| Age | Commit message (Collapse) | Author |
|---|
|
Device job timeouts should respect possible device job dependencies so we set
JobRunningTimeoutSec= by default.
|
|
In case the device field of fstab record is an actual device (not an address)
apply same dependencies to the device unit as to the mount unit, i.e.
> After=network-online.target network.target
> Wants=network-online.targe
It makes sense to start the device expecting job only when network is actually
ready (consider e.g. iSCSI devices) since it is device's implicit dependency.
The eventual implementation should better obtain network flag from udev
database and would also take into account device hierarchy (see [1]).
This patch approximates that by taking the `_netdev` option as a hint from the
user both about the filesystem and underlying device. (For local devices with
network filesystems (e.g. ocfs2), this hint leads to unused dependencies.)
[1] https://lists.freedesktop.org/archives/systemd-devel/2014-October/024718.html
|
|
Unit.JobTimeoutSec starts when a job is enqueued in a transaction. The
introduced distinct Unit.JobRunningTimeoutSec starts only when the job starts
running (e.g. it groups all Exec* commands of a service or spans waiting for a
device period.)
Unit.JobRunningTimeoutSec is intended to be used by default instead of
Unit.JobTimeoutSec for device units where such behavior causes less confusion
(consider a job for a _netdev mount device, with this change the timeout will
start ticking only after the network is ready).
|
|
The emergency.service and rescue.service units have become rather
convoluted. We spawn multiple shells and the help text spans multiple lines
which makes the units hard to read.
Move the logic into a single shell script and call that via ExecStart.
|
|
|
|
Previously, `SO_REUSEADDR` is set before `bind`-ing socket, Thus,
even if another LLMNR stack is running, `bind` always success and
we cannot detect the other stack. By this commit, we first try to
`bind` without `SO_REUSEADDR`, and if it fails, show warning and
retry with `SO_REUSEADDR`.
|
|
|
|
Previously, `SO_REUSEADDR` is set before `bind`-ing socket, Thus,
even if another mDNS stack (e.g. avahi) is running, `bind` always
success and we cannot detect the other stack.
By this commit, we first try to `bind` without `SO_REUSEADDR`,
and if it fails, show warning and retry with `SO_REUSEADDR`.
|
|
When no network enables LLMNR or mDNS, it is not necessary to create
LLMNR or mDNS related sockets. So, let's create them only when
LLMNR- or mDNS-enabled network becomes active or at least one network
enables `LLMNR=` or `MulticastDNS=` options.
|
|
|
|
|
|
failed (#5548)
If we are working on a path that was marked to be ignored on errors, and
the mkdirat() fails then add a continue statement and skip fchownat() call.
This avoids the case where UID/GID are valid and we run fchownat() on
non existent path which will fail hard even on paths that we want to
ignore in case of errors.
|
|
check for _GNU_SOURCE as well as sd_event_child_handler_t needs to be
defined correctly while compiling systemd
|
|
|
|
linux/sockios.h is needed for the SIOCGSTAMPNS macro
xlocale.h is included indirectly in glibc and doesn't even exist in
other libcs
|
|
addresses (#5587)
This is in spirit very similar to commit
4b2419165ce409ee55ce96a926302f89685f2293.
Fixes: #5581
|
|
When mmap is called, the code in correctly checks for p == MAP_FAILED.
But the resource cleanup at the end of busname_peek_message checks for
p == NULL, and if that's not true, munmap is called.
Therefore in error case, munmap is called with a MAP_FAILED argument
which can result in unexpected behaviour depending on sz's value.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
|
It is possible to overflow uint64_t while validating the header of
a journal file. To prevent this, the addition itself is checked to
be within the limits of UINT64_MAX first.
To keep this readable, I have introduced two stack variables which
hold the converted values during validation.
|
|
That macro is a gcc extension, and while widely supported, not ubiquitous.
In particular the coverity scanner is having trouble with it.
|
|
|
|
|
|
Commit 59f448cf replaced usage of off_t with uint64_t. Change the
format string to use PRIu64 to match it.
|
|
coredump: fix handling of premature-eof for --backtrace
|
|
We'd fail with an assert in journal_importer_process_data(),
because that function requires the caller to handle EOF themselves.
|
|
test: skip instead of fail if crypto kmods are not available
|
|
We currenly use 40GB images in our environment
|
|
Package build machines may have module loading disabled, thus AF_ALG
sockets are not available. Skip the tests that cover those (khash and
id128) instead of failing them in this case.
Fixes #5524
|
|
Compiling against the dm-ioctl.h header as provided by the Linux kernel
will embed the DM interface version number. Running an older kernel can
result in an error like this on shutdown:
Could not detach DM dm-11: ioctl mismatch, kernel(4.34.4), user(4.35.4)
Work around this by shipping a local copy of dm-ioctl.h. We need at
least the version from 3.13 for DM_DEFERRED_REMOVE [1], so bump the
requirements in README accordingly.
[1] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2c140a246dc0bc085b98eddde978060fcec1080c
Fixes: #5492
|
|
On SuperH, there are multiple sub-architectures defined with
different values for LIB_ARCH_TUPLE. The different sub-
architectures can be detected by checking whether __SH1__,
__SH2__, __SH3__, __SH4__, and so on are defined.
|
|
On powerpc, there are two possible ABIs and hence values for
LIB_ARCH_TUPLE. The convential type with an FPU and the embedded
variant, called powerpcspe, which does not have a convential FPU
but a special Signal Processing Engine (SPE). The latter can be
detected by checking whether __NO_FPRS__ is defined.
|
|
On x86_64, there are two possible ABIs and hence values for
LIB_ARCH_TUPLE. The convential 64-bit type and the 32-bit
variant, called x32. The latter can be detected by checking
whether __ILP32__ is defined.
|
|
Tighten sandbox of long-running services
|
|
Coredump mini improvments
|
|
The builtin path id for virtio block devices has been changed
to use the bus id without a prefix "virtio-pci" to be
compatible with all virtio transport types.
In order to not break existing setups, the by-path symlinks for
virtio block devices on the PCI bus are reintroduced by udev rules.
The virtio-pci symlinks are considered to be deprecated and
should be replaced by the native PCI symlinks.
Example output for a virtio disk in PCI slot 7:
$ ls /dev/disk/by-path
pci-0000:00:07.0
pci-0000:00:07.0-part1
virtio-pci-0000:00:07.0
virtio-pci-0000:00:07.0-part1
See also
[1] https://lists.freedesktop.org/archives/systemd-devel/2017-February/038326.html
[2] https://lists.freedesktop.org/archives/systemd-devel/2017-March/038397.html
This reverts f073b1b but keeps the same symlinks for compatibility.
|
|
This reverts commit 295ee9845c801300298d01256eb5a9e3ff117ae0.
Let'd revert this for now, see #5446 for discussions.
We want systemd-detect-virt --chroot to return true for all chroot-like stuff, for
example mock environments which have use a mount namespace. The downside
of this revert that systemctl will not work from our own namespaced services, anything
with RootDirectory=/RootImage= set.
|
|
I think it would be a good idea to move such fixed, picked values out of
the main sources into the head of a file, to make sure they are
ultimately tunables.
|
|
We check these a number of times, hence let's unify these checks here.
This also allows us to make the PID 1 check more elaborate as we can
check both the PID and the cgroup. Checking the PID has the benefit that
we'll also cover cases where PID 1 might still be in the root cgroup, and
the cgroup check has the benefit that we also cover crashes in forked
off crasher processes (the way we actually do it in systemd)
|
|
Given that this is a field primarily processed by computers, and not so
much by humans, assign "1" instead of "yes". Also, use parse_boolean()
as we usually do for parsing it again.
This makes things more alike udev options (as one example), such as
SYSTEMD_READY where we also spit out "1" and "0", and parse with
parse_boolean().
|
|
Container managers frequently block name_to_handle_at(), returning
EACCES or EPERM when this is issued. Accept that, and simply fall back
to to fdinfo-based checks.
Note that we accept either EACCES or EPERM here, as container managers
can choose the error code and aren't very good on agreeing on just one.
(note that this is a non-issue with nspawn, as we permit
name_to_handle_at() there, only block open_by_handle_at(), which should
be sufficiently safe).
|
|
out-of-date (#5487)
If the unit's SourcePath is below /proc then it's a unit genreated from
a kernel resource (such as a .mount or .swap unit). And those we watch
anyway, and hence should never be out-of-date.
Fixes: #5461
|
|
Fix for coredump crash
|
|
systemd-run --user fixes.
|
|
Fixes: #5482
|
|
(#5445)
Otherwise we'll hit an assert sooner or later.
This requires us to initialize ->where even if we come back in "masked"
mode, as otherwise we don't know how to operate on the automount and
detach it.
Fixes: #5441
|
|
Fixes #5477.
|
|
[guest@fedora ~]$ coredumpctl
No coredumps found.
[guest@fedora ~]$ ./coredumpctl
Hint: You are currently not seeing messages from other users and the system.
Users in groups 'adm', 'systemd-journal', 'wheel' can see all messages.
Pass -q to turn off this notice.
No coredumps found.
Fixes #1733.
|
|
The only functional change is that log_notice("No journal files were found.")
is not printed any more with --quiet. log_error("No journal files were opened
due to insufficient permissions.") is still printed.
I wasn't quite sure where to put this function, but shared/ seems to be the
right place and none of the existing files seem to fit too well.
v2: rename journal_access_check to journal_access_check_and_warn.
|
|
This is just a hint, so we shouldn't wait too long. A short timeout
helps for the case where pid1 of dbus have crashed.
|
|
We would only log a terse message when pid1 or systemd-journald crashed.
It seems better to reuse the normal code paths as much as possible,
with the following differences:
- if pid1 crashes, we cannot launch the helper, so we don't analyze the
coredump, just write it to file directly from the helper invoked by the
kernel;
- if journald crashes, we can produce the backtrace, but we don't log full
structured messages.
With comparison to previous code, advantages are:
- we go through most of the steps, so for example vacuuming is performed,
- we gather and log more data. In particular for journald and pid1 crashes we
generate a backtrace, and for pid1 crashes we record the metadata (fdinfo,
maps, etc.),
- coredumpctl shows pid1 crashes.
A disavantage (inefficiency) is that we gather metadata for journald crashes
which is then ignored because _TRANSPORT=kernel does not support structued
messages.
Messages for the systemd-journald "crash" have _TRANSPORT=kernel, and
_TRANSPORT=journal for the pid1 "crash".
Feb 26 16:27:55 systemd[1]: systemd-journald.service: Main process exited, code=dumped, status=11/SEGV
Feb 26 16:27:55 systemd[1]: systemd-journald.service: Unit entered failed state.
Feb 26 16:37:54 systemd-coredump[18801]: Process 18729 (systemd-journal) of user 0 dumped core.
Feb 26 16:37:54 systemd-coredump[18801]: Coredump diverted to /var/lib/systemd/coredump/core.systemd-journal.0.36c14bf3c6ce4c38914f441038990979.18729.1488145074000000.lz4
Feb 26 16:37:54 systemd-coredump[18801]: Stack trace of thread 18729:
Feb 26 16:37:54 systemd-coredump[18801]: #0 0x00007f46d6a06b8d fsync (libpthread.so.0)
Feb 26 16:37:54 systemd-coredump[18801]: #1 0x00007f46d71bfc47 journal_file_set_online (libsystemd-shared-233.so)
Feb 26 16:37:54 systemd-coredump[18801]: #2 0x00007f46d71c1c31 journal_file_append_object (libsystemd-shared-233.so)
Feb 26 16:37:54 systemd-coredump[18801]: #3 0x00007f46d71c3405 journal_file_append_data (libsystemd-shared-233.so)
Feb 26 16:37:54 systemd-coredump[18801]: #4 0x00007f46d71c4b7c journal_file_append_entry (libsystemd-shared-233.so)
Feb 26 16:37:54 systemd-coredump[18801]: #5 0x00005577688cf056 write_to_journal (systemd-journald)
Feb 26 16:37:54 systemd-coredump[18801]: #6 0x00005577688d2e98 dispatch_message_real (systemd-journald)
Feb 26 16:37:54 kernel: systemd-coredum: 9 output lines suppressed due to ratelimiting
Feb 26 16:37:54 systemd-journald[18810]: Journal started
Feb 26 16:50:59 systemd-coredump[19229]: Due to PID 1 having crashed coredump collection will now be turned off.
Feb 26 16:51:00 systemd[1]: Caught <SEGV>, dumped core as pid 19228.
Feb 26 16:51:00 systemd[1]: Freezing execution.
Feb 26 16:51:00 systemd-coredump[19229]: Process 19228 (systemd) of user 0 dumped core.
Stack trace of thread 19228:
#0 0x00007fab82075c47 kill (libc.so.6)
#1 0x000055fdf7c38b6b crash (systemd)
#2 0x00007fab824175c0 __restore_rt (libpthread.so.0)
#3 0x00007fab82148573 epoll_wait (libc.so.6)
#4 0x00007fab8366f84a sd_event_wait (libsystemd-shared-233.so)
#5 0x00007fab836701de sd_event_run (libsystemd-shared-233.so)
#6 0x000055fdf7c4a380 manager_loop (systemd)
#7 0x000055fdf7c402c2 main (systemd)
#8 0x00007fab82060401 __libc_start_main (libc.so.6)
#9 0x000055fdf7c3818a _start (systemd)
Poor machine ;)
|
|
three small mini-fixes for src/core/service.c
|
