Age | Commit message (Collapse) | Author |
|
new mac_{smack,selinux,apparmor}_xyz() convention
|
|
systemd-journal-flush.service
This new command will ask the journal daemon to flush all log data
stored in /run to /var, and wait for it to complete. This is useful, so
that in case of Storage=persistent we can order systemd-tmpfiles-setup
afterwards, to ensure any possibly newly created directory in /var/log
gets proper access mode and owners.
|
|
string_is_safe()
After all, we know have this as generic validator, so let's be correct
and use it wherver applicable.
|
|
runtime journal is migrated to system journal when only
"/run/systemd/journal/flushed" exist. It's ok but according to this
the system journal directory size(max use) can be over the config. If
journal is not rotated during some time the journal directory can be
remained as over the config(or default) size. To avoid, do
server_vacuum just after the system journal migration from runtime.
|
|
names
|
|
|
|
|
|
|
|
sd_journal_enumerate_unique will lock its mmap window to prevent it
from being released by calling mmap_cache_get with keep_always=true.
This call may return windows that are wider, but compatible with the
parameters provided to it.
This can result in a mismatch where the window to be released cannot
properly be selected, because we have more than one window matching the
parameters of mmap_cache_release. Therefore, introduce a release_cookie
to be used when releasing the window.
https://bugs.freedesktop.org/show_bug.cgi?id=79380
|
|
As of 0f99f74a14 'sd-journal: verify that object start with the field
name' this condition should never happen.
|
|
systemctl would call sd_j_enumerate_unique() interleaved with
sd_j_next(). But the latter can remove a file if it detects an
error in it. In those circumstances sd_j_enumerate_unique would
restart with the first file in hashmap. With many corrupted files
sd_j_enumerate_unique might iterate over the list multiple times.
Avoid this by jumping to the next file in unique list if possible,
or setting a flag that tells sd_j_enumerate_unique that it is done
otherwise.
|
|
Also, let's try to make function names descriptive, instead of using
bools for flags.
|
|
The --utc option was introduced by commit
9fd290443f5f99fca0dcd4216b1de70f7d3b8db1.
Howerver, the implementation was incomplete.
|
|
Introduce option to display time in UTC.
|
|
They are not legal in the export format.
|
|
|
|
Found by coverity. Fixes: CID#1237512
|
|
There is a very unlikely case where this can happen since gcc usually
does the sane thing. But let's make sure found_last is initialized anyway.
Fixes: CID#996386
|
|
It is redundant to store 'hash' and 'compare' function pointers in
struct Hashmap separately. The functions always comprise a pair.
Store a single pointer to struct hash_ops instead.
systemd keeps hundreds of hashmaps, so this saves a little bit of
memory.
|
|
After a section of memory is succesfully allocated, some of the following
actions can still fail due to lack of memory. In this case -ENOMEM is
returned without actually freeing the already mapped memory.
Found with coverity. Fixes: CID#1237762
|
|
In case set_consume goes wrong, the pattern name has already been
freed. So we do not try to print it in the logs, assuming the pattern
addition print will be printed just before the failure anyway. Found
with coverity. Fixes: CID#1237798
|
|
|
|
|
|
We can't use LZ4_compress_limitedOutput_continue() because in the
worst-case scenario the compressed output can be slightly bigger than
the input block. This generally affects very few blocks and is no reason
to abort the compression process.
I ran into this when I noticed that Chromium core dumps weren't being
compressed. After switching to LZ4_compress_continue() a ~330MB Chromium
core dump gets compressed to ~17M.
|
|
|
|
If the journal is corrupted, we might return an object that does
not start with the expected field name and/or is shorter than it
should.
|
|
mmap code crashes when attempting to map an object of zero size.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758392
https://bugs.freedesktop.org/show_bug.cgi?id=82894
|
|
|
|
Otherwise the test fails when built with CPPFLAGS='-DNDEBUG' which disables
assertions.
Tested:
- make check TESTS='test-compress' CPPFLAGS='-DNDEBUG'
|
|
|
|
This turns journalctl to the counterpart of systemd-cat.
Messages sent with
systemd-cat --identifier foo --prioritiy debug
can now be shown with
journalctl --identifier foo --prioritiy debug
"--identifier" is not merged with "--unit" to make a clear
distinction between syslog and systemd units.
syslog identifiers can be chosen freely by anyone.
|
|
- systemd[1]: hello.service: main process exited, code= dumped, status=3/QUIT
- systemd-coredump[2541]: Failed to generate stack trace: Unwinding not supported for this architecture
- systemd-coredump[2541]: Process 1024 (hello) of user 154 dumped core.
|
|
On receiving a message, "kernel_seqnum" is set to "serial + 1". So
subtracting 1 will cause messages like "Missed 0 kernel messages",
which should be "Missed 1 kernel messages".
|
|
|
|
We should read the entry size before moving to the next iovec, not
after.
|
|
They have different size on 32 bit, so they are really not interchangable.
|
|
getopt is usually good at printing out a nice error message when
commandline options are invalid. It distinguishes between an unknown
option and a known option with a missing arg. It is better to let it
do its job and not use opterr=0 unless we actually want to suppress
messages. So remove opterr=0 in the few places where it wasn't really
useful.
When an error in options is encountered, we should not print a lengthy
help() and overwhelm the user, when we know precisely what is wrong
with the commandline. In addition, since help() prints to stdout, it
should not be used except when requested with -h or --help.
Also, simplify things here and there.
|
|
In practice this shouldn't make much difference, but
sometimes our headers might be newer, and we want to
test them.
|
|
$ systemd-analyze verify trailing-g.service
[./trailing-g.service:2] Trailing garbage, ignoring.
trailing-g.service lacks ExecStart setting. Refusing.
Error: org.freedesktop.systemd1.LoadFailed: Unit trailing-g.service failed to load: Invalid argument.
Failed to create trailing-g.service/start: Invalid argument
|
|
String which ended in an unfinished quote were accepted, potentially
with bad memory accesses.
Reject anything which ends in a unfished quote, or contains
non-whitespace characters right after the closing quote.
_FOREACH_WORD now returns the invalid character in *state. But this return
value is not checked anywhere yet.
Also, make 'word' and 'state' variables const pointers, and rename 'w'
to 'word' in various places. Things are easier to read if the same name
is used consistently.
mbiebl_> am I correct that something like this doesn't work
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"'
mbiebl_> systemd seems to strip of the quotes
mbiebl_> systemctl status shows
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint
mbiebl_> which is pretty weird
|
|
|
|
Set SYSLOG_FACILITY field for kernel log messages too. Setting only
SYSLOG_IDENTIFIER="kernel" is not sufficient and tools reading journal
maybe confused by missing SYSLOG_FACILITY field for kernel log messages.
|
|
|
|
There is a small number of the places in sources where we don't check
asprintf() return code and assume that after error the function
returns NULL pointer via the first argument. That's wrong, after
error the content of pointer is undefined.
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1110712
|
|
|
|
Also be more verbose in devnode_acl_all().
|
|
Also modify the function itself to be a bit simpler to read.
|
|
|
|
The sleep(10) in test-journal-send is quite aggressive. We need it only
for the journal to get our cgroup information. But even that information
is not vital to the test, so a sleep(1) should be just fine.
|