Lennart Poettering [Thu, 7 Sep 2017 12:32:33 +0000 (14:32 +0200)]
core: when coming back from reload/reexec, reapply all cgroup properties
With this change we'll invalidate all cgroup settings after coming back
from a daemon reload/reexec, so that the new settings are instantly
applied.
This is useful for the BPF case, because we don't serialize/deserialize
the BPF program fd, and hence have to install a new, updated BPF program
when coming back from the reload/reexec. However, this is also useful
for the rest of the cgroup settings, as it ensures that user
configuration really takes effect wherever we can.
Lennart Poettering [Thu, 7 Sep 2017 12:07:13 +0000 (14:07 +0200)]
core: serialize/deserialize IP accounting across daemon reload/reexec
Make sure the current IP accounting counters aren't lost during
reload/reexec.
Note that we destroy all BPF file objects during a reload: the BPF
programs, the access and the accounting maps. The former two need to be
regenerated anyway with the newly loaded configuration data, but the
latter one needs to survive reloads/reexec. In this implementation I
opted to only save/restore the accounting map content instead of the map
itself. While this opens a (theoretic) window where IP traffic is still
accounted to the old map after we read it out, and we thus miss a few
bytes this has the benefit that we can alter the map layout between
versions should the need arise.
Lennart Poettering [Thu, 7 Sep 2017 09:17:43 +0000 (11:17 +0200)]
core: when creating the socket fds for a socket unit, join socket's cgroup first
Let's make sure that a socket unit's IPAddressAllow=/IPAddressDeny=
settings are in effect on all socket fds associated with it. In order to
make this happen we need to make sure the cgroup the fds are associated
with are the socket unit's cgroup. The only way to do that is invoking
socket()+accept() in them. Since we really don't want to migrate PID 1
around we do this by forking off a helper process, which invokes
socket()/accept() and sends the newly created fd to PID 1. Ugly, but
works, and there's apparently no better way right now.
This generalizes forking off per-unit helper processes in a new function
unit_fork_helper_process(), which is then also used by the NSS chown()
code of socket units.
Lennart Poettering [Thu, 7 Sep 2017 09:15:27 +0000 (11:15 +0200)]
socket-label: let's use IN_SET, so that we have to call socket_address_family() only once
Lennart Poettering [Wed, 6 Sep 2017 15:56:15 +0000 (17:56 +0200)]
core: warn loudly if IP firewalling is configured but not in effect
Daniel Mack [Thu, 3 Nov 2016 16:31:25 +0000 (17:31 +0100)]
Add test for eBPF firewall code
Lennart Poettering [Tue, 5 Sep 2017 15:41:34 +0000 (17:41 +0200)]
ip-address-access: minimize IP address lists
Let's drop redundant items from the IP address list after parsing. Let's
also mask out redundant bits hidden by the prefixlength.
Lennart Poettering [Tue, 5 Sep 2017 10:19:28 +0000 (12:19 +0200)]
mkosi: when the build fails, show its log output, and propagate error
Lennart Poettering [Tue, 5 Sep 2017 09:16:35 +0000 (11:16 +0200)]
core: support IP firewalling to be configured for transient units
Lennart Poettering [Fri, 1 Sep 2017 18:31:44 +0000 (20:31 +0200)]
cgroup: dump the newly added IP settings in the cgroup context
Daniel Mack [Thu, 3 Nov 2016 18:00:09 +0000 (19:00 +0100)]
systemctl: report accounted network traffic in "systemctl status"
This hooks up the eposed D-Bus values and displays them like this:
-bash-4.3# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/etc/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2016-11-11 20:10:36 CET; 1min 29s ago
Main PID: 33 (httpd)
Status: "Total requests: 22514; Idle/Busy workers 92/7;Requests/sec: 259; Bytes served/sec: 87KB/sec"
Network: 15.8M in, 51.1M out
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
CGroup: /system.slice/httpd.service
├─ 33 /usr/sbin/httpd -DFOREGROUND
├─ 37 /usr/sbin/httpd -DFOREGROUND
├─112 /usr/sbin/httpd -DFOREGROUND
└─119 /usr/sbin/httpd -DFOREGROUND
Daniel Mack [Fri, 1 Sep 2017 14:04:50 +0000 (16:04 +0200)]
manager: hook up IP accounting defaults
Daniel Mack [Tue, 5 Sep 2017 17:27:53 +0000 (19:27 +0200)]
cgroup, unit, fragment parser: make use of new firewall functions
Daniel Mack [Fri, 11 Nov 2016 18:41:16 +0000 (19:41 +0100)]
Add firewall eBPF compiler
Daniel Mack [Fri, 11 Nov 2016 18:59:19 +0000 (19:59 +0100)]
cgroup: add fields to accommodate eBPF related details
Add pointers for compiled eBPF programs as well as list heads for allowed
and denied hosts for both directions.
Daniel Mack [Thu, 3 Nov 2016 16:30:06 +0000 (17:30 +0100)]
Add IP address address ACL representation and parser
Add a config directive parser that takes multiple space separated IPv4
or IPv6 addresses with optional netmasks in CIDR notation rvalue and
puts a parsed version of it to linked list of IPAddressAccessItem objects.
The code actually using this will be added later.
Daniel Mack [Tue, 18 Oct 2016 15:57:10 +0000 (17:57 +0200)]
Add abstraction model for BPF programs
This object takes a number of bpf_insn members and wraps them together with
the in-kernel reference id. Will be needed by the firewall code.
Daniel Mack [Fri, 28 Oct 2016 15:37:54 +0000 (17:37 +0200)]
build-sys: add new kernel bpf.h drop-in
The defines we need are pretty comprehensive and new, hence copy in the
full header from the kernel.
Lennart Poettering [Fri, 1 Sep 2017 12:25:59 +0000 (14:25 +0200)]
in-addr-util: add new helper call in_addr_prefix_from_string_auto()
This is much like in_addr_prefix_from_string(), but automatically
determines whether IPv4 or IPv6 addresses are specified. Also adds a
test for it.
Lennart Poettering [Fri, 1 Sep 2017 12:08:16 +0000 (14:08 +0200)]
in-addr-util: prefix return parameters with ret_
Lennart Poettering [Fri, 1 Sep 2017 12:40:02 +0000 (14:40 +0200)]
in-addr-util: be more systematic with naming our functions
Let's rename all our functions that process IPv4 in_addr structures
in4_addr_xyz(), following the already establishing naming logic for
this.
Leave the in_addr_xyz() prefix for functions that process the IPv4/IPv6
in_addr_union union instead.
Lennart Poettering [Mon, 4 Sep 2017 16:19:07 +0000 (18:19 +0200)]
manager: initialize timeouts when allocating a naked Manager object
This way we can safely run manager objects from tests and good timeouts
apply. Without this all timeouts are set 0, which means they fire
instantly, when run from tests which do not explicitly configure them
(the way main.c does).
Lennart Poettering [Tue, 5 Sep 2017 09:40:47 +0000 (11:40 +0200)]
manager: watching the cgroup2 inotify fd is safe in test runs too
Less deviation between test runs and normal runs is always a good idea,
hence enable more stuff that is safe in test runs
Lennart Poettering [Tue, 5 Sep 2017 09:17:01 +0000 (11:17 +0200)]
cgroup: always invalidate "cpu" and "cpuacct" together
This doesn't really matter, as we never invalidate cpuacct explicitly,
and there's no real reason to care for it explicitly, however it's
prettier if we always treat cpu and cpuacct as belonging together, the
same way we conisder "io" and "blkio" to belong together.
Lennart Poettering [Mon, 4 Sep 2017 16:18:04 +0000 (18:18 +0200)]
cgroup-util: minor coding style adjustment
Lennart Poettering [Tue, 5 Sep 2017 17:20:29 +0000 (19:20 +0200)]
core: make sure to dump cgroup context when unit_dump() is called for all unit types
For some reason we didn't dump the cgroup context for a number of unit
types, including service units. Not sure how this wasn't noticed
before... Add this in.
Lennart Poettering [Fri, 22 Sep 2017 08:22:24 +0000 (10:22 +0200)]
journald: make maximum size of stream log lines configurable and bump it to 48K (#6838)
This adds a new setting LineMax= to journald.conf, and sets it by
default to 48K. When we convert stream-based stdout/stderr logging into
record-based log entries, read up to the specified amount of bytes
before forcing a line-break.
This also makes three related changes:
- When a NUL byte is read we'll not recognize this as alternative line
break, instead of silently dropping everything after it. (see #4863)
- The reason for a line-break is now encoded in the log record, if it
wasn't a plain newline. Specifically, we distuingish "nul",
"line-max" and "eof", for line breaks due to NUL byte, due to the
maximum line length as configured with LineMax= or due to end of
stream. This data is stored in the new implicit _LINE_BREAK= field.
It's not synthesized for plain \n line breaks.
- A randomized 128bit ID is assigned to each log stream.
With these three changes in place it's (mostly) possible to reconstruct
the original byte streams from log data, as (most) of the context of
the conversion from the byte stream to log records is saved now. (So,
the only bits we still drop are empty lines. Which might be something to
look into in a future change, and which is outside of the scope of this
work)
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=86465
See: #4863
Replaces: #4875
Lennart Poettering [Thu, 21 Sep 2017 19:41:55 +0000 (21:41 +0200)]
Merge pull request #6853 from sourcejedi/GetAll
sd-bus: fix response for GetAll on non-existent objects
Zbigniew Jędrzejewski-Szmek [Thu, 21 Sep 2017 18:54:16 +0000 (20:54 +0200)]
Link to the right glibc commit in comment (#6884)
Reported by Marcos Mello.
Fixes #6882.
Jan Synacek [Thu, 21 Sep 2017 08:38:52 +0000 (10:38 +0200)]
execute: fix typo in error message (#6881)
Lennart Poettering [Wed, 20 Sep 2017 17:51:44 +0000 (19:51 +0200)]
Merge pull request #6847 from keszybz/disable-enable-generators
Disable and optionally again enable generators in test mode
Zbigniew Jędrzejewski-Szmek [Sat, 16 Sep 2017 09:31:16 +0000 (11:31 +0200)]
path-lookup: fix minor memleak
Introduced in
a1f31f4715.
Zbigniew Jędrzejewski-Szmek [Sat, 16 Sep 2017 09:29:34 +0000 (11:29 +0200)]
analyze-verify: add --generators switch to enable generators again
Zbigniew Jędrzejewski-Szmek [Sat, 16 Sep 2017 09:19:43 +0000 (11:19 +0200)]
Make test_run into a flags field and disable generators again
Now generators are only run in systemd --test mode, where this makes
most sense (how are you going to test what would happen otherwise?).
Fixes #6842.
v2:
- rename test_run to test_run_flags
Susant Sahani [Tue, 19 Sep 2017 14:28:26 +0000 (19:58 +0530)]
networkd: route - support unicast,blackhole,unreachable and prohibited (#6861)
Resolves issues #797 and #967.
Conf
```
[Route]
Type=blackhole
Destination=202.54.1.2
```
ip route
```
blackhole 202.54.1.2 proto static
Michael Biebl [Tue, 19 Sep 2017 12:17:57 +0000 (14:17 +0200)]
tests: change dbus tests to use user bus (#6845)
This makes it possible to run more dbus tests in a build
environment/chroot where no system bus is available.
To run the dbus test one then can use dbus-run-session.
Ivan Kurnosov [Tue, 19 Sep 2017 09:23:34 +0000 (21:23 +1200)]
Added docs for new timezone support added at #6788 (#6865)
Susant Sahani [Tue, 19 Sep 2017 08:49:58 +0000 (14:19 +0530)]
systemd-link: Add support to configure tx-tcp6-segmentation (#6859)
closes #6854
tcp-segmentation-offload: off
tx-tcp-segmentation: off
tx-tcp-ecn-segmentation: off [fixed]
tx-tcp-mangleid-segmentation: off
tx-tcp6-segmentation: off <==========================
Lennart Poettering [Tue, 19 Sep 2017 08:38:40 +0000 (10:38 +0200)]
Merge pull request #6855 from keszybz/more-docs
More docs
Dimitri John Ledkov [Tue, 19 Sep 2017 08:26:17 +0000 (09:26 +0100)]
networkd: change UseMTU default to true. (#6837)
Typically when DHCP server sets MTU it is a lower one. And a lower than usual
MTU is then thus required on said network to have operational networking. This
makes networkd's dhcp client to work in more similar way to other dhcp-clients
(e.g. isc-dhcp). In particular, in a cloud setting, without this default
instances have resulted in timing out talking to cloud metadata source and
failing to provision.
This does not change this default for the Annonymize code path.
Zbigniew Jędrzejewski-Szmek [Tue, 19 Sep 2017 06:04:02 +0000 (08:04 +0200)]
build-sys: bump xslt maxdepth limit (#6863)
With libxslt-1.30, builds were failing on some recursion depth limit
with systemd.index.xml. Bumping the limit fixes the issue.
Ansgar Burchardt [Tue, 19 Sep 2017 04:48:09 +0000 (06:48 +0200)]
typo: chache → cache (#6864)
Alan Jenkins [Mon, 18 Sep 2017 15:43:19 +0000 (16:43 +0100)]
man/systemd.special: correct what slices.target pulls in (#6862)
Patrik Flykt [Mon, 18 Sep 2017 10:09:44 +0000 (13:09 +0300)]
sd-radv: Free DNS domain search list on unref (#6858)
Evgeny Vereshchagin [Sun, 17 Sep 2017 21:07:12 +0000 (00:07 +0300)]
Merge pull request #6851 from keszybz/fix-masking-with-empty-files
Fix masking with empty files
Zbigniew Jędrzejewski-Szmek [Sun, 17 Sep 2017 13:17:50 +0000 (15:17 +0200)]
test-exec-util: add two test cases for scripts masked with empty file
A test for #6831. Fails without the previous commit.
Suggested by Evgeny Vereshchagin.
Zbigniew Jędrzejewski-Szmek [Sun, 17 Sep 2017 13:26:01 +0000 (15:26 +0200)]
conf-files: fix check for masking with empty files
Fixes #6831.
Zbigniew Jędrzejewski-Szmek [Sun, 17 Sep 2017 19:05:20 +0000 (21:05 +0200)]
man: describe user@host:machine syntax
Fixes #6734.
Zbigniew Jędrzejewski-Szmek [Sun, 17 Sep 2017 18:05:57 +0000 (20:05 +0200)]
man: update limits on seat and session identifiers in sd-login(3)
For the session identifier, the code is currently slightly stricter, because it
only uses digits and letters, than the description. This should be OK.
Fixes #6745.
Zbigniew Jędrzejewski-Szmek [Sun, 17 Sep 2017 17:52:15 +0000 (19:52 +0200)]
man: import "Multi-Seat on Linux" into sd-login(3)
The document on the wiki is partially outdated and not very visible. Let's
import the gist of it here. The original text is retained, with only grammar
and stylistic and formatting changes.
Alan Jenkins [Sat, 16 Sep 2017 11:32:59 +0000 (12:32 +0100)]
sd-bus: style nitpick node_vtable_get_userdata()
It's confusing to use a single void* to store data with two different
types, i.e. a userdata value which is safe to pass to ->find(), and a
userdata value which identifies the found object.
Name the latter `found_u`. This naming treats (!c->find) as a degenerate
case. (I.e. at that point, we know the object has already been found :).
Alan Jenkins [Sat, 16 Sep 2017 13:39:22 +0000 (14:39 +0100)]
sd-bus: fix response for GetAll on non-existent objects
Before this commit, if you run `loginctl user-status` from
debug-shell.service (and you have no login sessions for root), you always
see this output:
0
Linger: no
because Properties.GetAll is returning success but without any properties,
when the only find() callback had returned 0 to mean "no object found".
After:
Could not get properties: Unknown object:
'/org/freedesktop/login1/user/self'
BTW I have a fix for more user-friendly messages from logind in this case.
It is pending in my local branch for #6829 "fix `loginctl enable-linger`".
Zbigniew Jędrzejewski-Szmek [Sun, 17 Sep 2017 13:05:35 +0000 (15:05 +0200)]
Merge pull request #6788 from zerkms/TIMER_TIMEZONE
Timezone support for timers
Ivan Kurnosov [Sun, 17 Sep 2017 11:09:38 +0000 (23:09 +1200)]
Fix for dst/non-dst timezones
The problem was with the tm.tm_isdst that is set to the current environment
value: either DST or not. While the current state is not relevant to the state
in the desired date.
Hence — it should be reset so that the mktime_or_timegm could normalise it
later.
Lennart Poettering [Sun, 17 Sep 2017 10:04:21 +0000 (12:04 +0200)]
Merge pull request #6846 from keszybz/fix-udev_event_apply_format
Fix udev_event_apply_format()
Zbigniew Jędrzejewski-Szmek [Sun, 17 Sep 2017 07:50:52 +0000 (09:50 +0200)]
test-date: add more logging on error
Lennart Poettering [Sun, 17 Sep 2017 09:56:24 +0000 (11:56 +0200)]
Merge pull request #6840 from keszybz/more-docs
Some more documentation updates
Zbigniew Jędrzejewski-Szmek [Sun, 17 Sep 2017 07:10:03 +0000 (09:10 +0200)]
Simplify the if cases for timezone checking
Just to reduce the indentation a bit.
Ivan Kurnosov [Wed, 6 Sep 2017 09:56:36 +0000 (21:56 +1200)]
Added timezone to the CalendarSpec, parser/formatter and the timedatectl
Zbigniew Jędrzejewski-Szmek [Sat, 16 Sep 2017 06:45:02 +0000 (08:45 +0200)]
Move one space from dbus-execute.c to execute.c
The number of spaces is conserved ;)
Zbigniew Jędrzejewski-Szmek [Sat, 16 Sep 2017 06:38:28 +0000 (08:38 +0200)]
udev: fix buffer overflow in udev_event_apply_format()
Fixes #6664.
Christian Hesse [Fri, 15 Sep 2017 19:28:24 +0000 (21:28 +0200)]
fix path in btrfs rule (#6844)
Commit
0e8856d2 (assemble multidevice btrfs volumes without external
tools (#6607)) introduced a call to udevadm. That lives in @rootbindir@,
not @rootlibexecdir@. So fix the path.
Zbigniew Jędrzejewski-Szmek [Fri, 15 Sep 2017 19:24:48 +0000 (21:24 +0200)]
Merge pull request #6832 from poettering/keyring-mode
Add KeyringMode unit property to fix cryptsetup key caching
Zbigniew Jędrzejewski-Szmek [Fri, 15 Sep 2017 15:26:35 +0000 (17:26 +0200)]
Merge pull request #6841 from poettering/doc-exit-codes
document exit codes
Zbigniew Jędrzejewski-Szmek [Fri, 15 Sep 2017 12:59:45 +0000 (14:59 +0200)]
man: use "filename" not "file name" by default
We settled on "filename" and "file system", so change a couple of places for
consistency. The exception is when there's an adjective before "file" that
binds more strongly then "name": "password file name", "output file name", etc.
Those cases are left intact.
Russell Stuart [Tue, 12 Sep 2017 23:25:04 +0000 (09:25 +1000)]
man: update udevadm -y/--sysname-match documentation
Fixes #6792.
[zj: reorganize the sentece for grammatical correctness.]
Zbigniew Jędrzejewski-Szmek [Fri, 15 Sep 2017 12:49:44 +0000 (14:49 +0200)]
mailmap: add entry to fix encoding issues
Lennart Poettering [Fri, 15 Sep 2017 12:17:32 +0000 (14:17 +0200)]
man: add a whole section detailing journal stdout/stderr stream logging
Details about EPIPE/SIGPIPE handling, metadata and more.
Fixes: #6620
Lennart Poettering [Thu, 14 Sep 2017 19:23:56 +0000 (21:23 +0200)]
cryptsetup: make sure we invoke the cryptsetup tools with a shared keyring
We want that cryptsetup can cache keys between multiple invocations, and
it does so via the root user's user keyring, hence let's share it among
services.
Replaces: #6286
Lennart Poettering [Thu, 14 Sep 2017 19:19:05 +0000 (21:19 +0200)]
core: add new per-unit setting KeyringMode= for controlling kernel keyring setup
Usually, it's a good thing that we isolate the kernel session keyring
for the various services and disconnect them from the user keyring.
However, in case of the cryptsetup key caching we actually want that
multiple instances of the cryptsetup service can share the keys in the
root user's user keyring, hence we need to be able to disable this logic
for them.
This adds KeyringMode=inherit|private|shared:
inherit: don't do any keyring magic (this is the default in systemd --user)
private: a private keyring as before (default in systemd --system)
shared: the new setting
Lennart Poettering [Fri, 15 Sep 2017 14:48:41 +0000 (16:48 +0200)]
Merge pull request #6830 from keszybz/generator-dirs
Redirect generators to a temporary directory in test mode
Jan Synacek [Thu, 26 Jan 2017 12:45:46 +0000 (13:45 +0100)]
doc: document service exit codes
(Heavily reworked by Lennart while rebasing)
Fixes: #3545
Replaces: #5159
Lennart Poettering [Fri, 15 Sep 2017 14:42:09 +0000 (16:42 +0200)]
execute: improve and augment execution log messages
Let's generate friendly messages for more cases, and make slight
adjustments to the existing messages.
Lennart Poettering [Fri, 15 Sep 2017 14:41:19 +0000 (16:41 +0200)]
exit-status: drop EXIT_MAKE_STARTER
This is unused since kdbus has been removed.
Zbigniew Jędrzejewski-Szmek [Fri, 15 Sep 2017 12:47:57 +0000 (14:47 +0200)]
build-sys: require libmount >= 2.30 (#6795)
Fixes #4871.
The new libmount has two changes relevant for us:
- x-* options are propagated to /run/mount/utab and are visible through
libmount (fixes #4817).
- umount -c now really works (partially solves #6115).
Lennart Poettering [Fri, 15 Sep 2017 11:17:36 +0000 (13:17 +0200)]
Merge pull request #6772 from pfl/dnssl
networkd: DNSSL option for systemd-networkd prefix delegation
Zbigniew Jędrzejewski-Szmek [Fri, 15 Sep 2017 09:47:46 +0000 (11:47 +0200)]
man: update the description of machinectl -M
Fixes #6621.
Also rework the introduction a bit.
Zbigniew Jędrzejewski-Szmek [Fri, 15 Sep 2017 09:23:57 +0000 (11:23 +0200)]
man: explain when networkd removed existing configuration and when not
Fixes #6693.
Patrik Flykt [Thu, 7 Sep 2017 09:24:00 +0000 (12:24 +0300)]
man: Document Domains for Router Advertisement network configuration
Patrik Flykt [Mon, 21 Aug 2017 12:20:56 +0000 (15:20 +0300)]
test-ndisc-ra: Update test to include DNSSL option
Update the test to include the already provided DNSSL option.
Patrik Flykt [Mon, 21 Aug 2017 10:44:25 +0000 (13:44 +0300)]
networkd-radv: Set DNSSL information on Router Advertisement enabling
Patrik Flykt [Mon, 21 Aug 2017 10:41:20 +0000 (13:41 +0300)]
sd-radv: Add Router Advertisement DNS Search List option
Add Router Advertisement DNS Search List option as specified
in RFC 8106. The search list option uses and identical option
header as the RDNSS option and therefore the option header
structure can be reused.
If systemd is compiled with IDNA support, internationalization
of the provided search domain is applied, after which the search
list is written in wire format into the DNSSL option.
Patrik Flykt [Wed, 16 Aug 2017 10:29:51 +0000 (13:29 +0300)]
networkd: Parse DNS search domain information for Router Advertisement
Parse DNS search domains from .network files so that they are included
in Router Advertisement DNSSL options.
DNS search domains are added to the [IPv6PrefixDelegation] section using
the following syntax:
Domains=foo.example.com bar.example.com
If IDNA libraries are enabled in systemd, international domain names
are supported.
Zbigniew Jędrzejewski-Szmek [Fri, 15 Sep 2017 07:33:17 +0000 (09:33 +0200)]
man: delete note about propagating signal termination
That advice is generally apropriate for "user" programs, i.e. programs which
are run interactively and used pipelines and such. But it makes less sense for
daemons to propagate the exit signal. For example, if a process receives a SIGTERM,
it is apropriate for it to exit with 0 code. So let's just delete the whole
paragraph, since this page doesn't seem to be the right place for the longer
discussion which would be required to mention all the caveats and considerations.
Fixes #6415.
Martin Pitt [Fri, 15 Sep 2017 07:21:49 +0000 (09:21 +0200)]
Revert "device : reload when udev generates a "changed" event" (#6836)
This reverts commit
0ffddc6e2c6e19e5dc81812aee9fbe964059f3aa. That
causes a rather severe disruption of D-Bus and other services when e. g.
restarting local-fs.target (as spotted by the "storage" test regression).
Fixes #6834
Lennart Poettering [Fri, 15 Sep 2017 06:26:38 +0000 (08:26 +0200)]
core: make sure that $JOURNAL_STREAM prefers stderr over stdout information (#6824)
If two separate log streams are connected to stdout and stderr, let's
make sure $JOURNAL_STREAM points to the latter, as that's the preferred
log destination, and the environment variable has been created in order
to permit services to automatically upgrade from stderr based logging to
native journal logging.
Also, document this behaviour.
Fixes: #6800
Martin Pitt [Fri, 15 Sep 2017 05:32:50 +0000 (07:32 +0200)]
cryptsetup: fix unused variable (#6833)
When building without veracrypt, gcc warns
../src/cryptsetup/cryptsetup.c:55:13: warning: ‘arg_tcrypt_veracrypt’ defined but not used [-Wunused-variable]
static bool arg_tcrypt_veracrypt = false;
Fix this by conditionalizing the declaration.
Susant Sahani [Thu, 14 Sep 2017 19:51:39 +0000 (19:51 +0000)]
networkd: add support to configure IP Rule (#5725)
Routing Policy rule manipulates rules in the routing policy database control the
route selection algorithm.
This work supports to configure Rule
```
[RoutingPolicyRule]
TypeOfService=0x08
Table=7
From= 192.168.100.18
```
```
ip rule show
0: from all lookup local
0: from 192.168.100.18 tos 0x08 lookup 7
```
V2 changes:
1. Added logic to handle duplicate rules.
2. If rules are changed or deleted and networkd restarted
then those are deleted when networkd restarts next time
V3:
1. Add parse_fwmark_fwmask
Alan Jenkins [Thu, 14 Sep 2017 19:43:43 +0000 (20:43 +0100)]
units: don't kill the emergency shell when sysinit.target is triggered (#6765)
Why
---
The advantage of this is that starting sysinit.target from the emergency
shell will no longer kill the emergency shell and lock you out of the
system. Our docs already claimed that emergency.target was useful for
"starting individual units in order to continue the boot process in steps".
This resolves #6509 for my purposes.
Remaining limitation
--------------------
Starting getty.target will still kill the shell, and if you don't have a
root password you will then be locked out at that point. This is relevant
to distributions which patch the sulogin system to permit logins when the
root password is locked. Both Debian and RedHat used to follow this
behaviour! Debian have been discussing what they could replace it with at
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806852
So this doesn't quite achieve perfection, but I think it's a worthwhile
change. It should be easier to understand the logic now it doesn't have
such a big hole in it. Repairing the sysinit stage of the boot is the main
reason we have emergency.target. And as discussed in the issue,
sysinit.target gets pulled in implicitly as soon as any DefaultDependencies
service is activated.
How
---
sysinit.target only needs to conflict with emergency.target. It didn't
need to conflict with emergency.service as well. In theory the conflicts
are pointless, we could just change the dependency of sysinit.target on
local-fs.target from Wants to Requires. However, doing so would mean that
when local-fs fails, the screen is flooded with yellow [DEPEND] failures.
That would hinder the poor unfortunate admin, so let's not do that.
There is no additional ordering requirement against emergency. If the
failure happens, the job for sysinit will be cancelled instantly. We don't
need to worry about when sysinit.target and its dependents would be
stopped, because sysinit waits for local-fs before it starts.
emergency.target is still necessarily stopped once we reach sysinit
(you can't express a one-way conflict in pure unit directives).
This is largely cosmetic... though perhaps it symbolizes that you're no
longer in Emergency Mode if System Initialization is successful ;-).
As a secondary advantage, the getty's which conflict on rescue.service now
need to conflict on emergency.service as well. This makes the system more
uniform and simpler to understand.
The only other effect this should have is that
`systemctl start emergency.target` is now practically the same as
`systemctl start rescue.target`. The only units this command will stop are
the conflicting getty units. Neither of those commands should ever be
used. E.g. they will not stop the gdm.service unit on Fedora 26.
Lennart Poettering [Thu, 14 Sep 2017 19:41:13 +0000 (21:41 +0200)]
Merge pull request #6801 from johnlinp/master
man: explicitly distinguish "implicit dependencies" and "default dependencies"
Zbigniew Jędrzejewski-Szmek [Thu, 14 Sep 2017 18:14:37 +0000 (20:14 +0200)]
Merge pull request #6826 from poettering/empty-list-conf
don't unnecessarily create empty but allocated strv in config_parse_strv()
Felipe Sateler [Thu, 14 Sep 2017 17:51:20 +0000 (14:51 -0300)]
shared: end string with % if one was found at the end of a expandible string (#6828)
Current behavior is that %X where X is an unidentified specifier, then the result is
the same %X string. This was not the case when the string ended with a stray %, where
the character would have not been output. Lets add that missing character.
Fixes: #6374
Zbigniew Jędrzejewski-Szmek [Thu, 14 Sep 2017 17:47:59 +0000 (19:47 +0200)]
Merge pull request #6818 from poettering/nspawn-whitelist
convert nspawn syscall blacklist into a whitelist (and related stuff)
Zbigniew Jędrzejewski-Szmek [Thu, 14 Sep 2017 17:46:55 +0000 (19:46 +0200)]
Merge pull request #6790 from poettering/unit-unsetenv
add UnsetEnvironment= unit file setting, in order to fix #6407
Lennart Poettering [Thu, 14 Sep 2017 17:45:40 +0000 (19:45 +0200)]
units: set LockPersonality= for all our long-running services (#6819)
Let's lock things down. Also, using it is the only way how to properly
test this to the fullest extent.
Zbigniew Jędrzejewski-Szmek [Thu, 14 Sep 2017 17:26:29 +0000 (19:26 +0200)]
core/manager: when running in test mode, use a temp dir for generated stuff
When running through systemd-analyze verify or with --test, we would
not run generators (environment or unit). But at the end, we would nuke
the generator dirs anyway.
Simplify things by actually running generators of both types, but redirecting
their output to a temporary directory. This has the advantage that we test more
code, and the verification is more complete.
Since now we are not touching the real generator directories, we also don't
delete them, which fixes #5609.
Lennart Poettering [Thu, 14 Sep 2017 17:12:51 +0000 (19:12 +0200)]
Merge pull request #6820 from keszybz/sysusers-doc-update
Assorted updates to man pages
Zbigniew Jędrzejewski-Szmek [Thu, 14 Sep 2017 13:44:48 +0000 (15:44 +0200)]
pid1: improve the check guarding unit_file_preset_all()
When running in systemd-analyze verify, first_boot was initialized to -1
and never changed, so we'd try to run unit_file_preset_all(). Change the
check to > 0 which is more correct. Also, add a separate test for !test_run,
since we wouldn't want to run presets even if we were in first boot
(or /etc was empty for whatever other reason).
Lennart Poettering [Thu, 14 Sep 2017 16:26:10 +0000 (18:26 +0200)]
timer: don't use persietent file timestamps from the future (#6823)
Also, use the mtime rather than the atime of the timestamp file. While
the atime is not completely wrong, the mtime appears more appropriate
as that's what we actually explicitly change, and is not effected by
mere reading.
Fixes: #6821
Lennart Poettering [Thu, 14 Sep 2017 14:54:32 +0000 (16:54 +0200)]
conf-parser: when the empty string assigned to Personality= reset it
Let's support assigning the empty string to reset things in one more
place.