summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-10-23nspawn: really lchown(uid/gid)Evgeny Vereshchagin
https://github.com/systemd/systemd/pull/4372#issuecomment-253723849: * `mount_all (outer_child)` creates `container_dir/sys/fs/selinux` * `mount_all (outer_child)` doesn't patch `container_dir/sys/fs` and so on. * `mount_sysfs (inner_child)` tries to create `/sys/fs/cgroup` * This fails 370 stat("/sys/fs", {st_dev=makedev(0, 28), st_ino=13880, st_mode=S_IFDIR|0755, st_nlink=3, st_uid=65534, st_gid=65534, st_blksize=4096, st_blocks=0, st_size=60, st_atime=2016/10/14-05:16:43.398665943, st_mtime=2016/10/14-05:16:43.399665943, st_ctime=2016/10/14-05:16:43.399665943}) = 0 370 mkdir("/sys/fs/cgroup", 0755) = -1 EACCES (Permission denied) * `mount_syfs (inner_child)` ignores that error and mount(NULL, "/sys", NULL, MS_RDONLY|MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_REMOUNT|MS_BIND, NULL) = 0 * `mount_cgroups` finally fails
2016-10-23basic: fallback to the fstat if we don't have access to the /proc/self/fdinfoEvgeny Vereshchagin
https://github.com/systemd/systemd/pull/4372#discussion_r83354107: I get `open("/proc/self/fdinfo/13", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)` 327 mkdir("/proc", 0755 <unfinished ...> 327 <... mkdir resumed> ) = -1 EEXIST (File exists) 327 stat("/proc", <unfinished ...> 327 <... stat resumed> {st_dev=makedev(8, 1), st_ino=28585, st_mode=S_IFDIR|0755, st_nlink=2, st_uid=0, st_gid=0, st_blksize=1024, st_blocks=4, st_size=1024, st_atime=2016/10/14-02:55:32, st_mtime=2016/ 327 mount("proc", "/proc", "proc", MS_NOSUID|MS_NODEV|MS_NOEXEC, NULL <unfinished ...> 327 <... mount resumed> ) = 0 327 lstat("/proc", <unfinished ...> 327 <... lstat resumed> {st_dev=makedev(0, 34), st_ino=1, st_mode=S_IFDIR|0555, st_nlink=75, st_uid=65534, st_gid=65534, st_blksize=1024, st_blocks=0, st_size=0, st_atime=2016/10/14-03:13:35.971031263, 327 lstat("/proc/sys", {st_dev=makedev(0, 34), st_ino=4026531855, st_mode=S_IFDIR|0555, st_nlink=1, st_uid=65534, st_gid=65534, st_blksize=1024, st_blocks=0, st_size=0, st_atime=2016/10/14-03:13:39.1630 327 openat(AT_FDCWD, "/proc", O_RDONLY|O_DIRECTORY|O_CLOEXEC|O_PATH) = 11</proc> 327 name_to_handle_at(11</proc>, "sys", {handle_bytes=128}, 0x7ffe3a238604, AT_SYMLINK_FOLLOW) = -1 EOPNOTSUPP (Operation not supported) 327 name_to_handle_at(11</proc>, "", {handle_bytes=128}, 0x7ffe3a238608, AT_EMPTY_PATH) = -1 EOPNOTSUPP (Operation not supported) 327 openat(11</proc>, "sys", O_RDONLY|O_CLOEXEC|O_PATH) = 13</proc/sys> 327 open("/proc/self/fdinfo/13", O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied) 327 close(13</proc/sys> <unfinished ...> 327 <... close resumed> ) = 0 327 close(11</proc> <unfinished ...> 327 <... close resumed> ) = 0 -bash-4.3# ls -ld /proc/ dr-xr-xr-x 76 65534 65534 0 Oct 14 02:57 /proc/ -bash-4.3# ls -ld /proc/1 dr-xr-xr-x 9 root root 0 Oct 14 02:57 /proc/1 -bash-4.3# ls -ld /proc/1/fdinfo dr-x------ 2 65534 65534 0 Oct 14 03:00 /proc/1/fdinfo
2016-10-21nspawn, NEWS: add missing "s" in --private-users-chown (#4438)Zbigniew Jędrzejewski-Szmek
2016-10-20sysusers: fix memleak (#4430)Evgeny Vereshchagin
Fixes: ``` ==28075== 64 bytes in 1 blocks are definitely lost in loss record 2 of 3 ==28075== at 0x4C2BAEE: malloc (vg_replace_malloc.c:298) ==28075== by 0x4C2DCA1: realloc (vg_replace_malloc.c:785) ==28075== by 0x4ED40A2: greedy_realloc (alloc-util.c:57) ==28075== by 0x4E90F87: extract_first_word (extract-word.c:78) ==28075== by 0x4E91813: extract_many_words (extract-word.c:270) ==28075== by 0x10FE93: parse_line (sysusers.c:1325) ==28075== by 0x11198B: read_config_file (sysusers.c:1640) ==28075== by 0x111EB8: main (sysusers.c:1773) ==28075== ```
2016-10-20update-utmp: let's use STR_IN_SET() where it is prettyLennart Poettering
2016-10-20logind: don't hit assert when we try to free NULL manager objectLennart Poettering
Fixes: #4431
2016-10-20update TODOLennart Poettering
2016-10-20sysctl: run sysctl service if /proc/sys/net is writable (#4425)Lennart Poettering
This simply changes this line: ConditionPathIsReadWrite=/proc/sys/ to this: ConditionPathIsReadWrite=/proc/sys/net/ The background for this is that the latter is namespaced through network namespacing usually and hence frequently set as writable in containers, even though the former is kept read-only. If /proc/sys is read-only but /proc/sys/net is writable we should run the sysctl service, as useful settings may be made in this case. Fixes: #4370
2016-10-20units: extend stop timeout for user@.service to 120s (#4426)Lennart Poettering
By default all user and all system services get stop timeouts for 90s. This is problematic as the user manager of course is run as system service. Thus, if the default time-out is hit for any user service, then it will also be hit for user@.service as a whole, thus making the whole concept useless for user services. This patch extends the stop timeout to 120s for user@.service hence, so that that the user service manager has ample time to process user services timing out. (The other option would have been to shorten the default user service timeout, but I think a user service should get the same timeout by default as a system service) Fixes: #4206
2016-10-20tests: fix memleak in test-calendarspec (#4424)Evgeny Vereshchagin
Fixes: ``` ==10750== ==10750== HEAP SUMMARY: ==10750== in use at exit: 96 bytes in 3 blocks ==10750== total heap usage: 1,711 allocs, 1,708 frees, 854,545 bytes allocated ==10750== ==10750== 96 (64 direct, 32 indirect) bytes in 1 blocks are definitely lost in loss record 3 of 3 ==10750== at 0x4C2DA60: calloc (vg_replace_malloc.c:711) ==10750== by 0x4EB3BDA: calendar_spec_from_string (calendarspec.c:771) ==10750== by 0x109675: test_hourly_bug_4031 (test-calendarspec.c:118) ==10750== by 0x10A00E: main (test-calendarspec.c:202) ==10750== ==10750== LEAK SUMMARY: ==10750== definitely lost: 64 bytes in 1 blocks ==10750== indirectly lost: 32 bytes in 2 blocks ==10750== possibly lost: 0 bytes in 0 blocks ==10750== still reachable: 0 bytes in 0 blocks ==10750== suppressed: 0 bytes in 0 blocks ==10750== ==10750== For counts of detected and suppressed errors, rerun with: -v ==10750== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) ```
2016-10-20Merge pull request #4418 from keszybz/autogen-paramsMartin Pitt
Allow ./autogen.sh to take parameters for configure
2016-10-20Merge pull request #4414 from poettering/consolesakcommentZbigniew Jędrzejewski-Szmek
three minor fixes: document /dev/console/SAK handling + another cgroups wording fix + document User= default
2016-10-20man: document default for User=Lennart Poettering
Replaces: #4375
2016-10-20journald,core: add short comments we we keep reopening /dev/console all the timeLennart Poettering
Just to make sure the next one reading this isn't surprised that the fd isn't kept open. SAK and stuff... Fix suggested: https://github.com/systemd/systemd/pull/4366#issuecomment-253659162
2016-10-20man: one more cgroup wording fixLennart Poettering
2016-10-20Merge pull request #4417 from keszybz/man-and-rlimitLennart Poettering
Two unrelated patches: man page tweaks and rlimit log levels
2016-10-20hwdb: Update database of Bluetooth company identifiersMarcel Holtmann
2016-10-20build-sys: show configure and make commandsZbigniew Jędrzejewski-Szmek
And also hide make clean output which is very verbose and not particularly interesting.
2016-10-20build-sys: allow autogen.sh to take configure paramsZbigniew Jędrzejewski-Szmek
It is sometimes nice to run autogen with some configure parameters. For example: ./autogen.sh c --disable-manpages So pass any extra args after the [cgals] verb to the configure command. Also, check that the verb is correct (empty or one of the known letters) before doing any non-trivial work.
2016-10-19pid1: downgrade some rlimit warningsZbigniew Jędrzejewski-Szmek
Since we ignore the result anyway, downgrade errors to warning. log_oom() will still emit an error, but that's mostly theoretical, so it is not worth complicating the code to avoid the small inconsistency
2016-10-19core: let's upgrade the log level for service processes dying of signal (#4415)Lennart Poettering
As suggested in https://github.com/systemd/systemd/pull/4367#issuecomment-253670328
2016-10-20Merge pull request #4360 from fbuihuu/journald-fix-flush-when-restartingLennart Poettering
Journald fix flush when restarting (#4190)
2016-10-19man: document dependencies implied by Sockets= (#4412)Lucas Werkmeister
Fixes #4410. Also includes two minor improvements to the previous sentence.
2016-10-19Merge pull request #4378 from evverx/nspawn-smoke-testLennart Poettering
tests: add smoke test for systemd-nspawn
2016-10-19Merge pull request #4390 from keszybz/install-specifiersLennart Poettering
Various install-related tweaks
2016-10-19bootctl: don't try to remove esp_path (#4407)Evgeny Vereshchagin
This is a follow-up for 9ee051b9c7623
2016-10-19boot: fix `bootctl install` segfault (#4404)Yu Watanabe
2016-10-19journal: rename determine_space_for() into cache_space_refresh()Franck Bui
Now that determine_space_for() only deals with storage space (cached) values, rename it so it reflects the fact that only the cached storage space values are updated.
2016-10-19journal: introduce patch_min_use() helperFranck Bui
Updating min_use is rather an unusual operation that is limited when we first open the journal files, therefore extracts it from determine_space_for() and create a function of its own and call this new function when needed. determine_space_for() is now dealing with storage space (cached) values only. There should be no functional changes.
2016-10-19journal: introduce cache_space_invalidate()Franck Bui
Introduce a dedicated helper in order to reset the storage space cache.
2016-10-19journal: cache used vfs stats as wellFranck Bui
The set of storage space values we cache are calculated according to a couple of filesystem statistics (free blocks, block size). This patch caches the vfs stats we're interested in so these values are available later and coherent with the rest of the space cached values.
2016-10-19journal: don't emit space usage message when opening the journal (#4190)Franck Bui
This patch makes system_journal_open() stop emitting the space usage message. The caller is now free to emit this message when appropriate. When restarting the journal, we can now emit the message *after* flushing the journal (if required) so that all flushed log entries are written in the persistent journal *before* the status message. This is required since the status message is always younger than the flushed entries. Fixes #4190.
2016-10-19journal: introduce server_space_usage_message()Franck Bui
This commit simply extracts from determine_space_for() the code which emits the storage usage message and put it into a function of its own so it can be reused by others paths later. No functional changes.
2016-10-19journal: introduce JournalStorage and JournalStorageSpace structuresFranck Bui
This structure keeps track of specificities for a given journal type (persistent or volatile) such as metrics, name, etc... The cached space values are now moved in this structure so that each journal has its own set of cached values. Previously only one set existed and we didn't know if the cached values were for the runtime journal or the persistent one. When doing: determine_space_for(s, runtime_metrics, ...); determine_space_for(s, system_metrics, ...); the second call returned the cached values for the runtime metrics.
2016-10-19journal: introduce determine_path_usage()Franck Bui
This commit simply extracts from determine_space_for() the code which determines the FS usage where the passed path lives (statvfs(3)) and put it into a function of its own so it can be reused by others paths later. No functional changes.
2016-10-18shared/install: report invalid unit files slightly betterZbigniew Jędrzejewski-Szmek
When a unit file is invalid, we'd return an error without any details: $ systemctl --root=/ enable testing@instance.service Failed to enable: Invalid argument. Fix things to at least print the offending file name: $ systemctl enable testing@instance.service Failed to enable unit: File testing@instance.service: Invalid argument $ systemctl --root=/ enable testing@instance.service Failed to enable unit, file testing@instance.service: Invalid argument. A real fix would be to pass back a proper error message from conf-parser. But this would require major surgery, since conf-parser functions now simply print log errors, but we would need to return them over the bus. So let's just print the file name, to indicate where the error is. (Incomplete) fix for #4210.
2016-10-18shared/install: resolve specifiers in Also=Zbigniew Jędrzejewski-Szmek
Test case: [Install] WantedBy= default.target Also=getty@%p.service $ ./systemctl --root=/ enable testing@instance.service Created symlink /etc/systemd/system/default.target.wants/testing@instance.service → /etc/systemd/system/testing@.service. Created symlink /etc/systemd/system/getty.target.wants/getty@testing.service → /usr/lib/systemd/system/getty@.service. $ ./systemctl --root=/ disable testing@instance.service Removed /etc/systemd/system/getty.target.wants/getty@testing.service. Removed /etc/systemd/system/default.target.wants/testing@instance.service. Fixes part of #4210. Resolving specifiers in DefaultInstance seems to work too: [Install] WantedBy= default.target DefaultInstance=%u $ systemctl --root=/ enable testing3@instance.service Created symlink /etc/systemd/system/default.target.wants/testing3@instance.service → /etc/systemd/system/testing3@.service. $ systemctl --root=/ enable testing3@.service Created symlink /etc/systemd/system/default.target.wants/testing3@zbyszek.service → /etc/systemd/system/testing3@.service.
2016-10-18shared/install: provide more info if install_info_traverse_failsZbigniew Jędrzejewski-Szmek
Test case: [Install] WantedBy= default.target Also=foobar-unknown.service Before: $ systemctl --root=/ enable testing2@instance.service Failed to enable: No such file or directory. After $ ./systemctl --root=/ enable testing2@instance.service Failed to enable unit, file foobar-unknown.service: No such file or directory.
2016-10-18shared/install: in install_context_mark_for_removal ignore not found unitsZbigniew Jędrzejewski-Szmek
With the following test case: [Install] WantedBy= default.target Also=foobar-unknown.service disabling would fail with: $ ./systemctl --root=/ disable testing.service Cannot find unit foobar-unknown.service. # this is level debug Failed to disable: No such file or directory. # this is the error After the change we proceed: $ ./systemctl --root=/ disable testing.service Cannot find unit foobar-unknown.service. Removed /etc/systemd/system/default.target.wants/testing.service. This does not affect specifying a missing unit directly: $ ./systemctl --root=/ disable nosuch.service Failed to disable: No such file or directory.
2016-10-18Merge pull request #4382 from keszybz/unit-type-underlineLennart Poettering
systemctl: use underlines to seperate unit types in listing
2016-10-17networkd: use proper cast to access VTI6 (#4399)Susant Sahani
Fixes #4371.
2016-10-17core/exec: add a named-descriptor option ("fd") for streams (#4179)Luca Bruno
This commit adds a `fd` option to `StandardInput=`, `StandardOutput=` and `StandardError=` properties in order to connect standard streams to externally named descriptors provided by some socket units. This option looks for a file descriptor named as the corresponding stream. Custom names can be specified, separated by a colon. If multiple name-matches exist, the first matching fd will be used.
2016-10-17README: list dependencies for testingZbigniew Jędrzejewski-Szmek
Fixes #4365.
2016-10-17tests: add smoke test for systemd-nspawnEvgeny Vereshchagin
Basically, this test runs: ``` systemd-nspawn --register=no -D "$_root" -b systemd-nspawn --register=no -D "$_root" --private-network -b systemd-nspawn --register=no -D "$_root" -U -b systemd-nspawn --register=no -D "$_root" --private-network -U -b ``` and exports the `UNIFIED_CGROUP_HIERARCHY=[yes|no]`, `SYSTEMD_NSPAWN_USE_CGNS=[yes|no]` Inspired by * systemd#3589 (comment) * systemd#4372 (comment) * systemd#4223 (comment) * systemd#1555 and so on :-)
2016-10-17man: add a note that NULL "s" arg for sd_bus_message_appendZbigniew Jędrzejewski-Szmek
2016-10-17terminal-util: helper macro for highlighting functionsZbigniew Jędrzejewski-Szmek
2016-10-17systemctl: ditto for list-unit-filesZbigniew Jędrzejewski-Szmek
2016-10-17systemctl: use underlines to seperate unit types in listingZbigniew Jędrzejewski-Szmek
(printf("%.*s", -1, "…") is the same as not specifying the precision at all.) v2: also underline highlighted (failing) units Fixes #4137.
2016-10-17man: avoid abbreviated "cgroups" terminology (#4396)Lennart Poettering
Let's avoid the overly abbreviated "cgroups" terminology. Let's instead write: "Linux Control Groups (cgroups)" is the long form wherever the term is introduced in prose. Use "control groups" in the short form wherever the term is used within brief explanations. Follow-up to: #4381
2016-10-17zsh-completion: fix for #4318 (#4394)llua
Escape unit names for the eval call in _call_program The value of the Id property is transformed back into a unit name usable by systemctl. system-systemd\x5cx2dcryptsetup.slice -> system-systemd\x2dcryptsetup.slice Also filter units by property via parameter expansion, not a for loop