Luca Boccassi [Sun, 12 Jun 2022 23:21:41 +0000 (00:21 +0100)]
bootctl: add --install-source=auto|image|host
When using --root=/--image= the binaries to install/update will be
picked from the directory/image. Add an option to let the caller
choose.
By default (auto) the image is tried first, and if nothing is found
then the host. The other options allow to strictly try the image
or host and ignore the other.
mac: rework labelling code to be simpler, and less racy
This merges the various labelling calls into a single label_fix_full(),
which can operate on paths, on inode fds, and in a dirfd/fname style
(i.e. like openat()). It also systematically separates the path to look
up in the db from the path we actually use to reference the inode to
relabel.
This then ports tmpfiles over to labelling by fd. This should make the
code a bit less racy, as we'll try hard to always operate on the very
same inode, pinning it via an fd.
This uses RET_NERRNO to more quickly pull the error code we see into
"r" out of "errno".
This does not change anything really. The only reason to do this is
because it is harder to break this accidentally. The thing is that
"errno" is easily set as side-effect of arbitrary functions. Thus, if we
rely on it being set for long code paths, we need to make carefully sure
that no code in between calls any function that might corrupt it as
side-effect. As far as I can see we did get this right. Nonetheless, I
think we should just store the value in "r" instead, to make it easier
to maintain this in the long run, if more code is inserted one day, who
knows.
tmpfiles: port from dirname/basename to path_extract_directory/filename()
let's use our better, newer internal APIs for these purposes. This gets us
two things: safer handling when the root dir is specified, and better
handling of paths with trailing slashes, as we can refuse them whenever
a directory is not acceptable.
Reduce the number of iterations in some of the test cases, since they
generate a huge amount of uevents and basically DoS udev (which can't
keep up while being slowed down by ASan). To avoid this, let's reduce
the number of iterations and bump the timeout when running under ASan,
since we're not interested in performance in such cases.
test: avoid overriding an already existing EXIT handler
TEST-70 specified its own EXIT handler, which replaced the
`cleanup_loopdev` handler, so the loop device was always hanging around
once this test was run. Let's use the new `add_at_exit_handler()` stuff
to mitigate this.
Bash allows only one handler per signal, so let's overcome this
limitation by having one dedicated EXIT signal which runs all registered
handlers from all over the place.
- use test_append_files() to install additional commands
- drop use of expect
- include assert.sh and use assertions at several places
- use timeout command at several places
- always use logind-test-user
- etc
Michal Sekletar [Fri, 27 May 2022 19:11:37 +0000 (21:11 +0200)]
logind: don't start user@UID.service instance for background sessions
We have had background session class for a long time (since commit e2acb67baa), but so far the only difference in handling of background
sessions was logging, i.e. we log some messages with LOG_DEBUG for such
sessions.
Previously there were complains [1] about excessive logging for each
time cron session is started. We used to advise user to enable lingering
for users if they want to avoid these log messages. However, on servers
with a lot of users the extra processes that result from lingering just
adds too much overhead. Hence I think that our current handling of
background sessions is not ideal and we should make better use of this
attribute.
This commit introduces a change in default behavior of logind. Logind is
now not going to start user instance of systemd when background session
is created and that should address excessive logging problem for cron
where background class is used by default. When the same user actually
logs in normally then user instance will be started as previously.
Also note that PAM_TTY variable is now always set to some value for PAM
sessions started via PAMName= option. Otherwise we would categorize such
sessions as "background" and user manager won't be started.
I think is very simple, but flexible. The date may be set early, for distros
that have a fixed schedule, but it doesn't have to. So for example Debian could
push out an update that sets a few months before the release goes EOL. And
various tools, in particular graphical desktops, can start nagging people to
upgrade a few weeks before the date.
As discussed in the bug, we don't need granularity higher than a day. And this
means that we can use a simple human- and machine-readable format.
I was considering other names, e.g. something with "EOL", but I think that
"SUPPORT_END" is better because it doesn't imply that the machine will somehow
stop working. This is supposed to be an advisory, nothing more.
Thomas Haller [Wed, 6 Jul 2022 12:50:50 +0000 (14:50 +0200)]
fundamental: adjust #if conditional for _fallthrough_ for clang
NetworkManager takes systemd sources. It gets compiler warnings
related to _fallthrough_. They probably can also affect systemd
itself.
A) on RHEL-7, gcc 4.8.5-44.el7 we get:
../src/libnm-systemd-shared/src/fundamental/macro-fundamental.h:45:22: error: "__clang__" is not defined [-Werror=undef]
#if __GNUC__ >= 7 || __clang__
^
Presumably gcc older than 7 is supported, so fix this.
B) on Ubuntu 18.04, clang 1:6.0-41~exp5~ubuntu1 we get:
../src/libnm-systemd-core/src/libsystemd-network/sd-dhcp6-client.c:746:17: error: declaration does not declare anything [-Werror,-Wmissing-declarations]
_fallthrough_;
^
../src/libnm-systemd-shared/src/fundamental/macro-fundamental.h:46:25: note: expanded from macro '_fallthrough_'
# define _fallthrough_ __attribute__((__fallthrough__))
^
Granted, README comments that clang >= 10 is required. However,
parts of systemd build just fine with older clang. It seems unnecessary
to break this and the fix helps NetworkManager.
Fixes: c0f5d58c9ab7 ('meson: Document why -Wimplicit-fallthrough is not used with clang')
json: actually use numeric C locale we just allocated
This fixes formatting of JSON real values, and uses C locale for them.
It's kinda interesting that this wasn't noticed before: the C locale
object we allocated was not used, hence doing the dance had zero effect.
This makes "test-varlink" pass again on systems with non-C locale.
(My guess: noone noticed this because "long double" was used before by
the JSON code and that had no locale supporting printer or so?)
user: delegate cpu controller, assign weights to user slices
So far we didn't enable the cpu controller because of overhead of the
accounting. If I'm reading things correctly, delegation was enabled for a while
for the units with user and pam context set, i.e. for user@.service too. a931ad47a8623163a29d898224d8a8c1177ffdaf added the explicit Delegate=yes|no
switch, but it was initially set to 'yes'. acc8059129b38d60c1b923670863137f8ec8f91a disabled delegation for user@.service
with the justication that CPU accounting is expensive, but half a year later a88c5b8ac4df713d9831d0073a07fac82e884fb3 changed DefaultCPUAccounting=yes for
kernels >=4.15 with the justification that CPU accounting is inexpensive there.
In my (very noncomprehensive) testing, I don't see a measurable overhead if the
cpu controller is enabled for user slices. I tried some repeated compilations,
and there is was no statistical difference, but the noise level was fairly
high. Maybe better benchmarking would reveal a difference.
The goal of this change is very simple: currently all of the user session,
including services like the display server and pipewire are under user@.service.
This means that when e.g. a compilation job is started in the session's
app.slice, the processes in session.slice compete for CPU and can be starved.
In particular, audio starts to stutter, etc. With CPU controller enabled,
I can start start 'ninja -C build -j40' in a tab and this doesn't have any
noticable effect on audio.
I don't think the particular values matter too much: the CPU controller is
work-convserving, and presumably the session slice would never need more than
e.g. one 1 full CPU, i.e. half or a quarter of available CPU resources on even
the smallest of today's machines. app.slice and session.slice are assigned
equal weights, background.slice is assigned a smaller fraction. CPUWeight=100
is the default, but I wrote it explicitly to make it easier for users to see
how the split is done. So effectively this should result in session.slice
getting as much power as it needs.
If if turns out that this does have a noticable overhead, we could make it
opt-in. But I think that the benefit to usability is important enough to enable
it by default. W/o something like this the session is not really usable with
background tasks.
tree-wide: add global ascii_isdigit() + ascii_isalpha()
We now have a local implementation in string-util-fundamental.c, but
it's useful at a lot of other places, hence let's give it a more
expressive name and share it across the tree.
The "Networking" section has a lonely single document listed right now,
even though the "Concepts" section has two more network related docs.
Move them over, let's end this loneliness.
tree-wide: link to docs.kernel.org for kernel documentation
https://www.kernel.org/ links to https://docs.kernel.org/ for the documentation.
See https://git.kernel.org/pub/scm/docs/kernel/website.git/commit/?id=ebc1c372850f249dd143c6d942e66c88ec610520