summaryrefslogtreecommitdiff
path: root/src/test
AgeCommit message (Collapse)Author
2016-08-19core: add RemoveIPC= settingLennart Poettering
This adds the boolean RemoveIPC= setting to service, socket, mount and swap units (i.e. all unit types that may invoke processes). if turned on, and the unit's user/group is not root, all IPC objects of the user/group are removed when the service is shut down. The life-cycle of the IPC objects is hence bound to the unit life-cycle. This is particularly relevant for units with dynamic users, as it is essential that no objects owned by the dynamic users survive the service exiting. In fact, this patch adds code to imply RemoveIPC= if DynamicUser= is set. In order to communicate the UID/GID of an executed process back to PID 1 this adds a new "user lookup" socket pair, that is inherited into the forked processes, and closed before the exec(). This is needed since we cannot do NSS from PID 1 due to deadlock risks, However need to know the used UID/GID in order to clean up IPC owned by it if the unit shuts down.
2016-08-06test: fix stack overflow reported by ASANCristian Rodríguez
It was meant to write to q instead of t FAIL: test-id128 ================ ================================================================= ==125770==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffd4615bd31 at pc 0x7a2f41b1bf33 bp 0x7ffd4615b750 sp 0x7ffd4615b748 WRITE of size 1 at 0x7ffd4615bd31 thread T0 #0 0x7a2f41b1bf32 in id128_to_uuid_string src/libsystemd/sd-id128/id128-util.c:42 #1 0x401f73 in main src/test/test-id128.c:147 #2 0x7a2f41336341 in __libc_start_main (/lib64/libc.so.6+0x20341) #3 0x401129 in _start (/home/crrodriguez/scm/systemd/.libs/test-id128+0x401129) Address 0x7ffd4615bd31 is located in stack of thread T0 at offset 1409 in frame #0 0x401205 in main src/test/test-id128.c:37 This frame has 23 object(s): [32, 40) 'b' [96, 112) 'id' [160, 176) 'id2' [224, 240) 'a' [288, 304) 'b' [352, 368) 'a' [416, 432) 'b' [480, 496) 'a' [544, 560) 'b' [608, 624) 'a' [672, 688) 'b' [736, 752) 'a' [800, 816) 'b' [864, 880) 'a' [928, 944) 'b' [992, 1008) 'a' [1056, 1072) 'b' [1120, 1136) 'a' [1184, 1200) 'b' [1248, 1264) 'a' [1312, 1328) 'b' [1376, 1409) 't' <== Memory access at offset 1409 overflows this variable [1472, 1509) 'q' HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow src/libsystemd/sd-id128/id128-util.c:42 in id128_to_uuid_string Shadow bytes around the buggy address: 0x100028c23750: f2 f2 00 00 f4 f4 f2 f2 f2 f2 00 00 f4 f4 f2 f2 0x100028c23760: f2 f2 00 00 f4 f4 f2 f2 f2 f2 00 00 f4 f4 f2 f2 0x100028c23770: f2 f2 00 00 f4 f4 f2 f2 f2 f2 00 00 f4 f4 f2 f2 0x100028c23780: f2 f2 00 00 f4 f4 f2 f2 f2 f2 00 00 f4 f4 f2 f2 0x100028c23790: f2 f2 00 00 f4 f4 f2 f2 f2 f2 00 00 f4 f4 f2 f2 =>0x100028c237a0: f2 f2 00 00 00 00[01]f4 f4 f4 f2 f2 f2 f2 00 00 0x100028c237b0: 00 00 05 f4 f4 f4 00 00 00 00 00 00 00 00 00 00 0x100028c237c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100028c237d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100028c237e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100028c237f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==125770==ABORTING FAIL test-id128 (exit status: 1)
2016-08-06test: test-sigbus must be skipped when -fsanitize=address is usedCristian Rodríguez
ASAN is unable to handle it.
2016-08-05Merge pull request #3818 from poettering/exit-status-envZbigniew Jędrzejewski-Szmek
beef up /var/tmp and /tmp handling; set $SERVICE_RESULT/$EXIT_CODE/$EXIT_STATUS on ExecStop= and make sure root/nobody are always resolvable
2016-08-05util-lib: unify parsing of nice level valuesLennart Poettering
This adds parse_nice() that parses a nice level and ensures it is in the right range, via a new nice_is_valid() helper. It then ports over a number of users to this. No functional changes.
2016-08-04util-lib: rework /tmp and /var/tmp handling codeLennart Poettering
Beef up the existing var_tmp() call, rename it to var_tmp_dir() and add a matching tmp_dir() call (the former looks for the place for /var/tmp, the latter for /tmp). Both calls check $TMPDIR, $TEMP, $TMP, following the algorithm Python3 uses. All dirs are validated before use. secure_getenv() is used in order to limite exposure in suid binaries. This also ports a couple of users over to these new APIs. The var_tmp() return parameter is changed from an allocated buffer the caller will own to a const string either pointing into environ[], or into a static const buffer. Given that environ[] is mostly considered constant (and this is exposed in the very well-known getenv() call), this should be OK behaviour and allows us to avoid memory allocations in most cases. Note that $TMPDIR and friends override both /var/tmp and /tmp usage if set.
2016-08-04src/test: add tests for parse_percent_unbounded (#3889)Jonathan Boulle
2016-08-03util-lib: make timestamp generation and parsing reversible (#3869)Lennart Poettering
This patch improves parsing and generation of timestamps and calendar specifications in two ways: - The week day is now always printed in the abbreviated English form, instead of the locale's setting. This makes sure we can always parse the week day again, even if the locale is changed. Given that we don't follow locale settings for printing timestamps in any other way either (for example, we always use 24h syntax in order to make uniform parsing possible), it only makes sense to also stick to a generic, non-localized form for the timestamp, too. - When parsing a timestamp, the local timezone (in its DST or non-DST name) may be specified, in addition to "UTC". Other timezones are still not supported however (not because we wouldn't want to, but mostly because libc offers no nice API for that). In itself this brings no new features, however it ensures that any locally formatted timestamp's timezone is also parsable again. These two changes ensure that the output of format_timestamp() may always be passed to parse_timestamp() and results in the original input. The related flavours for usec/UTC also work accordingly. Calendar specifications are extended in a similar way. The man page is updated accordingly, in particular this removes the claim that timestamps systemd prints wouldn't be parsable by systemd. They are now. The man page previously showed invalid timestamps as examples. This has been removed, as the man page shouldn't be a unit test, where such negative examples would be useful. The man page also no longer mentions the names of internal functions, such as format_timestamp_us() or UNIX error codes such as EINVAL.
2016-08-02test: fix test-execute personality tests on ppc64 and aarch64 (#3825)Jan Synacek
2016-07-31Merge pull request 3821 from davide125/fix-testsZbigniew Jędrzejewski-Szmek
2016-07-31test-path-util: check for /lt-test-path-util or /test-path-util (#3841)Mike Gilbert
Depending on how binutils was configured and the --enable-fast-install configure option, the test binary might be called either name. Fixes: https://github.com/systemd/systemd/issues/3838
2016-07-29tests: don't run private device tests if running in a containerSteve Muir
Private devices don't exist when running in a container, so skip the related tests.
2016-07-29tests: skip process 1 tests if systemd not is runningDavide Cavalca
No point running tests against process 1 if systemd is not running as that process. This is a rework of an unpublished patch by @9muir.
2016-07-29tests: don't test hostname if it looks like an id128Steve Muir
The condition tests for hostname will fail if hostname looks like an id128. The test function attempts to convert hostname to an id128, and if that succeeds compare it to the machine ID (presumably because the 'hostname' condition test is overloaded to also test machine ID). That will typically fail, and unfortunately the 'mock' utility generates a random hostname that happens to have the same format as an id128, thus causing a test failure.
2016-07-25Merge pull request #3728 from poettering/dynamic-usersZbigniew Jędrzejewski-Szmek
2016-07-25sd-id128: be more liberal when reading files with 128bit IDsLennart Poettering
Accept both files with and without trailing newlines. Apparently some rkt releases generated them incorrectly, missing the trailing newlines, and we shouldn't break that.
2016-07-25shared/install: allow "enable" on linked unit files (#3790)Zbigniew Jędrzejewski-Szmek
User expectations are broken when "systemctl enable /some/path/service.service" behaves differently to "systemctl link ..." followed by "systemctl enable". From user's POV, "enable" with the full path just combines the two steps into one. Fixes #3010.
2016-07-22Merge pull request #3777 from poettering/id128-reworkZbigniew Jędrzejewski-Szmek
uuid/id128 code rework
2016-07-22sysusers: move various user credential validity checks to src/basic/Lennart Poettering
This way we can reuse them for validating User=/Group= settings in unit files (to be added in a later commit). Also, add some tests for them.
2016-07-22core: support percentage specifications on TasksMax=Lennart Poettering
This adds support for a TasksMax=40% syntax for specifying values relative to the system's configured maximum number of processes. This is useful in order to neatly subdivide the available room for tasks within containers.
2016-07-22sd-id128: split UUID file read/write code into new id128-util.[ch]Lennart Poettering
We currently have code to read and write files containing UUIDs at various places. Unify this in id128-util.[ch], and move some other stuff there too. The new files are located in src/libsystemd/sd-id128/ (instead of src/shared/), because they are actually the backend of sd_id128_get_machine() and sd_id128_get_boot(). In follow-up patches we can use this reduce the code in nspawn and machine-id-setup by adopted the common implementation.
2016-07-20core: when forcibly killing/aborting left-over unit processes log about itLennart Poettering
Let's lot at LOG_NOTICE about any processes that we are going to SIGKILL/SIGABRT because clean termination of them didn't work. This turns the various boolean flag parameters to cg_kill(), cg_migrate() and related calls into a single binary flags parameter, simply because the function now gained even more parameters and the parameter listed shouldn't get too long. Logging for killing processes is done either when the kill signal is SIGABRT or SIGKILL, or on explicit request if KILL_TERMINATE_AND_LOG instead of LOG_TERMINATE is passed. This isn't used yet in this patch, but is made use of in a later patch.
2016-07-18treewide: remove unused variablesThomas Hindoe Paaboel Andersen
2016-07-17basic/strv: add an extra NUL after strings in strv_make_nulstrZbigniew Jędrzejewski-Szmek
strv_make_nulstr was creating a nulstr which was not a valid nulstr, because it was missing the terminating NUL. This didn't cause any issues, because strv_parse_nulstr correctly parsed the result, using the separately specified length. But it's confusing to have something called nulstr which really isn't. It is likely that somebody will try to use strv_make_nulstr() in some other place, incorrectly. This patch changes strv_parse_nulstr() to produce a valid nulstr, and changes the output length parameter to be the minimum number of bytes which can be later on parsed by strv_parse_nulstr(). This allows the only user in ask-password-api to be slightly simplified. Based-on-patch-by: Jean-Sébastien Bour <jean-sebastien@bour.name> Fixes #3689.
2016-07-17basic/strv: exhibit strv_make_nulstr missing final NUL char ↵Jean-Sébastien Bour
(systemd/systemd#3689)
2016-07-04tests: fix memory leak in test_strv_fnmatch (#3653)Evgeny Vereshchagin
==1447== 4 bytes in 1 blocks are definitely lost in loss record 1 of 1 ==1447== at 0x4C2BBAD: malloc (vg_replace_malloc.c:299) ==1447== by 0x5350F19: strdup (in /usr/lib64/libc-2.23.so) ==1447== by 0x4E9D435: strv_new_ap (strv.c:166) ==1447== by 0x4E9D5FA: strv_new (strv.c:199) ==1447== by 0x10E665: test_strv_fnmatch (test-strv.c:693) ==1447== by 0x10EAD5: main (test-strv.c:763) ==1447==
2016-07-01calendarspec: use ".." notation for ranges of weekdaysDouglas Christman
For backwards compatibility, both the new format (Mon..Wed) and the old format (Mon-Wed) are supported.
2016-07-01calendarspec: allow ranges in date and time specificationsDouglas Christman
Resolves #3042
2016-06-30Fix #3236 (#3633)Lennart Poettering
* networkd: condition_test() can return a negative error, handle that If a condition check fails with an error we should not consider the check successful. Fix that. We should probably also improve logging in this case, but for now, let's just unbreak this breakage. Fixes: #3236 * condition: handle unrecognized architectures nicer When we encounter a check for an architecture we don't know we should not let the condition check fail with an error code, but instead simply return false. After all the architecture might just be newer than the ones we know, in which case it's certainly not our local one. Fixes: #3236
2016-06-30journalctl: Make temporary files directory configurable (#3574)ottopotto
journalctl: Use env variable TMPDIR to save temporary files
2016-06-29Merge pull request #3516 from fsateler/shared-basicLennart Poettering
build-sys: Convert libshared into a private shared library
2016-06-27basic: pass flags to the fnmatch (#3606)Evgeny Vereshchagin
Fixes: ``` $ systemctl list-unit-files 'hey\*' 0 unit files listed. $ systemctl list-unit-files | grep hey hey\x7eho.service static ```
2016-06-24build-sys: Add new libsystemd-shared private libraryFelipe Sateler
Link as many binaries as possible with it, to save storage space. Preserve the static libshared and libbasic for use in libraries, nss modules and udev. Libraries need to be static in order to avoid polluting the symbol namespace. Udev needs to be static so downstream can avoid strict version dependencies with the systemd package, and this can complicate upgrade scenarios.
2016-06-19tests: don't run test_get_process_cmdline_harder under valgrindEvgeny Vereshchagin
See https://github.com/systemd/systemd/pull/3555#issuecomment-226564908
2016-06-16Merge pull request #3481 from poettering/relative-memcgLennart Poettering
various changes, most importantly regarding memory metrics
2016-06-15tree-wide: htonl() is weird, let's use htobe32() instead (#3538)Lennart Poettering
Super-important change, yeah!
2016-06-14util-lib: rework get_process_cmdline() (#3529)Lennart Poettering
This reworks get_process_cmdline() quite substantially, fixing the following: - Fixes: https://github.com/systemd/systemd/pull/3512/commits/a4e3bf4d7ac2de51191ce136ee9361ba319e106c#r66837630 - The passed max_length is also applied to the "comm" name, if comm_fallback is set. - The right thing happens if max_length == 1 is specified - when the cmdline "foobar" is abbreviated to 6 characters the result is not "foobar" instead of "foo...". - trailing whitespace are removed before the ... suffix is appended. The 7 character abbreviation of "foo barz" is hence "foo..." instead of "foo ...". - leading whitespace are suppressed from the cmdline - a comprehensive test case is added
2016-06-14util: introduce physical_memory_scale() to unify how we scale by physical memoryLennart Poettering
The various bits of code did the scaling all different, let's unify this, given that the code is not trivial.
2016-06-14util-lib: introduce parse_percent() for parsing percent specificationsLennart Poettering
And port a couple of users over to it.
2016-06-14util: when determining the amount of memory on this system, take cgroup ↵Lennart Poettering
limit into account When determining the amount of RAM in the system, let's make sure we also read the root-level cgroup memory limit into account. This isn't particularly useful on the host, but in containers it makes sure that whatever memory the container got assigned is actually used for RAM size calculations.
2016-06-13core: parse `rd.rescue` and `rd.emergency` as initrd-specific shorthands (#3488)Ivan Shapovalov
Typing `rd.rescue` is easier than `rd.systemd.unit=rescue.target`.
2016-06-12test-process-util: allow pid to be specified on the command lineZbigniew Jędrzejewski-Szmek
This makes it easy to test the query code on "ssh localhost" and similar.
2016-06-12test-process-util: rework the test function to take pid as argumentZbigniew Jędrzejewski-Szmek
This fixes a bunch of copy&paste errors in the output.
2016-06-09Merge pull request #3432 from poettering/resolved-ll-ipv6Martin Pitt
resolved: support IPv6 DNS servers on the local link
2016-06-06util-lib: add accessors for unaligned native endian wordsLennart Poettering
2016-06-06resolved: support IPv6 DNS servers on the local linkLennart Poettering
Make sure we can parse DNS server addresses that use the "zone id" syntax for local link addresses, i.e. "fe80::c256:27ff:febb:12f%wlp3s0", when reading /etc/resolv.conf. Also make sure we spit this out correctly again when writing /etc/resolv.conf and via the bus. Fixes: #3359
2016-05-29util-lib: Add sparc64 support for process creation (#3348)Michael Karcher
The current raw_clone function takes two arguments, the cloning flags and a pointer to the stack for the cloned child. The raw cloning without passing a "thread main" function does not make sense if a new stack is specified, as it returns in both the parent and the child, which will fail in the child as the stack is virgin. All uses of raw_clone indeed pass NULL for the stack pointer which indicates that both processes should share the stack address (so you better don't pass CLONE_VM). This commit refactors the code to not require the caller to pass the stack address, as NULL is the only sensible option. It also adds the magic code needed to make raw_clone work on sparc64, which does not return 0 in %o0 for the child, but indicates the child process by setting %o1 to non-zero. This refactoring is not plain aesthetic, because non-NULL stack addresses need to get mangled before being passed to the clone syscall (you have to apply STACK_BIAS), whereas NULL must not be mangled. Implementing the conditional mangling of the stack address would needlessly complicate the code. raw_clone is moved to a separete header, because the burden of including the assert machinery and sched.h shouldn't be applied to every user of missing_syscalls.h
2016-05-20Merge pull request #3290 from htejun/cgroup2-io-compatLennart Poettering
Implement compat translation between IO* and BlockIO* settings
2016-05-20Merge pull request #3235 from dkg/hwaddr-cleanupTom Gundersen
minor improvements for dealing with MAC Addresses
2016-05-20basic: remove rm_rf_and_free, add rm_rf_physical_and_free, use ↵Evgeny Vereshchagin
rm_rf_physical_and_freep in tests (#3292) Some distros don't mount /tmp as tmpfs. For example: https://lists.ubuntu.com/archives/ubuntu-cloud/2016-January/001009.html Some tests: * print 'Attempted to remove disk file system, and we can't allow that.' * don't really cleanup /tmp