead of MHD_USE_POLL_INTERNAL_THREAD, then
the library outputs the following warning:
```
Warning: MHD_USE_THREAD_PER_CONNECTION must be used only with
MHD_USE_INTERNAL_POLLING_THREAD. Flag MHD_USE_INTERNAL_POLLING_THREAD was added.
Consider setting MHD_USE_INTERNAL_POLLING_THREAD explicitly.
```
The option MHD_USE_POLL_INTERNAL_THREAD is defined as
`MHD_USE_POLL_INTERNAL_THREAD = MHD_USE_POLL | MHD_USE_INTERNAL_POLLING_THREAD,`
So, let's use MHD_USE_POLL_INTERNAL_THREAD instead of MHD_USE_POLL.

7 years agojournal-remote,gateway: use MHD_USE_TLS instead of MHD_USE_SSL
Yu Watanabe [Fri, 28 Jul 2017 04:19:52 +0000 (13:19 +0900)]
journal-remote,gateway: use MHD_USE_TLS instead of MHD_USE_SSL

The option is renamed in libmicrohttpd-0.9.52.

7 years agounits,sysusers: use DynamicUser= for journal-gatewayd and drop user systemd-journal...
Yu Watanabe [Fri, 28 Jul 2017 03:28:17 +0000 (12:28 +0900)]
units,sysusers: use DynamicUser= for journal-gatewayd and drop user systemd-journal-gateway from sysusers

7 years agobash-completion: use the first argument instead of the global variable (#6457)
Yu Watanabe [Thu, 27 Jul 2017 11:22:54 +0000 (20:22 +0900)]
bash-completion: use the first argument instead of the global variable (#6457)

Without this fix:

$ systemctl start <tab>
Display all 135 possibilities? (y or n)
$ __get_startable_units --system | wc -l
224

the number of the suggestions are quite different, as __get_startable_units --system does
not filter already started units. With this fix,

$ systemctl start <tab>
Display all 135 possibilities? (y or n)
$ __get_startable_units --system | wc -l
123
$ __get_template_names --system | wc -l
12

the number of the suggestions matches one the function returns.
For consistency with the other internal functions, it should use the first argument
instead of the global variable $mode.

[zj: add commit message to make it sound like we know what we're doing]

7 years agomeson: add empty lines before enabled/disabled status
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jul 2017 18:14:44 +0000 (14:14 -0400)]
meson: add empty lines before enabled/disabled status

Those line are long enough to wrap around a few times, and they are
much more legible with some whitespace.

7 years agomeson: -D remote and -D importd should be "combo" options
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jul 2017 18:11:15 +0000 (14:11 -0400)]
meson: -D remote and -D importd should be "combo" options

The default should be 'auto', and we allow 'true'
and 'false' too.

Fixes #6445.

7 years agomeson: drop unnecesary default value setting
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jul 2017 18:09:22 +0000 (14:09 -0400)]
meson: drop unnecesary default value setting

'true' is the default.
Follow-up for 7d77b8880d571447825bb6b0d61683d2e9d58895.

7 years agomeson.build: reorder tests to match order in meson_options.txt
Zbigniew Jędrzejewski-Szmek [Wed, 26 Jul 2017 18:08:46 +0000 (14:08 -0400)]
meson.build: reorder tests to match order in meson_options.txt

This makes it easier to edit both files.

7 years agohwdb: Add axis range for System76 Galago Pro (galp2) (#6439)
Benjamin Berg [Tue, 25 Jul 2017 01:35:58 +0000 (03:35 +0200)]
hwdb: Add axis range for System76 Galago Pro (galp2) (#6439)