3e5f04bf6468fcb79c080f02b0eab08f258bff0c was trying to do the right thing, but
the resulting list does not match the autogenerated order (which is the same as
the order in vtable definition). I assume the addition was done manually. Fix
the order so that dbus-docs-fresh test is not unhappy.
By settings AI_ADDRCONFIG in hints we cannot for example resolve "localhost"
when the local machine only has a loopback interface. This seems like an
unnecessary restriction, drop it.
Inspired by https://bugzilla.redhat.com/show_bug.cgi?id=1839007.
Topi Miettinen [Sun, 30 Aug 2020 18:56:13 +0000 (21:56 +0300)]
exec: SystemCallLog= directive
With new directive SystemCallLog= it's possible to list system calls to be
logged. This can be used for auditing or temporarily when constructing system
call filters.
---
v5: drop intermediary, update HASHMAP_FOREACH_KEY() use
v4: skip useless debug messages, actually parse directive
v3: don't declare unused variables with old libseccomp
v2: fix build without seccomp or old libseccomp
Topi Miettinen [Wed, 5 Aug 2020 13:31:26 +0000 (16:31 +0300)]
exec: Add kill action to system call filters
Define explicit action "kill" for SystemCallErrorNumber=.
In addition to errno code, allow specifying "kill" as action for
SystemCallFilter=.
---
v7: seccomp_parse_errno_or_action() returns -EINVAL if !HAVE_SECCOMP
v6: use streq_ptr(), let errno_to_name() handle bad values, kill processes,
init syscall_errno
v5: actually use seccomp_errno_or_action_to_string(), don't fail bus unit
parsing without seccomp
v4: fix build without seccomp
v3: drop log action
v2: action -> number
tree-wide: don't needlessly negate error number passed to bus_error_message()
Like it's customary in our codebase bus_error_message() internally takes
abs() of the passed error anyway, hence no need to explicitly negate it.
We mostly got this right, but in too many cases we didn't. Fix that.
core: propagate unit start limit hit state to triggering path unit
We already do this for socket and automount units, do it for path units
too: if the triggered service keeps hitting the start limit, then fail
the triggering unit too, so that we don#t busy loop forever.
(Note that this leaves only timer units out in the cold for this kind of
protection, but it shouldn't matter there, as they are naturally
protected against busy loops: they are scheduled by time anyway).
core: propagate triggered unit in more load states
In 4c2ef3276735ad9f7fccf33f5bdcbe7d8751e7ec we enabled propagating
triggered unit state to the triggering unit for service units in more
load states, so that we don't accidentally stop tracking state
correctly.
Do the same for our other triggering unit states: automounts, paths, and
timers.
Also, make this an assertion rather than a simple test. After all it
should never happen that we get called for half-loaded units or units of
the wrong type. The load routines should already have made this
impossible.
env-file: bring our decoding of double-quoted strings in env files in line with shell
In shell, inside of double quotes only a select few chars should be
escaped. If other chars are escaped this has no effect. Correct the list
of chars that need such escaping.
Also, make sure we can read back the stuff we wrote out without loss.
service: add implicit dbus deps only for Type=dbus units
We want to be able to use BusName= in services that run during early boot
already, and thus don't synthesize deps on dbus there. Instead add them
when Type=dbus is set, because in that case we actually really need
D-Bus support.
hashmap: make sure to initialize shared hash key atomically
if we allocate a bunch of hash tables all at the same time, with none
earlier than the other, there's a good chance we'll initialize the
shared hash key multiple times, so that some threads will see a
different shared hash key than others.
Let's fix that, and make sure really everyone sees the same hash key.
socket: downgrade log warnings about inability to set socket buffer sizes
In containers we might lack the privs to up the socket buffers. Let's
not complain so loudly about that. Let's hence downgrade this to debug
logging if it's a permission problem.
cryptsetup: generate the unit to umount keydev filesystem
Previously we would call umount from ExecStartPost= of
systemd-cryptsetup instance in order to get rid of the keydev
mount (i.e. filesystem containing keyfile). Let's generate unit to
handle umount. Making this symmetrical (both mount and umount of keydev
are handled by units) fixes the problem with lingering keydev mounts.
Motivation for the change is the issue where keydev mount would stay
around even if device was successfully unlocked and mount is no longer
needed. That could happen previously because when generator options are
not prefixed with "rd." we run generators twice (e.g. rd.luks.key=...).
In such case disk is unlocked in initramfs phase of boot (assuming the
initrd image contains the generator and is able to handle unlocking of
LUKS devices). After switchroot we however enqueue start job for
systemd-cryptsetup instance (because units are regenerated second time)
and that pulls in its dependencies into transaction. Later the main
systemd-cryptsetup unit not actually started since it is already active
and has RemainaAfterExit=yes. Nevertheless, dependencies get activated
and keydev mount is attached again. Because previously we called umount
from ExecStartPost= of systemd-cryptsetup instance the umount is not
called second time and keydev filesystem stays lingering.
logind: make sure when we are explicitly asked to terminate session/user/seat to use "replace" job mode
Otherwise our request will possibly fail if something else is already
enqeued, but given this is an explicit user request, let's not allow
things to fail.
Nazar Vinnichuk [Fri, 11 Sep 2020 10:38:53 +0000 (13:38 +0300)]
man: document the random delay of persistent timers
The manual states that a persistent timer triggers it's service
immediately on activation to catch up with missed invocations, but since
PR #11608 it is no longer the case if RandomizedDelaySec= is set to a
non-zero value.
pkg-config: prefix is not really configurable, don't pretend it was
We generally don't support prefix being != /usr, and this is hardcoded
all over the place. In the systemd.pc file it wasn't so far. Let's
adjust this to match the rest of the codebase.
A variety of sockopts exist both for IPv4 and IPv6 but require a
different pair of sockopt level/option number. Let's add helpers for
these that internally determine the right sockopt to call.
This should shorten code that generically wants to support both ipv4 +
ipv6 and for the first time adds correct support for some cases where we
only called the ipv4 versions, and not the ipv6 options.
Daniel Mack [Wed, 9 Sep 2020 12:09:29 +0000 (14:09 +0200)]
network: add support for setting MDB entries
Multicast snooping enabled bridges maintain a database for multicast
port memberships to decide which mulicast packet is supposed to
egress on which port.
This patch teaches networkd to add entries to this database manually
by adding `[BridgeMDB]` sections to `.network` configuration files.
fs-util,tmpfiles: fix error handling of fchmod_opath()
When 4dfaa528d45 was first commited its callers relied on `errno` instead of the
return value for error reporting. Which worked fine, since internally
under all conditions base were set — even if ugly and not inline with
our coding style. Things then got broken in f8606626ed3c2582e06543550d58fe9886cdca5f where suddenly additional
syscalls might end up being done in the function, thus corrupting `errno`.
projects / thirdparty / systemd.git / log
