summaryrefslogtreecommitdiffstats
path: root/src/shared/generator.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* tpm2-setup: add new early boot tool for initializing the SRKLennart Poettering2023-09-291-1/+1
| | | | | | | | | | | | | | | | | | | This adds an explicit service for initializing the TPM2 SRK. This is implicitly also done by systemd-cryptsetup, hence strictly speaking redundant, but doing this early has the benefit that we can parallelize this in a nicer way. This also write a copy of the SRK public key in PEM format to /run/ + /var/lib/, thus pinning the disk image to the TPM. Making the SRK public key is also useful for allowing easy offline encryption for a specific TPM. Sooner or later we should probably grow what this service does, the above is just the first step. For example, the service should probably offer the ability to reset the TPM (clear the owner hierarchy?) on a factory reset, if such a policy is needed. And we might want to install some default AK (?). Fixes: #27986 Also see: #22637
* generators: use generator_open_unit_file where appropriateMike Yuan2023-08-191-44/+30
|
* veritysetup-generator: fix ordering of generated unitsYu Watanabe2023-08-091-1/+1
| | | | | | | Fixes a bug introduced by 08b04ec7e72b7327b4803809732b1b8fce8dd069 and 953006dcb0a37a57aed0e762ff6289700e8689e8. Fixes #28725.
* generators: change TimeoutSec=0 to TimeoutSec=infinityLennart Poettering2023-06-061-4/+4
| | | | | | | | | | | | | | | With these settings we intend to turn off timeouts for possibly interactive/slow commands. The officially documented way to turn off the time-outs is to setting them to infinity. So far we set them to zero here though. This lead to some confusiong, for example #18224. Let's fix this by uniformly spelling out TimeoutSec=infinity. This doesn't change behaviour. It just makes our generated files match what we document, without relying on historic compat support. Fixes: #18224
* shared/generator: apply similar config reordering of generated unitsZbigniew Jędrzejewski-Szmek2023-05-231-6/+12
|
* generator: add generator_open_unit_file_full to allow creating temporary unitsAntonio Alvarez Feijoo2023-04-101-15/+31
| | | | | This function is like `generator_open_unit_file`, but if `ret_temp_path` is passed, a temporary unit is created instead.
* generator: fix commentYu Watanabe2023-03-101-1/+1
|
* generators: optionally, measure file systems at bootLennart Poettering2023-01-171-0/+37
| | | | | | If we use gpt-auto-generator, automatically measure root fs and /var. Otherwise, add x-systemd.measure option to request this.
* units: rework growfs units to be just a regular unit that is instantiatedLennart Poettering2023-01-171-49/+77
| | | | | | | | | | | | | | | | The systemd-growfs@.service units are currently written in full for each file system to grow. Which is kinda pointless given that (besides an optional ordering dep) they contain always the same definition. Let's fix that and add a static template for this logic, that the generator simply instantiates (and adds an ordering dep for). This mimics how systemd-fsck@.service is handled. Similar to the wait that for root fs there's a special instance systemd-fsck-root.service we also add a special instance systemd-growfs-root.service for the root fs, since it has slightly different deps. Fixes: #20788 See: #10014
* generator: teach generator_add_symlink() to instantiate specified unitLennart Poettering2023-01-171-12/+40
| | | | | | | | | | if we want generators to instantiate a template service, we need to teach generator_add_symlink() the concept. Just some preparation for a later commit. While we are at it, modernize the function around path_extract_filename() + path_extract_directory()
* Merge pull request #25828 from poettering/no-more-basenameYu Watanabe2022-12-241-2/+8
|\ | | | | convert a number of basename() invocations to path_extract_filename()
| * shared: port various shared helpers basename() → path_extract_filename()Lennart Poettering2022-12-231-2/+8
| |
* | sysroot: Order systemd-fsck-root after systemd-makefsWill Fancher2022-12-231-1/+10
|/
* basic: create new basic/initrd-util.[ch] for initrd-related functionsZbigniew Jędrzejewski-Szmek2022-11-081-1/+1
| | | | | | | | | I changed imports of util.h to initrd-util.h, or added an import of initrd-util.h, to keep compilation working. It turns out that many files didn't import util.h directly. When viewing the patch, don't be confused by git rename detection logic: a new .c file is added and two functions moved into it.
* generator: modernize generator_open_unit_file()Lennart Poettering2022-10-171-14/+16
|
* generator: skip fsck if fsck command is missingJonas Kümmerlin2022-09-301-1/+10
| | | | | | | | | | | This is useful for systems which don't have any fsck. We already skip emitting the fsck dependency when the fsck.$fstype helper is missing, but fstab-generator doesn't necessarily know the fstype when handling the root= parameter. Previously, systemd-fsck was started for these mounts and then exited immediately because it couldn't find the fsck.$fstype helper.
* tree-wide: use path_join() instead of prefix_roota() in various casesLennart Poettering2022-08-221-10/+19
| | | | | | | | | | | | | | | | | | | prefix_roota() is something we should stop using. It is bad for three reasons: 1. As it names suggests it's supposed to be used when working relative to some root directory, but given it doesn't follow symlinks (and instead just stupidly joins paths) it is not a good choice for that. 2. More often than not it is currently used with inputs under control of the user, and that is icky given it typically allocates memory on the stack. 3. It's a redundant interface, where chase_symlinks() and path_join() already exist as better, safer interfaces. Hence, let's start moving things from prefix_roota() to path_join() for the cases where that's appropriate.
* shared/generator: Ensure growfs unit runs after repartundef2022-08-081-1/+1
| | | | | | | When deploying an image using systemd-repart and systemd-growfs one should have the image expanded entirely and ready to use after the first boot. This ensures that growfs does not occur before repart, thus requiring a second boot.
* generators: only redirect logging when invoked by systemdZbigniew Jędrzejewski-Szmek2022-07-151-4/+9
| | | | | | | | | We would always print output to the kmsg or journal, but that is only needed and useful when invoked by systemd. So let's skip redirection unless we are invoked by systemd. Otherwise, let's log normally. This makes test invocations easier, and also helps when the generator is invoked by mistake. If redirection is necessary, the generator can be invoked with SYSTEMD_LOG_TARGET=… even during tests.
* generator: Rename password argJan Janssen2022-02-191-6/+6
| | | | | | | | | | This function does not expect a password, but a key file path. The cryptsetup helper binary even calls it that. No Code changes. Follow up on: 6e41f4dd916293f35d7d35cea7eed1807d7ea771 Fixes: https://github.com/systemd/systemd/security/code-scanning/81
* shared: clean up mkdir.h/label.h situationLennart Poettering2021-11-161-2/+2
| | | | | | | | | | Previously the mkdir_label() family of calls was implemented in src/shared/mkdir-label.c but its functions partly declared ins src/shared/label.h and partly in src/basic/mkdir.h (!!). That's weird (and wrong). Let's clean this up, and add a proper mkdir-label.h matching the .c file.
* meson: use jinja2 for rpm templatesZbigniew Jędrzejewski-Szmek2021-05-191-2/+2
| | | | | | | The naming of variables is very inconsistent. I tried to use more modern style naming (UNDERSCORED_TITLE_CASE), but I didn't change existing names too much. Only SYSTEM_DATA_UNIT_PATH is renamed to SYSTEM_DATA_UNIT_DIR to match SYSTEM_CONFIG_UNIT_DIR.
* gpt-auto-generator: pull in systemd-growfs@.service if new GPT growfs ↵Lennart Poettering2021-04-231-2/+6
| | | | partition flag is set
* Merge pull request #19381 from poettering/generator-tweaksLennart Poettering2021-04-211-1/+13
|\ | | | | generator: two minor tweaks
| * generator: explain why systemd-root-fsck.service exists in a commentLennart Poettering2021-04-211-0/+5
| |
| * generator: exit early when asked to generate fsck unit for / and /usr in initrdLennart Poettering2021-04-211-1/+8
| | | | | | | | | | | | | | | | | | | | Let's exit early if we are invoked to generate an fsck unit for the rootfs or /usr of the initrd itself. The "systemd-root-fsck.service" and "systemd-usr-fsck.service" units are after all for the host file systems, and the initrd file hierarchy is from an unpacked cpio anyway. Hence, this semantically doesn't really make sense, so quickly exit if we detect this case. This allows us to remove some checks further down the codepath.
* | generator: write out special systemd-fsck-usr.serviceLennart Poettering2021-04-211-12/+33
|/ | | | | | | | | | | | | | | | | So far all file systems where checked by instances of systemd-fsck@.service, with the exception of the root fs which was covered by systemd-fsck-root.service. The special handling is necessary to deal with ordering issues: we typically want the root fs to be checked before all others, and — weirdly — allow mounting it before the fsck done (for compat with initrd-less boots). This adds similar special handling for /usr: if the hierarchy is placed on a separate file system check it with a special systemd-fsck-usr.service instead of a regular sysemd-fsck@.service instance. Reason is again ordering: we want to allow mounting of /usr without the root fs already being around in the initrd, to cover for cases where the root fs is created on first boot and thus cannot be mounted/checked before /usr.
* shared/fstab-util: teach fstab_filter_options() a mode where all values are ↵Zbigniew Jędrzejewski-Szmek2021-03-111-1/+1
| | | | | | | | | | returned Apart from tests, the new argument isn't used anywhere, so there should be no functional change. Note that the two arms of the big conditional are switched, so the diff is artificially inflated. The actual code change is rather small. I dropped the path which extracts ret_value manually, because it wasn't supporting unescaping of the escape character properly.
* generators: warn but ignore failure to write timeoutsZbigniew Jędrzejewski-Szmek2021-03-111-2/+6
| | | | | | | When we failed to split the options (because of disallowed quoting syntax, which might be a bug in its own), we would silently fail. Instead, let's emit a warning. Since we ignore the value if we cannot parse it anyway, let's ignore this error too.
* shared/generator: add missing initializerZbigniew Jędrzejewski-Szmek2021-02-111-1/+1
| | | | Coverity CID#1444710.
* veritysetup-generator: add support for veritytabGaël PORTAY2021-01-151-0/+75
| | | | | | | | | | | | | | | | | | | | | | | | This adds the support for veritytab. The veritytab file contains at most five fields, the first four are mandatory, the last one is optional: - The first field contains the name of the resulting verity volume; its block device is set up /dev/mapper/</filename>. - The second field contains a path to the underlying block data device, or a specification of a block device via UUID= followed by the UUID. - The third field contains a path to the underlying block hash device, or a specification of a block device via UUID= followed by the UUID. - The fourth field is the roothash in hexadecimal. - The fifth field, if present, is a comma-delimited list of options. The following options are recognized only: ignore-corruption, restart-on-corruption, panic-on-corruption, ignore-zero-blocks, check-at-most-once and root-hash-signature. The others options will be implemented later. Also, this adds support for the new kernel verity command line boolean option "veritytab" which enables the read for veritytab, and the new environment variable SYSTEMD_VERITYTAB which sets the path to the file veritytab to read.
* cryptsetup: Fix crypto device missing issue after bootupJinyuan Si2020-12-101-1/+1
| | | | | | | | | | | | | | | | | | | | Normally, the udev rules operate on "change" events. But when coldplugging, there's an "add" event present. The udev rules have to recognize this and do some actions in this particular situation, too. Also, we don't want the nodes to be created prematurely on "add" events while not coldplugging. The udev rules will check DM_UDEV_PRIMARY_SOURCE_FLAG to see if the device was activated correctly before and if not, it ignore the "add" event totally. This way the udev rules can support udev triggers generating "add" events (e.g. "udevadm trigger --action=add" or "echo add > /sys/block/<dm_device>/uevent"). In this case, the udevd service is started after systemd-cryptsetup@config.service, is started, which will cause udevd service to miss the "change" uevent with DM_UDEV_PRIMARY_SOURCE_FLAG flag generated by systemd-cryptsetup@config.service. To solve this issue, we let the cryptsetup service be started after the udevd service.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* generator: use kmsg in system-level generators, journal otherwiseLennart Poettering2020-09-301-2/+8
| | | | Fixes: #17129.
* generator: don't generate device dependencies for extrinsic mountsFranck Bui2020-04-011-0/+3
| | | | | | Stop generating device dependencies for extrinsic mounts: we already exclude extrinsic mounts from the usual start-up and shutdown dependencies but some extra deps added by generator_write_device_deps() were remaining.
* Merge pull request #14398 from poettering/mount-prepZbigniew Jędrzejewski-Szmek2020-02-041-0/+97
|\
| * units: introduce blockdev@.target for properly ordering mounts/swaps against ↵Lennart Poettering2020-01-211-0/+97
| | | | | | | | | | | | | | | | | | cryptsetup Let's hook it into both cryptsetup-generator and gpt-auto-generator with a shared implementation in generator.c Fixes: #8472
* | generator: order growfs for the root fs after systemd-remount-fsLennart Poettering2020-01-211-3/+9
|/ | | | Fixes: #14603
* cryptsetup-generator: unconfuse writing of the device timeoutZbigniew Jędrzejewski-Szmek2019-12-031-1/+3
| | | | | | | | | | | | | The code was using timeout=0 as the default option string. This option string was ultimately passed to generator_write_timeouts(), which only looks for comment=systemd.device-timeout= or x-systemd.device-timeout=, i.e. the whole call path was bogus. Let's rework this: generator_write_timeouts() now writes any timeouts if configured by the user. create_disk() writes out it's own timeout, but with lower priority. Since the code path that was calling timeout=0 was not effective, the only change is that we stop overwriting the timeout if explicitly configured by the user. In both code paths, ignore failure to write.
* generator: downgrade Requires= → Wants= of fsck from /usr mount unitLennart Poettering2019-07-101-4/+12
| | | | Fixes #5099
* core: spaces rockLennart Poettering2019-07-101-2/+2
|
* tree-wide: replace strjoina() with prefix_roota()Yu Watanabe2019-06-241-4/+4
|
* shared/generator: voidify mkdir_parents() callZbigniew Jędrzejewski-Szmek2019-06-041-1/+1
| | | | To appease coverity: CID#1401752.
* Make fopen_temporary and fopen_temporary_label unlockedZbigniew Jędrzejewski-Szmek2019-04-121-8/+6
| | | | | | | | This is partially a refactoring, but also makes many more places use unlocked operations implicitly, i.e. all users of fopen_temporary(). AFAICT, the uses are always for short-lived files which are not shared externally, and are just used within the same context. Locking is not necessary.
* generator: rename systemd-mkfs@.service to systemd-makefs@.serviceZbigniew Jędrzejewski-Szmek2019-02-211-2/+2
| | | | | | | | | | | | | | The second name was used in documentation, and the first in the code that generated the unit. 'systemd-makefs' is the name we want, for example for consistency with the systemd-makefs executable. In principle this breaks compatibility, but in practice this is unlikely to be noticeable. Each instance of the unit is created by writing out a full definition, so the template was never defined. So the name could only be used for ordering, and there is not reason to order things against this unit from the outside: the ordering would rather be against the final mount unit. Fixes #11769.
* Define macro for systemd-fsck-root.serviceZbigniew Jędrzejewski-Szmek2019-01-031-4/+4
| | | | There is one for systemd-fsck@.service, so for consistency...
* Pull in systemd-remount-fs.service only when requiredZbigniew Jędrzejewski-Szmek2019-01-031-0/+6
| | | | | | Instead of enabling it unconditionally and then using ConditionPathExists=/etc/fstab, and possibly masking this condition if it should be enabled for auto gpt stuff, just pull it in explicitly when required.
* shared/generator: allow absolute symlink target in generator_add_symlink()Zbigniew Jędrzejewski-Szmek2019-01-031-4/+5
| | | | | Also remove the stray ".d" from comment and rename directory argument to "dir" (we usually use "root" for arg_root, so using it here was misleading).
* shared/generator: reword comment for clarityZbigniew Jędrzejewski-Szmek2018-12-031-4/+3
|
* units: make fsck/grows/makefs/makeswap units conflict against shutdown.targetLennart Poettering2018-11-261-8/+7
| | | | | | They are the only units we shipped/generated where this was missing really. Let's fix these. Follow-up for: #10933
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-15 02:44:08 +0100