platform/upstream/systemd.git
7 years agopython: remove star imports
Zbigniew Jędrzejewski-Szmek [Mon, 3 Jul 2017 00:26:32 +0000 (20:26 -0400)]
python: remove star imports

Star imports are discouraged and break pyflakes.

I'm happy to report that pyflakes finds no issues ;)

7 years agobuild-sys: drop support for generation of Makefile-man.am
Zbigniew Jędrzejewski-Szmek [Mon, 3 Jul 2017 00:22:35 +0000 (20:22 -0400)]
build-sys: drop support for generation of Makefile-man.am

7 years agobuild-sys: drop automake support
Zbigniew Jędrzejewski-Szmek [Mon, 3 Jul 2017 00:21:34 +0000 (20:21 -0400)]
build-sys: drop automake support

v2:
- also mention m4

7 years agomailmap: add entry
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jul 2017 15:50:14 +0000 (11:50 -0400)]
mailmap: add entry

7 years agocore: add {State,Cache,Log,Configuration}Directory= (#6384)
Yu Watanabe [Tue, 18 Jul 2017 12:34:52 +0000 (21:34 +0900)]
core: add {State,Cache,Log,Configuration}Directory= (#6384)

This introduces {State,Cache,Log,Configuration}Directory= those are
similar to RuntimeDirectory=. They create the directories under
/var/lib, /var/cache/, /var/log, or /etc, respectively, with the mode
specified in {State,Cache,Log,Configuration}DirectoryMode=.

This also fixes #6391.

7 years agoMerge pull request #6349 from poettering/mkosi-builddir
Lennart Poettering [Tue, 18 Jul 2017 07:46:08 +0000 (09:46 +0200)]
Merge pull request #6349 from poettering/mkosi-builddir

mkosi builddir support

7 years agomkosi: add m4 (#6389)
Lucas Werkmeister [Mon, 17 Jul 2017 22:51:14 +0000 (00:51 +0200)]
mkosi: add m4 (#6389)

This seems to be required since the move to meson.

7 years agotests: ignore router state in networkd test (#6390)
Martin Pitt [Mon, 17 Jul 2017 22:06:35 +0000 (00:06 +0200)]
tests: ignore router state in networkd test (#6390)

In networkd-test.py, don't assert that the router state is "routable".
While it should eventually become that, we don't wait for it, and thus
at that point it often is "carrier" or "degrated" still. It is also not
really relevant as this only tests the "client" side interface.

7 years agobasic: use _unlocked() stdio in strip_tab_ansi() (#6385)
Vito Caputo [Mon, 17 Jul 2017 22:05:52 +0000 (15:05 -0700)]
basic: use _unlocked() stdio in strip_tab_ansi() (#6385)

Trivial performance boost by explicitly bypassing the implicit
locking of stdio.

This significantly affects common cases of `journalctl` usage:

 Before:

  # time ./journalctl -b -1 > /dev/null
   real    0m26.628s
   user    0m26.495s
   sys     0m0.125s

  # time ./journalctl -b -1 > /dev/null
   real    0m27.069s
   user    0m26.936s
   sys     0m0.134s

  # time ./journalctl -b -1 > /dev/null
   real    0m26.727s
   user    0m26.607s
   sys     0m0.119s

 After:

  # time ./journalctl -b -1 > /dev/null
   real    0m23.394s
   user    0m23.244s
   sys     0m0.142s

  # time ./journalctl -b -1 > /dev/null
   real    0m23.283s
   user    0m23.160s
   sys     0m0.121s

  # time ./journalctl -b -1 > /dev/null
   real    0m23.274s
   user    0m23.125s
   sys     0m0.144s

Fixes https://github.com/systemd/systemd/issues/6341

7 years agoMerge pull request #6387 from keszybz/fix-timeout-0
Lennart Poettering [Mon, 17 Jul 2017 22:04:24 +0000 (00:04 +0200)]
Merge pull request #6387 from keszybz/fix-timeout-0

Fix x-systemd.timeout=0 in fstab

7 years agomkosi: roll back to libidn on Arch (#6388)
Lucas Werkmeister [Mon, 17 Jul 2017 20:41:31 +0000 (22:41 +0200)]
mkosi: roll back to libidn on Arch (#6388)

This reverts the mkosi.arch part of a8a2a0ed64. libidn2 is only
available on AUR, which mkosi doesn’t support.

7 years agoUse config_parse_sec_fix_0() also for JobRunningTimeoutSec
Zbigniew Jędrzejewski-Szmek [Mon, 17 Jul 2017 19:45:44 +0000 (15:45 -0400)]
Use config_parse_sec_fix_0() also for JobRunningTimeoutSec

2d79a0bbb9f651656384a0a86ed814e6306fb5dd did that for TimeoutSec=,
89beff89edba592366b2960bd830d3f6e602c2c7 did that for JobTimeoutSec=,
and 0004f698df1410ef8b6ab3fb5f4b41a60c91182c did that for
x-systemd.device-timeout=. But after parsing x-systemd.device-timeout=xxx
we write it out as JobRunningTimeoutSec=xxx. Two options:
- write out JobRunningTimeoutSec=<a very big number>,
- change JobRunningTimeoutSec= to behave like the other options.

I think it would be confusing for JobRunningTimeoutSec= to have different
syntax then TimeoutSec= and JobTimeoutSec=, so this patch implements the
second option.

Fixes #6264, https://bugzilla.redhat.com/show_bug.cgi?id=1462378.

7 years agoman: make crypttab(5) a bit easier to read
Zbigniew Jędrzejewski-Szmek [Mon, 17 Jul 2017 20:03:17 +0000 (16:03 -0400)]
man: make crypttab(5) a bit easier to read

7 years agomkosi: make use of BUILDDIR if it is set
Lennart Poettering [Wed, 12 Jul 2017 17:58:53 +0000 (19:58 +0200)]
mkosi: make use of BUILDDIR if it is set

This way, the new "mkosi.builddir" support proposed in PR:

https://github.com/systemd/mkosi/pull/114

will be made use of automatically.

7 years agogitignore: include mkosi -i files in gitignore
Lennart Poettering [Wed, 12 Jul 2017 17:58:35 +0000 (19:58 +0200)]
gitignore: include mkosi -i files in gitignore

(also: sort the entries again)

7 years agojournald: make sure we retain all stream fds across restarts (#6348)
Michal Sekletar [Mon, 17 Jul 2017 08:04:37 +0000 (10:04 +0200)]
journald: make sure we retain all stream fds across restarts (#6348)

Currently we set 4096 as maximum for number of stream connections that
we accept. However maximum number of file descriptors that systemd is
willing to accept from us is just 1024. This means we can't retain all
stream connections that we accepted. Hence bump the limit of fds in a
unit file so that systemd holds open all stream fds while we are
restarted.

New limit is set to 4224 (4096 + 128).

7 years agoMerge pull request #6354 from walyong/smack_process_label_free
Lennart Poettering [Mon, 17 Jul 2017 08:04:12 +0000 (10:04 +0200)]
Merge pull request #6354 from walyong/smack_process_label_free

core: modify resource leak and missed security context dump

7 years agoMerge pull request #6355 from vcaputo/journal_avoid_mmap_cache_get_calls
Lennart Poettering [Mon, 17 Jul 2017 08:03:52 +0000 (10:03 +0200)]
Merge pull request #6355 from vcaputo/journal_avoid_mmap_cache_get_calls

journal: avoid unnecessary mmap_cache_get() calls

7 years agofstab-generator: ignore x-systemd.device-timeout for non-devices (#6368)
NeilBrown [Mon, 17 Jul 2017 08:03:34 +0000 (18:03 +1000)]
fstab-generator: ignore x-systemd.device-timeout for non-devices (#6368)

If you specify "x-systemd.device-timeout" for an NFS mount
point, you get no warning and a meaningless device unit
dependency created.

Better to have a warning and no dependency.

7 years agoMerge pull request #6367 from keszybz/enable-tpm
Lennart Poettering [Mon, 17 Jul 2017 08:03:13 +0000 (10:03 +0200)]
Merge pull request #6367 from keszybz/enable-tpm

build-sys: enable tpm by default

7 years agoMerge pull request #6324 from keszybz/generator-add-symlink
Lennart Poettering [Mon, 17 Jul 2017 08:02:54 +0000 (10:02 +0200)]
Merge pull request #6324 from keszybz/generator-add-symlink

Add helper function for creation of unit symlinks in generators

7 years agoMerge pull request #6328 from yuwata/runtime-preserve
Lennart Poettering [Mon, 17 Jul 2017 08:02:19 +0000 (10:02 +0200)]
Merge pull request #6328 from yuwata/runtime-preserve

core: Allow preserving contents of RuntimeDirectory over process restart

7 years agocore: support subdirectories in RuntimeDirectory= option
Yu Watanabe [Mon, 17 Jul 2017 07:30:53 +0000 (16:30 +0900)]
core: support subdirectories in RuntimeDirectory= option

7 years agocore: allow preserving contents of RuntimeDirectory= over process restart
Yu Watanabe [Mon, 17 Jul 2017 07:22:25 +0000 (16:22 +0900)]
core: allow preserving contents of RuntimeDirectory= over process restart

This introduces RuntimeDirectoryPreserve= option which takes a boolean
argument or 'restart'.

Closes #6087.

7 years agoMerge pull request #6380 from keszybz/seccomp-arm64
Lennart Poettering [Sun, 16 Jul 2017 14:17:59 +0000 (16:17 +0200)]
Merge pull request #6380 from keszybz/seccomp-arm64

Seccomp arm64

7 years agotest-seccomp: arm64 does not have access() and poll()
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jul 2017 19:30:48 +0000 (19:30 +0000)]
test-seccomp: arm64 does not have access() and poll()

glibc uses faccessat and ppoll, so just add a filters for that.

(cherry picked from commit abc0213839fef92e2e2b98a434914f22ece48490)

7 years agoseccomp: arm64 does not have mmap2
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jul 2017 19:30:01 +0000 (19:30 +0000)]
seccomp: arm64 does not have mmap2

I messed up when adding the definitions in 4278d1f5310f5acb4c6a6788233625234edb5145.
Unfortunately I didn't have the hardware at hand and went by
looking at the kernel headers.

(cherry picked from commit 53196fafcb7b24b45ed4f48ab894d00a24a6d871)

7 years agoseccomp: arm64/x32 do not have _sysctl
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jul 2017 19:28:02 +0000 (19:28 +0000)]
seccomp: arm64/x32 do not have _sysctl

So don't even try to added the filter to reduce noise.
The test is updated to skip calling _sysctl because the kernel prints
an oops-like message that is confusing and unhelpful:

Jul 15 21:07:01 rpi3 kernel: test-seccomp[8448]: syscall -10080
Jul 15 21:07:01 rpi3 kernel: Code: aa0503e4 aa0603e5 aa0703e6 d4000001 (b13ffc1f)
Jul 15 21:07:01 rpi3 kernel: CPU: 3 PID: 8448 Comm: test-seccomp Tainted: G        W       4.11.8-300.fc26.aarch64 #1
Jul 15 21:07:01 rpi3 kernel: Hardware name: raspberrypi rpi/rpi, BIOS 2017.05 06/24/2017
Jul 15 21:07:01 rpi3 kernel: task: ffff80002bb0bb00 task.stack: ffff800036354000
Jul 15 21:07:01 rpi3 kernel: PC is at 0xffff8669c7c4
Jul 15 21:07:01 rpi3 kernel: LR is at 0xaaaac64b6750
Jul 15 21:07:01 rpi3 kernel: pc : [<0000ffff8669c7c4>] lr : [<0000aaaac64b6750>] pstate: 60000000
Jul 15 21:07:01 rpi3 kernel: sp : 0000ffffdc640fd0
Jul 15 21:07:01 rpi3 kernel: x29: 0000ffffdc640fd0 x28: 0000000000000000
Jul 15 21:07:01 rpi3 kernel: x27: 0000000000000000 x26: 0000000000000000
Jul 15 21:07:01 rpi3 kernel: x25: 0000000000000000 x24: 0000000000000000
Jul 15 21:07:01 rpi3 kernel: x23: 0000000000000000 x22: 0000000000000000
Jul 15 21:07:01 rpi3 kernel: x21: 0000aaaac64b4940 x20: 0000000000000000
Jul 15 21:07:01 rpi3 kernel: x19: 0000aaaac64b88f8 x18: 0000000000000020
Jul 15 21:07:01 rpi3 kernel: x17: 0000ffff8669c7a0 x16: 0000aaaac64d2ee0
Jul 15 21:07:01 rpi3 kernel: x15: 0000000000000000 x14: 0000000000000000
Jul 15 21:07:01 rpi3 kernel: x13: 203a657275746365 x12: 0000000000000000
Jul 15 21:07:01 rpi3 kernel: x11: 0000ffffdc640418 x10: 0000000000000000
Jul 15 21:07:01 rpi3 kernel: x9 : 0000000000000005 x8 : 00000000ffffd8a0
Jul 15 21:07:01 rpi3 kernel: x7 : 7f7f7f7f7f7f7f7f x6 : 7f7f7f7f7f7f7f7f
Jul 15 21:07:01 rpi3 kernel: x5 : 65736d68716f7277 x4 : 0000000000000000
Jul 15 21:07:01 rpi3 kernel: x3 : 0000000000000008 x2 : 0000000000000000
Jul 15 21:07:01 rpi3 kernel: x1 : 0000000000000000 x0 : 0000000000000000
Jul 15 21:07:01 rpi3 kernel:

(cherry picked from commit 1e20e640132c700c23494bb9e2619afb83878380)

7 years agoshared/seccomp-util: add parentheses and no. after syscall name
Zbigniew Jędrzejewski-Szmek [Sat, 15 Jul 2017 19:25:19 +0000 (19:25 +0000)]
shared/seccomp-util: add parentheses and no. after syscall name

"Failed to add rule for system call access, ignoring: Numerical argument out of domain"
is confusing. Make that "... system call access() / 238".

(cherry picked from commit 977dc6ca5acb8069a2966ec63e7378576bc2ca51)

7 years agoFix spelling (#6378)
Lucas Werkmeister [Sat, 15 Jul 2017 16:29:09 +0000 (18:29 +0200)]
Fix spelling (#6378)

7 years agojournald: make reading /dev/kmsg optional (#6362)
Susant Sahani [Sat, 15 Jul 2017 11:57:52 +0000 (11:57 +0000)]
journald: make reading /dev/kmsg optional (#6362)

Closes #6022

7 years agoadd version argument to help function (#6377)
IPv4v6 [Sat, 15 Jul 2017 11:53:21 +0000 (13:53 +0200)]
add version argument to help function (#6377)

Signed-off-by: Stefan Pietsch <mail.ipv4v6+gh@gmail.com>
7 years agocore: support "nsdelegate" cgroup v2 mount option (#6294)
Tejun Heo [Fri, 14 Jul 2017 17:27:13 +0000 (13:27 -0400)]
core: support "nsdelegate" cgroup v2 mount option (#6294)

cgroup namespace wasn't useful for delegation because it allowed resource
control interface files (e.g. memory.high) to be written from inside the
namespace - this allowed the namespace parent's resource distribution to be
disturbed by its namespace-scoped children.

A new mount option, "nsdelegate", was added to cgroup v2 to address this issue.
The flag is meangingful only when mounting cgroup v2 in the init namespace and
makes a cgroup namespace a delegation boundary.  The kernel feature is pending
for v4.13.

This should have been the default behavior on cgroup namespaces and this commit
makes systemd try "nsdelegate" first when trying to mount cgroup v2 and fall
back if the option is not supported.

Note that this has danger of breaking usages which depend on modifying the
parent's resource settings from the namespace root, which isn't a valid thing
to do, but such usages may still exist.

7 years agojournal: elide fd matching from window_matches() (#6340)
Vito Caputo [Fri, 14 Jul 2017 17:26:01 +0000 (10:26 -0700)]
journal: elide fd matching from window_matches() (#6340)

Introduces window_matches_fd() for the fd matching case in try_context(),

In find_mmap() we're already walking a list of windows by fd, checking
this is pointless work in a potentially hot loop with many windows.

7 years agojournal: use context_attach_window() in add_mmap() (#6339)
Vito Caputo [Fri, 14 Jul 2017 17:24:46 +0000 (10:24 -0700)]
journal: use context_attach_window() in add_mmap() (#6339)

Instead of context_detach_window() and a manual attach of the new
window, simply call context_attach_window() which performs the
detach first if appropriate.

7 years agohwdb: Add ACCEL_MOUNT_MATRIX for a number of Intel Bay Trail based devices (#6357)
Hans de Goede [Fri, 14 Jul 2017 16:29:59 +0000 (18:29 +0200)]
hwdb: Add ACCEL_MOUNT_MATRIX for a number of Intel Bay Trail based devices (#6357)

This commit adds ACCEL_MOUNT_MATRIX entries for the following devices:
-Acer Iconia Tab8 W1-810
-Asustek T100CHI Transformer 2-in-1
-Asustek T100TA Transformer 2-in-1
-Chuwi Vi8 Plus tablet
-Cube iWork8 Air (i1-TF) tablet
-GP-electronic T701 7" tablet
-HP Stream 7 tablet
-I.T.Works TW891 2-in-1
-Jumper Ezpad mini 3
-Lamina I8270 7" tablet
-Peaq MMC1010 2-in-1
-Pipo W2S 8" tablet
-Ployer Momo7w tablet
-Point of View TAB-P800W 8" tablet
-Trekstor Surftab Wintron 7.0 ST70416-6 7" tablet

7 years agobuild-sys: install udev rule 70-joystick.{rules,hwdb} (#6363)
Christian Hesse [Fri, 14 Jul 2017 16:28:28 +0000 (18:28 +0200)]
build-sys: install udev rule 70-joystick.{rules,hwdb} (#6363)

* meson: install udev files 70-joystick.{rules,hwdb}
* Makefile: install udev file 70-joystick.hwdb

7 years agobuild-sys: enable tpm by default
Zbigniew Jędrzejewski-Szmek [Thu, 13 Jul 2017 23:37:07 +0000 (19:37 -0400)]
build-sys: enable tpm by default

It's been on in Fedora for ages, and it seems strange to have
a feature that's off by default.

7 years agomeson: hook up sysv-generator-test
Zbigniew Jędrzejewski-Szmek [Thu, 13 Jul 2017 23:21:40 +0000 (19:21 -0400)]
meson: hook up sysv-generator-test

7 years agosysv-generator: use generator_add_symlink()
Zbigniew Jędrzejewski-Szmek [Mon, 10 Jul 2017 03:59:30 +0000 (23:59 -0400)]
sysv-generator: use generator_add_symlink()

generator_add_symlink() is extended to ignore EEXIST. This should be fine
for all existing callers.

There's a small difference in behaviour when adding symlinks in sysv-generator:
the message is more generic and does not include ", ignored". But creation of
symlinks shouldn't ever fail except if things are very wrong, so in practice
this shouldn't matter.

Test needed updating: os.path.exists(os.readlink(link)) only works if the link
is absolute (or if we are in the right directory). Let's just use
os.path.exists(link), which properly tests that the symlink target exists.

7 years agoescape: Fix help description (#6352)
Jeremy Bicha [Thu, 13 Jul 2017 14:44:33 +0000 (10:44 -0400)]
escape: Fix help description (#6352)

Resolves: #6351

7 years agojournal: avoid unnecessary mmap_cache_get() calls
Vito Caputo [Thu, 13 Jul 2017 05:17:06 +0000 (22:17 -0700)]
journal: avoid unnecessary mmap_cache_get() calls

journal_file_move_to_object() can skip the second
journal_file_move_to() call if the first one already mapped a
sufficiently large area.

Now that mmap_cache_get() returns the size of the mapped area
when asked, ask for the size and only perform the second call if
the required size exceeds the mapped size instead of the object
header size.

This results in a nice performance boost in my testing, even with
a corpus of many small logs burning much CPU time elsewhere:

 Before:

  # time ./journalctl -b -1 --no-pager > /dev/null
  real    0m16.330s
  user    0m16.281s
  sys     0m0.046s

  # time ./journalctl -b -1 --no-pager > /dev/null
  real    0m16.409s
  user    0m16.358s
  sys     0m0.048s

  # time ./journalctl -b -1 --no-pager > /dev/null
  real    0m16.625s
  user    0m16.558s
  sys     0m0.061s

 After:

  # time ./journalctl -b -1 --no-pager > /dev/null
  real    0m15.311s
  user    0m15.257s
  sys     0m0.046s

  # time ./journalctl -b -1 --no-pager > /dev/null
  real    0m15.201s
  user    0m15.135s
  sys     0m0.062s

  # time ./journalctl -b -1 --no-pager > /dev/null
  real    0m15.170s
  user    0m15.113s
  sys     0m0.053s

7 years agojournal: return mapped size from mmap_cache_get()
Vito Caputo [Thu, 13 Jul 2017 05:08:58 +0000 (22:08 -0700)]
journal: return mapped size from mmap_cache_get()

If requested, return the actual mapping size to the caller in
addition to the address.

journal_file_move_to_object() often performs two successive
mmap_cache_get() calls via journal_file_move_to(); one to get the
object header, then another to get the entire object when it's
larger than the header's size.

If mmap_cache_get() returned the actual mapping's size, it's
probable that the second mmap_cache_get() could be skipped when
the established mapping already encompassed the desired size.

7 years agocore: dump also missed security context
WaLyong Cho [Thu, 13 Jul 2017 04:10:41 +0000 (13:10 +0900)]
core: dump also missed security context

7 years agocore: modify resource leak by SmackProcessLabel=
WaLyong Cho [Thu, 13 Jul 2017 04:06:34 +0000 (13:06 +0900)]
core: modify resource leak by SmackProcessLabel=

7 years agoresolved: consider pointopoint links for local multicast (#6343) v234
florianjacob [Wed, 12 Jul 2017 14:01:10 +0000 (16:01 +0200)]
resolved: consider pointopoint links for local multicast (#6343)

Resolves #6313.

7 years agoRevert "core: link user keyring to session keyring (#6275)" (#6342)
Lennart Poettering [Wed, 12 Jul 2017 14:00:44 +0000 (16:00 +0200)]
Revert "core: link user keyring to session keyring (#6275)" (#6342)

This reverts commit 437a85112e02042b62751395b9e7225628c1b708.

The outcome of this isn't that clear, let's revert this for now, see
discussion on #6286.

7 years agoMerge pull request #6300 from keszybz/refuse-to-load-some-units
Lennart Poettering [Wed, 12 Jul 2017 07:28:20 +0000 (09:28 +0200)]
Merge pull request #6300 from keszybz/refuse-to-load-some-units

Refuse to load some units

7 years agoNEWS: say that libidn2 is experimental (#6335)
Zbigniew Jędrzejewski-Szmek [Wed, 12 Jul 2017 07:25:59 +0000 (03:25 -0400)]
NEWS: say that libidn2 is experimental (#6335)

Handling of "_" and some other details requires more thought:
https://gitlab.com/libidn/libidn2/issues/30

Let's switch the default back to libidn and add a note in NEWS.

7 years agoMerge pull request #6337 from poettering/more-new-v234
Lennart Poettering [Wed, 12 Jul 2017 07:25:09 +0000 (09:25 +0200)]
Merge pull request #6337 from poettering/more-new-v234

Let's try to release v234 tomorrow

7 years agoman: add warnings that Private*= settings are not always applied
Zbigniew Jędrzejewski-Szmek [Tue, 11 Jul 2017 17:36:15 +0000 (13:36 -0400)]
man: add warnings that Private*= settings are not always applied

7 years agocore/load-fragment: refuse units with errors in RootDirectory/RootImage/DynamicUser
Zbigniew Jędrzejewski-Szmek [Thu, 6 Jul 2017 17:54:42 +0000 (13:54 -0400)]
core/load-fragment: refuse units with errors in RootDirectory/RootImage/DynamicUser

Behaviour of the service is completely different with the option off, so the
service would probably mess up state on disk and do unexpected things.

7 years agocore/load-fragment: refuse units with errors in certain directives
Zbigniew Jędrzejewski-Szmek [Thu, 6 Jul 2017 17:28:19 +0000 (13:28 -0400)]
core/load-fragment: refuse units with errors in certain directives

If an error is encountered in any of the Exec* lines, WorkingDirectory,
SELinuxContext, ApparmorProfile, SmackProcessLabel, Service (in .socket
units), User, or Group, refuse to load the unit. If the config stanza
has support, ignore the failure if '-' is present.

For those configuration directives, even if we started the unit, it's
pretty likely that it'll do something unexpected (like write files
in a wrong place, or with a wrong context, or run with wrong permissions,
etc). It seems better to refuse to start the unit and have the admin
clean up the configuration without giving the service a chance to mess
up stuff.

Note that all "security" options that restrict what the unit can do
(Capabilities, AmbientCapabilities, Restrict*, SystemCallFilter, Limit*,
PrivateDevices, Protect*, etc) are _not_ treated like this. Such options are
only supplementary, and are not always available depending on the architecture
and compilation options, so unit authors have to make sure that the service
runs correctly without them anyway.

Fixes #6237, #6277.

7 years agohwdb: update hwdb again for v234
Lennart Poettering [Tue, 11 Jul 2017 17:26:10 +0000 (19:26 +0200)]
hwdb: update hwdb again for v234

7 years agoupdate NEWS file, let's try to release this tomorrow
Lennart Poettering [Tue, 11 Jul 2017 17:17:58 +0000 (19:17 +0200)]
update NEWS file, let's try to release this tomorrow

7 years agotime-util: make parse_timestamp() return -EINVAL if the input is very old date (...
Yu Watanabe [Tue, 11 Jul 2017 17:12:48 +0000 (02:12 +0900)]
time-util: make parse_timestamp() return -EINVAL if the input is very old date (#6327)

This reverts 7635ab8e74ea4a94e81143c3077570a986df375c and makes parse_timestamp()
return -EINVAL if the input is older than 1970-01-01.

Fixes #6290.

7 years agofstab-generator: Chase symlinks where possible (#6293)
Colin Walters [Tue, 11 Jul 2017 16:48:57 +0000 (12:48 -0400)]
fstab-generator: Chase symlinks where possible (#6293)

This has a long history; see see 5261ba901845c084de5a8fd06500ed09bfb0bd80
which originally introduced the behavior.  Unfortunately that commit
doesn't include any rationale, but IIRC the basic issue is that
systemd wants to model the real mount state as units, and symlinks
make canonicalization much more difficult.

At the same time, on a RHEL6 system (upstart), one can make e.g. `/home` a
symlink, and things work as well as they always did; but one doesn't have
access to the sophistication of mount units (dependencies, introspection, etc.)
Supporting symlinks here will hence make it easier for people to do upgrades to
RHEL7 and beyond.

The `/home` as symlink case also appears prominently for OSTree; see
https://ostree.readthedocs.io/en/latest/manual/adapting-existing/

Further work has landed in the nspawn case for this; see e.g.
d944dc9553009822deaddec76814f5642a6a8176

A basic limitation with doing this in the fstab generator (and that I hit while
doing some testing) is that we obviously can't chase symlinks into mounts,
since the generator runs early before mounts. Or at least - doing so would
require multiple passes over the fstab data (as well as looking at existing
mount units), and potentially doing multi-phase generation. I'm not sure it's
worth doing that without a real world use case. For now, this will fix at least
the OSTree + `/home` <https://bugzilla.redhat.com/show_bug.cgi?id=1382873> case
mentioned above, and in general anyone who for whatever reason has symlinks in
their `/etc/fstab`.

7 years agobootctl: allow non-root user to run `bootctl status` (#5964)
Yu Watanabe [Tue, 11 Jul 2017 15:30:29 +0000 (00:30 +0900)]
bootctl: allow non-root user to run `bootctl status` (#5964)

7 years agoMerge pull request #6329 from poettering/random-mini-fixes
Zbigniew Jędrzejewski-Szmek [Tue, 11 Jul 2017 15:25:26 +0000 (11:25 -0400)]
Merge pull request #6329 from poettering/random-mini-fixes

random-util.c mini fixes

7 years agosystemd: do not stop units bound to inactive units while coldplugging (#6316)
Zbigniew Jędrzejewski-Szmek [Tue, 11 Jul 2017 08:45:03 +0000 (04:45 -0400)]
systemd: do not stop units bound to inactive units while coldplugging (#6316)

When running systemd-analyze verify I would get a random subset of warnings
(sometimes none, sometimes one or two):

dev-mapper-luks\x2d8db85dcf\x2d6230\x2d4e88\x2d940d\x2dba176d062b31.swap: Unit is bound to inactive unit dev-mapper-luks\x2d8db85dcf\x2d6230\x2d4e88\x2d940d\x2dba176d062b31.device. Stopping, too.
home.mount: Unit is bound to inactive unit dev-disk-by\x2duuid-75751556\x2d6e31\x2d438b\x2d99c9\x2dd626330d9a1b.device. Stopping, too.
boot.mount: Unit is bound to inactive unit dev-disk-by\x2duuid-56c56bfd\x2d93f0\x2d48fb\x2dbc4b\x2d90aa67144ea5.device. Stopping, too.

When running with debug on, it's pretty obvious what is happening:

home.mount: Changed dead -> mounted
home.mount: Unit is bound to inactive unit dev-disk-by\x2duuid-75751556\x2d6e31\x2d438b\x2d99c9\x2dd626330d9a1b.device. Stopping, too.
home.mount: Trying to enqueue job home.mount/stop/fail
home.mount: Installed new job home.mount/stop as 27
home.mount: Enqueued job home.mount/stop as 27
...
dev-disk-by\x2duuid-75751556\x2d6e31\x2d438b\x2d99c9\x2dd626330d9a1b.device: Installed new job dev-disk-by\x2duuid-75751556\x2d6e31\x2d438b\x2d99c9\x2dd626330d9a1b.device/start as 47
dev-disk-by\x2duuid-75751556\x2d6e31\x2d438b\x2d99c9\x2dd626330d9a1b.device: Changed dead -> plugged
dev-disk-by\x2duuid-75751556\x2d6e31\x2d438b\x2d99c9\x2dd626330d9a1b.device: Job dev-disk-by\x2duuid-75751556\x2d6e31\x2d438b\x2d99c9\x2dd626330d9a1b.device/start finished, result=done

Fixes #2206, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808151.

7 years agoresolved: allow resolution of names which libidn2 considers invalid (#6315)
Zbigniew Jędrzejewski-Szmek [Tue, 11 Jul 2017 08:42:21 +0000 (04:42 -0400)]
resolved: allow resolution of names which libidn2 considers invalid (#6315)

https://tools.ietf.org/html/rfc5891#section-4.2.3.1 says that
> The Unicode string MUST NOT contain "--" (two consecutive hyphens) in the third
> and fourth character positions and MUST NOT start or end with a "-" (hyphen).
This means that libidn2 refuses to encode such names.
Let's just resolve them without trying to use IDN.

7 years agoAdd comments to log_functions which shouldn't be called from library code (#6326)
Zbigniew Jędrzejewski-Szmek [Tue, 11 Jul 2017 08:40:11 +0000 (04:40 -0400)]
Add comments to log_functions which shouldn't be called from library code (#6326)

7 years agorandom-util: we are fine if ints are 16 bytes actually
Lennart Poettering [Tue, 11 Jul 2017 08:36:53 +0000 (10:36 +0200)]
random-util: we are fine if ints are 16 bytes actually

Not that it matters IRL, but let's make this less surprising to read...

7 years agorandom-util: always cast from smaller to bigger type when comparing
Lennart Poettering [Tue, 11 Jul 2017 08:35:47 +0000 (10:35 +0200)]
random-util: always cast from smaller to bigger type when comparing

When we compare two size values, let's make sure we cast from the
smaller to the bigger type first, if both types differ, rather than the
reverse in order to not run into overflows.

7 years agoMerge pull request #6325 from keszybz/make-delta-boring-again
Lennart Poettering [Tue, 11 Jul 2017 08:00:21 +0000 (10:00 +0200)]
Merge pull request #6325 from keszybz/make-delta-boring-again

Make delta output repeatable

7 years agoMerge pull request #6322 from poettering/mount-mini-fixes
Zbigniew Jędrzejewski-Szmek [Mon, 10 Jul 2017 23:25:27 +0000 (19:25 -0400)]
Merge pull request #6322 from poettering/mount-mini-fixes

a bunch of mini fixes for mount-tool.c

7 years agojournal: explicitly add fds to mmap-cache (#6307)
Vito Caputo [Mon, 10 Jul 2017 23:24:56 +0000 (16:24 -0700)]
journal: explicitly add fds to mmap-cache (#6307)

This way we have a MMapFileDescriptor reference external to the cache,
and can supply the handle directly to mmap_cache_get(), eliminating
hashmap lookups entirely from the hot path.

7 years agohwdb: add axis range corrections for Lenovo X1 Carbon 5th gen (over (#6320)
Alex Lu [Mon, 10 Jul 2017 20:34:40 +0000 (04:34 +0800)]
hwdb: add axis range corrections for Lenovo X1 Carbon 5th gen (over (#6320)

rmi4).

7 years agomount: add missing validation error message
Lennart Poettering [Mon, 10 Jul 2017 19:42:39 +0000 (21:42 +0200)]
mount: add missing validation error message

We really should generate exactly one log message for each error, hence
let's do that in this one case too.

7 years agodelta: sort files and dirs before processing
Zbigniew Jędrzejewski-Szmek [Mon, 10 Jul 2017 19:40:01 +0000 (15:40 -0400)]
delta: sort files and dirs before processing

This should make output deterministic, and independent of the directory
layout on disk. Just using ordered hashmaps would be enough to make
the output deterministic on a specific machine, but to make it
identical on different machines with the same set of files and
directories, names are sorted after being use.

Fixes #6157.

7 years agomount: change find_loop_device() error code when no loop device is found to ENXIO
Lennart Poettering [Mon, 10 Jul 2017 19:41:14 +0000 (21:41 +0200)]
mount: change find_loop_device() error code when no loop device is found to ENXIO

ENOENT is a bit too likely to be returned for various reasons, for
example if /sys or /proc are not mounted and hence the files we need not
around. Hence, let's use ENXIO instead, which is equally fitting for the
purpose but has the benefit that the underlying calls won't generate
this error on their own, hence any ambiguity is removed.

7 years agomount: add debug logging for the case when we knowingly ignore an error
Lennart Poettering [Mon, 10 Jul 2017 19:41:02 +0000 (21:41 +0200)]
mount: add debug logging for the case when we knowingly ignore an error

7 years agobasic/strv: use existing qsort_safe() helper
Zbigniew Jędrzejewski-Szmek [Mon, 10 Jul 2017 18:55:14 +0000 (14:55 -0400)]
basic/strv: use existing qsort_safe() helper

strv_sort() predates qsort_safe(), but we can convert it to it to
save a few lines.

7 years agomount: rework find_loop_device() to log about no errors
Lennart Poettering [Mon, 10 Jul 2017 19:39:23 +0000 (21:39 +0200)]
mount: rework find_loop_device() to log about no errors

We should either log about all errors in a function, or about none (and
then leave the logging about it to the caller who we propagate the error
to). Given that the callers of find_loop_device() already log about the
returned errors let's hence suppress the log messages in
find_loop_device() itself.

7 years agomount: fix potential bad memory access when /proc/self/mountinfo is empty
Lennart Poettering [Mon, 10 Jul 2017 19:36:59 +0000 (21:36 +0200)]
mount: fix potential bad memory access when /proc/self/mountinfo is empty

It's unlikely this can ever be triggered, but let's be safe rather than
sorry, and handle the case where the list of mount points is zero, and
the "l" array thus NULL. let's ensure we allocate at least one entry.

7 years agoman: briefly document permitted user/group name syntax for User=/Group= and syusers...
Lennart Poettering [Mon, 10 Jul 2017 17:44:06 +0000 (19:44 +0200)]
man: briefly document permitted user/group name syntax for User=/Group= and syusers.d (#6321)

As discussed here:

https://lists.freedesktop.org/archives/systemd-devel/2017-July/039237.html

7 years agoupdate TODO
Lennart Poettering [Mon, 10 Jul 2017 16:25:58 +0000 (18:25 +0200)]
update TODO

7 years agogpt-auto-generator: use generator_add_symlink()
Zbigniew Jędrzejewski-Szmek [Mon, 10 Jul 2017 03:53:18 +0000 (23:53 -0400)]
gpt-auto-generator: use generator_add_symlink()

7 years agofstab-generator: use generator_add_symlink()
Zbigniew Jędrzejewski-Szmek [Mon, 10 Jul 2017 03:40:14 +0000 (23:40 -0400)]
fstab-generator: use generator_add_symlink()

7 years agocryptsetup-generator: add a helper utility to create symlinks
Zbigniew Jędrzejewski-Szmek [Mon, 10 Jul 2017 03:31:47 +0000 (23:31 -0400)]
cryptsetup-generator: add a helper utility to create symlinks

It seems that there's a common pattern among the various generators. Let's add
a helper function for it and make use of it in cryptsetup-generator.

This fixes a bunch of theoretical memleaks in error paths, since *to wasn't
generally freed properly. Not thath it matters.

7 years agoexpand path of systemctl link argument (#6186)
Boucman [Sun, 9 Jul 2017 23:52:25 +0000 (01:52 +0200)]
expand path of systemctl link argument (#6186)

systemctl link is the only systemctl verb that takes a filename (and not
a unit name) as argument

use path_strv_make_absolute_cwd to expand the provided filename in order
to make it easier to use from the command line

keep the absolute pathname requirement when --root is used

[zj: add explicit error messages for the cases of --root and plain filename
instead of skipping normalization and just relying on systemd to refuse
to link non-absolute arguments. This allows us to make the error message
more informative.]

7 years agoMerge pull request #6287 from keszybz/wsign-compare
Djalal Harouni [Sun, 9 Jul 2017 22:23:57 +0000 (00:23 +0200)]
Merge pull request #6287 from keszybz/wsign-compare

build-sys: use -Wextra if available

7 years agoMerge pull request #6289 from keszybz/config-tweaks
Djalal Harouni [Sun, 9 Jul 2017 22:19:44 +0000 (00:19 +0200)]
Merge pull request #6289 from keszybz/config-tweaks

Config parsing tweaks

7 years agohwdb: add axis range corrections for Lenovo X1 Carbon 5th gen. (#6312)
Alex Lu [Sun, 9 Jul 2017 22:08:25 +0000 (06:08 +0800)]
hwdb: add axis range corrections for Lenovo X1 Carbon 5th gen. (#6312)

7 years agoMerge pull request #6311 from keszybz/memleak
Djalal Harouni [Sun, 9 Jul 2017 15:58:52 +0000 (17:58 +0200)]
Merge pull request #6311 from keszybz/memleak

Fix trivial memleak in sd-login code

7 years agounits: Tell login to preserve environment (#6023)
Nikolai Kondrashov [Wed, 24 May 2017 11:58:01 +0000 (14:58 +0300)]
units: Tell login to preserve environment (#6023)

Make agetty started by *getty* units pass '-p' option to "login", so it
doesn't clear the environment and passes whatever was setup by systemd
to shells. This is needed especially for programs which are specified as
user shells, but won't read locale settings from anywhere but
environment.

[zj: cherry-pick just the second patch from the series, see discussion
on the pull request.]

7 years agosd_uid_get_state: do not return -ENOENT if state is "offline" (#6302)
Yu, Li-Yu [Sat, 8 Jul 2017 22:59:29 +0000 (17:59 -0500)]
sd_uid_get_state: do not return -ENOENT if state is "offline" (#6302)

7 years agosd-login: fix memleak when output argument is NULL
Zbigniew Jędrzejewski-Szmek [Sat, 8 Jul 2017 22:04:44 +0000 (18:04 -0400)]
sd-login: fix memleak when output argument is NULL

7 years agonetworkd: trivial style cleanup
Zbigniew Jędrzejewski-Szmek [Wed, 5 Jul 2017 00:04:29 +0000 (20:04 -0400)]
networkd: trivial style cleanup

7 years agotime-util: make parse_timestamp() set 0 if the input is very old date (#6297)
Yu Watanabe [Sat, 8 Jul 2017 19:59:07 +0000 (04:59 +0900)]
time-util: make parse_timestamp() set 0 if the input is very old date (#6297)

If the input is older than "1970-01-01 UTC", then `parse_timestamp()`
fails and returns -EINVAL. However, if the input is e.g. `-100years`,
then the function succeeds and sets `usec = 0`.
This commit makes the function also succeed for old dates and set
`usec = 0`.

Fixes #6290.

7 years agoshared: leave output_journal() output in buffer (#6304)
Vito Caputo [Fri, 7 Jul 2017 18:32:21 +0000 (11:32 -0700)]
shared: leave output_journal() output in buffer (#6304)

e268b81e moved an fflush() from output_json() to the generic
output_journal(), when it probably should have deleted all fflush()
calls from logs-show.c altogether.

The caller supplies the FILE * to these functions, and should be in
charge of flushing as needed.  The current implementation essentially
defeats any buffering stdio was bringing to the table, resulting in
extraneous tiny write() calls in commands like `journalctl -b`.

This commit removes the fflush() call from output_journal(), and adds
them to journalctl before waiting for more entries and at completion.
This way in the hot path when journalctl loops on entries stdio can
combine multiple entries into bulkier write() calls.

7 years agotests: adapt test-functions to run tests on SUSE (#6270)
tblume [Thu, 6 Jul 2017 18:30:14 +0000 (20:30 +0200)]
tests: adapt test-functions to run tests on SUSE (#6270)

7 years agoresolve: Try to remove the ambiguity about the mtu parameter of dns_packet_new (...
Benjamin Robin [Thu, 6 Jul 2017 02:56:17 +0000 (04:56 +0200)]
resolve: Try to remove the ambiguity about the mtu parameter of dns_packet_new (#6285)

Actually the caller of dns_packet_new() pass 0 or the data size of the UDP message.
So try to reflect that, so rename the `mtu` parameter to `min_alloc_dsize`.

In fact `mtu` is the size of the whole UDP message, including the UDP header,
and here we just need to pass the size of data (without header). This was confusing.

Also add a check on the requested allocated size, since some caller do not check what is really allocated.
Indeed the function do not allocate more than DNS_PACKET_SIZE_MAX whatever the value of the `mtu` parameter.

7 years agofstab-generator: fix new NULL dereference. (#6296)
NeilBrown [Thu, 6 Jul 2017 02:53:41 +0000 (12:53 +1000)]
fstab-generator: fix new NULL dereference. (#6296)

fstype can be NULL, particularly when called from add_sysroot_mount(),
so we need to use STRPTR_IN_SET().

7 years agoMerge pull request #6236 from yuwata/mount-loop
Zbigniew Jędrzejewski-Szmek [Wed, 5 Jul 2017 14:27:58 +0000 (10:27 -0400)]
Merge pull request #6236 from yuwata/mount-loop

systemd-mount: support discovery of loop backing file

7 years agosystemd-mount: support relative paths
Yu Watanabe [Thu, 29 Jun 2017 05:53:49 +0000 (14:53 +0900)]
systemd-mount: support relative paths

7 years agosystemd-mount: support unmounting devices on remote host
Yu Watanabe [Wed, 5 Jul 2017 12:55:39 +0000 (21:55 +0900)]
systemd-mount: support unmounting devices on remote host

The commit 9017f5d88d5061487de53f00a1a8c0a83e41e760 prohibits
to unmount devices on remote host. This makes reenable such feature.

7 years agosystemd-mount: support discovery of loop backing file
Yu Watanabe [Wed, 5 Jul 2017 12:54:40 +0000 (21:54 +0900)]
systemd-mount: support discovery of loop backing file

```
$ suro systemd-mount /path/to/disk.img
Started unit run-media-system-disk.img.mount for mount point: /run/media/system/disk.img
```

Closes #6226.

7 years agobasic/log: use getenv instead of secure_getenv
Zbigniew Jędrzejewski-Szmek [Wed, 5 Jul 2017 03:54:00 +0000 (23:54 -0400)]
basic/log: use getenv instead of secure_getenv

secure_getenv does not work when the process has a nonempty permitted
capability set, which means that it's unduly hard to configure logging in
systemd-logind, systemd-resolved, and others.

secure_getenv is useful for code in libraries which might get called from a
setuid application. log_parse_environment() is never called from our library
code, but directly form various top-level executables. None of them are
installed suid, and none are prepared to be used this way, since many
additional changes would be required to make that safe. We may just as well
drop the check and allow SYSTEMD_LOG_* to properly parsed.

Fixes #4900.

7 years agoresolved: treat failure to parse config as non-fatal
Zbigniew Jędrzejewski-Szmek [Wed, 5 Jul 2017 03:51:35 +0000 (23:51 -0400)]
resolved: treat failure to parse config as non-fatal

Fixes #6014.