nspawn: make sure idmapped logic works if DDI contains only /usr/ tree
If we have a DDI that contains only a /usr/ tree (and which is thus
combined with a tmpfs for root on boot) we previously would try to apply
idmapping to the tmpfs, but not the /usr/ mount. That's broken of
course.
Yu Watanabe [Tue, 24 Oct 2023 17:32:04 +0000 (02:32 +0900)]
dissect: reenable automatic removal before trying again
The device node may be different from we want to activate, and we may
try to activate different device in the subsequent loop. In such case,
we should enable the automatic removal for the unexpected device.
Otherwise, it will not be removed even when not necessary anymore.
Jin Liu [Tue, 31 Oct 2023 04:48:24 +0000 (12:48 +0800)]
New PAM module: pam_systemd_loadkey
This module reads password from kernel keyring and sets it as PAM authtok.
It's inspired by gdm's pam_gdm, which reads the LUKS password stored by
systemd-cryptsetup, so Gnome Keyring can be automatically unlocked if set
to the same password (when autologin is enabled so the user doesn't enter
a password in gdm).
This is name ".network.example" for now, to match the existing
80-ethernet.network file.
I think it would make sense to actually install this by default if told
so via a meson file (and then hopefully this would happen even on
Fedora, though in a split off RPM or so). However, we aren't there yet,
hence for now, just ship the .network files as example, like the others.
secure-boot: print just before cold-resetting to help diagnose hangs
When testing the secureboot enroll feature, it can be hard to distinguish without
using the QMP API of QEMU whether we are in a hang situation of the UEFI firmware.
Making it clear that we reached the `ResetSystem` can be helpful towards that need.
Both sleep_mode_supported and write_mode support this,
but parse_sleep_config currently prohibits this - it always
uses our default value if user specifies HibernateMode=<empty>.
Luca Boccassi [Fri, 27 Oct 2023 15:33:49 +0000 (16:33 +0100)]
exec-invoke: don't double-close FDs on error
When a late error occurs in sd-executor, the cleanup-on-close of the
context structs happen, but at that time all FDs might have already
been closed via close_all_fds(), so a double-close happens. This
can be seen when DynamicUser is enabled, with a non-existing
WorkingDirectory.
Invalidate the FDs in the context structs if close_all_fds succeeds.
Daan De Meyer [Sat, 28 Oct 2023 08:37:16 +0000 (10:37 +0200)]
mkosi: Use cache and build subdirectories
Next release of mkosi will not use subdirectories under the cache
and build directory by default anymore, so let's make sure we already
start creating those ourselves.
xinpeng wang [Wed, 25 Oct 2023 03:19:58 +0000 (11:19 +0800)]
logind: fix abnormal switching causing the screen to go black
After logind receives the SIGRTMIN signal from the kernel, it will execute
manager_vt_switch---session_leave_vt---session_device_pause_all,The device
permissions of the session are removed here;under normal circumstances, the
tty value read from /sys/class/tty/tty0/active changes and switchesto a new
session,give the new session resume device permissions.
But under abnormal circumstances (such as switching quickly on a device using
wayland; and sometimes the kernel will suddenly send a SIGRTMIN signal, but
nothing changes),In these cases, logind does not give session resume device
permission, causing the device to have a black screen and suspended animation.
Michal Sekletar [Wed, 25 Oct 2023 11:17:18 +0000 (13:17 +0200)]
fstab-generator: drop nofail and noauto options for critical mounts
Setting nofail for /usr mount doesn't make sense because without /usr we
can't really boot. However, having the flag set might cause races in
initrd where we could try to switchroot into rootfs before /usr is
actually mounted. Let's just ignore it so that we always have proper
mount unit ordering for /sysroot/usr mount.
Ronan Pigott [Tue, 24 Oct 2023 18:01:32 +0000 (11:01 -0700)]
network: implement RFC4039 DHCP Rapid Commit
This implements the DHCPv4 equivalent of the DHCPv6 Rapid Commit option,
enabling a lease to be selected in an accelerated 2-message exchange
instead of the typical 4-message exchange.
Luca Boccassi [Thu, 26 Oct 2023 13:56:58 +0000 (14:56 +0100)]
core: do not post-process skipped mounts
When a mount is gracefully skipped (e.g.: BindReadOnlyPaths=-/nonexistent)
we still post-process it, like making it read-only. Except if nothing
has been mounted, the mount point will be made read-only for no reason.
Track when mounts are skipped and avoid post-processing.
One day we'll switch all of this to the new mount api and do these
operations atomically or not at all.
test-fstab-generator: skip test impacted by /mnt symlink
On rpm-ostree distributions such as Fedora SilverBlue /mnt
(and other well known paths) will be a symlink to a location
under /var. The fstab generator emits correct output in this
case, however, the data does not match the expected output
stored in the source tree.
Rather than trying to adapt the test data, just skip this
single test scenario when we see /mnt is a symlink.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
test-systemd-tmpfiles: skip when /tmp has unexpected ownership
The systemd-tmpfiles binary will report a fatal error if /tmp is not owned
either by root, or by the current user:
Detected unsafe path transition /tmp (owned by nobody) →
/tmp/test-systemd-tmpfiles.a8qc6n18 (owned by berrange)
during canonicalization of
tmp/test-systemd-tmpfiles.a8qc6n18/test-content.7chd7rdi
When doing development inside a 'toolbox' container (which is required
on a Fedora SilverBlue distro), /tmp is owned by 'nobody', because it
has been passed through from the host and host UID 0 gets mapped to
UID 65536 by usernamespaces. This triggers the unsafe path transition
error message.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
test-blockdev-util: avoid abort when /home is a symlink
On rpm-ostree distributions like Fedora SilverBlue /home (and various
other well known locations) are symlinks to somewhere beneath /var.
The path_is_encrypted() method uses O_NOFOLLOW and as a result will
return ELOOP on /home. This causes test-blockdev-util to abort.
Add ELOOP to the ignorable set of errnos for testing.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
cgroup-show: rework cgroup tree display to operate by fd only
This restores display of the "delegate" flag of a cgroup. Previously we
erroneously passed a full fs path where a cgroup path was expected (the
difference being the /sys/fs/cgroup/ prefix), which meant we never read
the xattr properly. Let's fix that by simply operating by fd on the
cgroup and using it for all operations.