process-util: refactor APIs for reading /proc/self/xyz symlinks
The three functions for reading cwd, exe and root symlinks of processes
already share a common core: get_process_link_contents(). Let's refactor
that a bit, and move formatting of the /proc/self/ path into this helper
function instead of doing that in the caller, thus sharing more code.
While we are at it, make the return parameters optional, in case the
information if the links are readable is interesting, but the contents
is not. (This also means safe_getcwd() and readlinkat_malloc() are
updated to make the return parameter optional, as these are called by
the relevant three functions)
userdbctl: also show available UID range in current userns
Containers generally have a smaller UID range assigned than host
systems. Let's visualize this in the user/group tables. We insert
markers for unavailable regions. This way display is identical to status
quo ante on host systems, but in containers unavailable ranges will be
shown as that.
And while we are at it, also hide well-known UID ranges when they are
outside of userns uid_map range. This is mostly about the "container"
range. It's pointless showing the cotnainer range (i.e. a range UID >
65535) if that range isn#t available in the container anyway.
pid1: add taint flag if uid/gid userns range too small
This will taint systemd if invoked in containers that do not have the
full 16bit range of UIDs defined.
we pretty much need uid root…nobody to be defined for a variety of
purposes, hence let's add this taint flag. Of course taints are
graceful, but it at least communicates the mess in some way...
uid-range: replace uid_range_contains() by more generalized uid_range_covers()
The former checks if one UID is inside the uid range set. The latter
checks if a full UID range is inside the uid range set. The former is
hence a special case of the latter.
test-resolved-stream: before entering user/network namespaces check if that's safe
I regularly run my tests also as root, since some of the tested code
uses privileged APIs. The test-resolved-stream so far tried to run its
tests in a user/network namespace if that can be allocated. This caused
the tests to fail on my system where once the user namespace is opened
access to the build tree in my $HOME is prohibited (due to restricted
access modes on my home dir). Let's add a check for that: before
actually isolating the test in a user/network namespace, let's see if
that would make it impossible for us to access the build tree (which we
need to do load the TLS certificates the test requires).
This should make the test pass when run as root from a build tree with
restrictive access mode.
Yu Watanabe [Wed, 30 Mar 2022 18:29:23 +0000 (03:29 +0900)]
sd-device: introduce sd_device_open()
We usually open() device node obtained by sd_device_get_devname().
However, the device node corresponds to the sd-device object may be
already removed, and another device node with the same path may be
created, hence an unexpected device may be opened.
The sd_device_open() opens device node, and checks the devnum and
diskseq of opened devnum, to avoid the above possibility.
Prompted by https://github.com/systemd/systemd/issues/22906#issuecomment-1082736443.
Yu Watanabe [Fri, 25 Mar 2022 20:01:40 +0000 (05:01 +0900)]
udevadm: introduce new 'wait' command
Prompted by https://github.com/systemd/systemd/pull/22717#issuecomment-1067348496.
The new command 'udevadm wait' waits for device or device symlink being
created. This may be useful to wait for a device is processed by udevd
after e.g. formatting or partitioning the device.
"Link-local" and "link local" are used throughout man pages and program
output, with the former used far more than the latter. This commit makes
it consistent throughout the project.
Let's upgrade log levels of some noteworthy messages from LOG_DEBUG to
LOG_NOTICE. These messages contain information that previous log
messages in the error path didn't say, namely that we'll now fall back
to traditional unlocking.
Note that this leaves similar log messages for cases where
TPM2/PKCS#11/FIDO2 support is disabled at build at LOG_DEBUG, since in
that case nothing really failed, we just systematically can't do
TPM2/PKCS#11/FIDO2 and hence it is pointless and not actionable for
users to do anything about it...
cryptsetup: rename functions that try to do FIDO2/TPM2/PKCS#11 via cryptsetup plugins to say so
The are so many different flavours of functions that attach volumes,
hence say explicitly that these are about libcryptsetup plugins, and
nothing else.
Yu Watanabe [Tue, 29 Mar 2022 16:04:26 +0000 (01:04 +0900)]
network: shorten code a bit
Currently, there exist only two MTU sources, static and DHCPv4, and they
are exclusive. Hence, it is not necessary to check the existence of the
MTU option in the acquired DHCP lease. Let's unconditionally reset the
MTU. Note that, if the current and original MTU are equivalent, then
link_request_to_set_mtu() handles that gracefully.
Yu Watanabe [Tue, 29 Mar 2022 15:52:09 +0000 (00:52 +0900)]
network: automatically determine timeout of waiting for carrier regain
The commit 6706ce2fd2a13df0ae5e469b72d688eaf643dac4 made
IgnoreCarrierLoss= setting also take timespan, to make users handle
issues like #18738 or #20887. But still users needed to explicitly set
a timespan.
This makes networkd automatically determine the timeout when the
situations #18738 or #19832 is detected. Unfortunately, still users have
issue #20887 need to specify a value.
veritysetup: fix parsing of root-hash-signature= option
The function was named confusingly and we managed to confused ourselves. The
parameter was assigned incorrectly and then reassigned correctly in the caller.
Let's simplify the whole thing by just saving the optarg param.
I considered moving the unhexmemming and/or reading of the file to the parse
function, but decided against it. I think it's nicer to parse all options
before opening external files.
test-systemctl-enable: skip test for %v if kver is not a valid instance
On arm, we'd fail with:
target@v:5.16.8-200.fc35.armv7hl+lpae.socket: not a valid unit name "target@v:5.16.8-200.fc35.armv7hl+lpae.socket": Invalid argument
наб [Tue, 29 Mar 2022 17:43:01 +0000 (19:43 +0200)]
test-copy: use non-0 data block in copy_holes
Some filesystems (e.g. zfs with compression!=off, which is the default
configuration) automatically hole-punch all-zero blocks ‒ write a block
full of ones instead
tools/git-contrib: list contributions not only from Weblate
It seems that --invert-grep used to affect --author, but now it doesn't (with
git-2.35.1-1.fc36.x86_64), so effectively we would only show the one entry that
was supposed to be filtered out.
The handling of whitespace in pyparsing is a bother. There's some
global state, and per-element state, and it's hard to get a handle on
things. With python3-pyparsing-2.4.7-10.fc36.noarch the grammar would
not match. After handling of tabs was fixed to not accept duplicate tabs,
the grammar passes.
It seems that the entry for usb:v8087p8087*
was generated incorrectly because we treated the interface line
(with two TABs) as a device line (with one TAB).
The define is generalized and moved to path-lookup.h, where it seems to fit
better. This allows a recursive include to be removed and in general makes
things simpler.
test-systemctl-enable: use magic syntax to allow inverted tests
Inspired by 7910ec3bcde2ee0086b3e49f8aaa2a9f13f58d97.
'! true' passes, because it's a conditional expression.
But '( ! true )' fails, because '( … )' creates a subshell, i.e. a separate
program, and '! true' becomes the return value of that program, and the whole
thing apparently is not a conditional expression for the outer shell.
shared/install: when creating symlinks, accept different but equivalent symlinks
We would only accept "identical" links, but having e.g. a symlink
/usr/lib/systemd/system/foo-alias.service → /usr/lib/systemd/system/foo.service
when we're trying to create /usr/lib/systemd/system/foo-alias.service →
./foo.service is OK. This fixes an issue found in ubuntuautopkg package
installation, where we'd fail when enabling systemd-resolved.service, because
the existing alias was absolute, and (with the recent patches) we were trying
to create a relative one.
A test is added.
(For .wants/.requires symlinks we were already doing OK. A test is also
added, to verify.)
shared/install: fix handling of a linked unit file
When we have a symlink that goes outside of our search path, we should just
ignore the target file name. But we were verifying it, and rejecting in
the case where a symlink was created manually.
shared/install: split UNIT_FILE_SYMLINK into two states
The two states are distinguished, but are treated everywhere identically,
so there is no difference in behaviour except for slighlty different log
output.