ott [Tue, 12 Dec 2017 15:30:12 +0000 (16:30 +0100)]
resolve: add support for RFC 8080 (#7600)
RFC 8080 describes how to use EdDSA keys and signatures in DNSSEC. It
uses the curves Ed25519 and Ed448. Libgcrypt 1.8.1 does not support
Ed448, so only the Ed25519 is supported at the moment. Once Libgcrypt
supports Ed448, support for it can be trivially added to resolve.
Saran Tunyasuvunakool [Tue, 12 Dec 2017 15:25:36 +0000 (15:25 +0000)]
networkd: Fix race condition in [RoutingPolicyRule] handling (#7615)
The routing policy rule setup logic is moved to the routes setup phase (rather than the addresses setup phase as it is now). Additionally, a call to `link_check_ready` is added to the routing policy rules setup handler. This prevents a race condition with the routes setup handler.
Also give each async handler its own message counter to prevent race conditions when logging successes.
Fixes: #7614
Yu Watanabe [Sun, 10 Dec 2017 15:27:19 +0000 (00:27 +0900)]
resolved: fix wrong error code (#7601)
Alan Jenkins [Sun, 10 Dec 2017 10:58:01 +0000 (10:58 +0000)]
core: fix undefined behaviour due to uninitialized string buffer (#7597)
Failure of systemd to respond on the bus interface was bisected to
af6b0ecc
"core: make "taint" string logic a bit more generic and output it at boot".
Failure was presumably caused by trying to append strings to an
unintialized buffer, leading to writing outside the unterminated buffer
and hence undefined behaviour.
Lennart Poettering [Fri, 8 Dec 2017 21:22:02 +0000 (22:22 +0100)]
Merge pull request #7352 from eddiejames/master
Add path configuration for hardware watchdog device
Olaf Hering [Fri, 8 Dec 2017 21:21:42 +0000 (22:21 +0100)]
virt: use XENFEAT_dom0 to detect the hardware domain (#6442, #6662) (#7581)
The detection of ConditionVirtualisation= relies on the presence of
/proc/xen/capabilities. If the file exists and contains the string
"control_d", the running system is a dom0 and VIRTUALIZATION_NONE should
be set. In case /proc/xen exists, or some sysfs files indicate "xen",
VIRTUALIZATION_XEN should be set to indicate the system is a domU.
With an (old) xenlinux based kernel, /proc/xen/capabilities is always
available and the detection described above works always. But with a
pvops based kernel, xenfs must be mounted on /proc/xen to get
"capabilities". This is done by a proc-xen.mount unit, which is part of
xen.git. Since the mounting happens "late", other units may be scheduled
before "proc-xen.mount". If these other units make use of
"ConditionVirtualisation=", the virtualization detection returns
incorect results. detect_vm() will set VIRTUALIZATION_XEN because "xen"
is found in sysfs. This value will be cached. Once xenfs is mounted, the
next process that runs detect_vm() will get VIRTUALIZATION_NONE.
This misdetection can be fixed by using
/sys/hypervisor/properties/features, which exports the value returned by
the "XENVER_get_features" hypercall. If the bit XENFEAT_dom0 is set, the
domain is the "hardware domain". It is supposed to have permissions to
access all hardware. The used sysfs file is available since v2.6.31.
The commonly used term "dom0" refers to the control domain which runs
the toolstack and has access to all hardware. But the virtualization
host may be configured such that one dedicated domain becomes the
"hardware domain", and another one the "toolstack domain".
Lennart Poettering [Fri, 8 Dec 2017 21:21:01 +0000 (22:21 +0100)]
Merge pull request #6993 from rojkov/dnssd
Add support for server-side DNS-SD in mDNS zones.
Edward A. James [Fri, 8 Dec 2017 17:27:01 +0000 (11:27 -0600)]
documentation: add description for watchdog device path
Document the command line parameter and the system configuration file
setting.
Edward A. James [Fri, 8 Dec 2017 17:26:44 +0000 (11:26 -0600)]
core: Add WatchdogDevice config option and implement it
This option allows a device path to be specified for the systemd
watchdog (both runtime and shutdown).
If a system requires a watchdog other than /dev/watchdog (pointing to
/dev/watchdog0) to be used to reboot the system, this setting should be
changed to the relevant watchdog device path (e.g. /dev/watchdog1).
Edward A. James [Fri, 8 Dec 2017 17:26:30 +0000 (11:26 -0600)]
watchdog: allow a device path to be specified
Currently systemd hardcodes the use of /dev/watchdog. This is a legacy
chardev that points to watchdog0 in the system.
Modify the watchdog API to allow a different device path to be passed
and stored. Opening the watchdog defaults to /dev/watchdog, maintaining
existing behavior.
Zbigniew Jędrzejewski-Szmek [Fri, 8 Dec 2017 16:28:02 +0000 (17:28 +0100)]
shared: use _cleanup_ in specifier_printf (#7586)
Follow-up for
e62d316561.
Yu Watanabe [Fri, 8 Dec 2017 12:34:25 +0000 (21:34 +0900)]
acl: fix typo in comment (#7580)
Patrik Flykt [Fri, 8 Dec 2017 12:33:40 +0000 (14:33 +0200)]
networkd: Ignore DNS information when uplink is not managed (#7571)
When another networking daemon or configuration is handling the
uplink connection, systemd-networkd won't have a network configuration
associated with the link, and therefore link->network will be NULL.
An assert will be triggered later on in the code when link->network is
NULL.
Dmitry Rozhkov [Wed, 29 Nov 2017 09:03:44 +0000 (11:03 +0200)]
resolved: support multiple TXT RRs per DNS-SD service
Section 6.8 of RFC 6763 allows having service instances with
multiple TXT resource records.
Dmitry Rozhkov [Wed, 22 Nov 2017 14:49:23 +0000 (16:49 +0200)]
resolved: consult Polkit for privileges when manipulating DNS-SD
Dmitry Rozhkov [Tue, 31 Oct 2017 07:47:37 +0000 (09:47 +0200)]
resolved: resolve possible conflicts for DNS-SD RRs
It might happen that a DNS-SD service doesn't include local host's
name in its RR keys and still conflicts with a remote service.
In this case try to resolve the conflict by changing name for
this particular service.
Dmitry Rozhkov [Fri, 27 Oct 2017 09:16:54 +0000 (12:16 +0300)]
resolved: don't check conflicts for DNS-SD enumeration RRs
Dmitry Rozhkov [Wed, 4 Oct 2017 12:56:19 +0000 (15:56 +0300)]
resolved: add man page for systemd.dnssd
Dmitry Rozhkov [Mon, 23 Oct 2017 11:46:13 +0000 (14:46 +0300)]
resolved: implement D-Bus API for DNS-SD
Dmitry Rozhkov [Tue, 17 Oct 2017 08:35:06 +0000 (11:35 +0300)]
resolved: detect and handle mDNS race condition upon probing
As discussed in RFC 6762, Section 8.2 a race condition may
happen when two hosts are probing for the same name simultaniously.
Detect and handle such race conditions.
Dmitry Rozhkov [Mon, 16 Oct 2017 14:25:17 +0000 (17:25 +0300)]
resolved: add authority section to mDNS probing queries
According to RFC 6762 Section 8.2 "Simultaneous Probe Tiebreaking"
probing queries' Authority Section is populated with proposed
resource records in order to resolve possible race conditions.
Dmitry Rozhkov [Tue, 31 Oct 2017 08:34:58 +0000 (10:34 +0200)]
resolved: set cache-flush bit on mDNS responses
From RFC 6762, Section 10.2
"They (the rules about when to set the cache-flush bit) apply to
startup announcements as described in Section 8.3, "Announcing",
and to responses generated as a result of receiving query messages."
So, set the cache-flush bit for mDNS answers except for DNS-SD
service enumerattion PTRs described in RFC 6763, Section 4.1.
Dmitry Rozhkov [Fri, 13 Oct 2017 09:19:21 +0000 (12:19 +0300)]
resolved: make rfc4795-specific code run for LLMNR only
RFC6762 specifies different procedure for conflict resolution and
the code is not applicable for the mDNS case.
Dmitry Rozhkov [Wed, 4 Oct 2017 07:07:44 +0000 (10:07 +0300)]
resolved: announce DNS-SD records in mDNS scopes
Dmitry Rozhkov [Wed, 4 Oct 2017 08:34:39 +0000 (11:34 +0300)]
resolved: put DNS-SD records to mDNS-enabled zones.
Dmitry Rozhkov [Wed, 4 Oct 2017 08:19:16 +0000 (11:19 +0300)]
resolved: add enablers for DNS-SD
Introduce network services loaded from .dnssd files that
can be used for server-side DNS-SD implementation in systemd-resolved.
Dmitry Rozhkov [Fri, 24 Nov 2017 13:24:57 +0000 (15:24 +0200)]
resolved: inroduce dns_txt_item_new_empty() function
Dmitry Rozhkov [Tue, 10 Oct 2017 12:58:45 +0000 (15:58 +0300)]
shared: introduce dnssd_srv_type_is_valid() function
Dmitry Rozhkov [Fri, 29 Sep 2017 11:13:47 +0000 (14:13 +0300)]
resolved: answer all mDNS questions found in packet
According to p5.3 of RFC6762 (Multicast DNS) one mDNS query message
can contain more than one question sections.
Generate answers for all found questions and put them to a reply
message.
Lennart Poettering [Fri, 8 Dec 2017 12:09:45 +0000 (13:09 +0100)]
Merge pull request #7570 from keszybz/sulogin-shell-reload-manager
Reload manager before exit from sulogin shell
Clinton Roy [Fri, 8 Dec 2017 02:44:20 +0000 (15:44 +1300)]
man: missing whitespace (#7579)
Olaf Hering [Thu, 7 Dec 2017 20:09:32 +0000 (21:09 +0100)]
virt: propagate errors in detect_vm_xen_dom0 (#7553)
Update detect_vm_xen_dom0 to propagate errors in case reading
/proc/xen/capabilites fails. This does not fix any bugs, it just makes
it consistent with other functions called by detect_vm.
Harald Hoyer [Thu, 7 Dec 2017 20:07:53 +0000 (21:07 +0100)]
boot/efi: fixup TPM V2 measuring and logging (#7568)
Honor the log format and use packed event structures.
Fixes https://github.com/systemd/systemd/issues/7118
Zbigniew Jędrzejewski-Szmek [Thu, 7 Dec 2017 20:06:28 +0000 (21:06 +0100)]
Merge pull request #7572 from poettering/taint-manager
"taint" logic improvements and other minor fixes
Zbigniew Jędrzejewski-Szmek [Thu, 7 Dec 2017 20:04:53 +0000 (21:04 +0100)]
Merge pull request #7573 from poettering/empty-to-null
use empty_to_null() where we can
Zbigniew Jędrzejewski-Szmek [Thu, 7 Dec 2017 20:03:32 +0000 (21:03 +0100)]
NEWS: mention systemd-tmpfiles --user (#7574)
Lennart Poettering [Thu, 7 Dec 2017 16:31:34 +0000 (17:31 +0100)]
Merge pull request #7562 from poettering/fix-manager-test-mkdir
fix --test mode
Zbigniew Jędrzejewski-Szmek [Thu, 7 Dec 2017 11:42:06 +0000 (12:42 +0100)]
sulogin-shell: replace "^D" by "exit"
^D is a bit cryptic, and advanced users will know that they can use ^D instead
of typing exit anyway.
Lennart Poettering [Thu, 7 Dec 2017 10:58:58 +0000 (11:58 +0100)]
update TODO
Lennart Poettering [Thu, 7 Dec 2017 10:58:25 +0000 (11:58 +0100)]
nspawn: turn on watchdog logic for nspawn too
It's a long-running daemon, and it's easy to enable, hence do it.
Lennart Poettering [Thu, 7 Dec 2017 10:35:02 +0000 (11:35 +0100)]
manager: taint the manager if the overflowuid/overflowgid aren't set to 65534
Zbigniew Jędrzejewski-Szmek [Thu, 7 Dec 2017 09:33:11 +0000 (10:33 +0100)]
sulogin-shell: do daemon-reload before starting default target
If the user modifies configuration, e.g. /etc/fstab, they might forget to tell
systemd about the changes. Let's do a reload for them.
Note that doing a reload should be safe, because emergency and rescue modes are
"single threaded" and nothing should be doing changes at the point where we are
exiting from the sushell. Also, daemon-reload can be implicitly called at
various moments, so we can ignore the case where the user did some incompatible
changes on disk and is counting on systemd never reloading and picking them up.
C.f. #7565.
Zbigniew Jędrzejewski-Szmek [Thu, 7 Dec 2017 09:51:03 +0000 (10:51 +0100)]
sulogin-shell: simplify returns from a function
This is actually slightly safer because it allows gcc to make sure that all code
paths either call return or are noreturn. But the real motivation is just to
follow the usual style and make it a bit shorter.
Zbigniew Jędrzejewski-Szmek [Thu, 7 Dec 2017 09:44:43 +0000 (10:44 +0100)]
meson: place systemd-sulogin-shell in build/
We do that will all executables so that it's easy to call them.
Lennart Poettering [Thu, 7 Dec 2017 11:13:00 +0000 (12:13 +0100)]
core: use empty_to_null() where we can
Lennart Poettering [Thu, 7 Dec 2017 11:11:13 +0000 (12:11 +0100)]
coccinelle: improve run-coccinelle.sh to take list of scripts to run
Let's tweak run-coccinelle.sh to optionally take a list of scripts to
run. If not specified, run all scripts, as before.
Lennart Poettering [Thu, 7 Dec 2017 10:28:00 +0000 (11:28 +0100)]
core: add console error message if manager_startup() fails
Lennart Poettering [Thu, 7 Dec 2017 10:27:07 +0000 (11:27 +0100)]
core: make "taint" string logic a bit more generic and output it at boot
The tainting logic existed for a long time, but was hidden inside the
bus interfaces. Let's give it a small bit more coverage, by logging its
value early at boot during initialization.
Lennart Poettering [Thu, 7 Dec 2017 10:09:09 +0000 (11:09 +0100)]
manager: don't check /usr state of initrd to determine "taint-usr" taint
Lennart Poettering [Wed, 6 Dec 2017 22:24:29 +0000 (23:24 +0100)]
manager: don't bother with creating /run/systemd/units/ in test mode
This makes sure running "systemd --test" works again on systems running
older systemd versions where the dir doesn't exist yet.
Zbigniew Jędrzejewski-Szmek [Thu, 7 Dec 2017 10:07:02 +0000 (11:07 +0100)]
Merge pull request #7567 from yuwata/fix-nobody
nobody related fixes
Lennart Poettering [Wed, 6 Dec 2017 22:24:00 +0000 (23:24 +0100)]
manager: split out code that sets up run_queue event source into function of its own
Let's shorten manager_new() a bit.
Yu Watanabe [Thu, 7 Dec 2017 08:19:11 +0000 (17:19 +0900)]
meson: warn if nobody-user and nobody-group are set to different name
It may work, but is very strange. So, let's warn about that.
v2:
Debian uses nobody and nogroup. Do not warn such case.
Yu Watanabe [Thu, 7 Dec 2017 06:49:16 +0000 (15:49 +0900)]
sysusers: use NOBODY_USER_NAME
Yu Watanabe [Thu, 7 Dec 2017 06:48:44 +0000 (15:48 +0900)]
test: use NOBODY_USER_NAME instead of hard-coded string "noody"
Lennart Poettering [Thu, 7 Dec 2017 08:07:40 +0000 (09:07 +0100)]
Merge pull request #7554 from keszybz/autodetect-build
Autodetect build directory ignoring mkosi artefacts
Zbigniew Jędrzejewski-Szmek [Thu, 7 Dec 2017 07:51:04 +0000 (08:51 +0100)]
Merge pull request #7560 from poettering/refactor-main
reduce main() size a bit
Zbigniew Jędrzejewski-Szmek [Thu, 7 Dec 2017 07:49:11 +0000 (08:49 +0100)]
Merge pull request #7566 from yuwata/fix-bootspec-default-entry
bootspec: fix debug message about default entry
Lennart Poettering [Thu, 7 Dec 2017 07:48:08 +0000 (08:48 +0100)]
units: delegate only "cpu" and "pids" controllers by default (#7564)
Now that we can configure which controllers to delegate precisely, let's
limit wht we delegate to the user session: only "cpu" and "pids" as a
minimal baseline.
Fixes: #1715
Yu Watanabe [Thu, 7 Dec 2017 05:23:11 +0000 (14:23 +0900)]
bootspec: make boot_entries_select_default() static
The function is used only in bootspec.c.
So, let's make the function static.
Yu Watanabe [Thu, 7 Dec 2017 05:21:13 +0000 (14:21 +0900)]
bootspec: fix debug message about default entry
When no entries matches with entry_oneshot, entry_default and
default_pattern, then log message shows a wrong entry.
Moreover, if none of entry_oneshot, entry_default and default_pattern
are set, then the index `i` is uninitialized.
This fixes such problem.
Christian Hesse [Wed, 6 Dec 2017 22:49:01 +0000 (23:49 +0100)]
NEWS: add missing whitespace (#7561)
Zbigniew Jędrzejewski-Szmek [Wed, 6 Dec 2017 22:30:51 +0000 (23:30 +0100)]
Merge pull request #7551 from poettering/resolved-unknown-scope
downgrade resolved log messages about incoming packets from unknown scopes
Zbigniew Jędrzejewski-Szmek [Wed, 6 Dec 2017 21:56:02 +0000 (22:56 +0100)]
Merge pull request #7559 from evverx/incorrect-spec-memleak
shared: fix a memory leak
Lennart Poettering [Wed, 6 Dec 2017 20:50:18 +0000 (21:50 +0100)]
core: split out execution context logging from main()
Again, no functional changes, let's just shorten main() a bit, by
splitting out more code into a separate functions.
Lennart Poettering [Wed, 6 Dec 2017 20:42:36 +0000 (21:42 +0100)]
core: move write_container_id() invocation into initialize_runtime()
This moves the invocation a bit later, but that shoudln't matter. By
moving it we gain two things: first of all, its closer to other code
where it belongs, secondly its naturally conditioned properly, as we no
longer will rewrite the container ID file on every reexecution again,
and not in test mode either.
Lennart Poettering [Wed, 6 Dec 2017 20:31:35 +0000 (21:31 +0100)]
core: split out various system/process initialization steps into its own function
Again, no changes in behaviour, just some refactoring to make main() a
bit more digestable.
Lennart Poettering [Wed, 6 Dec 2017 20:17:58 +0000 (21:17 +0100)]
core: split out code that frees arg_xyz variables
No change in behaviour, just some refactoring to shorten main() a bit.
Lennart Poettering [Wed, 6 Dec 2017 20:13:10 +0000 (21:13 +0100)]
core: split out code that queues default job from main()
No functional changes really, just some refactoring to shorten main() a
bit
Lennart Poettering [Wed, 6 Dec 2017 19:47:28 +0000 (20:47 +0100)]
core: split out the core loop out of main()
No real functional changes, just some rearranging to shorten the overly
long main() function a bit.
This gets rid of the arm_reboot_watchdog variable, as it can be directly
derived from shutdown_verb, and we need it only one time. By dropping it
we can reduce the number of arguments we need to pass around.
Lennart Poettering [Wed, 6 Dec 2017 19:16:35 +0000 (20:16 +0100)]
core: split out reexecution code of main() into its own function
No functional changes, just an attempt to shorten main() a bit.
Lennart Poettering [Wed, 6 Dec 2017 19:16:30 +0000 (20:16 +0100)]
virt: remove triple spurious newline
Evgeny Vereshchagin [Wed, 6 Dec 2017 19:12:05 +0000 (19:12 +0000)]
shared: fix a memory leak
```
$ ./src/test/test-systemd-tmpfiles.py valgrind --leak-check=full --error-exitcode=1 ./build/systemd-tmpfiles
...
Running valgrind --leak-check=full --error-exitcode=1 ./build/systemd-tmpfiles on 'w /unresolved/argument - - - - "%Y"'
...
[<stdin>:1] Failed to substitute specifiers in argument: Invalid slot
...
==22602== 5 bytes in 1 blocks are definitely lost in loss record 1 of 2
==22602== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==22602== by 0x4ECA7D4: malloc_multiply (alloc-util.h:74)
==22602== by 0x4ECA909: specifier_printf (specifier.c:59)
==22602== by 0x113490: specifier_expansion_from_arg (tmpfiles.c:1923)
==22602== by 0x1144E7: parse_line (tmpfiles.c:2159)
==22602== by 0x11551C: read_config_file (tmpfiles.c:2425)
==22602== by 0x115AB0: main (tmpfiles.c:2529)
```
Evgeny Vereshchagin [Wed, 6 Dec 2017 19:04:45 +0000 (19:04 +0000)]
tests: allow passing more than one argument to test-systemd-tmpfiles.py
This makes it easier to run `systemd-tmpfiles` under valgrind.
Olaf Hering [Wed, 6 Dec 2017 18:59:30 +0000 (19:59 +0100)]
virt: use /proc/xen as indicator for a Xen domain (#6442, #6662) (#7555)
The file /proc/xen/capabilities is only available if xenfs is mounted.
With a classic xenlinux based kernel that file is available
unconditionally. But with a modern pvops based kernel, xenfs must be
mounted before the "capabilities" may appear. xenfs is mounted very late
via .services files provided by the Xen toolstack. Other units may be
scheduled before xenfs is mounted, which will confuse the detection of
VIRTUALIZATION_XEN.
In all Xen enabled kernels, and if that kernel is actually running on
the Xen hypervisor, the "/proc/xen" directory is the reliable indicator
that this instance runs in a "Xen guest".
Adjust the code to check for /proc/xen instead of
/proc/xen/capabilities.
Fixes commit
3f61278b5 ("basic: Bugfix Detect XEN Dom0 as no virtualization")
Lennart Poettering [Wed, 6 Dec 2017 18:50:26 +0000 (19:50 +0100)]
Merge pull request #7419 from keszybz/tmpfiles-fixes
Tmpfiles --user mode and various fixes
Max Resch [Wed, 6 Dec 2017 14:29:52 +0000 (15:29 +0100)]
Set secure_boot flag in Kernel Zero-Page (#7482)
Setting the secure_boot flag, avoids getting the printout
"EFI stub: UEFI Secure Boot is enabled." when booting
a Linux kernel with linuxx64.efi.stub and EFI SecureBoot enabled.
This is mainly a cosmetic fixup, as the "quiet" kernel parameter does
not silence pr_efi printouts in the linux kernel (this only works using
the efi stub from the linux source tree)
Zbigniew Jędrzejewski-Szmek [Wed, 6 Dec 2017 14:28:31 +0000 (15:28 +0100)]
Merge pull request #7530 from poettering/uid-gid-fixes
various uid/gid fixes
Zbigniew Jędrzejewski-Szmek [Wed, 6 Dec 2017 14:13:02 +0000 (15:13 +0100)]
run-integration-test: allow argument to be overriden
This is useful for "sudo test/run-integration-tests.sh clean".
Zbigniew Jędrzejewski-Szmek [Wed, 6 Dec 2017 14:09:54 +0000 (15:09 +0100)]
tests: try to autodetect directory better
Ignore mkosi.builddir. In the future we can also add other patterns
if necessary.
run-intergration-tests.sh is updated to use the new script, and modified
to work from arbitrary directory.
Follow-up for #7494.
Lennart Poettering [Wed, 6 Dec 2017 12:53:39 +0000 (13:53 +0100)]
mkosi.build: add code to determine the right nobody user/group name
hanklank [Wed, 6 Dec 2017 12:52:25 +0000 (13:52 +0100)]
Added some missing Swedish Strings (#7552)
Lennart Poettering [Sat, 2 Dec 2017 12:11:25 +0000 (13:11 +0100)]
update TODO
Lennart Poettering [Tue, 5 Dec 2017 10:00:24 +0000 (11:00 +0100)]
meson: print warnings if the "nobody" user/group name is not compatible with the local system
At least on Fedora and Debian systems this not obvious to get right,
hence warn.
Lennart Poettering [Tue, 5 Dec 2017 09:59:44 +0000 (10:59 +0100)]
test-execute: use the "nogroup" group if it exists for testing
We currently look for "nobody" and "nfsnobody" when testing groups, both
of which do not exist on Ubuntu, our main testing environment. Let's
extend the tests slightly to also use "nogroup" if it exists.
Lennart Poettering [Mon, 4 Dec 2017 16:09:27 +0000 (17:09 +0100)]
journal,coredump: do not do ACL magic for "nobody" user either
The "nobody" user might possibly be seen by the journal or coredumping
code if unmapped userns-using processes are somehow visible to them.
Let's make sure we don't do the ACL magic for this user either, since
this is a special system user that might be backed by different real
users in different contexts.
Lennart Poettering [Mon, 4 Dec 2017 16:07:48 +0000 (17:07 +0100)]
user-util: synthesize user records for "nobody" the same way as for "root"
We already synthesize records for both "root" and "nobody" in
nss-systemd. Let's do the same in our own NSS wrappers that are supposed
to bypass NSS if possible. Previously this was done for "root" only, but
let's clean this up, and do the same for "nobody" too, so that we
synthesize records the same way everywhere, regardless whether in NSS or
internally.
Lennart Poettering [Mon, 4 Dec 2017 16:06:56 +0000 (17:06 +0100)]
user-util: add UID_NOBODY defines that resolve to (uid_t) 65534
We use it all over the place, let's add a #define for it. Makes things
easier greppable, and more explanatory I think.
Lennart Poettering [Sat, 2 Dec 2017 12:07:18 +0000 (13:07 +0100)]
nss-systemd: tweak checks when we consult PID 1 for dynamic UID/GID lookups
Instead of contacting PID 1 for dynamic UID/GID lookups for all
UIDs/GIDs that do not qualify as "system" do the more precise check
instead: check if they actually qualify for the "dynamic" range.
Lennart Poettering [Sat, 2 Dec 2017 12:02:44 +0000 (13:02 +0100)]
coredump,journal: do not do ACL magic for processes of dynamic UIDs
Dynamic UIDs should be treated like system users in this regard.
Lennart Poettering [Sat, 2 Dec 2017 11:59:21 +0000 (12:59 +0100)]
user-util: add new uid_is_system() helper
This adds uid_is_system() and gid_is_system(), similar in style to
uid_is_dynamic(). That a helper like this is useful is illustrated by
the fact that test-condition.c didn't get the check right so far, which
this patch fixes.
Lennart Poettering [Sat, 2 Dec 2017 11:49:22 +0000 (12:49 +0100)]
doc: add a document briefly explaining UID/GID range assumptions we make
Lennart Poettering [Sat, 2 Dec 2017 11:48:31 +0000 (12:48 +0100)]
build-sys: make the dynamic UID range, and the container UID range configurable
Also, export these ranges in our pkg-config files.
Lennart Poettering [Wed, 6 Dec 2017 11:45:39 +0000 (12:45 +0100)]
resolved: ignore our own LLMNR packets, the same way we ignore mDNS packets already
Let's minimize our traffic a bit. And for local names we bypass the
packet generation anyway.
Lennart Poettering [Wed, 6 Dec 2017 11:44:05 +0000 (12:44 +0100)]
resolved: downgrade log messages about incoming LLMNR/mDNS packets on unexpected scopes
This might very well happen due to races between joining multicast
groups and network configuration and such, let's not complain, but just
drop the messages at debug level.
Fixes: #7527
Zbigniew Jędrzejewski-Szmek [Mon, 4 Dec 2017 08:05:05 +0000 (09:05 +0100)]
test-systemd-tmpfiles: respect $HOME in test for %h expansion
%h is a special specifier because we look at $HOME (unless running suid, but
let's say that this case does not apply to tmpfiles, since the code is
completely unready to be run suid). For all other specifiers we query the user
db and use those values directly. I'm not sure if this exception is good, but
let's just "document" status quo for now. If this is changes, it should be in
a separate PR.
Zbigniew Jędrzejewski-Szmek [Sat, 2 Dec 2017 14:40:30 +0000 (15:40 +0100)]
test-systemd-tmpfiles: ignore result of %m test
It's failing on artful s390x and i386:
Running /tmp/autopkgtest.Pexzdu/build.lfO/debian/build-deb/systemd-tmpfiles on 'f /tmp/test-systemd-tmpfiles.c236s1uq/arg - - - - %m'
expect: '
01234567890123456789012345678901'
actual: '
e84bc78d162e472a8ac9759f5f1e4e0e'
--- stderr ---
Traceback (most recent call last):
File "/tmp/autopkgtest.Pexzdu/build.lfO/debian/src/test/test-systemd-tmpfiles.py", line 129, in <module>
test_valid_specifiers(user=False)
File "/tmp/autopkgtest.Pexzdu/build.lfO/debian/src/test/test-systemd-tmpfiles.py", line 89, in test_valid_specifiers
test_content('f {} - - - - %m', '{}'.format(id128.get_machine().hex), user=user)
File "/tmp/autopkgtest.Pexzdu/build.lfO/debian/src/test/test-systemd-tmpfiles.py", line 84, in test_content
assert content == expected
AssertionError
-------
Let's skip the test for now until this is resolved properly on the autopkgtest
side.
Zbigniew Jędrzejewski-Szmek [Sat, 2 Dec 2017 13:00:58 +0000 (14:00 +0100)]
test-systemd-tmpfiles: skip on python3.4
python3.4 is used by our CI.
Let's revert this when we stop supporting python < 3.5.
Zbigniew Jędrzejewski-Szmek [Fri, 1 Dec 2017 20:15:51 +0000 (21:15 +0100)]
test-systemd-tmpfiles: add tests for specifiers
Zbigniew Jędrzejewski-Szmek [Fri, 1 Dec 2017 17:53:24 +0000 (18:53 +0100)]
Fix typo