Zbigniew Jędrzejewski-Szmek [Sat, 31 Aug 2019 07:28:39 +0000 (09:28 +0200)]
Merge pull request #13385 from yuwata/core-remove-private-directories-13355
core: also remove private directories by systemctl clean
Yu Watanabe [Sat, 31 Aug 2019 04:57:34 +0000 (13:57 +0900)]
man: list possible action string and default value
Closes #13442.
RussianNeuroMancer [Fri, 30 Aug 2019 15:23:30 +0000 (23:23 +0800)]
Add HP Elite x2 1013 G3 touchpad as external
HP Elite x2 1013 G3 have external touchpad: http://h10032.www1.hp.com/ctg/Manual/
c06077534 (page 12)
Marking it as external resolve this issue: https://gitlab.freedesktop.org/libinput/libinput/issues/351
Yu Watanabe [Fri, 30 Aug 2019 17:53:54 +0000 (02:53 +0900)]
Merge pull request #13436 from systemd/hidden-units-are-good-units
Hidden units are good units
Michael Biebl [Fri, 23 Aug 2019 21:34:45 +0000 (23:34 +0200)]
Drop dbus activation stub service
This fixes the following problem:
> At the very end of the boot, just after the first user logs in
> (usually using sddm / X) I get the following messages in my logs:
> Nov 18 07:02:33 samd dbus-daemon[2879]: [session uid=1000 pid=2877] Activated service 'org.freedesktop.systemd1' failed: Process org.freedesktop.systemd1 exited with status 1
> Nov 18 07:02:33 samd dbus-daemon[2879]: [session uid=1000 pid=2877] Activated service 'org.freedesktop.systemd1' failed: Process org.freedesktop.systemd1 exited with status 1
These messages are caused by the "stub" service files that systemd
installs. It installed them because early versions of systemd activation
required them to exist.
Since dbus 1.11.0, a dbus-daemon that is run with --systemd-activation
automatically assumes that o.fd.systemd1 is an activatable
service. As a result, with a new enough dbus version,
/usr/share/dbus-1/services/org.freedesktop.systemd1.service and
/usr/share/dbus-1/system-services/org.freedesktop.systemd1.service should
become unnecessary, and they can be removed.
dbus 1.11.0 was released 2015-12-02.
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914015
Zbigniew Jędrzejewski-Szmek [Fri, 30 Aug 2019 11:09:23 +0000 (13:09 +0200)]
shared/virt: update link to vmware article
As suggested in https://github.com/systemd/systemd/pull/13430#issuecomment-
526551085.
Zbigniew Jędrzejewski-Szmek [Fri, 30 Aug 2019 12:10:42 +0000 (14:10 +0200)]
shared/unit-files: only put valid unit paths and dropin dirs in the cache
Zbigniew Jędrzejewski-Szmek [Fri, 30 Aug 2019 12:10:08 +0000 (14:10 +0200)]
shared/unit-files: we must not filter out names starting with a dot
Fixes #13380.
Zbigniew Jędrzejewski-Szmek [Fri, 30 Aug 2019 11:52:33 +0000 (13:52 +0200)]
docs: describe valid unit names in systemd.unit(5)
Zbigniew Jędrzejewski-Szmek [Mon, 26 Aug 2019 20:53:01 +0000 (22:53 +0200)]
environment-d-generator: output logs in debug mode
Those codepaths is only used by that generator, so simply adding a few debug
log lines should be OK.
Fixes #12259.
Zbigniew Jędrzejewski-Szmek [Fri, 30 Aug 2019 11:00:57 +0000 (13:00 +0200)]
Merge pull request #13384 from yuwata/core-runtime-directory-preserve
core: make RuntimeDirectoryPreserve= works with non-service units
Jeremy Soller [Wed, 21 Aug 2019 15:31:35 +0000 (09:31 -0600)]
Add System76 touchpad toggle support
Zbigniew Jędrzejewski-Szmek [Fri, 30 Aug 2019 10:26:37 +0000 (12:26 +0200)]
Merge pull request #13433 from keszybz/new-security-mailing-list
docs: new systemd-security mailing list
Jan Losinski [Thu, 29 Aug 2019 13:45:51 +0000 (15:45 +0200)]
basic/virt: Fix current virtualbox detection
In a current VirtualBox installation the board_vendor is set to "Oracle
Corporation". So we need to add this to the dmi_vendor_table for a
relieable detection.
This fixes #13429
Signed-off-by: Jan Losinski <losinski@wh2.tu-dresden.de>
Zbigniew Jędrzejewski-Szmek [Fri, 30 Aug 2019 09:45:42 +0000 (11:45 +0200)]
docs: create new SECURITY.md page
github has special support for that name:
https://help.github.com/en/articles/adding-a-security-policy-to-your-repository.
Zbigniew Jędrzejewski-Szmek [Fri, 30 Aug 2019 07:03:41 +0000 (09:03 +0200)]
docs: new systemd-security mailing list
In the past, we asked people to open a security bug on one of the "big"
distros. This worked OK as far as getting bugs reported and notifying some
upstream developers went. But we always had trouble getting information to
all the appropriate parties, because each time a bug was reported, a big
thread was created, with a growing CC list. People who were not CCed early
enough were missing some information, etc.
To clean this up, we decided to create a private mailing list. The natural
place would be freedesktop.org, but unfortunately the request to create a
mailing list wasn't handled
(https://gitlab.freedesktop.org/freedesktop/freedesktop/issues/134). And even
if it was, at this point, if there was ever another administrative issue, it
seems likely it could take months to resolve. So instead, we asked for a list
to be created on the redhat mailservers.
Please consider the previous security issue reporting mechanisms rescinded, and
send any senstive bugs to systemd-security@redhat.com.
Jan Chren [Wed, 28 Aug 2019 23:30:58 +0000 (23:30 +0000)]
man: install runlevel.8 unconditionally
systemctl supports runlevel invocation name without utmp.
The runlevel symlink is installed unconditionally.
So it's reasonable to install runlevel manpage with it as well.
Signed-off-by: Jan Chren (rindeal) <dev.rindeal@gmail.com>
Jan Chren [Wed, 28 Aug 2019 21:50:17 +0000 (21:50 +0000)]
meson: fix incomplete option descriptions
Signed-off-by: Jan Chren (rindeal) <dev.rindeal@gmail.com>
Yu Watanabe [Wed, 28 Aug 2019 15:03:19 +0000 (00:03 +0900)]
Merge pull request #13244 from keszybz/allow-dots-in-usernames
Allow dots in usernames
Yu Watanabe [Sun, 25 Aug 2019 08:47:57 +0000 (17:47 +0900)]
core: move timeout_clean_usec from Service to ExecContext
Yu Watanabe [Sun, 25 Aug 2019 07:27:33 +0000 (16:27 +0900)]
test: add tests for systemctl clean with DynamicUser=yes
Yu Watanabe [Thu, 22 Aug 2019 16:04:24 +0000 (01:04 +0900)]
core: also remove private directories by systemctl clean
Fixes #13355.
Hans de Goede [Wed, 28 Aug 2019 07:28:30 +0000 (09:28 +0200)]
hwdb: Add HP laptop accelerometer location quirk
Add another HP laptop to the list of HP laptops with their
accelerometer in the base.
While at it also fixup the indentation of a neighboring quirk.
Zbigniew Jędrzejewski-Szmek [Wed, 28 Aug 2019 10:05:52 +0000 (12:05 +0200)]
shared/user-util: emit a warning on names with dots
Ronan Pigott [Wed, 28 Aug 2019 05:28:02 +0000 (22:28 -0700)]
zsh: update journalctl completions
Yu Watanabe [Wed, 28 Aug 2019 06:23:01 +0000 (15:23 +0900)]
Merge pull request #13412 from yuwata/network-check-and-warn-more
network: check more static IPv6 configurations and add more warnings
Zbigniew Jędrzejewski-Szmek [Fri, 23 Aug 2019 09:34:45 +0000 (11:34 +0200)]
kernel-install: do not require non-empty kernel cmdline
When booting with Fedora-Server-dvd-x86_64-30-
20190411.n.0.iso,
/proc/cmdline is empty (libvirt, qemu host with bios, not sure if that
matters), after installation to disk, anaconda would "crash" in kernel-core
%posttrans, after calling kernel-install, because dracut would fail
with
> Could not determine the kernel command line parameters.
> Please specify the kernel command line in /etc/kernel/cmdline!
I guess it's legitimate, even if unusual, to have no cmdline parameters.
Two changes are done in this patch:
1. do not fail if the cmdline is empty.
2. if /usr/lib/kernel/cmdline or /etc/kernel/cmdline are present, but
empty, ignore /proc/cmdline. If there's explicit configuration to
have empty cmdline, don't ignore it.
The same change was done in dracut:
https://github.com/dracutdevs/dracut/pull/561.
Zbigniew Jędrzejewski-Szmek [Fri, 7 Aug 2015 01:34:15 +0000 (21:34 -0400)]
manager: put bin before sbin for user instances
Traditionally, user logins had a $PATH in which /bin was before /sbin, while
root logins had a $PATH with /sbin first. This allows the tricks that
consolehelper is doing to work. But even if we ignore consolehelper, having the
path in this order might have been used by admins for other purposes, and
keeping the order in user sessions will make it easier the adoption of systemd
user sessions a bit easier.
Fixes #733.
https://bugzilla.redhat.com/show_bug.cgi?id=1744059
OOM handling in manager_default_environment wasn't really correct.
Now the (theorertical) malloc failure in strv_new() is handled.
Please note that this has no effect on:
- systems with merged /bin-/sbin (e.g. arch)
- when there are no binaries that differ between the two locations.
E.g. on my F30 laptop there is exactly one program that is affected:
/usr/bin/setup -> consolehelper.
There is less and less stuff that relies on consolehelper, but there's still
some.
So for "clean" systems this makes no difference, but helps with legacy setups.
$ dnf repoquery --releasever=31 --qf %{name} --whatrequires usermode
anaconda-live
audit-viewer
beesu
chkrootkit
driftnet
drobo-utils-gui
hddtemp
mate-system-log
mock
pure-ftpd
setuptool
subscription-manager
system-config-httpd
system-config-rootpassword
system-switch-java
system-switch-mail
usermode-gtk
vpnc-consoleuser
wifi-radar
xawtv
Zbigniew Jędrzejewski-Szmek [Mon, 26 Aug 2019 06:58:41 +0000 (08:58 +0200)]
core: stop removing non-existent and duplicate lookup paths
When we would iterate over the lookup paths for each unit, making the list as
short as possible was important for performance. With the current cache, it
doesn't matter much. Two classes of paths were being removed:
- paths which don't exist in the filesystem
- paths which symlink to a path earlier in the search list
Both of those points cause problems with the caching code:
- if a user creates a directory that didn't exist before and puts units there,
now we will notice the new mtime an properly load the unit. When the path
was removed from list, we wouldn't.
- we now properly detect whether a unit path is on the path or not.
Before, if e.g. /lib/systemd/system, /usr/lib/systemd/systemd were both on
the path, and /lib was a symlink to /usr/lib, the second directory would be
pruned from the path. Then, the code would think that a symlink
/etc/systemd/system/foo.service→/lib/systemd/system/foo.service is an alias,
but /etc/systemd/system/foo.service→/usr/lib/systemd/system/foo.service would
be considered a link (in the systemctl link sense).
Removing the pruning has a slight negative performance impact in case of
usr-merge systems which have systemd compiled with non-usr-merge paths.
Non-usr-merge systems are deprecated, and this impact should be very small, so
I think it's OK. If it turns out to be an issue, the loop in function that
builds the cache could be improved to skip over "duplicate" directories with
same logic that the cache pruning did before. I didn't want to add this,
becuase it complicates the code to improve a corner case.
Fixes #13272.
Yu Watanabe [Tue, 27 Aug 2019 15:29:29 +0000 (00:29 +0900)]
Merge pull request #13382 from keszybz/network-ipv6-enable
Network ipv6 enable
Yu Watanabe [Tue, 27 Aug 2019 14:45:00 +0000 (23:45 +0900)]
network: add more warnings in network_verify()
Yu Watanabe [Tue, 27 Aug 2019 14:15:24 +0000 (23:15 +0900)]
network: enable ipv6 when the network has static ipv6 configurations
Zbigniew Jędrzejewski-Szmek [Thu, 22 Aug 2019 11:26:54 +0000 (13:26 +0200)]
network: drop all checks of ipv6_disabled sysctl
*We* control the sysctl setting. If the user configured IPv6, then we apply the
settings, and just make sure that at some point during the configuration the
sysctl is disabled (i.e. ipv6 enabled) if we have IPv6 configured.
Replaces #13283.
Zbigniew Jędrzejewski-Szmek [Tue, 27 Aug 2019 06:52:49 +0000 (08:52 +0200)]
Merge pull request #13402 from jwrdegoede/accel-quirks
hwdb: Accel quirks for 2 devices
VD-Lycos [Fri, 23 Aug 2019 22:48:41 +0000 (00:48 +0200)]
Add accel mount matrix for Medion Akoya E2293
Add ACCEL_MOUNT_MATRIX for Medion Akoya E2293 MD61130
Dan Streetman [Thu, 15 Aug 2019 20:06:13 +0000 (16:06 -0400)]
test/TEST-10-ISSUE-2467: remove testsuite.service TimeoutStartSec
This test runs under qemu, which may run on some testbeds without
acceleration; in those cases, a 10s timeout is frequently too short.
Simply removing the timeout to allow the default timeoutsec should
be enough time for the test to finish, even on very slow testbeds.
Dan Streetman [Mon, 22 Jul 2019 17:47:47 +0000 (13:47 -0400)]
test/TEST-18-FAILUREACTION: fix typo to actually run firstphase action
The if test for running the firstphase of the test should be negated
so the firstphase is actually executed.
Hans de Goede [Sun, 25 Aug 2019 18:34:34 +0000 (20:34 +0200)]
hwdb: Add accel. mount matrix and location for the Trekstor Primebook C11B
The Trekstor Primebook C11B 2-in-1 has 2 accelerometers. Add mount-matrix
and location info for both to 60-sensor.hwdb.
Hans de Goede [Tue, 20 Aug 2019 20:55:20 +0000 (22:55 +0200)]
hwdb: Add accel location quirk for the GPD win
The acceleromater in the GPD win is in the base, mark it as such so that
iio-sensor-proxy does not try to use it for display rotation.
Note as mentioned in the added comment the DMI strings are unfortunately
somewhat generic, but the combination of using all DMI strings including
the BIOS build data + the sensor modalias should be unique enough.
Yu Watanabe [Thu, 22 Aug 2019 15:48:38 +0000 (00:48 +0900)]
core: introduce exec_directory_is_private() helper function
Also, this follows up
40cd2ecc26b776ef085fd0fd29e8e96f6422a0d3.
Dan Streetman [Tue, 13 Aug 2019 12:05:06 +0000 (08:05 -0400)]
test/test-functions: use truncate instead of dd to create testbed image
This avoids unnecessary noise in the stderr logs which dd always produces,
such as:
0+0 records in
0+0 records out
0 bytes copied, 0.
000155284 s, 0.0 kB/s
Using truncate should not result in any functional change; the image will
still be created as a sparse file of the size specified.
Dan Streetman [Tue, 13 Aug 2019 11:52:57 +0000 (07:52 -0400)]
test/test-functions: use binaries from $BUILD_DIR or installed system
In Ubuntu CI, we test binaries from the installed system, not from
$BUILD_DIR, so use the appropriate binary. Most of the calls to the
binaries are part of checking/processing asan-built binaries, and so
did not apply to Ubuntu CI, except for generating noise in the stderr
log like:
objdump: '/tmp/autopkgtest.83yGoI/build.fHB/src/test/TEST-01-BASIC/systemd-journald': No such file
However this also applies to the call to systemd-nspawn, which the debian
upstream test wrapper was sed-adjusting to use the installed binary
instead of the binary in $BUILD_DIR. This commit allows removing that
sed processing of the test-functions file during Ubuntu CI test.
Evgeny Vereshchagin [Sat, 24 Aug 2019 02:51:53 +0000 (02:51 +0000)]
semaphore: switch back to the master branch
Arian van Putten [Sat, 24 Aug 2019 06:16:44 +0000 (08:16 +0200)]
Fix typo in sd_event_set_watchdog manpage (#13393)
Yu Watanabe [Thu, 22 Aug 2019 15:22:54 +0000 (00:22 +0900)]
test: add tests for RuntimeDirectoryPreserve=yes
Yu Watanabe [Thu, 22 Aug 2019 15:08:16 +0000 (00:08 +0900)]
core: make RuntimeDirectoryPreserve= works with non-service units
Yu Watanabe [Thu, 22 Aug 2019 14:49:49 +0000 (23:49 +0900)]
core: introduce unit_destroy_runtime_directory()
Currently `unit_will_restart()` can return true only when the unit is
service. Hence, should not change anything.
Zbigniew Jędrzejewski-Szmek [Thu, 22 Aug 2019 11:47:11 +0000 (13:47 +0200)]
NEWS: update contributors list
Zbigniew Jędrzejewski-Szmek [Thu, 22 Aug 2019 07:21:43 +0000 (09:21 +0200)]
hwdb: update for v243-rc2
Diff on the hwdb/*.hwdb files shows that again, this is only additions and
minor corrections.
Arian van Putten [Mon, 12 Aug 2019 17:36:56 +0000 (19:36 +0200)]
journalctl: Make journalctl --user-unit= match on _SYSTEMD_USER_SLICE
journalctl --unit= already did this, and allows you to tail all the logs
for a certain slice easily. It seemed only natural to make --user-unit
behave in a similar way.
The _SYSTEMD_USER_SLICE field was not documented as being added by
journald, so I have added that to the documentation too.
Furthermore, I have documented the existing behaviour of --unit= and the
new behaviour of --user-unit=
The behaviour was actually not documented before, so I am also OK with
removing the match for the --unit= command instead. The user would then
have to manually provide _SYSTEMD_SLICE= filter to journalctl in both
cases. Both options work for me.
Susant Sahani [Mon, 19 Aug 2019 10:00:35 +0000 (15:30 +0530)]
network: Do not disable IPv6 by writing to sysctl
Only enable is and do not disable IPv6
Anita Zhang [Thu, 22 Aug 2019 06:03:16 +0000 (23:03 -0700)]
core: TAKE_PTR in timer_add_one_calendar_spec
Introduced in d00a52c
Fixes #13373
Hans de Goede [Thu, 22 Aug 2019 06:55:09 +0000 (08:55 +0200)]
hwdb: add sensor location for HP ProBook4535s
https://bugzilla.redhat.com/show_bug.cgi?id=1717712
Lennart Poettering [Thu, 22 Aug 2019 08:02:28 +0000 (10:02 +0200)]
journald: slightly bump OOM adjust for journald (#13366)
If logging disappears issues are hard to debug, hence let's give
journald a slight edge over other services when the OOM killer hits.
Here are the special adjustments we now make:
systemd-coredump@.service.in OOMScoreAdjust=500
systemd-journald.service.in OOMScoreAdjust=-250
systemd-udevd.service.in OOMScoreAdjust=-1000
(i.e. the coredump processing is made more likely to be killed on OOM,
and udevd and journald are less likely to be killed)
Zbigniew Jędrzejewski-Szmek [Thu, 22 Aug 2019 07:13:25 +0000 (09:13 +0200)]
Merge pull request #13365 from keszybz/fix-commits-from-pr-13246
Fix commits from #13246
Albrecht Lohofener [Thu, 22 Aug 2019 07:12:31 +0000 (09:12 +0200)]
Add Chuwi Hi10 to 60-sensor.hwdb (#13351)
Zbigniew Jędrzejewski-Szmek [Wed, 21 Aug 2019 14:20:59 +0000 (16:20 +0200)]
pid1: always log successfull process termination quietly
Fixes #13372.
Lennart Poettering [Wed, 21 Aug 2019 13:36:02 +0000 (15:36 +0200)]
Merge pull request #13368 from keszybz/close-watchdog
shared/watchdog: close watchdog device when done with it
Zbigniew Jędrzejewski-Szmek [Wed, 21 Aug 2019 07:14:52 +0000 (09:14 +0200)]
pid1: after creating transient drop-ins, put file in path cache
The alternative would be to recreate the cache, but dropins can be created very
often for transient settings, so updating the cache seems like a much faster
option.
Fixes #13287.
Zbigniew Jędrzejewski-Szmek [Tue, 20 Aug 2019 18:24:47 +0000 (20:24 +0200)]
shared/watchdog: close watchdog device when done with it
The file descriptor was opened with O_CLOEXEC, so in practice this doesn't
change too much, but it seems cleaner to always close the old fd when
changing the device path.
Zbigniew Jędrzejewski-Szmek [Tue, 20 Aug 2019 19:13:36 +0000 (21:13 +0200)]
Merge pull request #13367 from poettering/null-console-fixes
Fixes inspired by console=null
Lennart Poettering [Tue, 20 Aug 2019 15:35:06 +0000 (17:35 +0200)]
fsck: add logging and fix error codes where appropriate
Lennart Poettering [Tue, 20 Aug 2019 15:34:16 +0000 (17:34 +0200)]
manager: simplify manager_get_confirm_spawn() a bit
Let's use our usual way of storing error codes.
Let's remove a redundant temporary variable we never change
Lennart Poettering [Tue, 20 Aug 2019 15:32:34 +0000 (17:32 +0200)]
load-fragment: use path_join() where appropriate
Lennart Poettering [Tue, 20 Aug 2019 15:32:17 +0000 (17:32 +0200)]
log: don't invalidate open console fd if we can't open a new one
Lennart Poettering [Tue, 20 Aug 2019 15:30:15 +0000 (17:30 +0200)]
terminal-util: add fallback logic to make_console_stdio()
If /dev/console can't be opened, let's use /dev/null instead.
Inspired by: #13332
Lennart Poettering [Tue, 20 Aug 2019 15:29:49 +0000 (17:29 +0200)]
log: cast various log_open() calls to (void)
Lennart Poettering [Tue, 20 Aug 2019 14:21:01 +0000 (16:21 +0200)]
update TODO
Lennart Poettering [Tue, 20 Aug 2019 11:55:47 +0000 (13:55 +0200)]
Merge pull request #13360 from keszybz/udev-watch-more
udev: set "watch" for more devices
Zbigniew Jędrzejewski-Szmek [Tue, 6 Aug 2019 16:23:54 +0000 (18:23 +0200)]
id128: actually support --pretty
We must be all lazy, at least I know I always used -p ;).
Zbigniew Jędrzejewski-Szmek [Fri, 2 Aug 2019 13:07:56 +0000 (15:07 +0200)]
test-journal-flush: provide at least *some* logs
Ubunut autopkgtest fails with:
405/501 test-journal-flush FAIL 0.74 s (killed by signal 6 SIGABRT)
--- command ---
SYSTEMD_KBD_MODEL_MAP='/tmp/autopkgtest.BgjJJv/build.yAM/systemd/src/locale/kbd-model-map' SYSTEMD_LANGUAGE_FALLBACK_MAP='/tmp/autopkgtest.BgjJJv/build.yAM/systemd/src/locale/language-fallback-map' PATH='/tmp/autopkgtest.BgjJJv/build.yAM/systemd/build-deb:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games' /tmp/autopkgtest.BgjJJv/build.yAM/systemd/build-deb/test-journal-flush
--- stderr ---
Assertion 'r >= 0' failed at src/journal/test-journal-flush.c:48, function main(). Aborting.
-------
It's hard to say what is going on here without any error messages whatsoever.
The test goes into deep details of journal file handling, so it needs to also
do logging on its own.
Zbigniew Jędrzejewski-Szmek [Fri, 2 Aug 2019 13:00:02 +0000 (15:00 +0200)]
test-event: stop debugging spew
Ubuntu autopkgtests print output from all tests, and test-event produces
a lot of it. Let's cut it down to reasonable size.
Zbigniew Jędrzejewski-Szmek [Thu, 1 Aug 2019 11:04:16 +0000 (13:04 +0200)]
basic/build.h: fix typo
Kai Krakow [Sat, 17 Aug 2019 00:33:43 +0000 (02:33 +0200)]
cgroup: Also set io.bfq.weight
Current kernels with BFQ scheduler do not yet set their IO weight
through "io.weight" but through "io.bfq.weight" (using a slightly
different interface supporting only default weights, not per-device
weights). This commit enables "IOWeight=" to just to that.
This patch may be dropped at some time later.
Link: https://github.com/systemd/systemd/issues/7057
Signed-off-by: Kai Krakow <kai@kaishome.de>
Zbigniew Jędrzejewski-Szmek [Thu, 1 Aug 2019 07:58:27 +0000 (09:58 +0200)]
shared/user-util: allow usernames with dots in specific fields
People do have usernames with dots, and it makes them very unhappy that systemd
doesn't like their that. It seems that there is no actual problem with allowing
dots in the username. In particular chown declares ":" as the official
separator, and internally in systemd we never rely on "." as the seperator
between user and group (nor do we call chown directly). Using dots in the name
is probably not a very good idea, but we don't need to care. Debian tools
(adduser) do not allow users with dots to be created.
This patch allows *existing* names with dots to be used in User, Group,
SupplementaryGroups, SocketUser, SocketGroup fields, both in unit files and on
the command line. DynamicUsers and sysusers still follow the strict policy.
user@.service and tmpfiles already allowed arbitrary user names, and this
remains unchanged.
Fixes #12754.
Zbigniew Jędrzejewski-Szmek [Thu, 1 Aug 2019 07:58:27 +0000 (09:58 +0200)]
shared/user-util: add compat forms of user name checking functions
New functions are called valid_user_group_name_compat() and
valid_user_group_name_or_id_compat() and accept dots in the user
or group name. No functional change except the tests.
Zbigniew Jędrzejewski-Szmek [Thu, 1 Aug 2019 08:02:14 +0000 (10:02 +0200)]
core: remove one {}
Lennart Poettering [Mon, 19 Aug 2019 16:02:46 +0000 (18:02 +0200)]
Merge pull request #13356 from keszybz/static-nodes-perms
Fix permissions on static nodes
Lennart Poettering [Mon, 19 Aug 2019 13:38:00 +0000 (15:38 +0200)]
Merge pull request #13353 from keszybz/analyze-cat-config-relabel-extra.d
systemd-analyze cat-config relabel-extra.d/
Zbigniew Jędrzejewski-Szmek [Mon, 19 Aug 2019 09:50:04 +0000 (11:50 +0200)]
tmpfiles: override permissions of static nodes that need this
Fixes #13350.
Zbigniew Jędrzejewski-Szmek [Mon, 19 Aug 2019 06:51:39 +0000 (08:51 +0200)]
shared/seccomp: add sync_file_range2
Some architectures need the arguments to be reordered because of alignment
issues. Otherwise, it's the same as sync_file_range.
Zbigniew Jędrzejewski-Szmek [Mon, 19 Aug 2019 09:05:58 +0000 (11:05 +0200)]
Rename tmpfiles.d/kmod.conf to static-nodes.conf
It is generated using kmod, but apart from that doesn't have
much to do with kmod.
Zbigniew Jędrzejewski-Szmek [Tue, 6 Aug 2019 20:07:17 +0000 (22:07 +0200)]
analyze: make cat-config work with relabel-extra.d
Zbigniew Jędrzejewski-Szmek [Tue, 6 Aug 2019 19:20:18 +0000 (21:20 +0200)]
systemctl: use unicode in one more place
Zbigniew Jędrzejewski-Szmek [Tue, 6 Aug 2019 07:05:12 +0000 (09:05 +0200)]
man: owned to → owned by
Zbigniew Jędrzejewski-Szmek [Mon, 19 Aug 2019 08:08:23 +0000 (10:08 +0200)]
Merge pull request #13235 from yuwata/network-routing-policy-rule-family-13233
network: add RoutingPolicyRule.Family= setting
Zbigniew Jędrzejewski-Szmek [Mon, 19 Aug 2019 07:59:16 +0000 (09:59 +0200)]
Merge pull request #13345 from yuwata/network-fix-preferred-lifetime-zero-13341
network: fix PreferredLifetime=0
Zbigniew Jędrzejewski-Szmek [Wed, 14 Aug 2019 15:41:31 +0000 (17:41 +0200)]
Revert "shared/conf-parser,networkd: EXTRACT_UNQUOTE|EXTRACT_RETAIN_ESCAPE → EXTRACT_UNQUOTE"
This reverts commit
8a07b4033e5d3c86931b3dd2ddbca41118c05c60.
The tests are kept. test-networkd-conf is adjusted to pass.
This fixes #13276. I think current rules are extremely confusing, as the
case in test-networkd-conf shows. We apply some kinds of unescaping (relating
to quoting), but not others (related to escaping of special characters).
But fixing this is hard, because people have adjusted quoting to match
our rules, and if we make the rules "better", things might break in unexpected
places.
Topi Miettinen [Fri, 16 Aug 2019 08:42:04 +0000 (11:42 +0300)]
cgroup-util: update comment to reflect stable kernel fixes
Yu Watanabe [Sun, 18 Aug 2019 15:34:35 +0000 (00:34 +0900)]
Merge pull request #13344 from ddstreet/test-functions
Minor/cosmetic changes to test/test-functions, some test.sh
Dan Streetman [Thu, 15 Aug 2019 20:27:05 +0000 (16:27 -0400)]
test: increase qemu timeout for TEST-18 and TEST-19
These tests runs under qemu, and on some testbeds, without acceleration.
On those systems, the current 180 second overall test timeout is too
short to run the test.
Increasing the timeout to 600s should be enough, even for slow
non-accelerated qemu testbeds.
Yu Watanabe [Sat, 17 Aug 2019 17:15:11 +0000 (02:15 +0900)]
test-network: update test for PreferredLifetime=0
Yu Watanabe [Sun, 18 Aug 2019 15:04:37 +0000 (00:04 +0900)]
network: do not check deprecated flag in address_is_ready()
Without this change, the address with PreferredLifetime=0 cannot be ready,
and thus, no consequent setting up process does not start.
The bug was introduced by 6aa5773.
Follow-up for
b7ed5384ab55cd4d7b8d7d1ec7f5d5e145f0a2b1.
Fixes #13341.
Theo Ouzhinski [Sat, 17 Aug 2019 17:21:50 +0000 (13:21 -0400)]
man: add missing comma
Mr-Foo [Sat, 17 Aug 2019 16:30:57 +0000 (16:30 +0000)]
trivial spelling fixes (#13339)
Dan Streetman [Sat, 17 Aug 2019 16:24:00 +0000 (12:24 -0400)]
test/test-functions: add mkdir to import_initdir
This dir is created by create_empty_image_rootdir, as well as indirectly
by some other functions, but it should be created by import_initdir so
the newly-exported $initdir exists and can be used immediately without
relying on other functions to create it.
Dan Streetman [Thu, 15 Aug 2019 13:39:31 +0000 (09:39 -0400)]
test: replace $TESTDIR/root with $initdir
The $initdir var is already set to $TESTDIR/root, it should be used
instead of direct use of $TESTDIR/root.
Dan Streetman [Sat, 17 Aug 2019 16:20:56 +0000 (12:20 -0400)]
test: TEST-33 and TEST-36 should use create_empty_image_rootdir
This recently added function handles mkdir and mounting of the empty image,
as well as umounting after test_setup.
Dan Streetman [Tue, 13 Aug 2019 11:50:59 +0000 (07:50 -0400)]
test/test-functions: avoid stderr noise, only umount on cleanup if mountpoint
Only umount it during cleanup if the $TESTDIR/root dir is a mountpoint.
This avoids adding noise to the stderr log such as:
mountpoint: /var/tmp/systemd-test.waLOFT/root: No such file or directory
Yu Watanabe [Wed, 31 Jul 2019 03:09:03 +0000 (12:09 +0900)]
test-network: add tests for RoutingPolicyRule.Family=ipv6 and both