Alan Jenkins [Mon, 22 Jan 2018 17:42:25 +0000 (17:42 +0000)]
mount: clarify that umount retries do not (anymore) allow multiple timeouts
It _looks_ as if, back when we used to retry unsuccessful calls to umount,
this would have inflated the effective timeout. Multiplying it by
RETRY_UMOUNT_MAX. Which is set to 32.
I'm surprised if it's true: I would have expected it to be noticed during
the work on NFS timeouts. But I can't see what would have stopped it.
Clarify that I do not expect this to happen anymore. I think each
individual umount call is allowed up to the full timeout, but if umount
ever exited with a signal status, we would stop retrying.
To be extra clear, make sure that we do not retry in the event that umount
perversely returned EXIT_SUCCESS after receiving SIGTERM.
Alan Jenkins [Sat, 20 Jan 2018 20:05:52 +0000 (20:05 +0000)]
mount: mountinfo event is supposed to always arrive before SIGCHLD
"Due to the io event priority logic we can be sure the new mountinfo is
loaded before we process the SIGCHLD for the mount command."
I think this is a reasonable expectation. But if it works, then the
other comment must be false:
"Note that mount(8) returning and the kernel sending us a mount table
change event might happen out-of-order."
Therefore we can clean up the code for the latter.
If this is working as advertised, then we can make sure that mount units
fail if the mount we thought we were creating did not actually appear,
due to races or trickery (or because /sbin/mount did something unexpected
despite returning EXIT_SUCCESS).
Include a specific warning message for this failure.
If we give up when the mount point is still mounted after 32 successful
calls to /sbin/umount, that seems a fairly similar case. So make that
message a LOG_WARN as well (not LOG_DEBUG). Also, this was recently changed to only
retry while umount is returning EXIT_SUCCESS; in that case in particular
there would be no other messages in the log to suggest what had happened.
Alan Jenkins [Fri, 19 Jan 2018 17:28:38 +0000 (17:28 +0000)]
mount: forbid mount on path with symlinks
It was forbidden to create mount units for a symlink. But the reason is
that the mount unit needs to know the real path that will appear in
/proc/self/mountinfo. The kernel dereferences *all* the symlinks in the
path at mount time (I checked this with `mount -c` running under `strace`).
This will have no effect on most systems. As recommended by docs, most
systems use /etc/fstab, as opposed to native mount unit files.
fstab-generator dereferences symlinks for backwards compatibility.
A relatively minor issue regarding Time Of Check / Time Of Use also exists
here. I can't see how to get rid of it entirely. If we pass an absolute
path to mount, the racing process can replace it with a symlink. If we
chdir() to the mount point and pass ".", the racing process can move the
directory. The latter might potentially be nicer, except that it breaks
WorkingDirectory=.
I'm not saying the race is relevant to security - I just want to consider
how bad the effect is. Currently, it can make the mount unit active (and
hence the job return success), despite there never being a matching entry
in /proc/self/mountinfo. This wart will be removed in the next commit;
i.e. it will make the mount unit fail instead.
Yu Watanabe [Fri, 19 Jan 2018 09:05:28 +0000 (18:05 +0900)]
fs-util: chase_symlinks(): support empty root
The commit
b1bfb848046e457f3cd623286b8cc1a5e5440023 makes chase_symlinks()
recognize empty string for root as an invalid parameter. However,
empty root is often used e.g. systemd-nspawn.
This makes chase_symlinks() support empty string safely.
Fixes #7927.
Zbigniew Jędrzejewski-Szmek [Fri, 19 Jan 2018 06:42:29 +0000 (17:42 +1100)]
Merge pull request #7923 from keszybz/resolved-generic-packet
Resolved generic packet
Alan Jenkins [Thu, 18 Jan 2018 21:56:26 +0000 (21:56 +0000)]
Merge pull request #7913 from sourcejedi/devpts
3 nitpicks from core/namespace.c
jdkbx [Thu, 18 Jan 2018 20:09:58 +0000 (21:09 +0100)]
hwdb: Add Lenovo IdeaPad Miix 320 sensor mount quirk (#7707)
Alan Jenkins [Thu, 18 Jan 2018 19:11:11 +0000 (19:11 +0000)]
man: systemd-nspawn: fix list of default capabilities (#7925)
* Sort them alphabetically.
* Add CAP_MKNOD (commit
7f112f50fe added it).
the list is now in sync with the one at the top of nspawn.c
Alan Jenkins [Thu, 18 Jan 2018 19:04:12 +0000 (19:04 +0000)]
Merge pull request #7924 from sourcejedi/devpts-regression-fix
core: un-break PrivateDevices= by allowing it to mknod /dev/ptmx
Alan Jenkins [Thu, 18 Jan 2018 13:58:13 +0000 (13:58 +0000)]
core: clone_device_node(): add debug message
For people who use debug messages, maybe it is helpful to know that
PrivateDevices= failed due to mknod(), and which device node.
(The other (un-logged) failures could be while mounting filesystems e.g. no
CAP_SYS_ADMIN which is the common case, or missing /dev/shm or /dev/pts,
or missing /dev/ptmx).
Alan Jenkins [Thu, 18 Jan 2018 12:07:31 +0000 (12:07 +0000)]
core: un-break PrivateDevices= by allowing it to mknod /dev/ptmx
#7886 caused PrivateDevices= to silently fail-open.
https://github.com/systemd/systemd/pull/7886#issuecomment-
358542849
Allow PrivateDevices= to succeed, in creating /dev/ptmx, even though
DeviceControl=closed applies.
No specific justification was given for blocking mknod of /dev/ptmx. Only
that we didn't seem to need it, because we weren't creating it correctly as
a device node.
Zbigniew Jędrzejewski-Szmek [Thu, 18 Jan 2018 09:19:48 +0000 (20:19 +1100)]
resolved: fix confusion with generic data in unparsable packets
Issue 5465.
Zbigniew Jędrzejewski-Szmek [Thu, 18 Jan 2018 08:34:07 +0000 (19:34 +1100)]
resolved: split out parts of dns_packet_extract
This fairly complicated function was deeply nested and
hard to read...
Zbigniew Jędrzejewski-Szmek [Thu, 18 Jan 2018 05:23:09 +0000 (16:23 +1100)]
bus-message: avoid -Wnull-pointer-arithmetic warning on new clang
We just need some pointer, so use alignment directly converted
to the right type.
Zbigniew Jędrzejewski-Szmek [Thu, 18 Jan 2018 01:41:13 +0000 (12:41 +1100)]
Merge pull request #7876 from titanous/oss-fuzz
Add initial fuzzing infrastructure
Jonathan Rudenberg [Tue, 16 Jan 2018 17:09:56 +0000 (12:09 -0500)]
fuzz: add docs on creating fuzzer targets to HACKING
Jonathan Rudenberg [Tue, 16 Jan 2018 15:25:43 +0000 (10:25 -0500)]
fuzz: allow building fuzzers outside of oss-fuzz
Add a new -Dllvm-fuzz=true option that can be used to build against
libFuzzer and update the oss-fuzz script to work outside of the
oss-fuzz build environment.
Jonathan Rudenberg [Tue, 16 Jan 2018 13:36:56 +0000 (08:36 -0500)]
fuzz: rebuild everything during each oss-fuzz build
This avoids failures while using the oss-fuzz local testing
infrastructure.
Jonathan Rudenberg [Mon, 15 Jan 2018 23:27:37 +0000 (18:27 -0500)]
fuzz: disable all deps when building with oss-fuzz
The fuzz targets are intended to be fast and only target systemd
code, so they don't need to call out to any dependencies. They also
shouldn't depend on shared libraries outside of libc, so we disable
every dependency when compiling against oss-fuzz. This also
simplifies the upstream build environment significantly.
Jonathan Rudenberg [Sun, 14 Jan 2018 00:51:07 +0000 (19:51 -0500)]
fuzz: add initial fuzzing infrastructure
The fuzzers will be used by oss-fuzz to automatically and
continuously fuzz systemd.
This commit includes the build tooling necessary to build fuzz
targets, and a fuzzer for the DNS packet parser.
Lennart Poettering [Wed, 17 Jan 2018 18:18:47 +0000 (19:18 +0100)]
Merge pull request #7903 from yuwata/fix-7863
network: create runtime sub-directories after drop_privileges()
Lennart Poettering [Wed, 17 Jan 2018 18:16:42 +0000 (19:16 +0100)]
Merge pull request #7910 from poettering/getcwd
some getcwd() fixes, and other path-util tweaks
Lennart Poettering [Wed, 17 Jan 2018 18:15:49 +0000 (19:15 +0100)]
Merge pull request #7911 from poettering/chase-symlinks-tweaks
chase_symlinks() tweaks
Alan Jenkins [Wed, 17 Jan 2018 12:53:26 +0000 (12:53 +0000)]
core: namespace: remove unnecessary mode on /dev/shm mount target
This should have no behavioural effect; it just confused me.
All the other mount directories in this function are created as 0755.
Some of the mounts are allowed to fail - mqueue and hugepages.
If the /dev/mqueue mount target was created with the permissive mode 01777,
to match the filesystem we're trying to mount there, then a mount failure
would allow unprivileged users to write to the /dev filesystem, e.g. to
exhaust the available space. There is no reason to allow this.
(Allowing the user read access (0755) seems a reasonable idea though, e.g. for
quicker troubleshooting.)
We do not allow failure of the /dev/shm mount, so it doesn't matter that
it is created as 01777. But on the same grounds, we have no *reason* to
create it as any specific mode. 0755 is equally fine.
This function will be clearer by using 0755 throughout, to avoid
unintentionally implying some connection between the mode of the mount
target, and the mode of the mounted filesystem.
Alan Jenkins [Mon, 15 Jan 2018 16:55:11 +0000 (16:55 +0000)]
README: fix context for CONFIG_DEVPTS_MULTIPLE_INSTANCES
`newinstance` (and `ptmxmode`) options of devpts are _not_ used by
PrivateDevices=. (/dev/pts is shared, similar to how /dev/shm and
/dev/mqueue are handled). It is used by nspawn containers though.
Also CONFIG_DEVPTS_MULTIPLE_INSTANCES was removed in 4.7-rc2
https://github.com/torvalds/linux/commit/
eedf265aa003b4781de24cfed40a655a664457e6
and no longer needs to be set, so make that clearer to avoid confusion.
Shawn Landden [Wed, 17 Jan 2018 13:49:22 +0000 (05:49 -0800)]
resolve: check for underflow of size parameter (#7889)
to dns_packet_read_memdup()
Closes #7888
Alan Jenkins [Wed, 17 Jan 2018 13:28:04 +0000 (13:28 +0000)]
core: namespace: nitpick /dev/ptmx error handling
If /dev/tty did not exist, or had st_rdev == 0, we ignored it. And the
same is true for null, zero, full, random, urandom.
If /dev/ptmx did not exist, we treated this as a failure. If /dev/ptmx had
st_rdev == 0, we ignored it.
This was a very recent change, but there was no reason for ptmx creation
specifically to treat st_rdev == 0 differently from non-existence. This
confuses me when reading it.
Change the creation of /dev/ptmx so that st_rdev == 0 is
treated as failure.
This still leaves /dev/ptmx as a special case with stricter handling.
However it is consistent with the immediately preceding creation of
/dev/pts/, which is treated as essential, and is directly related to ptmx.
I don't know why we check st_rdev. But I'd prefer to have only one
unanswered question here, and not to have a second unanswered question
added on top.
Lennart Poettering [Wed, 17 Jan 2018 11:00:40 +0000 (12:00 +0100)]
fs-util: refuse taking a relative path to chase if "root" is specified and CHASE_PREFIX_ROOT is set
If we take a relative path we first make it absolute, based on the
current working directory. But if CHASE_PREFIX_ROOT is passe we are
supposed to make the path absolute taking the specified root path into
account, but that makes no sense if we talk about the current working
directory as that is relative to the host's root in any case. Hence,
let's refuse this politely.
Lennart Poettering [Wed, 17 Jan 2018 11:00:12 +0000 (12:00 +0100)]
fs-util: extra chase_symlink() safety check on "path" parameter
It's not clear what an empty "path" is even supposed to mean, hence
refuse.
Lennart Poettering [Wed, 17 Jan 2018 10:56:52 +0000 (11:56 +0100)]
fs-util: extra safety checks on chase_symlinks() root parameter
Let's handle root="" and root="/" safely.
Lennart Poettering [Wed, 17 Jan 2018 10:17:55 +0000 (11:17 +0100)]
path-util: don't insert duplicate "/" in path_make_absolute_cwd()
When the working directory is "/" it's prettier not to insert a second
"/" in the path, even though it is technically correct.
Lennart Poettering [Wed, 17 Jan 2018 10:17:38 +0000 (11:17 +0100)]
tree-wide: port all code to use safe_getcwd()
Lennart Poettering [Wed, 17 Jan 2018 10:16:31 +0000 (11:16 +0100)]
path-util: introduce new safe_getcwd() wrapper
It's like get_current_dir_name() but protects us from
CVE-2018-1000001-style exploits:
https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/
Lennart Poettering [Wed, 17 Jan 2018 10:15:00 +0000 (11:15 +0100)]
path-util: don't add extra "/" when prefix already is suffixed by slash
No need to insert duplicate "/" if we can avoid it. This is particularly
relevant if the prefix passed in is the root directory.
Lennart Poettering [Wed, 17 Jan 2018 10:13:46 +0000 (11:13 +0100)]
path-util: do something useful if the prefix is "" in path_make_absolute()
Do not insert a "/" if the prefix we shall use is empty. It's a corner
case we should probably take care of.
Yu Watanabe [Wed, 17 Jan 2018 09:25:42 +0000 (18:25 +0900)]
efivars: include errno.h when EFI support is disabled (#7900)
Fixes #7898.
Alan Jenkins [Wed, 17 Jan 2018 09:24:00 +0000 (09:24 +0000)]
Merge pull request #7886 from gdamjan/fix-ptmx
namespace: make /dev/ptmx a copy of the host not a symlink
Zbigniew Jędrzejewski-Szmek [Wed, 17 Jan 2018 09:22:17 +0000 (20:22 +1100)]
Merge pull request #7893 from poettering/parse-tweaks
parsing tweaks
Zbigniew Jędrzejewski-Szmek [Wed, 17 Jan 2018 09:17:23 +0000 (20:17 +1100)]
Merge pull request #7902 from yuwata/fix-warning-by-clang
network: small fixes
Hans de Goede [Wed, 17 Jan 2018 09:15:41 +0000 (10:15 +0100)]
hwdb: 60-sensors: Add DMI strings for Trekstor Surftab 7.0 newer BIOS versions (#7904)
Some newer BIOS versions of the TrekStor SurfTab wintron 7.0 tablet use
different (better) DMI strings, update the existing 60-sensors.hwdb
entry for this tablet to also work with the newer BIOS.
Jerónimo Borque [Wed, 17 Jan 2018 09:15:00 +0000 (06:15 -0300)]
hwdb: HP vendor name for ZBooks in 60-keyboard.hwdb (#7905)
Added new HP vendor name to support Zbook's mic mute key mapping
Zbigniew Jędrzejewski-Szmek [Wed, 17 Jan 2018 09:13:54 +0000 (20:13 +1100)]
Merge pull request #7897 from yuwata/small-man-fixes
Several man fixes
Дамјан Георгиевски [Tue, 16 Jan 2018 20:50:36 +0000 (21:50 +0100)]
namespace: only make the symlink /dev/ptmx if it was already a symlink
…otherwise try to clone it as a device node
On most contemporary distros /dev/ptmx is a device node, and
/dev/pts/ptmx has 000 inaccessible permissions. In those cases
the symlink /dev/ptmx -> /dev/pts/ptmx breaks the pseudo tty support.
In that case we better clone the device node.
OTOH, in nspawn containers (and possibly others), /dev/pts/ptmx has
normal permissions, and /dev/ptmx is a symlink. In that case make the
same symlink.
fixes #7878
Дамјан Георгиевски [Tue, 16 Jan 2018 20:27:51 +0000 (21:27 +0100)]
namespace: extract clone_device_node function from mount_private_dev
Yu Watanabe [Tue, 16 Jan 2018 18:35:25 +0000 (03:35 +0900)]
network: create runtime sub-directories after drop_privileges()
For old kernels not supporting AmbientCapabilities=, networkd is
started as root with limited capabilities. Then, networkd cannot
chown the directories under runtime directory as
CapabilityBoundingSet= does not contains enough capabilities.
This makes these directories are created after dropping privileges.
Thus, networkd does not need to chown them anymore.
Fixes #7863.
Yu Watanabe [Tue, 16 Jan 2018 18:34:45 +0000 (03:34 +0900)]
timesync: do not fail when started as privileged user
Yu Watanabe [Tue, 16 Jan 2018 16:53:00 +0000 (01:53 +0900)]
dhcp6: fix warnings by clang with -Waddress-of-packed-member
This fixes the following warnings:
```
[194/1521] Compiling C object 'src/libsystemd-network/systemd-network@sta/dhcp6-option.c.o'.
../../git/systemd/src/libsystemd-network/dhcp6-option.c:110:25: warning: taking address of packed member 'id' of class or structure 'ia_na' may result in an unaligned pointer value [-Waddress-of-packed-member]
iaid = &ia->ia_na.id;
^~~~~~~~~~~~
../../git/systemd/src/libsystemd-network/dhcp6-option.c:115:25: warning: taking address of packed member 'id' of class or structure 'ia_ta' may result in an unaligned pointer value [-Waddress-of-packed-member]
iaid = &ia->ia_ta.id;
^~~~~~~~~~~~
2 warnings generated.
```
Yu Watanabe [Tue, 16 Jan 2018 16:29:13 +0000 (01:29 +0900)]
networkd: fix wrong argument check
Yu Watanabe [Tue, 16 Jan 2018 16:28:09 +0000 (01:28 +0900)]
ipvlan: fix wrong assignment in ipvlan_init()
Yu Watanabe [Tue, 16 Jan 2018 14:25:56 +0000 (23:25 +0900)]
man: mention that systemctl is-active or is-failed do not load units
See the discussion in the issue #7875.
Yu Watanabe [Tue, 16 Jan 2018 14:00:39 +0000 (23:00 +0900)]
virt: add comment that we need to use sscanf()
Follow-up for
13e0f9fe8334859ee86f4ff725374d1d83f5baf7.
See PR #7890 and comment in PR #7581.
Yu Watanabe [Tue, 16 Jan 2018 13:22:14 +0000 (22:22 +0900)]
man: remove duplicated line
Follow-up for
c46bc7e2162d774f55847c1a8cb9d49085cf89bb.
Lennart Poettering [Tue, 16 Jan 2018 10:50:12 +0000 (11:50 +0100)]
parse-util: detect overflows in parse_percent_unbounded()
We shouldn't accept percentages beyon INT32_MAX and consider them
valid.
Lennart Poettering [Tue, 16 Jan 2018 10:49:24 +0000 (11:49 +0100)]
parse-util: coding style fix
Let's not rely on C's downgrade-to-bool feature to check for NUL bytes
Lennart Poettering [Tue, 16 Jan 2018 10:48:25 +0000 (11:48 +0100)]
locale-util: add freelocale() cleanup helper
Lennart Poettering [Tue, 16 Jan 2018 09:44:35 +0000 (10:44 +0100)]
Merge pull request #7885 from pfl/dhcp6_fixes
Minor fixes
John Lin [Tue, 16 Jan 2018 09:29:35 +0000 (17:29 +0800)]
man: fix broken kernel document links (#7892)
Olaf Hering [Tue, 16 Jan 2018 09:24:37 +0000 (10:24 +0100)]
Fix parsing of features in detect_vm_xen_dom0 (#7890)
Use sscanf instead of the built-in safe_atolu because the scanned string
lacks the leading "0x", it is generated with snprintf(b, "%08x", val).
As a result strtoull handles it as octal, and parsing fails.
The initial submission already used sscanf, then parsing was replaced by
safe_atolu without retesting the updated PR.
Fixes
575e6588d ("virt: use XENFEAT_dom0 to detect the hardware domain
(#6442, #6662) (#7581)")
Zbigniew Jędrzejewski-Szmek [Tue, 16 Jan 2018 09:22:25 +0000 (20:22 +1100)]
Merge pull request #7540 from fbuihuu/systemd-delta-tweaks
Systemd delta tweaks
Shawn Landden [Mon, 15 Jan 2018 18:17:51 +0000 (10:17 -0800)]
machined: use getent to get default shell for machinectl shell (#7684)
Closes: https://github.com/systemd/systemd/issues/1395
Patrik Flykt [Mon, 15 Jan 2018 15:37:52 +0000 (17:37 +0200)]
sd-dhcp6-client: Use offsetof() instead of sizeof()
The slightly modified review comments say that "...in theory
offsetof(DHCP6Option, data) is nicer than sizeof(DHCP6Option)
because the former removes alignment artifacts. In this
specific case there are no alignment whitespaces hence it's
fine, but out of a matter of principle offsetof() is preferred
over sizeof() in cases like this..."
Patrik Flykt [Mon, 15 Jan 2018 15:15:13 +0000 (17:15 +0200)]
dhcp6: Fix valgrind nitpick about returned test case value
Calling dhcp6_option_parse_address() will always return a value
< 0 on error even though lt_valid remains unset. This is more
than valgrind can safely detect, but let's fix the valgrind
nitpick anyway.
While fixing, use UINT32_MAX instead of ~0 on the same line.
Lennart Poettering [Mon, 15 Jan 2018 15:40:41 +0000 (16:40 +0100)]
Merge pull request #7884 from yuwata/small-fixes
Small fixes
Дилян Палаузов [Mon, 15 Jan 2018 15:09:59 +0000 (00:09 +0900)]
man: fix typo
Closes #7866.
Yu Watanabe [Mon, 15 Jan 2018 15:03:29 +0000 (00:03 +0900)]
man: logind: update reference
Fixes #7858.
Yu Watanabe [Mon, 15 Jan 2018 14:53:05 +0000 (23:53 +0900)]
journal: coding style fix
This is originally pointed out by @cpsw.
Yu Watanabe [Mon, 15 Jan 2018 14:49:30 +0000 (23:49 +0900)]
network: fix indentation
Follow-up for
56a23cb40aadea95f7e24a911ba973fe132878b8.
Yu Watanabe [Mon, 15 Jan 2018 14:47:55 +0000 (23:47 +0900)]
networkd: remove unnecessary parentheses
Follow-up for
56a23cb40aadea95f7e24a911ba973fe132878b8.
Yu Watanabe [Mon, 15 Jan 2018 14:44:23 +0000 (23:44 +0900)]
systemctl: comment that the verb 'check' is deprecated
Yu Watanabe [Mon, 15 Jan 2018 14:40:23 +0000 (23:40 +0900)]
timesync: use current uid when started as non-root user
Fixes #7883.
Yu Watanabe [Mon, 15 Jan 2018 14:36:58 +0000 (23:36 +0900)]
test: free memory
Fixes #7882.
Adam Duskett [Mon, 15 Jan 2018 11:25:46 +0000 (06:25 -0500)]
add false option for tests (#7778)
Currently there is no way to prevent tests from building using meson.
This introduces two problems:
1) It adds a extra 381 files to compile.
2) One of these tests explicitly requires libgcrypt to be built even if systemd
is not using it.
3) It adds C++ to the requirements to build systemd.
When cross-compiling, this is uneccessary.
Lennart Poettering [Mon, 15 Jan 2018 11:02:37 +0000 (12:02 +0100)]
Merge pull request #7582 from pfl/dhcp6_prefix_delegation
DHCPv6 prefix delegation
Zbigniew Jędrzejewski-Szmek [Mon, 15 Jan 2018 10:45:40 +0000 (14:45 +0400)]
man: --this-boot is deprecated (#7880)
This removes the last public reference. Follow-up for #7844.
Zbigniew Jędrzejewski-Szmek [Mon, 15 Jan 2018 10:14:34 +0000 (14:14 +0400)]
Merge pull request #7816 from poettering/chase-pid
Make MAINPID= and PIDFile= handling more restrictive (and other stuff)
Zbigniew Jędrzejewski-Szmek [Mon, 15 Jan 2018 09:51:29 +0000 (13:51 +0400)]
Merge pull request #7844 from yuwata/bash-completion
update bash completions
Zbigniew Jędrzejewski-Szmek [Mon, 15 Jan 2018 09:43:09 +0000 (13:43 +0400)]
Merge pull request #7855 from poettering/log-h-includes
log.h #include cleanups
Zbigniew Jędrzejewski-Szmek [Mon, 15 Jan 2018 09:34:06 +0000 (13:34 +0400)]
Merge pull request #7871 from sourcejedi/log_mounts
core: fix output (logging) for mount units (#7603)
Zbigniew Jędrzejewski-Szmek [Mon, 15 Jan 2018 09:28:14 +0000 (13:28 +0400)]
Merge pull request #7872 from mineo/coredumpctl-zsh-completion
Fix the ZSH completion on `coredumpctl gdb <tab>`
Alan Jenkins [Sat, 13 Jan 2018 17:22:46 +0000 (17:22 +0000)]
core: prevent spurious retries of umount
Testing the previous commit with `systemctl stop tmp.mount` logged the
reason for failure as expected, but unexpectedly the message was repeated
32 times.
The retry is a special case for umount; it is only supposed to cover the
case where the umount command was _successful_, but there was still some
remaining mount(s) underneath. Fix it by making sure to test the first
condition :).
Re-tested with and without a preceding `mount --bind /mnt /tmp`,
and using `findmnt` to check the end result.
Wieland Hoffmann [Sat, 13 Jan 2018 14:23:28 +0000 (15:23 +0100)]
zsh/coredumpctl: Never sort the completion candidates
That way, they're always sorted by date. I do not know how to make ZSH sort
them by PID through some option, but that doesn't seem very useful in the first
place.
Wieland Hoffmann [Sat, 13 Jan 2018 12:43:28 +0000 (13:43 +0100)]
zsh/coredumpctl: Fix the completion
An output from coredumpctl list is like
> TIME PID UID GID SIG COREFILE EXE
> Sun 2016-05-29 18:44:03 CEST 14578 1000 1000 6 none /tmp/pacaurtmp-wieland/python33/src/Python-3.3.6/python
^1 ^2 ^3 ^4 ^5
, but the previous sub() command turns that into
> TIMEPID UID GID SIG COREFILE EXE
> Sun2016-05-29 18:44:03 CEST 14578 1000 1000 6 none /tmp/pacaurtmp-wieland/python33/src/Python-3.3.6/python
^1 ^2 ^3 ^4 ^5
so the whole pipeline generated entries like
$UID:$DESCRIPTION
but that's not useful and probably not what was supposed to happen.
This now generates entries like
$PID:$DESCRIPTION
which make everything work.
Note that with this commmit, the completions will be sorted by PID by
ZSH.
Alan Jenkins [Sat, 13 Jan 2018 12:30:43 +0000 (12:30 +0000)]
core: fix output (logging) for mount units (#7603)
Documentation - systemd.exec - strongly implies mount units get logging.
It is safe for mounts to depend on systemd-journald.socket. There is no
cyclic dependency generated. This is because the root, -.mount, was
already deliberately set to EXEC_OUTPUT_NULL. See comment in
mount_load_root_mount(). And /run is excluded from being a mount unit.
Nor does systemd-journald depend on /var. It starts earlier, initially
logging to /run.
Tested before/after using `systemctl stop tmp.mount`.
0xAX [Fri, 12 Jan 2018 23:48:53 +0000 (00:48 +0100)]
dbus-execute: define bus_set_transient_errno() only if HAVE_SECCOMP (#7869)
in other way we will get a warning during build:
../src/core/dbus-util.h:55:13: warning: ‘bus_set_transient_errno’
defined but not used [-Wunused-function]
int bus_set_transient_##function(
Max Harmathy [Fri, 12 Jan 2018 13:16:43 +0000 (14:16 +0100)]
login: avoid external process call
Use a shell builtin of posix shells insteaf of calling 'which'.
See also http://stackoverflow.com/a/677212
Michal Sekletar [Fri, 12 Jan 2018 12:05:48 +0000 (13:05 +0100)]
process-util: make our freeze() routine do something useful
When we crash we freeze() our-self (or possibly we reboot the machine if
that is configured). However, calling pause() is very unhelpful thing to
do. We should at least continue to do what init systems being doing
since 70's and that is reaping zombies. Otherwise zombies start to
accumulate on the system which is a very bad thing. As that can prevent
admin from taking manual steps to reboot the machine in somewhat
graceful manner (e.g. manually stopping services, unmounting data
volumes and calling reboot -f).
Fixes #7783
Lennart Poettering [Fri, 12 Jan 2018 16:24:56 +0000 (17:24 +0100)]
Merge pull request #7865 from fbuihuu/restore-termination-of-bus-connection-first
Restore termination of bus connection first
Franck Bui [Fri, 12 Jan 2018 15:20:36 +0000 (16:20 +0100)]
Comment the fact that some tools need to termintate their bus connect first
Franck Bui [Fri, 12 Jan 2018 15:11:46 +0000 (16:11 +0100)]
mount: make sure we terminate the bus connection first, and then close the pager
See
cf647b69baee4c478d3909c327e3d917e1563f44 commit message for details.
Franck Bui [Fri, 12 Jan 2018 15:09:21 +0000 (16:09 +0100)]
Revert "tree-wide: use _cleanup_(sd_bus_flush_close_unrefp) at various appropriate places"
This reverts commit
0b3c84eb7da3a8c28ac248a68228f6a7edbb2e19.
The removal of _cleanup_() usages was done on purpose, see
cf647b69baee4c478d3909c327e3d917e1563f44.
Fixes: #3543
Matthew Thode [Thu, 11 Jan 2018 16:48:43 +0000 (10:48 -0600)]
support LZMA concatenated files
The xz format supports concatenated files, images are sometimes created
and shipped with it to increase compression.
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1742744 is
the source bug for this issue.
Lennart Poettering [Thu, 11 Jan 2018 22:37:04 +0000 (23:37 +0100)]
Merge pull request #7851 from msekletar/dbus-error-logging
dbus: propagate errors from bus_init_system() and bus_init_api()
winnerman-pythian [Thu, 11 Jan 2018 17:01:57 +0000 (12:01 -0500)]
bootctl: add newline after printf (#7856)
Upon error condition, a newline is not printed, leading to the shell prompt jamming against this line.
Lennart Poettering [Thu, 11 Jan 2018 16:14:49 +0000 (17:14 +0100)]
Merge pull request #7833 from keszybz/netdev-relaxed
Avoid spurious warnings about unknown sections in .netdev files
Lennart Poettering [Fri, 5 Jan 2018 12:41:33 +0000 (13:41 +0100)]
cocci: there's not ENOTSUP, there's only EOPNOTSUPP
On Linux the former is a compat alias to the latter, and that's really
weird, as inside the kernel the two are distinct. Which means we really
should stay away from it.
Lennart Poettering [Fri, 5 Jan 2018 12:36:38 +0000 (13:36 +0100)]
ethtool-util: don't pass fds as pointers if we don't have to
Passing them as pointers is just weird, hence don't do it
Lennart Poettering [Fri, 5 Jan 2018 12:33:22 +0000 (13:33 +0100)]
ethtool-util: fix weird whitespace
Lennart Poettering [Fri, 5 Jan 2018 12:33:10 +0000 (13:33 +0100)]
ethtool-util: order includes properly
Lennart Poettering [Fri, 5 Jan 2018 12:32:39 +0000 (13:32 +0100)]
ethtool-util: no need for memcpy() where normal assignment works too
Lennart Poettering [Fri, 5 Jan 2018 11:20:22 +0000 (12:20 +0100)]
core: be stricter when handling PID files and MAINPID sd_notify() messages
Let's be more restrictive when validating PID files and MAINPID=
messages: don't accept PIDs that make no sense, and if the configuration
source is not trusted, don't accept out-of-cgroup PIDs. A configuratin
source is considered trusted when the PID file is owned by root, or the
message was received from root.
This should lock things down a bit, in case service authors write out
PID files from unprivileged code or use NotifyAccess=all with
unprivileged code. Note that doing so was always problematic, just now
it's a bit less problematic.
When we open the PID file we'll now use the CHASE_SAFE chase_symlinks()
logic, to ensure that we won't follow an unpriviled-owned symlink to a
privileged-owned file thinking this was a valid privileged PID file,
even though it really isn't.
Fixes: #6632