| Commit message (Collapse) | Author | Files | Lines |
|---|
|
Fixes #30392.
|
|
Follow-up for 5b6319dceedd81f3f1ce7eb70ea5defaef43bcec (gosh this is
ancient), and effectively reverts 3dead8d925ea9db1fbd65b702b6b807e49ddeacf.
sigwait() is documented to "suspend execution of the calling thread
until one of the signals specified in the signal set becomes pending".
And the only error it returns is EINVAL, when "set contains an invalid
signal number". Therefore, there's no need to run it in a loop or
to check for runtime error.
|
|
Follow-up for 329050c5e2c7e9561699f87b5edb72edd0d54c96.
|
|
Follow-up for 2b98926f9809eb858a5abe4f64ebd067df5059d5.
|
|
I was wondering why I couldn't trigger the assertion in safe_fclose()
when submitting #30251. It turned out that the static destructor was
not run at all :/
Replace main() with a minimized version of main-func.h. This also
prevents emitting negative exit codes.
|
|
|
|
HANDLE_SLEEP is == _HANDLE_ACTION_SLEEP_LAST and the loop is bounded
by < _HANDLE_ACTION_SLEEP_LAST, so no need to check for it
CID#1529414
|
|
handle_action_lookup() in general can return NULL, but not
here as the handle is checked before, so add an assert.
CID#1529415
CID#1529416
|
|
on_circle is set twice to the same value
CID#1529418
|
|
CID#1529420
|
|
|
|
Currently, memory accounting values are only cached if it was queued
at least once before destroying cgroup. Let's always cache it like
what we already do for CPU usage.
Preparation for later changes.
|
|
Follow-up for 6c75eff6afd90
CID#1530430
|
|
|
|
This reverts commit 9f7d1899235a237ba7a6000479cbf3965b224fd9.
systemd.spec was updated in [1], so we don't need this here anymore.
[1] https://src.fedoraproject.org/rpms/systemd/c/245a2587e095a08a61af4e48f7daa57dee3629e6
|
|
On Fedora systemd recently moved all of its configuration files to
/usr/lib/ [0], so make sure we account for this case as well.
[ 42.450325] testsuite-17.sh[800]: + mkdir -p /run/udev/rules.d
[ 42.466504] testsuite-17.sh[800]: + cp -f /etc/udev/udev.conf /etc/udev/udev.conf.bckp
[ 42.503348] testsuite-17.sh[802]: cp: cannot stat '/etc/udev/udev.conf': No such file or directory
[0] https://src.fedoraproject.org/rpms/systemd/c/29eb35530b29232eed65718d0cd96d67cd7ffd6b?branch=rawhide
|
|
Since we restart systemd-udevd here a couple of times, we might hit the
rate limit in later tests:
[ 26.028355] testsuite-17.sh[2074]: + udevadm control -e
[ 26.028355] testsuite-17.sh[2074]: + udevadm control -l emerg
[ 26.126160] systemd[1]: systemd-udevd.service: Start request repeated too quickly.
[ 26.126213] systemd[1]: systemd-udevd.service: Failed with result 'start-limit-hit'.
[ 26.140310] systemd[1]: Failed to start systemd-udevd.service.
[ 26.140897] systemd[1]: systemd-udevd-control.socket: Failed with result 'service-start-limit-hit'.
[ 26.141286] systemd[1]: systemd-udevd-kernel.socket: Failed with result 'service-start-limit-hit'.
[ 26.142225] testsuite-17.sh[2074]: + udevadm control -l alert
[ 26.149206] udevadm[2088]: Failed to send request to set log level: No such file or directory
Follow-up to: 6ef512c0bb
|
|
Partially fixes #30352
|
|
|
|
It doesn't really make sense to go looking for these inside the
given root directory. While we should resolve specifiers and such
based on the given root directory, let's look up the image definitions
on the host system as there's a good chance they're coupled to the
repart version we're using so there's all kinds of chances for problems
if we use the definitions from the image we're building instead of those
from the host.
|
|
So far we created the target directory, and the source for bind mounts,
but not workdir/upperdir for overlays, so it has to be done separately
and strictly before the unit is started, which is annoying. Check the
options when creating directories, and if upper/work directories are
specified, create them.
|
|
For unit instances install_info_discover() returns path to the template,
which then generates confusing errors when passed to
do_unit_file_enable():
~# build/systemctl --root=/tmp/systemctl-test.N9ysbz reenable templ1@two.service
Unit name: templ1@two.service; p: /etc/systemd/system/templ1@.service
Removed "/tmp/systemctl-test.N9ysbz/etc/systemd/system/services.target.wants/templ1@two.service".
Failed to reenable templ1@.service, destination unit services.target is a non-template unit.
This can also be seen with a different reproducer using getty@.service
and a simple bind mount to / - there's no error this time, but it tries
to create a symlink for the default instance (from DefaultInstance=tty1),
which is also incorrect:
~# SYSTEMD_LOG_LEVEL=debug systemctl --root /mnt/bindroot/ reenable getty@test.service
Symlink /mnt/bindroot/etc/systemd/system/getty.target.wants/getty@tty1.service → /usr/lib/systemd/system/getty@.service already exists
Follow-up to: 29a7c59abbe
Resolves: #24740
|
|
If a unit is running in an image and wants to survive a soft-reboot,
then it can't be deactivated by the storage of the image going away.
Relax the dependency to a Wants=. Access to the image is not needed
when the unit is running anyway, so downgrade to Wants=.
|
|
The read-only bit is flipped after setting up all the mounts, so that
bind mounts can be added. Remove the early config, and add a unit
test.
Fixes https://github.com/systemd/systemd/issues/30372
|
|
The mkfs binary might unlink the path we give it and replace it with
a new file so let's make sure that our fd points to any new file rather
than the old deleted file.
Specifically this fixes erofs partition generation.
|
|
Fixes #30368
|
|
The --reset option is supposed to remove all files configured by
firstboot, but currently it does not remove /etc/localtime.
|
|
The `.mem_total` variable has `uint64_t` type, therefore, when multiplying the number
`20971512` by the number `1024` with the suffix `U`, we will not get the expected result of
`21,474,828,288`, since the number `20971512` without an explicit type indication has
`uint32_t` type.
First, multiplication will occur in accordance with the `uint32_t` type; this operation will
cause a **type overflow**, and only then will this result be assigned to a `uint64_t` type
variable.
It's worth adding the `UL` suffix to the number `20971512` to avoid **overflow**.
Found by Linux Verification Center (portal.linuxtesting.ru) with SVACE.
Author A. Slepykh.
|
|
Follow-up for f9568765d4d3d57de1ec01d85f0a0682920f4d10
|
|
The correct path where setting file located should be
"under /etc/systemd/nspawn", not "under /etc".
|
|
|
|
We already highlight sections and "de-highlight" comments, so let's add
the last piece of the puzzle and highlight the configuration directives
to visually distinguish them from the values.
Closes: #13416
|
|
7e3607996a creates a symlink under /etc/ssh/sshd_config.d/ and with
current Rawhide RPM stuff the systemd RPM tries to take ownership of
that directory which conflicts with the openssh-server package. Let's
temporarily tweak the regex in split-files.py until this changes makes
it to Rawhide.
|
|
When --after-cursor=/--cursor-file= is used together with a journal
filter, we still skipped over the first matching entry even if it wasn't
the entry the cursor points at, thus missing one "valid" entry
completely. Let's fix this by checking if the entry cursor after seeking
matches the user provided cursor, and skip to the next entry only when
the cursors match.
Resolves: #30288
|
|
Currently the check doesn't take any settings from nspawn settings
files into account, so let's delay the check until after we've
loaded any settings file.
|
|
cryptsetup reads a bunch of credentials now but we don't pass import
those in any service units yet. Let's pass through all cryptsetup
prefixed credentials to the systemd-cryptsetup@root instance.
|
|
Use the webchat link and spell out the channel and server instead
|
|
Request with Range header like 'entries=<cursor>:' (with a colon at the end,
invalid syntax per the doc), is now rejected with error 400 Bad Request.
fix #4883
|
|
When the same disk image is written to multiple storage units, for
example an external SD card and an internal eMMC, the symlinks in
/dev/disk/by-{label,uuid,partlabel,partuuid}/ are no longer unique, and
will point to the device that is probed last.
Adressing partitions via labels and UUIDs is nice to work with, and
depending on the use case, it might also be more robust than using the
symlinks in /dev/disk/by-path/ containing the partition number. Combine
the two approaches to create unique symlinks containing both the device
path as well as the respective UUIDs or labels, and throw in a symlink
using the devpath and the partition number for the sake of completeness.
For an exemplary GPT-partitioned disk at "platform-2198000.mmc" with a
partition containing an ext4 file system, this might create symlinks of
the following form:
/dev/disk/by-path/platform-2198000.mmc-part/by-partnum/1
/dev/disk/by-path/platform-2198000.mmc-part/by-partuuid/e5a75233-3b90-4aec-8075-b4dd7132b48d
/dev/disk/by-path/platform-2198000.mmc-part/by-partlabel/rootfs
/dev/disk/by-path/platform-2198000.mmc-part/by-uuid/b2c92f24-8215-4680-b931-f423aae5f1c9
/dev/disk/by-path/platform-2198000.mmc-part/by-label/rootfs
Signed-off-by: Roland Hieber <rhi@pengutronix.de>
|
|
|
|
|
|
|
|
While at it, rephrase the output a bit. Before this commit, if
the pid doesn't exist, we output something hard to interpret -
"Failed to get unit for ourselves".
|
|
This new helper combines open() with readdir_all() to simplify a few
callers.
|
|
This is similar to #30183 but focusses on the status output rather than
the log output.
Since the status output always goes to a TTY we don't have to
conditionalize things on isatty().
Fixes: #30184
|
|
Usually when we do setresuid() we also do setesgid() and setgroups().
Let's add a common helper that does all three, and use it everywhere.
|
|
This make them recognized by file managers and stuff. Maybe one day we
should properly register mime types in the "vnd." namespace with IANA,
but I am too lazy to deal with the bureaucracy for that, hence let's
stick with the x. namespace for now.
This defines confext/sysext DDIs as subtype of:
https://www.iana.org/assignments/media-types/application/vnd.efi.img
Which is what everyone appears to use for raw disk images, in particular
if they contain a GPT partition table.
|
|
sshd now supports config file drop-ins, hence let's install one to hook
up "userdb ssh-authorized-keys", so that things just work.
We put the drop-in relatively early, so that other drop-ins generally
will override this.
Ideally sshd would support such drop-ins in /usr/ rather than /etc/, but
let's take what we can get. It's not that sshd's upstream was
particularly open to weird ideas from Linux people.
|
|
true in the initrd
This adds a new ProtectSystem= setting that mirrors the option of the
same of services, but in a more restrictive way. If enabled will remount
/usr/ to read-only, very early at boot. Takes a special value "auto"
(which is the default) which is equivalent to true in the initrd, and
false otherwise.
Unlike the per-service option we don't support full/strict modes, but
the door is open to eventually support that too if it makes sense. It's
not entirely trivial though as we have very little mounted this early,
and hence the mechanism might not apply 1:1. Hence in this PR is a
conservative first step.
My primary goal with this is to lock down initrds a bit, since they
conceptually are mostly immutable, but they are unpacked into a mutable
tmpfs. let's tighten the screws a bit on that, and at least make /usr/
immutable.
This is particularly nice on USIs (i.e. Unified System Images, that pack
a whole OS into a UKI without transitioning out of it), such as
diskomator.
|
|
Doesn't make much sense to push RCs to the stable repository, just
do that in the final tag push
|
