platform/upstream/systemd.git
7 years agoMerge pull request #7268 from yuwata/rfe-7262
Lennart Poettering [Wed, 8 Nov 2017 16:35:56 +0000 (17:35 +0100)]
Merge pull request #7268 from yuwata/rfe-7262

timesync: make poll interval configurable

7 years agoMerge pull request #7275 from yuwata/fix-7070-7260
Lennart Poettering [Wed, 8 Nov 2017 16:34:39 +0000 (17:34 +0100)]
Merge pull request #7275 from yuwata/fix-7070-7260

core: fixes related to RuntimeDirectory=, ReadWritePaths= and DynamicUser=

7 years agoumount: always use MNT_FORCE in umount_all() (#7213)
NeilBrown [Wed, 8 Nov 2017 08:29:32 +0000 (19:29 +1100)]
umount: always use MNT_FORCE in umount_all() (#7213)

The linux umount2() systemcall accepts a MNT_FORCE flags
which some filesystems honor, particularly FUSE and various
network filesystems such as NFS.
These filesystems can sometimes wait for an indefinite period
for a response from an external service, and the wait if
sometimes "uninterruptible" meaning that the process cannot be
killed.
Using MNT_FORCE causes any such request that are outstanding to
be aborted.  This normally allows the waiting process to
be killed.  It will then realease and reference it has to the
filesytem, this allowing the filesystem to be unmounted.

If there remain active references to the filesystem, MNT_FORCE
is *not* forcefull enough to unmount the filesystem anyway.

By the time that umount_all() is run by systemd-shutdown, all
filesystems *should* be unmounted, and sync() will have been
called.  Anything that remains cannot be unmounted in a
completely clean manner and just nees to be dealt with as firmly
as possible.  So use MNT_FORCE and try to explain why in the
comment.

Also enhance an earlier comment to explain why umount2() is
safe even though mount(MNT_REMOUNT) isn't.

7 years agoman: update documents for RuntimeDirectory= and friends
Yu Watanabe [Wed, 8 Nov 2017 06:52:08 +0000 (15:52 +0900)]
man: update documents for RuntimeDirectory= and friends

7 years agocore/execute: do not create RuntimeDirectory= under private/ sub-directory
Yu Watanabe [Wed, 8 Nov 2017 06:50:58 +0000 (15:50 +0900)]
core/execute: do not create RuntimeDirectory= under private/ sub-directory

RuntimeDirectory= often used for sharing files or sockets with other
services. So, if creating them under private/ sub-directory, we cannot
set DynamicUser= to service units which want to share something through
RuntimeDirectory=.
This makes the directories given by RuntimeDirectory= are created under
/run/ even if DynamicUser= is set.

Fixes #7260.

7 years agocore/load-fragment: fix alignment
Yu Watanabe [Wed, 8 Nov 2017 05:29:47 +0000 (14:29 +0900)]
core/load-fragment: fix alignment

7 years agocore/execute: RuntimeDirectory= or friends requires mount namespace
Yu Watanabe [Wed, 8 Nov 2017 06:26:40 +0000 (15:26 +0900)]
core/execute: RuntimeDirectory= or friends requires mount namespace

Since #6940, RuntimeDirectory= or their friends imply BindPaths=.
So, if at least one of them are set, mount namespace is required.

7 years agotest: add test for ReadOnlyPaths= with RuntimeDirectory=
Yu Watanabe [Sat, 28 Oct 2017 06:35:19 +0000 (15:35 +0900)]
test: add test for ReadOnlyPaths= with RuntimeDirectory=

7 years agocore: ReadWritePaths= and friends assume '+' prefix when BindPaths= or freinds are set
Yu Watanabe [Fri, 13 Oct 2017 12:22:25 +0000 (21:22 +0900)]
core: ReadWritePaths= and friends assume '+' prefix when BindPaths= or freinds are set

When at least one of BindPaths=, BindReadOnlyPaths=, RootImage=,
RuntimeDirectory= or their friends are set, systemd prepares
a namespace under /run/systemd/unit-root. Thus, ReadWritePaths=
or their friends without '+' prefix is completely meaningless.
So, let's assume '+' prefix when one of them are set.

Fixes #7070 and #7080.

7 years agocore: remove compile_read_write_paths()
Yu Watanabe [Fri, 13 Oct 2017 12:13:25 +0000 (21:13 +0900)]
core: remove compile_read_write_paths()

From 6c47cd7d3bf35c8158a0737f34fe2c5dc95e72d6, RuntimeDirectory= and
their friends also imply BindPaths=. Thus, implying ReadWritePaths=
is meaningless.

7 years agotimesync: make poll interval configurable
Yu Watanabe [Tue, 7 Nov 2017 16:47:38 +0000 (01:47 +0900)]
timesync: make poll interval configurable

This adds PollIntervalMinSec= and PollIntervalMaxSec= to timesyncd.conf

Closes #7262.

7 years agosystemctl: remove extra space character in output (#7250)
Alan Jenkins [Tue, 7 Nov 2017 16:18:10 +0000 (16:18 +0000)]
systemctl: remove extra space character in output (#7250)

> See "systemctl  status fail-stop.service" and "journalctl  -xe" for
> details.

7 years agomkosi: set locale to be en_US.UTF-8 (#7244)
John Lin [Tue, 7 Nov 2017 16:17:40 +0000 (00:17 +0800)]
mkosi: set locale to be en_US.UTF-8 (#7244)

Fixes: #7238

7 years agocore: simplify - don't add jobs to dbus queue if we immediately remove them (#7251)
Alan Jenkins [Tue, 7 Nov 2017 16:14:15 +0000 (16:14 +0000)]
core: simplify - don't add jobs to dbus queue if we immediately remove them (#7251)

job_finish_and_invalidate() calls job_free() to destroy jobs (and remove
them from the dbus queue).  So we don't need to add them to the dbus queue
first.

We only want to add jobs to the dbus queue if they're a restart job, which
we're transmogrifying into a start job and putting back into the system.

7 years agoman: fix reference to gateway hostname (#7258)
Alessandro Ghedini [Tue, 7 Nov 2017 16:13:15 +0000 (08:13 -0800)]
man: fix reference to gateway hostname (#7258)

Follow-up to commit 1dc92a06e210a978e54c72168aaaa7487bf2fd2a which didn't
catch all cases.

7 years agocondition: detect TOMOYO MAC (#7249)
Shawn Landden [Tue, 7 Nov 2017 16:12:36 +0000 (08:12 -0800)]
condition: detect TOMOYO MAC (#7249)

TOMOYO is a Mandatory Access Control security module for Linux.
Rather than ship rules, TOMOYO features a learning mode.

http://tomoyo.osdn.jp/
http://tomoyo.osdn.jp/2.5/index.html.en

7 years agotest: switch to using ext4 instead of ext3 as default fallback fs (#7265)
Dimitri John Ledkov [Tue, 7 Nov 2017 14:51:30 +0000 (09:51 -0500)]
test: switch to using ext4 instead of ext3 as default fallback fs (#7265)

Using ext3 is not representative anymore, and Ubuntu has stopped shipping
fsck.ext3 in the initramfs.

7 years agoMerge pull request #7256 from keszybz/add-cii-badge
Lennart Poettering [Tue, 7 Nov 2017 14:47:57 +0000 (17:47 +0300)]
Merge pull request #7256 from keszybz/add-cii-badge

Add CII badge

7 years agotree-wide: do not work in assert() (#7271)
Yu Watanabe [Tue, 7 Nov 2017 13:04:20 +0000 (22:04 +0900)]
tree-wide: do not work in assert() (#7271)

Fixes #7270.

7 years agoFix Dell E7570 hwdb dimensions #7252 (#7263)
macrothian [Mon, 6 Nov 2017 22:28:06 +0000 (22:28 +0000)]
Fix Dell E7570 hwdb dimensions #7252 (#7263)

7 years agotimesync: add RootDistanceMaxSec= to timesyncd.conf (#7215)
Yu Watanabe [Sun, 5 Nov 2017 06:39:34 +0000 (15:39 +0900)]
timesync: add RootDistanceMaxSec= to timesyncd.conf (#7215)

Closes #7211.

7 years agoHACKING: add a short description of new unit tests
Zbigniew Jędrzejewski-Szmek [Sat, 4 Nov 2017 20:02:35 +0000 (21:02 +0100)]
HACKING: add a short description of new unit tests

This is all "should" and "encouraged", since we are not strict with
this, for better or worse.

7 years agoREADME.md: add CII Best Practices badge
Zbigniew Jędrzejewski-Szmek [Sat, 4 Nov 2017 19:53:25 +0000 (20:53 +0100)]
README.md: add CII Best Practices badge

7 years agoMerge pull request #7241 from keszybz/clang-warnings
Lennart Poettering [Thu, 2 Nov 2017 18:21:10 +0000 (19:21 +0100)]
Merge pull request #7241 from keszybz/clang-warnings

Fixes for various clang warnings

7 years agonetworkd: remove route - drop route type from netlink message. (#7240)
Susant Sahani [Thu, 2 Nov 2017 12:36:03 +0000 (18:06 +0530)]
networkd: remove route - drop route type from netlink message. (#7240)

During startup of networkd we try to drop the configs. While droping
routes we filling ip route type and because of which message like
```
host: Could not drop route: Invalid argument
host: Could not drop route: Invalid argument
```
are shown.

Closed #6929

7 years agoMerge pull request #7217 from sourcejedi/stopfail-stop
Zbigniew Jędrzejewski-Szmek [Thu, 2 Nov 2017 07:25:02 +0000 (08:25 +0100)]
Merge pull request #7217 from sourcejedi/stopfail-stop

2 small fixes, stopping mount and service units

7 years agotest-util: silence clang warning about unaligned access
Zbigniew Jędrzejewski-Szmek [Wed, 1 Nov 2017 22:06:27 +0000 (23:06 +0100)]
test-util: silence clang warning about unaligned access

7 years agoutil-lib: mark variable with _unused_ to silence clang warning
Zbigniew Jędrzejewski-Szmek [Wed, 1 Nov 2017 22:01:24 +0000 (23:01 +0100)]
util-lib: mark variable with _unused_ to silence clang warning

_unused_ means "the variable is meant to be possible unused and gcc
will not generate a warning about it", which is exactly what we need here,
since we're only declaring it for the side effect of _cleanup_.

7 years agojournal: disable -Waddress-of-packed-member under clang
Zbigniew Jędrzejewski-Szmek [Wed, 1 Nov 2017 21:54:39 +0000 (22:54 +0100)]
journal: disable -Waddress-of-packed-member under clang

clang warns about a few sites like this:
../src/journal/journal-file.c:1780:48: warning: taking address of packed member 'entry_offset' of class or structure 'DataObject' may result in an unaligned pointer value [-Waddress-of-packed-member]
                                              &o->data.entry_offset,
                                               ^~~~~~~~~~~~~~~~~~~~
but DataObject.entry_offset will always be 8-byte aligned as long as
the DataObject structure is aligned. Similarly in other cases, the
field is always aligned. Let's just silence the warning to avoid noise.

gcc does not know -Waddress-of-packed-member, and would warn about an unknown
warning, so we need to conditionalize on __clang__.

7 years agonetworkd: fix two format string mismatches
Zbigniew Jędrzejewski-Szmek [Wed, 1 Nov 2017 21:43:32 +0000 (22:43 +0100)]
networkd: fix two format string mismatches

../src/network/networkd-link.c:3577:84: warning: format specifies type 'unsigned char' but the argument has type 'uint32_t' (aka 'unsigned int') [-Wformat]
                                route->dst_prefixlen, route->tos, route->priority, route->table, route->lifetime);
                                                                                   ^~~~~~~~~~~~
../src/network/networkd-manager.c:1146:132: warning: format specifies type 'unsigned char' but the argument has type 'uint32_t' (aka 'unsigned int') [-Wformat]
                        rule->from_prefixlen, space ? " " : "", to_str, rule->to_prefixlen, rule->tos, rule->fwmark, rule->fwmask, rule->table);
                                                                                                                                   ^~~~~~~~~~~

Also add some line breaks to make it easier to see which argument is for which
part of the format string.

7 years agoimportd: remove IN_SET to avoid ambiguity
Zbigniew Jędrzejewski-Szmek [Wed, 1 Nov 2017 21:36:02 +0000 (22:36 +0100)]
importd: remove IN_SET to avoid ambiguity

clang warns:
../src/import/importd.c:254:70: warning: 'break' is bound to current loop, GCC binds it to the enclosing loop [-Wgcc-compat]
                while ((e < t->log_message + t->log_message_size) && IN_SET(*e, 0, '\n'))
                                                                     ^
Let's just play it safe and not use IN_SET here.

7 years agojournald: unitialized variable access
Zbigniew Jędrzejewski-Szmek [Wed, 1 Nov 2017 21:33:26 +0000 (22:33 +0100)]
journald: unitialized variable access

../src/journal/journald-native.c:341:13: warning: variable 'context' is used uninitialized whenever 'if' condition is false [-Wsometimes-uninitialized]
        if (ucred && pid_is_valid(ucred->pid)) {
            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../src/journal/journald-native.c:350:42: note: uninitialized use occurs here
                                         context, ucred, tv, label, label_len);
                                         ^~~~~~~
../src/journal/journald-native.c:335:31: note: initialize the variable 'context' to silence this warning
        ClientContext *context;
                              ^
                               = NULL

Very nice reporting!

Functions that we call can handle context == NULL, so it's enough to simply
initialize the variable.

7 years agoRemove a bunch of unused variables
Zbigniew Jędrzejewski-Szmek [Wed, 1 Nov 2017 21:32:22 +0000 (22:32 +0100)]
Remove a bunch of unused variables

gcc does not warn about those, because of the _cleanup_ usage.
clang is smarter here.

7 years agocore: failure to spawn ExecStartPost should not run ExecStop
Alan Jenkins [Mon, 14 Aug 2017 10:15:38 +0000 (11:15 +0100)]
core: failure to spawn ExecStartPost should not run ExecStop

Failure to spawn ExecStartPost was being handled differently to e.g.
EXIT_FAILURE returned by ExecStartPost.  It looks like this was an
oversight.  Fix to match documented behaviour.

`man systemd.service`:

> Note that if any of the commands specified in ExecStartPre=, ExecStart=,
> or ExecStartPost= fail (and are not prefixed with "-", see above) or time
> out before the service is fully up, execution continues with commands
> specified in ExecStopPost=, the commands in ExecStop= are skipped.

7 years agocore: distinguish "Killing"/"Terminating"/"Stopping" for mount unit timeout
Alan Jenkins [Mon, 2 Oct 2017 13:40:15 +0000 (14:40 +0100)]
core: distinguish "Killing"/"Terminating"/"Stopping" for mount unit timeout

Update the timeout warnings for remount and unmount.  For consistency with
mount, for accuracy, and for consistency with their equivalents in
service.c.

7 years agomanager: fix connecting to bus when dbus is actually around (#7205)
Michal Sekletar [Wed, 1 Nov 2017 09:25:48 +0000 (02:25 -0700)]
manager: fix connecting to bus when dbus is actually around (#7205)

manager_connect_bus() is called *before* manager_coldplug(). As a last
thing in service_coldplug() we set service state to
s->deserialized_state, and thus before we do that all services are
inactive and try_connect always evaluates to false. To fix that we must
look at deserialized state instead of current unit state.

Fixes #7146

7 years agoReverting erroneous changes made of the course of adding a timeout to journal-remote...
martingh [Wed, 1 Nov 2017 09:15:38 +0000 (10:15 +0100)]
Reverting erroneous changes made of the course of adding a timeout to journal-remote event handling (#7219)

7 years agoMerge pull request #7233 from yuwata/meson-fixes
Zbigniew Jędrzejewski-Szmek [Wed, 1 Nov 2017 09:14:01 +0000 (10:14 +0100)]
Merge pull request #7233 from yuwata/meson-fixes

Meson fixes

7 years agojournal-remote: set description to timer_event (#7234)
Yu Watanabe [Wed, 1 Nov 2017 09:13:00 +0000 (18:13 +0900)]
journal-remote: set description to timer_event (#7234)

Follow-up for 5e38eb931f9207f577e7e8b752be5a522e5f9b87.

7 years agoMerge pull request #7226 from sourcejedi/shutdown-misuse-commment
Alan Jenkins [Tue, 31 Oct 2017 10:05:02 +0000 (10:05 +0000)]
Merge pull request #7226 from sourcejedi/shutdown-misuse-commment

core: remove "misuse" of getpgid() in systemd-shutdown

7 years agomeson: do not create systemd-user-sessions.service if PAM is disabled
Yu Watanabe [Tue, 31 Oct 2017 07:20:53 +0000 (16:20 +0900)]
meson: do not create systemd-user-sessions.service if PAM is disabled

Fixes #7227.

7 years agomeson: do not include man/meson.build if xsltproc not found
Yu Watanabe [Tue, 31 Oct 2017 08:12:13 +0000 (17:12 +0900)]
meson: do not include man/meson.build if xsltproc not found

Fixes #7232.

7 years agoMerge pull request #7218 from matijaskala/patch-4
Alan Jenkins [Mon, 30 Oct 2017 17:42:33 +0000 (17:42 +0000)]
Merge pull request #7218 from matijaskala/patch-4

fix compile errors on musl

7 years agocore: remove "misuse" of getpgid() in systemd-shutdown
Alan Jenkins [Mon, 30 Oct 2017 16:10:37 +0000 (16:10 +0000)]
core: remove "misuse" of getpgid() in systemd-shutdown

Using `kill()`  with a signal of 0 is a slightly more documented idiom for
checking whether a process still exists.  It is mentioned explicitly in
man pages.  This avoids the need to comment the call as "misuse".
A comment is still necessary - in fact this idiom is even more confusing if
you don't know how it works.  But it's easy enough to explain.

7 years agoAdd sd_bus_message_new and sd_bus_message_seal as public functions (#6609)
aeywalee [Mon, 30 Oct 2017 15:08:46 +0000 (16:08 +0100)]
Add sd_bus_message_new and sd_bus_message_seal as public functions (#6609)

7 years agoMerge pull request #6996 from poettering/discover-block-device
Zbigniew Jędrzejewski-Szmek [Mon, 30 Oct 2017 15:05:20 +0000 (16:05 +0100)]
Merge pull request #6996 from poettering/discover-block-device

add nspawn image discovery on block devices

7 years agohwdb: Update GP-electronic T701 accel mount settings (#7220)
Hans de Goede [Mon, 30 Oct 2017 13:33:54 +0000 (14:33 +0100)]
hwdb: Update GP-electronic T701 accel mount settings (#7220)

The GP-electronic T701 has its LCD panel mounted upside-down, initially
my plan was to fix this by transparently rotating the image in the i915
driver (my "drm/i915: Deal with upside-down mounted LCD" patch), but
that approach has been rejected instead the kernel will now export
a "panel orientation" property on the drm-connector for the panel and
let userspace deal with it.

Since the upside-down-ness of the panel is now no longer transparently
hidden from userspace, the current accel mount quirk for the T701 needs
to be updated to take the upside-down-ness into account.

7 years agoresolved: change newline position in stub-resolv.conf (#7216)
Yu Watanabe [Mon, 30 Oct 2017 09:34:41 +0000 (18:34 +0900)]
resolved: change newline position in stub-resolv.conf (#7216)

Follow-up for e6b2d948f8f5aabf6cdede8bd39256fe83db205e.

7 years agofix includes
Matija Skala [Mon, 30 Oct 2017 09:32:45 +0000 (10:32 +0100)]
fix includes

sys/wait.h is needed for WEXITED macro

poll.h is more portable than sys/poll.h

7 years agofix compile error on musl
Matija Skala [Mon, 30 Oct 2017 09:15:31 +0000 (10:15 +0100)]
fix compile error on musl

name '__in6_u.__u6_addr32' is specific to glibc

use 's6_addr32' macro instead

7 years agoMerge pull request #7212 from whot/master
Lennart Poettering [Mon, 30 Oct 2017 09:12:12 +0000 (10:12 +0100)]
Merge pull request #7212 from whot/master

hwdb: add a hwdb for custom ID_INPUT_* overrides

7 years agorules: add Freescale IMX serial ports name to serial port udev rule (#7203)
Maciej S. Szmigiero [Mon, 30 Oct 2017 08:59:31 +0000 (09:59 +0100)]
rules: add Freescale IMX serial ports name to serial port udev rule (#7203)

Freescale IMX SoCs serial ports driven by kernel "imx-uart" driver have
names of "ttymxcN", let's add this pattern to an udev rule for serial
ports so they will have proper ownership applied.

7 years agotreewide: unify identical definitions of polkit_agent_open_if_enabled() (#7187)
Zbigniew Jędrzejewski-Szmek [Mon, 30 Oct 2017 08:57:53 +0000 (09:57 +0100)]
treewide: unify identical definitions of polkit_agent_open_if_enabled() (#7187)

Follows the same pattern as pager_open() now.

7 years agohwdb: add UC-Logic 20160N pad to the ID_INPUT hwdb
Peter Hutterer [Mon, 30 Oct 2017 00:58:00 +0000 (10:58 +1000)]
hwdb: add UC-Logic 20160N pad to the ID_INPUT hwdb

Missing the x/y axes usually exported for pad devices (for historical reaons)
and thus not recognised as tablet (pad).

Fixes #7197
See also https://bugs.freedesktop.org/show_bug.cgi?id=103395

7 years agohwdb: add a hwdb file to override ID_INPUT assignments
Peter Hutterer [Mon, 30 Oct 2017 00:42:29 +0000 (10:42 +1000)]
hwdb: add a hwdb file to override ID_INPUT assignments

The input_id builtin assigns the various ID_INPUT based on the exported evdev
bits. In some cases, the device may not have the properties required to label
a device as one specific type but the physical form factor is clear.
e.g. in the case of #7197 it's a tablet pad that does not have x/y axes which
the kernel exports for pads for historical reasons.

A custom override is needed, best to be solved with a hwdb entry.

Related #7197

7 years agoman: systemd.offline-updates: remove link to the doc it obsoletes (#7189)
Alan Jenkins [Fri, 27 Oct 2017 08:15:40 +0000 (09:15 +0100)]
man: systemd.offline-updates: remove link to the doc it obsoletes (#7189)

https://www.freedesktop.org/wiki/Software/systemd/SystemUpdates/

> This document has been replaced by systemd.offline-updates(7) man page.

It's weird to visit the first "see also", and find that it is what the manpage replaces (and looks very similar).  Surely we should remove this link.

7 years agojournalctl: add --output-fields= (#7181)
Lars Karlitski [Fri, 27 Oct 2017 03:10:47 +0000 (05:10 +0200)]
journalctl: add --output-fields= (#7181)

This option allows restricting the shown fields in the output modes that
would normally show all fields. It allows clients that are only
interested in a subset of the fields to access those more efficiently.
Also, it makes the resulting size of the output more predictable.

It has no effect on the various `short` output modes, because those
already only show a subset of the fields.

7 years agoMerge pull request #7066 from poettering/specifier-update
Yu Watanabe [Fri, 27 Oct 2017 03:09:26 +0000 (12:09 +0900)]
Merge pull request #7066 from poettering/specifier-update

extend unit file specifier expansion a bit + add a test for it

7 years agoupdate TODO
Lennart Poettering [Wed, 11 Oct 2017 12:09:10 +0000 (14:09 +0200)]
update TODO

7 years agotest: add simple test for validating some of the unit specifiers we support
Lennart Poettering [Wed, 11 Oct 2017 12:07:51 +0000 (14:07 +0200)]
test: add simple test for validating some of the unit specifiers we support

(Also, sort list of test unit files in meson.build alphabetically, to
make future additions more systematic)

7 years agocore: add support for expanding state/cache/log directory root in unit files
Lennart Poettering [Wed, 11 Oct 2017 12:02:36 +0000 (14:02 +0200)]
core: add support for expanding state/cache/log directory root in unit files

This augments %t which already resolves to the runtime directory root, and
should be useful for units that want to pass any of these paths in
command line arguments.

Example:

ExecStart=/usr/bin/mydaemon --datadir=%S/mydaemon

Why not expose a specifier resolving directly to the configured
state/runtime/cache/log dir? Three reasons:

1. Specifiers should be independent of configuration of the unit itself,
   and StateDirectory= and friends are unit configuration.  See
   03fc9c723cfc59467a7fccc305f34273f8564b25 and related work.

2. We permit multiple StateDirectory= values per unit, and it hence
   wouldn't be clear which one is passed.

3. We already have %t for the runtime directory root, and we should
   continue with the same scheme.

7 years agoupdate TODO
Lennart Poettering [Wed, 4 Oct 2017 15:44:14 +0000 (17:44 +0200)]
update TODO

7 years agomachine-image: handle nicely if the user asks us to remove a symlinked image
Lennart Poettering [Wed, 4 Oct 2017 15:42:23 +0000 (17:42 +0200)]
machine-image: handle nicely if the user asks us to remove a symlinked image

Much like for dirs/raw images lets remove the symlink and not the
destination.

7 years agodissect: when we invoke dissection on a loop device with partscan help the user
Lennart Poettering [Wed, 4 Oct 2017 15:40:46 +0000 (17:40 +0200)]
dissect: when we invoke dissection on a loop device with partscan help the user

This adds some simply detection logic for cases where dissection is
invoked on an externally created loop device, and partitions have been
detected on it, but partition scanning so far was off. If this is
detected we now print a brief message indicating what the issue is,
instead of failing with a useless EINVAL message the kernel passed to
us.

7 years agomachine-image: add partial discovery of block devices as images
Lennart Poettering [Wed, 4 Oct 2017 15:36:58 +0000 (17:36 +0200)]
machine-image: add partial discovery of block devices as images

This adds some basic discovery of block device images for nspawn and
friends. Note that this doesn't add searching for block devices using
udev, but instead expects users to symlink relevant block devices into
/var/lib/machines. Discovery is hence done exactly like for
dir/subvol/raw file images, except that what is found may be a (symlink
to) a block device.

For now, we do not support cloning these images, but removal, renaming
and read-only flags are supported to the point where that makes sense.

Fixe: #6990

7 years agofs-util: small tweak in chase_symlinks()
Lennart Poettering [Wed, 4 Oct 2017 15:34:03 +0000 (17:34 +0200)]
fs-util: small tweak in chase_symlinks()

If we follow an absolute symlink there's no need to prefix the path with
a "/", since by definition it already has one.

This helps suppressing double "/" in resolved paths containing absolute
symlinks.

7 years agobtrfs-util: when opening subvolume fds, always set O_NOFOLLOW
Lennart Poettering [Wed, 4 Oct 2017 11:48:51 +0000 (13:48 +0200)]
btrfs-util: when opening subvolume fds, always set O_NOFOLLOW

Some of the btrfs utility functions already used O_NOFOLLOW others
didn't. Let's streamline this, and refuse operation when we are called
for symlinks on "remove" and "snapshot" too.

In particular in the "remove" case following symlinks is a bad idea, and
is quite different from how unlink() and friends work, which always
remove the symlink, and not the destination, a logic we should follow
here too.

7 years agosystemd-detect-virt: refine hypervisor detection (#7171)
Razvan Cojocaru [Thu, 26 Oct 2017 14:59:04 +0000 (17:59 +0300)]
systemd-detect-virt: refine hypervisor detection (#7171)

Continue to try to get more details about the actual underlying
hypervisor with successive tests until none are available.
This fixes issue #7165.

7 years agoMerge pull request #7184 from keszybz/resolved-loop
Zbigniew Jędrzejewski-Szmek [Thu, 26 Oct 2017 13:29:03 +0000 (15:29 +0200)]
Merge pull request #7184 from keszybz/resolved-loop

resolved: fix loop on packets with pseudo dns types

https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351,
CVE-2017-15908.

7 years agoMerge pull request #7127 from keszybz/sundry-tweaks
Lennart Poettering [Thu, 26 Oct 2017 08:57:00 +0000 (10:57 +0200)]
Merge pull request #7127 from keszybz/sundry-tweaks

Various unrelated small patches

7 years agoMerge pull request #7142 from sourcejedi/systemd-shutdown
Lennart Poettering [Thu, 26 Oct 2017 08:56:44 +0000 (10:56 +0200)]
Merge pull request #7142 from sourcejedi/systemd-shutdown

systemd-shutdown: avoid confusingly redundant messages

7 years agoAdding timer_event to wakeup as suggested by MHD_get_timeout (#7152)
martingh [Thu, 26 Oct 2017 08:54:30 +0000 (10:54 +0200)]
Adding timer_event to wakeup as suggested by MHD_get_timeout (#7152)

7 years agohwdb: Add ACCEL_MOUNT_MATRIX for ThinkPad Yoga 11e (#7174)
Lars Kellogg-Stedman [Wed, 25 Oct 2017 11:23:51 +0000 (07:23 -0400)]
hwdb: Add ACCEL_MOUNT_MATRIX for ThinkPad Yoga 11e (#7174)

Accelerometer readings from the screen accelerometer on the Yoga 11e
need to be rotated 90 degrees around the Z axis.

7 years agoresolved: fix loop on packets with pseudo dns types
Zbigniew Jędrzejewski-Szmek [Wed, 25 Oct 2017 09:19:19 +0000 (11:19 +0200)]
resolved: fix loop on packets with pseudo dns types

Reported by Karim Hossen & Thomas Imbert from Sogeti ESEC R&D.

https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351

7 years agohwdb: Document expected MOUNT_MATRIX on devices with non upright display (#7177)
Hans de Goede [Wed, 25 Oct 2017 07:47:27 +0000 (09:47 +0200)]
hwdb: Document expected MOUNT_MATRIX on devices with non upright display (#7177)

On some devices the display (LCD panel) is mounted non upright
in the device's casing, e.g. mounted upside-down or 90 degree rotated.

Document the expected ACCEL_MOUNT_MATRIX settings for such devices.

7 years agonspawn: EROFS for chowning mount points is not fatal (#7122)
Lauri Tirkkonen [Tue, 24 Oct 2017 17:40:50 +0000 (20:40 +0300)]
nspawn: EROFS for chowning mount points is not fatal (#7122)

This fixes --read-only with --private-users. mkdir_userns_p may return
-EROFS if either mkdir or lchown fails; lchown failing is fine as the
mount point will just be overmounted, and if mkdir fails then the
following mount() will also fail (with ENOENT).

7 years agocore: systemd-shutdown: avoid confusingly redundant messages
Alan Jenkins [Thu, 19 Oct 2017 14:02:12 +0000 (15:02 +0100)]
core: systemd-shutdown: avoid confusingly redundant messages

After previous output from systemd-shutdown indicated a bug, my attention
was drawn to redundant output lines.  Did they indicate an anomaly?

It turns out to be an expected, harmless result of the current code.  But
we don't have much justification to run such redundant operations.  Let's
remove the confusing redundant message.

We can stop trying to remount a directory read-only once its mount entry
has successfully been changed to "ro".  We can simply let the kernel keep
track of this for us.  I don't bother to try and avoid re-parsing the
mountinfo.  I appreciate snappy shutdowns, but this code is already
intricate and buggy enough (see issue 7131).

(Disclaimer: At least for the moment, you can't _rely_ on always seeing
suspicious output from systemd-shutdown.  By default, you can expect the
kernel to truncate the log output of systemd-shutdown.  Ick ick ick!
Because /dev/kmsg is rate-limited by default.  Normally it prints a message
"X lines supressed", but we tend to shut down before the timer expires
in this case).

Before:

systemd-shutdown[1]: Remounting '/' read-only with options 'seclabel...
EXT4-fs (vda3): re-mounted. Opts: data=ordered
systemd-shutdown[1]: Remounting '/' read-only with options 'seclabel, ...
EXT4-fs (vda3): re-mounted. Opts: data=ordered

After:

systemd-shutdown[1]: Remounting '/' read-only with options 'seclabel, ...
EXT4-fs (vda3): re-mounted. Opts: data=ordered

I also tested with `systemctl reboot --force`, plus a loopback mount to
cause one of the umounts to fail initially.  In this case another 2 lines
of output are removed (out of a larger number of lines).

7 years agoresolved: create private stub resolve file for /etc/resolv.conf integration (#7014)
Dimitri John Ledkov [Tue, 24 Oct 2017 13:28:41 +0000 (09:28 -0400)]
resolved: create private stub resolve file for /etc/resolv.conf integration (#7014)

This creates a second private resolve.conf file which lists the stub resolver
and the resolved acquired search domains.

This runtime file should be used as a symlink target for /etc/resolv.conf such
that non-nss based applications can resolve search domains.

Fixes: #7009

7 years agoMerge pull request #7141 from yuwata/fix-7129
Lennart Poettering [Tue, 24 Oct 2017 13:25:12 +0000 (15:25 +0200)]
Merge pull request #7141 from yuwata/fix-7129

core: fix D-Bus API

7 years agocore: in --user mode, report READY=1 as soon as basic.target is reached (#7102)
Zbigniew Jędrzejewski-Szmek [Tue, 24 Oct 2017 12:48:54 +0000 (14:48 +0200)]
core: in --user mode, report READY=1 as soon as basic.target is reached (#7102)

When a user logs in, systemd-pam will wait for the user manager instance to
report readiness. We don't need to wait for all the jobs to finish, it
is enough if the basic startup is done and the user manager is responsive.

systemd --user will now send out a READY=1 notification when either of two
conditions becomes true:
- basic.target/start job is gone,
- the initial transaction is done.

Also fixes #2863.

7 years agoMerge pull request #7123 from keszybz/date-formatting
Lennart Poettering [Tue, 24 Oct 2017 10:24:09 +0000 (12:24 +0200)]
Merge pull request #7123 from keszybz/date-formatting

Fix for time stamp formatting in timedatectl

7 years agocore: fix D-Bus API
Yu Watanabe [Thu, 19 Oct 2017 13:40:04 +0000 (22:40 +0900)]
core: fix D-Bus API

This fixes bugs introduced by cffaed83e87bde81378b2be74192193850d0e03a.

Closes #7129.

7 years agonspawn: Fix calculation of capabilities for configuration file (#7087)
myrkr [Tue, 24 Oct 2017 07:56:40 +0000 (09:56 +0200)]
nspawn: Fix calculation of capabilities for configuration file (#7087)

The current code shifting an integer 1 failed for capabilities like
CAP_MAC_ADMIN (numerical value 33). This caused issues when specifying
them in the nspawn configuration file. Using an uint64_t 1 instead.

The similar code for processing the --capability command line option
was already correctly working.

7 years agoman: update the description of interval limiting (#7128)
Zbigniew Jędrzejewski-Szmek [Tue, 24 Oct 2017 07:41:52 +0000 (09:41 +0200)]
man: update the description of interval limiting (#7128)

Fixes #7125.

7 years agoMerge pull request #7148 from keszybz/dynamic-user-use-gid
Lennart Poettering [Tue, 24 Oct 2017 07:38:01 +0000 (09:38 +0200)]
Merge pull request #7148 from keszybz/dynamic-user-use-gid

Use gid for static dynamic users

7 years agoNEWS: start adding 236 (#7159)
Mantas Mikulėnas [Mon, 23 Oct 2017 20:56:01 +0000 (23:56 +0300)]
NEWS: start adding 236 (#7159)

7 years agoMerge pull request #6948 from pfl/radv_emit_dns
Lennart Poettering [Mon, 23 Oct 2017 16:39:07 +0000 (18:39 +0200)]
Merge pull request #6948 from pfl/radv_emit_dns

Add EmitDNS= and EmitDomains= network file configuration options

7 years agocore/dynamic-user: use gid from pwnam if a static user was found
Zbigniew Jędrzejewski-Szmek [Fri, 20 Oct 2017 11:00:12 +0000 (13:00 +0200)]
core/dynamic-user: use gid from pwnam if a static user was found

Fixes #7133.

v2:
- update based on review

7 years agohwdb: invert the USB touchpad integration assumption (#7161)
Peter Hutterer [Mon, 23 Oct 2017 08:20:16 +0000 (18:20 +1000)]
hwdb: invert the USB touchpad integration assumption (#7161)

The vast majority of touchpads are internal, so let's assume that any USB
touchpad is internal by default (exception: bluetooth) and manually mark the
ones that are external. That's a lot more future-proof than having to mark all
internal touchpads that use USB as internal - that number is only going to
increase.

Related to #7068

7 years agomodprobe.d: fix directory of modprobe configuration file (#7149)
Michael Biebl [Sat, 21 Oct 2017 06:32:50 +0000 (08:32 +0200)]
modprobe.d: fix directory of modprobe configuration file (#7149)

kmod upstream uses /lib/modprobe.d which means we need to use rootprefix
instead of prefix for installing the modprobe configuration file as
otherwise split-usr systems are broken.

See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879191

7 years agocore/dynamic-user: use _cleanup_ in dynamic user locking
Zbigniew Jędrzejewski-Szmek [Fri, 20 Oct 2017 10:41:04 +0000 (12:41 +0200)]
core/dynamic-user: use _cleanup_ in dynamic user locking

This makes the code a bit easier to read.

7 years agosd-radv: Allocate space also for DNSSL iov option (#7144)
Patrik Flykt [Fri, 20 Oct 2017 08:59:15 +0000 (11:59 +0300)]
sd-radv: Allocate space also for DNSSL iov option (#7144)

The iov array needs to hold five entries in addition to the number
of prefixes.

7 years agocore: systemd-shutdown: add missing check for umount_changed
Alan Jenkins [Thu, 19 Oct 2017 14:00:57 +0000 (15:00 +0100)]
core: systemd-shutdown: add missing check for umount_changed

The assumption was that nothing changes in the final attempt.  This
would be confusing if a filesystem with a process in uninterruptible
sleep suddenly became un-stuck for the final attempt, but we still give
up and don't try to e.g. unmount any parent mounts.

I don't know how possible that is.  But the code will be easier to read
without an assumption that it does not attempt to justify.

7 years agoMerge pull request #7132 from splantefeve/fr-translation
Zbigniew Jędrzejewski-Szmek [Thu, 19 Oct 2017 06:29:37 +0000 (08:29 +0200)]
Merge pull request #7132 from splantefeve/fr-translation

Update French translation

7 years agopo: update french translation
Sylvain Plantefève [Wed, 18 Oct 2017 22:26:52 +0000 (00:26 +0200)]
po: update french translation

7 years agocatalog: update french translation
Sylvain Plantefève [Wed, 18 Oct 2017 22:26:27 +0000 (00:26 +0200)]
catalog: update french translation

7 years agoman: describe how machine-id should be initialized (#7051)
Zbigniew Jędrzejewski-Szmek [Wed, 18 Oct 2017 16:47:34 +0000 (18:47 +0200)]
man: describe how machine-id should be initialized (#7051)

7 years agorfkill: include the device name in error message
Zbigniew Jędrzejewski-Szmek [Wed, 18 Oct 2017 15:31:51 +0000 (17:31 +0200)]
rfkill: include the device name in error message

7 years agoman: recommend using /var/lib/machines in systemd-nspawn(1)
Zbigniew Jędrzejewski-Szmek [Wed, 18 Oct 2017 07:39:30 +0000 (09:39 +0200)]
man: recommend using /var/lib/machines in systemd-nspawn(1)

Also update the instruction to latest Fedora version.

7 years agoutil-lib: simplify kexec_loaded()
Zbigniew Jędrzejewski-Szmek [Sun, 15 Oct 2017 21:00:54 +0000 (23:00 +0200)]
util-lib: simplify kexec_loaded()