platform/upstream/systemd.git
5 years agoChange Razer Abyssus DPI in 70-mouse.hwdb (#12029)
Claudius Ellsel [Tue, 19 Mar 2019 00:30:22 +0000 (01:30 +0100)]
Change Razer Abyssus DPI in 70-mouse.hwdb (#12029)

As discussed in https://gitlab.freedesktop.org/libinput/libinput/issues/198#note_100642 the DPI for the Razer Abyssus mouse is not 3500 by default, but around 1600-1700 when measured with the mouse-dpi-tool.

So I have done some measurements now and always got a value of about 21000 device units on a distance of 12.5 inch. This would result in a calculated resolution of about 1680 DPI. Since such an odd number does not occur in the hwdb file I decided to round to 1600 DPI.

5 years agobus: fix memleak on invalid message
Zbigniew Jędrzejewski-Szmek [Sat, 16 Mar 2019 22:39:26 +0000 (23:39 +0100)]
bus: fix memleak on invalid message

Introduced in 6d586a13717ae057aa1b4127400c3de61cd5b9e7.
Reported by Felix Riemann in https://bugzilla.redhat.com/show_bug.cgi?id=1685286.

Reproducer:
for i in `seq 1 100`; do gdbus call --session -d org.freedesktop.systemd1 -m org.freedesktop.systemd1.Manager.StartUnit -o "/$(for x in `seq 0 28000`; do echo -n $x; done)" & done

5 years agotree-wide: fix false search hits with ppp (typos)
Topi Miettinen [Mon, 18 Mar 2019 12:49:53 +0000 (14:49 +0200)]
tree-wide: fix false search hits with ppp (typos)

5 years agoUpdate 60-sensor.hwdb for Acer Acer One 10 S1002
AndreyYashkin [Sun, 17 Mar 2019 18:54:16 +0000 (01:54 +0700)]
Update 60-sensor.hwdb for Acer Acer One 10 S1002

Tested on GNOME iio-sensor-proxy. With this config touchscreen auto-rotation works fine.

5 years agofuzz-calendarspec: actually run the second part of the fuzzer
Zbigniew Jędrzejewski-Szmek [Sat, 16 Mar 2019 09:57:12 +0000 (10:57 +0100)]
fuzz-calendarspec: actually run the second part of the fuzzer

https://github.com/systemd/systemd/pull/11975#issuecomment-473467475

5 years agoMerge pull request #11975 from keszybz/fuzzer-fixes-n
Lennart Poettering [Fri, 15 Mar 2019 16:34:37 +0000 (17:34 +0100)]
Merge pull request #11975 from keszybz/fuzzer-fixes-n

Fixes for a few fuzzer issues

5 years agoMerge pull request #12016 from yuwata/fix-two-memleaks-found-by-oss-fuzz
Lennart Poettering [Fri, 15 Mar 2019 16:33:48 +0000 (17:33 +0100)]
Merge pull request #12016 from yuwata/fix-two-memleaks-found-by-oss-fuzz

Fix two memleaks found by oss fuzz

5 years agoMerge pull request #12015 from keszybz/fix-tests-in-rawhide
Lennart Poettering [Fri, 15 Mar 2019 16:33:20 +0000 (17:33 +0100)]
Merge pull request #12015 from keszybz/fix-tests-in-rawhide

Fix compilation and tests in Fedora rawhide

5 years agoman: clarify that /run/media/system/ is where mounts are placed by default
Lennart Poettering [Thu, 14 Mar 2019 10:22:47 +0000 (11:22 +0100)]
man: clarify that /run/media/system/ is where mounts are placed by default

Prompted by the discussions on: https://github.com/systemd/systemd/issues/11982#issuecomment-472781806

5 years agonetwork: clear previous assignment
Yu Watanabe [Fri, 15 Mar 2019 15:11:22 +0000 (00:11 +0900)]
network: clear previous assignment

Prompted by oss-fuzz#13719.

5 years agofuzz: add testcase for oss-fuzz#13691
Yu Watanabe [Fri, 15 Mar 2019 14:54:30 +0000 (23:54 +0900)]
fuzz: add testcase for oss-fuzz#13691

5 years agonspawn: fix memleak
Yu Watanabe [Fri, 15 Mar 2019 14:53:02 +0000 (23:53 +0900)]
nspawn: fix memleak

Fixes oss-fuzz#13691.

5 years agofuzz: add a testcase for oss-fuzz#13719
Yu Watanabe [Fri, 15 Mar 2019 14:47:41 +0000 (23:47 +0900)]
fuzz: add a testcase for oss-fuzz#13719

5 years agoHandle or voidify all calls to close_all_fds()
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 14:35:49 +0000 (15:35 +0100)]
Handle or voidify all calls to close_all_fds()

In activate, it is important that we close the fds. In other cases, meh.

5 years agotest-execute: block /sys not /proc
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 14:27:32 +0000 (15:27 +0100)]
test-execute: block /sys not /proc

As explained in the previous commit, blocking /proc can cause us
to go into a long loop or fail the test.

5 years agobasic/fd-util: refuse "infinite" loop in close_all_fds()
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 14:13:25 +0000 (15:13 +0100)]
basic/fd-util: refuse "infinite" loop in close_all_fds()

I had a test machine with ulimit -n set to 1073741816 through pam
("session required pam_limits.so set_all", which copies the limits from PID 1,
left over from testing of #10921).

test-execute would "hang" and then fail with a timeout when running
exec-inaccessiblepaths-proc.service. It turns out that the problem was in
close_all_fds(), which would go to the fallback path of doing close()
1073741813 times. Let's just fail if we hit this case. This only matters
for cases where both /proc is inaccessible, and the *soft* limit has been
raised.

  (gdb) bt
  #0  0x00007f7e2e73fdc8 in close () from target:/lib64/libc.so.6
  #1  0x00007f7e2e42cdfd in close_nointr ()
     from target:/home/zbyszek/src/systemd-work3/build-rawhide/src/shared/libsystemd-shared-241.so
  #2  0x00007f7e2e42d525 in close_all_fds ()
     from target:/home/zbyszek/src/systemd-work3/build-rawhide/src/shared/libsystemd-shared-241.so
  #3  0x0000000000426e53 in exec_child ()
  #4  0x0000000000429578 in exec_spawn ()
  #5  0x00000000004ce1ab in service_spawn ()
  #6  0x00000000004cff77 in service_enter_start ()
  #7  0x00000000004d028f in service_enter_start_pre ()
  #8  0x00000000004d16f2 in service_start ()
  #9  0x00000000004568f4 in unit_start ()
  #10 0x0000000000416987 in test ()
  #11 0x0000000000417632 in test_exec_inaccessiblepaths ()
  #12 0x0000000000419362 in run_tests ()
  #13 0x0000000000419632 in main ()

5 years agotest-execute: allow filtering test cases by pattern
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 12:42:55 +0000 (13:42 +0100)]
test-execute: allow filtering test cases by pattern

When debugging failure in one of the cases, it's annoying to have to wade
through the output from all the other cases. Let's allow picking select
cases.

5 years agoseccomp: allow shmat to be a separate syscall on architectures which use a multiplexer
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 11:46:56 +0000 (12:46 +0100)]
seccomp: allow shmat to be a separate syscall on architectures which use a multiplexer

After
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0d6040d46817,
those syscalls have their separate numbers and we can block them.
But glibc might still use the old ones. So let's just do a best-effort
block and not assume anything about how effective it is.

5 years agonetwork: clear previous assignment
Yu Watanabe [Fri, 15 Mar 2019 14:44:47 +0000 (23:44 +0900)]
network: clear previous assignment

Fixes oss-fuzz#13719.

5 years agoseccomp: shm{get,at,dt} now have their own numbers everywhere
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 10:57:49 +0000 (11:57 +0100)]
seccomp: shm{get,at,dt} now have their own numbers everywhere

E.g. on i686:

(previously)
arch x86: SCMP_SYS(mmap) = 90
arch x86: SCMP_SYS(mmap2) = 192
arch x86: SCMP_SYS(shmat) = -221
arch x86: SCMP_SYS(shmat) = -221
arch x86: SCMP_SYS(shmdt) = -222

(now)
arch x86: SCMP_SYS(mmap) = 90
arch x86: SCMP_SYS(mmap2) = 192
arch x86: SCMP_SYS(shmat) = 397
arch x86: SCMP_SYS(shmat) = 397
arch x86: SCMP_SYS(shmdt) = 398

The relevant commit seems to be
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0d6040d46817.

5 years agoshared/bootspec: avoid signed-unsigned comparison
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 10:05:26 +0000 (11:05 +0100)]
shared/bootspec: avoid signed-unsigned comparison

../src/shared/bootspec.c: In function ‘find_sections’:
../src/shared/bootspec.c:425:23: warning: comparison of integer expressions of different signedness: ‘ssize_t’ {aka ‘int’} and ‘uint32_t’ {aka ‘unsigned int’} [-Wsign-compare]
  425 |                 if (n != size)
      |                       ^~

5 years agoMerge pull request #12012 from keszybz/generator-man-docs
Lennart Poettering [Fri, 15 Mar 2019 13:45:00 +0000 (14:45 +0100)]
Merge pull request #12012 from keszybz/generator-man-docs

Generator and documentation improvements

5 years agoman: reorder and add examples to systemd-analyze(1)
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 09:13:55 +0000 (10:13 +0100)]
man: reorder and add examples to systemd-analyze(1)

The number of verbs supported by systemd-analyze has grown quite a bit, and the
man page has become an unreadable wall of text. Let's put each verb in a
separate subsection, grouping similar verbs together, and add a lot of examples
to guide the user.

5 years agoman,units: document what user "default.target" is a bit
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 08:10:02 +0000 (09:10 +0100)]
man,units: document what user "default.target" is a bit

5 years agoMerge pull request #11988 from keszybz/test-binaries-installation
Lennart Poettering [Fri, 15 Mar 2019 12:06:11 +0000 (13:06 +0100)]
Merge pull request #11988 from keszybz/test-binaries-installation

Install more requires binaries for tests

5 years agoMerge pull request #12009 from mrc0mmand/bump-partition-size-for-TEST-02-CRYPTSETUP
Lennart Poettering [Fri, 15 Mar 2019 12:01:24 +0000 (13:01 +0100)]
Merge pull request #12009 from mrc0mmand/bump-partition-size-for-TEST-02-CRYPTSETUP

test: fix LUKS2 support

5 years agoMerge pull request #11658 from yuwata/systemd-id128
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 10:18:28 +0000 (11:18 +0100)]
Merge pull request #11658 from yuwata/systemd-id128

id128: several cleanups

5 years agobash-completion: add systemd-id128 support
Yu Watanabe [Wed, 6 Feb 2019 14:18:46 +0000 (15:18 +0100)]
bash-completion: add systemd-id128 support

5 years agosd-id128: split the logic obtaining invocation ID from sd_id128_get_invocation()
Yu Watanabe [Wed, 6 Feb 2019 13:39:12 +0000 (14:39 +0100)]
sd-id128: split the logic obtaining invocation ID from sd_id128_get_invocation()

5 years agoid128: no command accepts additional arguments
Yu Watanabe [Wed, 6 Feb 2019 13:28:36 +0000 (14:28 +0100)]
id128: no command accepts additional arguments

5 years agoanalyze: reword explanation in critical-chain header
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 07:36:36 +0000 (08:36 +0100)]
analyze: reword explanation in critical-chain header

Let's try to make it a bit clearer.

5 years agotest: use PBKDF2 instead of Argon2 in cryptsetup...
Frantisek Sumsal [Fri, 15 Mar 2019 09:05:33 +0000 (10:05 +0100)]
test: use PBKDF2 instead of Argon2 in cryptsetup...

to reduce memory requirements for volume manipulation. Also,
to further improve the test performance, reduce number of PBKDF
iterations to 1000 (allowed minimum).

5 years agoman: tell generator writers to provide authorship and source information
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 07:19:07 +0000 (08:19 +0100)]
man: tell generator writers to provide authorship and source information

Our generators always put a comment who generated the file, but we didn't
recommend it to others.

Let's also strengthen the advice to use SourcePath=.

5 years agofstab-generator: do not print double header
Zbigniew Jędrzejewski-Szmek [Fri, 15 Mar 2019 07:04:06 +0000 (08:04 +0100)]
fstab-generator: do not print double header

  $ /run/systemd/generator/dev-mapper-fedora_krowka\x2dswap.swap
  # Automatically generated by systemd-fstab-generator

  # Automatically generated by systemd-fstab-generator

  [Unit]
  ...

5 years agotest: bump the second partition size to 50MB
Frantisek Sumsal [Fri, 15 Mar 2019 04:54:35 +0000 (05:54 +0100)]
test: bump the second partition size to 50MB

10MB is not enough for a LUKS2 partition.

5 years agotree-wide: spell "lifecycle" without hyphen everywhere
Zbigniew Jędrzejewski-Szmek [Thu, 21 Feb 2019 06:45:45 +0000 (07:45 +0100)]
tree-wide: spell "lifecycle" without hyphen everywhere

We had 10 instances of unhyphentated spelling, and 4 of the hyphenated one.
Consistency trumps ispell.

5 years agoAdd accelerometer orientation quirk for the MYRIA MY8307 2-in-1.
Van Laser [Thu, 14 Mar 2019 13:59:37 +0000 (15:59 +0200)]
Add accelerometer orientation quirk for the MYRIA MY8307 2-in-1.

5 years agoMerge pull request #12002 from keszybz/man-headers
Lennart Poettering [Thu, 14 Mar 2019 14:55:04 +0000 (15:55 +0100)]
Merge pull request #12002 from keszybz/man-headers

Man headers

5 years agotests: install /usr/bin/dbus-broker when using dbus-broker
Zbigniew Jędrzejewski-Szmek [Wed, 13 Mar 2019 15:07:47 +0000 (16:07 +0100)]
tests: install /usr/bin/dbus-broker when using dbus-broker

We'd install the service file, and then dbus-broker-launcher because it is
mentioned in ExecStart=, but not the main executable, so nothing would work.
Let's just install dbus-broker executables if found. They are small, so this
doesn't matter much, and is much easier than figuring the exact conditions
under which dbus-broker will be used instead of dbus-daemon.

5 years agoMerge pull request #11989 from poettering/minimal-portable-image
Lennart Poettering [Thu, 14 Mar 2019 14:43:03 +0000 (15:43 +0100)]
Merge pull request #11989 from poettering/minimal-portable-image

various documentation updates

5 years agoMerge pull request #11785 from dvdhrm/implicit-sasl
Lennart Poettering [Thu, 14 Mar 2019 14:42:03 +0000 (15:42 +0100)]
Merge pull request #11785 from dvdhrm/implicit-sasl

sd-bus: allow cross-uid-namespace connections

5 years agoman: say explicitly which settings are not available in --user services
Lennart Poettering [Wed, 13 Mar 2019 16:24:24 +0000 (17:24 +0100)]
man: say explicitly which settings are not available in --user services

Fixes: #3944

5 years agoman: document that if the main process exits after SIGTERM we go directly to SIGKILL
Lennart Poettering [Wed, 13 Mar 2019 16:06:05 +0000 (17:06 +0100)]
man: document that if the main process exits after SIGTERM we go directly to SIGKILL

Fixes: #8122

5 years agonetworkd: clarify that IPv6 RA uses our own stack, no the kernel's
Lennart Poettering [Wed, 13 Mar 2019 16:00:56 +0000 (17:00 +0100)]
networkd: clarify that IPv6 RA uses our own stack, no the kernel's

Fixes: #8906

5 years agoman: mention O_NOCTTY and it's importance in daemon(7)
Lennart Poettering [Wed, 13 Mar 2019 15:55:46 +0000 (16:55 +0100)]
man: mention O_NOCTTY and it's importance in daemon(7)

Fixes: #9164

5 years agodocs: adjust the spec a bit with firmware authros in mind
Lennart Poettering [Wed, 13 Mar 2019 15:44:53 +0000 (16:44 +0100)]
docs: adjust the spec a bit with firmware authros in mind

This borrows heavily from Nico Huber's
https://github.com/systemd/systemd/pull/10398, but makes a number of
changes.

Replaces: #10398

5 years agoman: document the network interface size limits --network-veth= enforces
Lennart Poettering [Wed, 13 Mar 2019 15:24:59 +0000 (16:24 +0100)]
man: document the network interface size limits --network-veth= enforces

Fixes: #10721

5 years agoman: document that Anonymize=yes makes DHCP leases grow in size
Lennart Poettering [Wed, 13 Mar 2019 15:01:06 +0000 (16:01 +0100)]
man: document that Anonymize=yes makes DHCP leases grow in size

Fixes: #11551

5 years agodocs: comprehensively document what a minimal portable service image needs to include
Lennart Poettering [Wed, 13 Mar 2019 14:56:18 +0000 (15:56 +0100)]
docs: comprehensively document what a minimal portable service image needs to include

The docs were incomplete on this. Let's fix that.

Fixes: #11870

5 years agoMerge pull request #12000 from poettering/split-more-util
Zbigniew Jędrzejewski-Szmek [Thu, 14 Mar 2019 14:00:04 +0000 (15:00 +0100)]
Merge pull request #12000 from poettering/split-more-util

split more files in src/basic/

5 years agoman: use same header for all files
Zbigniew Jędrzejewski-Szmek [Thu, 14 Mar 2019 13:40:58 +0000 (14:40 +0100)]
man: use same header for all files

The "include" files had type "book" for some raeason. I don't think this
is meaningful. Let's just use the same everywhere.

$ perl -i -0pe 's^..DOCTYPE (book|refentry) PUBLIC "-//OASIS//DTD DocBook XML V4.[25]//EN"\s+"http^<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"\n  "http^gms' man/*.xml

5 years agoman: standarize on one-line license header
Zbigniew Jędrzejewski-Szmek [Thu, 14 Mar 2019 13:29:37 +0000 (14:29 +0100)]
man: standarize on one-line license header

No need to waste space, and uniformity is good.

$ perl -i -0pe 's|\n+<!--\s*SPDX-License-Identifier: LGPL-2.1..\s*-->|\n<!-- SPDX-License-Identifier: LGPL-2.1+ -->|gms' man/*.xml

5 years agosd-bus: skip sending formatted UIDs via SASL
David Rheinsberg [Thu, 14 Mar 2019 12:34:13 +0000 (13:34 +0100)]
sd-bus: skip sending formatted UIDs via SASL

The dbus external authentication takes as optional argument the UID the
sender wants to authenticate as. This uid is purely optional. The
AF_UNIX socket already conveys the same information through the
auxiliary socket data, so we really don't have to provide that
information.

Unfortunately, there is no way to send empty arguments, since they are
interpreted as "missing argument", which has a different meaning. The
SASL negotiation thus changes from:

    AUTH EXTERNAL <uid>
    NEGOTIATE_UNIX_FD                   (optional)
    BEGIN

to:

    AUTH EXTERNAL
    DATA
    NEGOTIATE_UNIX_FD                   (optional)
    BEGIN

And thus the replies we expect as a client change from:

    OK <server-id>
    AGREE_UNIX_FD                       (optional)

to:

    DATA
    OK <server-id>
    AGREE_UNIX_FD                       (optional)

Since the old sd-bus server implementation used the wrong reply for
"AUTH" requests that do not carry the arguments inlined, we decided to
make sd-bus clients accept this as well. Hence, sd-bus now allows
"OK <server-id>\r\n" replies instead of "DATA\r\n" replies.

Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
5 years agosd-bus: fix SASL reply to empty AUTH
David Rheinsberg [Thu, 14 Mar 2019 12:33:28 +0000 (13:33 +0100)]
sd-bus: fix SASL reply to empty AUTH

The correct way to reply to "AUTH <protocol>" without any payload is to
send "DATA" rather than "OK". The "DATA" reply triggers the client to
respond with the requested payload.

In fact, adding the data as hex-encoded argument like
"AUTH <protocol> <hex-data>" is an optimization that skips the "DATA"
roundtrip. The standard way to perform an authentication is to send the
"DATA" line.

This commit fixes sd-bus to properly send the "DATA" line. Surprisingly
no existing implementation depends on this, as they all pass the data
directly as argument to "AUTH". This will not work if we want to pass
an empty argument, though.

Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
5 years agosd-bus: avoid magic number in SASL length calculation
David Rheinsberg [Thu, 14 Mar 2019 12:26:50 +0000 (13:26 +0100)]
sd-bus: avoid magic number in SASL length calculation

Lets avoid magic numbers and use a constant `strlen()` instead.

Signed-off-by: David Rheinsberg <david.rheinsberg@gmail.com>
5 years agomain: use _exit() rather than exit() in code potentially caled from signal handler
Lennart Poettering [Thu, 14 Mar 2019 12:14:47 +0000 (13:14 +0100)]
main: use _exit() rather than exit() in code potentially caled from signal handler

5 years agoutil: split out nulstr related stuff to nulstr-util.[ch]
Lennart Poettering [Thu, 14 Mar 2019 12:14:33 +0000 (13:14 +0100)]
util: split out nulstr related stuff to nulstr-util.[ch]

5 years agoutil: move some raw memory functions from string-util.h → memory-util.h
Lennart Poettering [Thu, 14 Mar 2019 11:55:37 +0000 (12:55 +0100)]
util: move some raw memory functions from string-util.h → memory-util.h

5 years agoutil: don't include util.h from def.h
Lennart Poettering [Thu, 14 Mar 2019 11:46:07 +0000 (12:46 +0100)]
util: don't include util.h from def.h

Nothing it defines is used in it.

5 years agoutil: move dbus specific definition into bus-internal.h
Lennart Poettering [Thu, 14 Mar 2019 11:43:53 +0000 (12:43 +0100)]
util: move dbus specific definition into bus-internal.h

It shouldn't be defined globally, since it's pretty much an
implementation detail of DBus.

5 years agoutil: split out kbd related stuff
Lennart Poettering [Thu, 14 Mar 2019 11:40:29 +0000 (12:40 +0100)]
util: split out kbd related stuff

This stuff is neither generic enough to be in def.h, nor really has much
to do with locale, hence give it its own .c/.h file pair.

5 years agoutil: move display_is_local() to pam_systemd.c, its only user
Lennart Poettering [Thu, 14 Mar 2019 11:27:52 +0000 (12:27 +0100)]
util: move display_is_local() to pam_systemd.c, its only user

It's quite specific anyway, hence let's move this where it's used

5 years agoutil: split out errno related stuff
Lennart Poettering [Thu, 14 Mar 2019 11:24:39 +0000 (12:24 +0100)]
util: split out errno related stuff

5 years agoutil: split out plymouth related stuff
Lennart Poettering [Thu, 14 Mar 2019 10:35:42 +0000 (11:35 +0100)]
util: split out plymouth related stuff

5 years agoMerge pull request #11985 from poettering/clean-dir
Zbigniew Jędrzejewski-Szmek [Thu, 14 Mar 2019 11:21:53 +0000 (12:21 +0100)]
Merge pull request #11985 from poettering/clean-dir

some rafactoring in systemctl/bus-unit-util

5 years agounits: update catalog after systemd-tmpfiles runs
Jonathan Lebon [Tue, 12 Mar 2019 19:23:25 +0000 (15:23 -0400)]
units: update catalog after systemd-tmpfiles runs

`systemd-journal-catalog-update.service` writes to `/var`. However, it's
not explicitly ordered wrt `systemd-tmpfiles-setup.service`, which means
that it may run before or after.

This is an issue for Fedora CoreOS, which uses Ignition. We want to be
able to prepare `/var` on first boot from the initrd, where the SELinux
policy is not loaded yet. This means that the hierarchy under `/var` is
not correctly labeled. We add a `Z /var - - -` tmpfiles entry so that it
gets relabeled once `/var` gets mounted post-switchroot.

So any service that tries to access `/var` before `systemd-tmpfiles`
relabels it is likely to hit `EACCES`.

Fix this by simply ordering `systemd-journal-catalog-update.service`
after `systemd-tmpfiles-setup.service`. This is also clearer since the
tmpfiles entries are the canonical source of how `/var` should be
populated.

For more context on this, see:
https://github.com/coreos/ignition/issues/635#issuecomment-446620297

5 years agoMerge pull request #11993 from poettering/resolved-stub-edns-size
Zbigniew Jędrzejewski-Szmek [Thu, 14 Mar 2019 10:10:38 +0000 (11:10 +0100)]
Merge pull request #11993 from poettering/resolved-stub-edns-size

some resolved stub dns reply fixes

5 years agoRe-add uaccess tag for /dev/dri/renderD*
Michael Biebl [Wed, 13 Mar 2019 22:22:26 +0000 (23:22 +0100)]
Re-add uaccess tag for /dev/dri/renderD*

Setting an access mode != 0666 is explicitly supported via -Dgroup-render-mode
In such a case, re-add the uaccess tag.

This is basically the same change that was done for /dev/kvm in
commit fa53e24130af3a389573acb9585eadbf7192955f and
ace5e3111c0b8d8bfd84b32f2c689b0a4d92c061
and partially reverts the changes from
4e15a7343cb389e97f3eb4f49699161862d8b8b2

5 years agoman: provide an example how to plug systemd-mount into udev
Lennart Poettering [Thu, 14 Mar 2019 09:12:36 +0000 (10:12 +0100)]
man: provide an example how to plug systemd-mount into udev

Prompted by: #11982

5 years agoMerge pull request #11971 from keszybz/kernel-install-directory
Lennart Poettering [Thu, 14 Mar 2019 09:51:55 +0000 (10:51 +0100)]
Merge pull request #11971 from keszybz/kernel-install-directory

Make kernel-install create entry directory

5 years agoMerge pull request #11968 from yuwata/network-l2tp
Lennart Poettering [Thu, 14 Mar 2019 09:36:21 +0000 (10:36 +0100)]
Merge pull request #11968 from yuwata/network-l2tp

network: introduce L2TP tunnel

5 years agohwdb: Fix airplane mode triggering when resuming HP Spectre x360 13
Benjamin Berg [Fri, 8 Mar 2019 16:42:23 +0000 (17:42 +0100)]
hwdb: Fix airplane mode triggering when resuming HP Spectre x360 13

On these devices the key randomly fires during/after suspend/resume
triggering spurious airplane mode changes. The scancode simply needs to
be ignored.

5 years agoman: mention that DynamicUser= should not be mixed with ReadWriteDirectory= or AF_UNI...
Lennart Poettering [Tue, 12 Mar 2019 14:57:25 +0000 (15:57 +0100)]
man: mention that DynamicUser= should not be mixed with ReadWriteDirectory= or AF_UNIX dir fd passing

5 years agobootctl: use path_join() to join paths
Zbigniew Jędrzejewski-Szmek [Tue, 12 Mar 2019 08:30:45 +0000 (09:30 +0100)]
bootctl: use path_join() to join paths

We would say "/boot/efi//loader/entries"...

5 years agoman: be even more explicit that RestartPreventExitStatus= does not affect ExecStartPre=
Lennart Poettering [Wed, 13 Mar 2019 19:28:28 +0000 (20:28 +0100)]
man: be even more explicit that RestartPreventExitStatus= does not affect ExecStartPre=

The man page was already pretty clear about this, but apparently not
clear enough, let's hence extend this further.

Fixes: #11868

5 years agotest-network: add tests for L2TP
Yu Watanabe [Tue, 12 Mar 2019 08:11:24 +0000 (17:11 +0900)]
test-network: add tests for L2TP

5 years agonetwork: wait for L2TP tunnel to be created before creating sessions
Yu Watanabe [Wed, 13 Mar 2019 07:46:30 +0000 (16:46 +0900)]
network: wait for L2TP tunnel to be created before creating sessions

And if failed to create L2TP tunnel, then do not try to create sessions.

5 years agonetlink: support NLMSG_ERROR message in genl
Yu Watanabe [Wed, 13 Mar 2019 07:45:06 +0000 (16:45 +0900)]
netlink: support NLMSG_ERROR message in genl

This resolves the following log message after L2TP tunnel or session is
created:
```
sd-netlink: ignored message with unknown type: 2
```

5 years agonetwork: automatically pick an address on link when L2TP.Local= is not specified
Yu Watanabe [Tue, 12 Mar 2019 02:35:23 +0000 (11:35 +0900)]
network: automatically pick an address on link when L2TP.Local= is not specified

This makes L2TP.Local= support an empty string, 'auto', 'static', and
'dynamic'. When one of the values are specified, a local address is
automatically picked from the local interface of the tunnel.

5 years agonetworkd: Introduce l2tp tunnel
Susant Sahani [Wed, 6 Mar 2019 19:51:29 +0000 (01:21 +0530)]
networkd: Introduce l2tp tunnel

This works allows networkd to configure l2tp tunnel.
See http://man7.org/linux/man-pages/man8/ip-l2tp.8.html

5 years agonetwork: introduce new netdev create type NETDEV_CREATE_AFTER_CONFIGURED
Yu Watanabe [Mon, 11 Mar 2019 07:11:47 +0000 (16:11 +0900)]
network: introduce new netdev create type NETDEV_CREATE_AFTER_CONFIGURED

It will be used to support L2TP tunnel in later commits.

5 years agonetwork: introduce netdev_get_create_type() helper function
Yu Watanabe [Mon, 11 Mar 2019 06:49:09 +0000 (15:49 +0900)]
network: introduce netdev_get_create_type() helper function

5 years agonetwork: do not call link_joined() when not all netdevs are configured
Yu Watanabe [Mon, 11 Mar 2019 06:35:35 +0000 (15:35 +0900)]
network: do not call link_joined() when not all netdevs are configured

If some of stacked netdevs are already configured, then link_joined()
is called before netdevs are fully configured.

5 years agoresolved: if we can't append EDNS OPT RR, then indicate truncation to stub client
Lennart Poettering [Wed, 13 Mar 2019 18:30:55 +0000 (19:30 +0100)]
resolved: if we can't append EDNS OPT RR, then indicate truncation to stub client

We do so for any other RR we can't add, do this here too.

Fixes: #11625

5 years agoresolved: don't let EDNS0 OPT dgram size affect TCP
Lennart Poettering [Wed, 13 Mar 2019 18:28:38 +0000 (19:28 +0100)]
resolved: don't let EDNS0 OPT dgram size affect TCP

Fixes: #11884

5 years agoresolved: don't follow cnames if we already noticed truncation
Lennart Poettering [Wed, 13 Mar 2019 18:26:27 +0000 (19:26 +0100)]
resolved: don't follow cnames if we already noticed truncation

5 years agovirt: detect WSL environment as a container (id: wsl)
Balint Reczey [Wed, 6 Mar 2019 17:46:04 +0000 (18:46 +0100)]
virt: detect WSL environment as a container (id: wsl)

5 years agobus-unit-procs: use empty_or_root() where appropriate
Lennart Poettering [Wed, 13 Mar 2019 16:44:11 +0000 (17:44 +0100)]
bus-unit-procs: use empty_or_root() where appropriate

5 years agobus-unit-util: split out code that shows a unit's process tree
Lennart Poettering [Wed, 6 Mar 2019 18:47:06 +0000 (19:47 +0100)]
bus-unit-util: split out code that shows a unit's process tree

The code is complex enough to deserve its own .c file. Let's split this
out.

5 years agoshared: split out code to wait for jobs to complet into its own source file
Lennart Poettering [Wed, 6 Mar 2019 18:38:45 +0000 (19:38 +0100)]
shared: split out code to wait for jobs to complet into its own source file

It's complex enough and quite a few functions. Let's hence split this
out.

No code change, just some rearranging of source files.

5 years agosystemctl: drop unnecessary {}
Lennart Poettering [Wed, 6 Mar 2019 18:23:38 +0000 (19:23 +0100)]
systemctl: drop unnecessary {}

5 years agosystemctl: use strv_consume() where appropriate
Lennart Poettering [Wed, 6 Mar 2019 18:22:33 +0000 (19:22 +0100)]
systemctl: use strv_consume() where appropriate

5 years agosystemctl: minimize scope of 'p'
Lennart Poettering [Wed, 6 Mar 2019 18:21:48 +0000 (19:21 +0100)]
systemctl: minimize scope of 'p'

5 years agoexecute: use path_join() where appropriate
Lennart Poettering [Wed, 6 Mar 2019 18:20:08 +0000 (19:20 +0100)]
execute: use path_join() where appropriate

5 years agobus-unit-util: insist on full initialization
Lennart Poettering [Wed, 6 Mar 2019 18:19:38 +0000 (19:19 +0100)]
bus-unit-util: insist on full initialization

5 years agobus-unit-util: never call into log_job_error_with_service_result() if we are not...
Lennart Poettering [Wed, 6 Mar 2019 18:18:37 +0000 (19:18 +0100)]
bus-unit-util: never call into log_job_error_with_service_result() if we are not a service

The call can't handle non-services, hence don't bother.

5 years agobus-unit-util: move explanations array to inner scope
Lennart Poettering [Wed, 6 Mar 2019 18:16:25 +0000 (19:16 +0100)]
bus-unit-util: move explanations array to inner scope

It's specific to service units, hence let's minimize the scope since it
has no validity outside of the log message generation for service units.

5 years agobus-unit-util: use structure initialization
Lennart Poettering [Wed, 6 Mar 2019 18:16:03 +0000 (19:16 +0100)]
bus-unit-util: use structure initialization

5 years agobus-unit-util: use free_and_strdup() where we can
Lennart Poettering [Wed, 6 Mar 2019 18:15:22 +0000 (19:15 +0100)]
bus-unit-util: use free_and_strdup() where we can

5 years agosystemctl: refactor code to watch unit ActiveState a bit
Lennart Poettering [Wed, 6 Mar 2019 17:55:13 +0000 (18:55 +0100)]
systemctl: refactor code to watch unit ActiveState a bit

let's split out one function, to make this reusable