summaryrefslogtreecommitdiffstats
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* killall: gracefully handle processes inserted into containers via nsenter -aLennart Poettering9 days2-2/+10
| | | | | | | | | "nsenter -a" doesn't migrate the specified process into the target cgroup (it really should). Thus the cgroup will remain in a cgroup that is (due to cgroup ns) outside our visibility. The kernel will report the cgroup path of such cgroups as starting with "/../". Detect that and print a reasonably error message instead of trying to resolve that.
* process-util: refuse to operate on remote PidRefMike Yuan9 days1-1/+28
| | | | Follow-up for 7e3e540b88db5546d0c63103619d96b033871b7b
* cryptenroll: fix typoAntonio Alvarez Feijoo9 days1-1/+1
|
* test-audit-util: Migrate to new assertion macrosDaan De Meyer9 days1-6/+8
|
* core/exec-invoke: suppress placeholder home only in build_environment() (#35219)Yu Watanabe9 days4-41/+40
|\ | | | | | | Alternative to https://github.com/systemd/systemd/pull/34789 Closes #34789
| * core/exec-invoke: suppress placeholder home only in build_environment()Mike Yuan11 days1-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, get_fixed_user() employs USER_CREDS_SUPPRESS_PLACEHOLDER, meaning home path is set to NULL if it's empty or root. However, the path is also used for applying WorkingDirectory=~, and we'd spuriously use the invoking user's home as fallback even if User= is changed in that case. Let's instead delegate such suppression to build_environment(), so that home is proper initialized for usage at other steps. shell doesn't actually suffer from such problem, but it's changed too for consistency. Alternative to #34789
| * core/exec-invoke: minor cleanup for apply_working_directory() error handlingMike Yuan11 days1-15/+7
| | | | | | | | | | Assign exit_status at the same site where error log is emitted, for readability.
| * basic/user-util: split out placeholder suppression from USER_CREDS_CLEAN ↵Mike Yuan11 days4-15/+16
| | | | | | | | | | | | into its own flag No functional change, preparation for later commits.
| * basic/user-util: introduce shell_is_placeholder() helperMike Yuan11 days2-7/+13
| |
* | sd-varlink: mark sd_varlink_server_{ref,unref} as _public_ (#35241)Mike Yuan10 days2-1/+3
| | | | | | Co-authored-by: Thorsten Kukuk <kukuk@suse.com>
* | user-record: don't synthesize default list of self-modfiable fields for ↵Lennart Poettering10 days3-10/+30
|\ \ | | | | | | | | | | | | | | | | | | non-regular users. (#35133) A follow-up for a192250eda1e5cc1f8fc799cf9b85d37e7fa0519 /cc @AdrianVovk
| * | user-record: distinguish explicit and implicit empty modifiable lists caseLennart Poettering10 days1-6/+13
| | | | | | | | | | | | | | | | | | | | | | | | We now distinguish two cases: where the list of self modifiable fields is explicitly set to empty, and where the default is empty. Let's display them differently in the output. When set explicitly to empty let's mention the admin, otherwise just say "none".
| * | user-record: only synthesize default list of self-modifiable fields for ↵Lennart Poettering10 days2-4/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | *regular* users For system users we should lock things down, hence generate an empty list. This is mostly a safety precaution, but also hides really confusing output of "userdbctl user" for an system user. Follow-up for: a192250eda1e5cc1f8fc799cf9b85d37e7fa0519
* | | network/ndisc: process zero lifetime options at first (#35212)Luca Boccassi10 days2-25/+51
|\ \ \ | | | | | | | | Fixes two issues reported at #33468.
| * | | network/ndisc: first process options with zero lifetimeYu Watanabe11 days1-20/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes IPv6 Core Conformance test failures reported at #33468. https://www.ipv6ready.org/docs/Core_Conformance.pdf Test v6LC.2.2.23 h and j: Processing Router Advertisement with Route Information Option (Host Only) When a RA contains route option with ::/0 prefix, then previously that may contradict with the default route requested with the RA header. If the route option has zero lifetime, the existing default route should be removed, and a new route based on the RA header should be configured. If the route option has non-zero lifetime, the RA header should be ignored. So, we first need to process options with zero lifetime (not only route option, as the similar reasons), then configure the default route based on the RA, finally process options with non-zero lifetime.
| * | | network/ndisc: sd_ndisc_router_route_get_preference() does not return ↵Yu Watanabe11 days1-4/+0
| | | | | | | | | | | | | | | | -EOPNOTSUPP anymore
| * | | ndisc-option: use memcpy_safe() at one more placeYu Watanabe11 days1-1/+1
| | |/ | |/| | | | | | | | | | | | | As 'len' may be 8. Follow-up for a163404cc88914142ef8bbfaab0eb39d1a990c02.
* | | cryptenroll: show better log message if slot to wipe does not existAntonio Alvarez Feijoo10 days1-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ``` $ systemd-cryptenroll /dev/vda3 SLOT TYPE 0 password $ systemd-cryptenroll --wipe-slot 1 /dev/vda3 Failed to wipe slot 1, continuing: No such file or directory ```
* | | ssh-generator: silence "Binding to socket" messagesMantas Mikulėnas10 days1-8/+8
| |/ |/|
* | test: fix generate-sym-test using the wrong array (#35185)Zbigniew Jędrzejewski-Szmek10 days1-3/+3
|\ \ | | | | | | | | | | | | For my understanding bsearch is searching in the wrong array. Or, if it's the right one, then the size is wrong. In another commit I made the arrays different by mistake and that triggered a SIGSEV during tests.
| * | style: Fix formattingFederico Giovanardi10 days1-2/+2
| | |
| * | test: fix generate-sym-test using the wrong arrayFederico Giovanardi14 days1-2/+2
| | | | | | | | | | | | | | | | | | The second check was searching the symbols into the same array, but using the size of the other. This generated a SIGSEV when they occassionally mismatched.
* | | vmspawn: enable memory pressure logic for vmspawnLennart Poettering10 days1-0/+4
| | |
* | | systemctl: grey out tasks limit the same way we grey out the fd store limit ↵Lennart Poettering10 days1-1/+1
| |/ |/| | | | | | | | | | | | | in the output "systemctl status systemd-logind" otherwise looks a bit weird, since the tasks and the fdstore lines are so close to each other but formatted quite differently when it comes to coloring.
* | ukify: fix parsing of SignTool configuration optionZbigniew Jędrzejewski-Szmek11 days2-32/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This partially reverts 02eabaffe98c9a3b5dec1c4837968a4d3e2ff7db. As noted in https://github.com/systemd/systemd/pull/35211: > The configuration parsing simply stores the string as-is, rather than > creating the appropriate object One way to fix the issue would be to store the "appropriate object", i.e. actually the class. But that makes the code very verbose, with the conversion being done in two places. And that still doesn't fix the issue, because we need to map the class objects back to the original name in error messages. So instead, store the setting as a string and only map it to the class much later. This makes the code simpler and fixes the error messages too. Resolves https://github.com/systemd/systemd/pull/35193
* | network/netdev: fix typoYu Watanabe11 days1-1/+1
| | | | | | | | Follow-up for 09db4106064dd600c64d12a4e06bd88143b2e4f7.
* | nspawn: Include arm_fadvise64_64 in syscall allow_listMichał Górny11 days1-0/+1
| | | | | | | | | | | | | | | | | | Add the `arm_fadvise64_64` syscall to the allow_list, in addition to the existing `fadvise64` and `fadvise64_64` syscalls, as this is the syscall actually defined for `arm` architecture. Adding it fixes the syscall being rejected in arm32 containers. Fixes #35194
* | ukify: Use new .hwids PE section formatanonymix00714 days1-5/+17
| |
* | bootctl: Only create loader/keys/auto if requiredDaan De Meyer14 days1-1/+8
|/ | | | | | systemd-boot uses the existance of loader/keys/auto to determine whether to auto-enroll secure boot or not so only create the directory if we're actually going to put auto-enroll signature lists in it.
* boot: make .hwids PE section more flexible to cover more than DT one dayLennart Poettering14 days2-8/+55
| | | | | | | | | | | | | | | | | | | The proposal in https://github.com/systemd/systemd/pull/35091 suggests that there are going to be more resources sooner or later that shall be embeddable in a UKI, but are specific to some machine. The .hwids logic as it is implemented right now is conceptually flexible enough to cover that too (as long as the system has SMBIOS and thus CHIDs). Hence, let's prepare the ground for a future (that might possibly never come, but let's keep the door open) where the section can be reused for this purpose. The patch is really dumb ultimately. it just changes the initial field in the "Device" struct to carry not just the size of it (as before) but also a type indicator, that is for now fixed to 1, indicating DT blobs. This breaks compatibility, hence this should get merged before we do the v257 release, so that this is done properly before the first release with .hwids.
* nspawn: --private-users-ownership= value is called 'chown', not 'own'Lennart Poettering2024-11-151-1/+2
|
* pid1: make clear that $WATCHDOG_USEC is set for the shutdown binary, noone elseLennart Poettering2024-11-151-0/+5
| | | | | | | | | | | | | | We use the $WATCHDOG_USEC variable for two very closely uses: as part of the sd_watchdog_enabled() protocol for implementing service watchdogs. And as part of the protocol between the service manager and systemd-shutdown across the PID 1 execve() transition during shutdown. Apparently some exitrds tools got confused by the latter use. Let's address that by setting $WATCHDOG_PID to 1, in accordance to the sd_watchdog_enabled() protocol to make clear this is only intended for PID 1 and nothing else. Replaces: #35135
* boot: explain the 4G quirks we apply to initrd memory allocationsLennart Poettering2024-11-151-0/+7
| | | | | | | | Given how long it took to come to a conclusion of the discussions around https://github.com/systemd/systemd/issues/35026, let's add a comment that makes this easier to grok for the next time this comes up. Follow-up for: 6e207b370e91e681efb08c497a6c8ad78e3c8d83
* network/nexthop: fix copy-and-paste errorYu Watanabe2024-11-151-1/+1
| | | | Follow-up for 688f166972916b5cfc9287055582ac1aeef3d486.
* ukify: Support building UKIs with .dtbauto and .hwids sections (#34158)Luca Boccassi2024-11-141-51/+207
|\ | | | | | | | | | | | | | | | | | | | | | | Stub behavior will be as following: 1. If there are no `.dtbauto` sections then is used `.dtb` if present 2. If there are `.dtbauto` sections and there is at least one matching (either with the firmware-provided DT or via `.hwids`) then it'll be used instead of the `.dtb`. Based on #28959 and [dtbloader](https://github.com/TravMurav/dtbloader) Closes #28959 Fixes #31946
| * ukify: Support building UKIs with a .hwids sectionanonymix0072024-11-141-2/+125
| | | | | | | | This section contains a predefined set of HWIDs and the corresponding compatibles to be used in dtb matching
| * ukify: Support building UKIs with .dtbauto sectionsanonymix0072024-11-141-49/+82
| |
* | nspawn: several follow-ups for recent changes (#35146)Yu Watanabe2024-11-141-70/+118
|\ \ | | | | | | Closes #35116.
| * | nspawn: ignore failure in creating /dev/net/tun when --private-network is ↵Yu Watanabe2024-11-141-6/+19
| | | | | | | | | | | | | | | | | | | | | unspecified Follow-up for efedb6b0f3cff37950112fd37cb750c16d599bc7. Closes #35116.
| * | nspawn: split out copy_devnode_one() and bind_mount_devnode() from ↵Yu Watanabe2024-11-141-70/+104
| | | | | | | | | | | | | | | | | | | | | | | | | | | copy_devnodes() While doing that, even if mknod() failed, we anyway try to fall back to use bind mount if arg_uid_shift == 0. Mostly no functional change, just refactoring and preparation for later commit.
| * | nspawn: silence warning about failure in getting fuse versionYu Watanabe2024-11-141-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | Follow-up for dc3223919f663b7c8b8d8d1d6072b4487df7709b. If nspawn is invoked with DevicePolicy= but DeviceAllow= does not contain /dev/fuse, nspawn will fail to get fuse version with -EPERM. Let's silence the warning in that case.
* | | network/ndisc: fix coalescing of ndisc routes when multiple router exists ↵Yu Watanabe2024-11-146-52/+497
|\ \ \ | |_|/ |/| | | | | | | | (#35119) Fixes #33470.
| * | network/ndisc: dynamically configure nexthops when routes with gateway are ↵Yu Watanabe2024-11-141-3/+292
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | requested Previously, when multiple routers send RAs with the same preference, then the kernel merges routes with the same gateway address: === default proto ra metric 1024 expires 595sec pref medium nexthop via fe80::200:10ff:fe10:1060 dev enp0s9 weight 1 nexthop via fe80::200:10ff:fe10:1061 dev enp0s9 weight 1 === This causes IPv6 Conformance Test v6LC.2.2.11 failure, as reported in #33470. To avoid the coalescing issue, we can use nexthop, as suggested by Ido Schimmel: https://lore.kernel.org/netdev/ZytjEINNRmtpadr_@shredder/ > BTW, you can avoid the coalescing problem by using the nexthop API. > # ip nexthop add id 1 via fe80::200:10ff:fe10:1060 dev enp0s9 > # ip -6 route add default nhid 1 expires 600 proto ra > # ip nexthop add id 2 via fe80::200:10ff:fe10:1061 dev enp0s9 > # ip -6 route append default nhid 2 expires 600 proto ra > # ip -6 route > fe80::/64 dev enp0s9 proto kernel metric 256 pref medium > default nhid 1 via fe80::200:10ff:fe10:1060 dev enp0s9 proto ra metric 1024 expires 563sec pref medium > default nhid 2 via fe80::200:10ff:fe10:1061 dev enp0s9 proto ra metric 1024 expires 594sec pref medium Fixes #33470. Suggested-by: Ido Schimmel <idosch@idosch.org>
| * | network/nexthop: serialize/deserialize nexthopsYu Watanabe2024-11-143-29/+119
| | |
| * | network/nexthop: preparation for dynamically configuring nexthopsYu Watanabe2024-11-142-20/+86
| | | | | | | | | | | | Preparation for later commits.
* | | process-util: refuse FORK_DETACH + FORK_DEATHSIG_*Mike Yuan2024-11-141-2/+2
| | | | | | | | | | | | | | | | | | There's no synchoronization between the intermediate process and the double-forked child, and the semantics are not useful. Refuse such combination.
* | | async: block SIGTERM in asynchronous_rm_rf()Mike Yuan2024-11-141-0/+4
| | | | | | | | | | | | See justifications at https://github.com/systemd/systemd/pull/32235#issuecomment-2062327783
* | | network/netdev: follow-ups for reloading .netdev files (#34979)Luca Boccassi2024-11-1418-115/+240
|\ \ \ | |_|/ |/| | Follow-ups for #34909.
| * | network/tuntap: manage tun/tap fds by managerYu Watanabe2024-11-142-63/+71
| | | | | | | | | | | | | | | Otherwise, when a .netdev file for tun or tap netdev is updated, reloading the file leaks the previous file descriptor.
| * | network/bond: do not update several parameters if already up or has slavesYu Watanabe2024-11-141-8/+21
| | | | | | | | | | | | | | | Some bonding parameters cannot be updated when the netdev is already up or already has at least one slave interface.
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 14:41:25 +0100