| Age | Commit message (Collapse) | Author |
|---|
|
The correct error code to report when a provided buffer is too small is
ERANGE. This is recognized by glibc, which will then try again with a
larger buffer. The old behaviour of reporting ENOMEM has no special
meaning for glibc. The error will simply be propagated to the
application, and a later retry will trigger the same error again.
Additionally, h_errnop must be set to NETDB_INTERNAL to have glibc look
at errnop for details.
More information at:
https://www.gnu.org/software/libc/manual/html_node/NSS-Modules-Interface.html
|
|
This breaks again, this time for setups where Qemu is not reported via DMI for whatever
reason. So swap order of cpuid and dmi again, but properly detect oracle.
See issue #5318.
|
|
"nfsnobody" is now obsolete.
|
|
When we are about to start a unit, check the deps again.
|
|
In commit 050e65a we swapped order of detect_vm_{cpuid,dmi}(). That
fixed Virtualbox but broke qemu with kvm, which is expected to return
'kvm'. So check for qemu/kvm first, then DMI, CPUID last.
This fixes #5318.
Signed-off-by: Christian Hesse <mail@eworm.de>
|
|
some post-mdns fixes for resolved
|
|
start operation of a unit
Let's make sure we verify that all BindsTo= are in order before we actually go
and dispatch a start operation to a unit. Normally the job queue should already
have made sure all deps are in order, but this might not have been sufficient
in two cases: a) when the user changes deps during runtime and reloads the
daemon, and b) when the user placed BindsTo= dependencies without matching
After= dependencies, so that we don't actually wait for the bound to unit to be
up before upping also the binding unit.
See: #4725
|
|
This was tested on ppc64le. Assume the same is true for ppc64.
|
|
This restores behaviour of 53fda2bb933694c9bdb1bbf1f5583e39673b74b2: for
mDNS (and mDNS only) we'll match replies to transactions honouring ANY
matches.
|
|
The array doesn't grow dynamically, hence pick the right size at the
moment of allocation. Let's simply multiply the number of addresses of
this link by 2, as that's how many RRs we maintain for it.
|
|
test: make unit tests relocatable and add an "install-tests" make target
|
|
Commit ae3251851 changed the fprintf() format argument into a variable
which triggers a gcc 6.3 warning/error:
src/fstab-generator/fstab-generator.c:243:17: error: format not a string literal,
argument types not checked [-Werror=format-nonliteral]
fprintf(f, format, res);
This is a false positive, as the function is only being called with
constant (not user-definable) arguments which are valid format strings.
|
|
It is useful to package test-* binaries and run them as root under
autopkgtest or manually on particular machines. They currently have a
built-in hardcoded absolute path to their test data, which does not work
when running the test programs from any other path than the original
build directory.
By default, make the tests look for their data in
<test_exe_directory>/testdata/ so that they can be called from any
directory (provided that the corresponding test data is installed
correctly). As we don't have a fixed static path in the build tree (as
build and source tree are independent), set $TEST_DIR with "make check"
to point to <srcdir>/test/, as we previously did with an automake
variable.
|
|
Moe test-resolve's test data from src/resolve/test-data to
test/test-resolve/ to be consistent with test/test-{execute,path}/. This
will make it easier to make the tests relocatable.
|
|
Currently fstab entries with 'nofail' option are mounted
asynchronously and there is no way how to specify dependencies
between such fstab entry and another units. It means that
users are forced to write additional dependency units manually.
The patch introduces new systemd fstab options:
x-systemd.before=<PATH>
x-systemd.after=<PATH>
- to specify another mount dependency (PATH is translated to unit name)
x-systemd.before=<UNIT>
x-systemd.after=<UNIT>
- to specify arbitrary UNIT dependency
For example mount where A should be mounted before local-fs.target unit:
/dev/sdb1 /mnt/test/A none nofail,x-systemd.before=local-fs.target
|
|
|
|
We don't actually make use of the return value for now, but it matches
our coding style elsewhere, and it actually shortens our code quite a
bit.
Also, add a missing OOM check after dns_answer_new().
|
|
This becomes handy later on. Moreover, we keep track of similar counters
for other objects like this too, hence adding this here too is obvious.
|
|
This reverts a part of 53fda2bb933694c9bdb1bbf1f5583e39673b74b2:
On classic DNS and LLMNR ANY requests may be replied to with any kind of
RR, and the reply does not have to be comprehensive: these protocols
simply define that if there's an RRset that can answer the question,
then at least one should be sent as reply, but not necessarily all. This
means it's not safe to "merge" transactions for arbitrary RR types into
ANY requests, as the reply might not answer the specific question.
As the merging is primarily an optimization, let's undo this for now.
This logic may be readded later, in a way that only applies to mDNS.
Also, there's an OOM problem with this chunk: dns_resource_key_new()
might fail due to OOM and this is not handled. (This is easily removed
though, by using DNS_RESOURCE_KEY_CONST()).
|
|
Add -r/--reverse option to coredumpctl
|
|
test-execute without capsh
|
|
Like journalctl, users sometimes want to see coredump list in reverse
order.
Signed-off-by: Namhyung Kim <namhyung@gmail.com>
|
|
It seems the -o opiton and -D option can be printed together.
Signed-off-by: Namhyung Kim <namhyung@gmail.com>
|
|
Silence gcc warnings
|
|
|
|
the one we are compiled for (#5272)
It's a difference. Not a big one, but let's be correct here.
|
|
a good number of resolved fixes
|
|
src/core/dbus.c: In function 'find_unit':
src/core/dbus.c:334:15: warning: 'u' may be used uninitialized in this function [-Wmaybe-uninitialized]
*unit = u;
^
src/core/dbus.c:301:15: note: 'u' was declared here
Unit *u;
^
|
|
At -O3, this was printed a hundred times for various callers of
manager_add_job_by_name(). AFAICT, there is no error and `unit` is always
intialized. Nevertheless, add explicit initialization to silence the noise.
src/core/manager.c: In function 'manager_start_target':
src/core/manager.c:1413:16: warning: 'unit' may be used uninitialized in this function [-Wmaybe-uninitialized]
return manager_add_job(m, type, unit, mode, e, ret);
^
src/core/manager.c:1401:15: note: 'unit' was declared here
Unit *unit;
^
|
|
We were inconsistent, manager_load_unit_prepare() would crash if _ret was ever NULL.
But none of the callers use NULL. So simplify things and require it to be non-NULL.
|
|
PermissionsStartOnly= (#5309)
ReadOnlyPaths=, ProtectHome=, InaccessiblePaths= and ProtectSystem= are
about restricting access and little more, hence they should be disabled
if PermissionsStartOnly= is used or ExecStart= lines are prefixed with a
"+". Do that.
(Note that we will still create namespaces and stuff, since that's about
a lot more than just permissions. We'll simply disable the effect of
the four options mentioned above, but nothing else mount related.)
This also adds a test for this, to ensure this works as intended.
No documentation updates, as the documentation are already vague enough
to support the new behaviour ("If true, the permission-related execution
options…"). We could clarify this further, but I think we might want to
extend the switches' behaviour a bit more in future, hence leave it at
this for now.
Fixes: #5308
|
|
a2eb5ea79c added a new field to `CalendarComponent`; update
`normalize_chain` to compare all fields when dropping duplicates
|
|
Fixes:
```
src/shared/bus-unit-util.c: In function ‘bus_append_unit_property_assignment’:
src/shared/bus-unit-util.c:570:65: warning: passing argument 2 of ‘namespace_flag_from_string_many’ from incompatible pointer type [-Wincompatible-pointer-types]
r = namespace_flag_from_string_many(eq, &flags);
^
In file included from src/shared/bus-unit-util.c:31:0:
src/shared/nsflags.h:41:5: note: expected ‘long unsigned int *’ but argument is of type ‘uint64_t * {aka long long unsigned int *}’
int namespace_flag_from_string_many(const char *name, unsigned long *ret);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
Closes #5312
|
|
Closes #5313
|
|
a small number of install and unit management related fixes
|
|
|
|
Fixes #5273.
|
|
IPv6 Neighbor discovery proxy is the IPv6 equivalent to proxy ARP for IPv4.
It is required when ISPs do not unconditional route IPv6 subnets
to their designated target, but expect neighbor solicitation messages
for every address on a link.
A variable IPv6ProxyNDPAddress= is introduced to the [Network] section,
each representing a IPv6 neighbour proxy entry in the neighbour table.
|
|
https://lists.freedesktop.org/archives/systemd-devel/2017-February/038286.html
Let's keep both the old and new for now, so systemd builds correctly in either
environment. Later on we should drop the old.
|
|
this way, we can still call seccomp ourselves, even if seccomp() is
blocked by the filter we are installing.
Fixes: #5300
|
|
So far, if either $HOME or $XDG_RUNTIME_DIR is not set we wouldn't use
either, and fail acquire_config_dirs() and acquire_control_dirs() in
their entireties. With this change, let's make use of the variables we
can acquire, and don't bother with the other.
Specifically this means: in both acquire_config_dirs() and
acquire_control_dirs() handle ENXIO from user_config_dir() and
user_runtime_dir() directly, instead of propagating it up and handling
it in the caller.
|
|
If the strv is empty, then strv_extend_strv_concat() is a NOP anyway,
and hence there is no reason to guard for this explicitly.
|
|
Let's use get_home_dir() for figuring out the home directory, so that
there's a good chance we succeed figuring out unit locations even if
$HOME isn't set.
Fixes: #5260
|
|
configuration symlinks
Under specific circumstances it might happen that we can't figure out
where to place our symlinks, for example because we are supposed to
create them in the runtime directory but $XDG_RUNTIME_DIR is not set. In
this case, return -ENXIO instead of hitting an assert().
(Yeah, the error isn't very descriptive, but for now this should at
least be good enough to remove the assert() being hit.)
|
|
In some cases there might be unit symlinks in .wants/ or .requires/
directories even though the unit is otherwise fully removed. In this
case, don't fail removal, but still remove the symlinks.
This reworks the symlink marking logic to always add unit files that we
are missing to the changes list, but proceed with any symlink removal
for them. This way we'll still generate useful hints that a unit is
missing if you invoke "systemctl disable idontexist.service", but also
still remove any link to it.
Fixes: #4995
|
|
We protect less interetsing stuff with selinux "status", let's do that
here too.
|
|
off the bus (#5294)
Fixes: #4528
|
|
We added mmap() and mmap2(), but forgot munmap(). Fix that.
Pointed out by @lucaswerkmeister:
https://github.com/systemd/systemd/pull/4537#issuecomment-273275298
|
|
Previously, we'd refuse the GetUnitProcesses() bus call if the unit file
couldn't be loaded. Which is wrong, as admins should be able to inspect
services whose unit files was deleted. Change this logic, so that we
permit introspecting the processes of any unit that is loaded,
regardless if it has a unit file or not.
(Note that we won't load unit files in GetUnitProcess(), but only
operate on already loaded ones. That's because only loaded units can
have processes — as that's how our GC logic works — and hence loading
the unit just for the process tree is pointless, as it would be empty).
See: #4995
|
|
Just as a matter of coding style: whenever we return successfully, let's
make sure all our return parameters are properly initialized to
something.
|
