Let's make sure we still look at the etags reported by http 304 (i.e.
the cache management code). Otherwise we won't properly realize we
already downloaded this before.
The old name originates when this was used to discover "machine" images,
as managed by machined/machinectl. But nowadays this is also used by
portable services and system extensions, hence let's use a more generic
name for this API. Taking inspiration from "dissect-image.[ch]", let's call
this "discover-image.[ch]".
Deprecate builds with split-usr, prepare for removal
There is no technical reason to support systems with split-usr, except for
backwards compatibility. Even though systemd itself makes an effort to support
this, many other tools aren't as careful. Despite those efforts, we
(collectively) get it wrong often, because doing it "wrong" on systems with
merged-usr has no consequences. Since almost all developers are on such
systems, any issues are only discovered late. Supporting this split-usr mode
makes both code and documentation more complicated. The split is purely
artificial and has no justification except to allow old installation to not
update. Mechanisms to update existing systems are available though: Fedora
did that in https://fedoraproject.org/wiki/Features/UsrMove, Debian has
the usrmerge package.
The next version of Debian will only support systems with split-usr=false,
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978636#178:
The Technical Committee resolves that Debian 'bookworm' should
support only the merged-usr root filesystem layout, dropping support
for the non-merged-usr layout.
Let's start warning if split-usr mode is used, in preparation to removing the
split in one of the future releases.
Let's split out the two codepaths a bit, and emphasize which ones it the
new-style and which the old-style codepath, and let's clearly convert
the params of the old-stye into the new style for further processing, so
that the old style path is brief and isolated.
Yu Watanabe [Wed, 20 Jan 2021 06:50:01 +0000 (15:50 +0900)]
network,udev: move TransmitQueues=/ReceiveQueues= from .network to .link
As the settings are mostly hardware setup, and merely see from network
layer.
See also discussions in
https://github.com/systemd/systemd/pull/18170#issuecomment-758807497
https://github.com/orgs/systemd/teams/systemd/discussions/1
Let's tighten the logic behind path_extract_filename() a bit: first of
all, refuse all cases of invalid paths with -EINVAL. More importantly
though return a recognizable error when a valid path is specified that
does not contain any filename. Specifically, "/" will now result in
-EADDRNOTAVAIL.
This changes API, but none of the existing callers care about the return
value, hence the change should be fine.
man: move content from the wiki to systemd.preset(5)
The wiki was slightly stale, and almost all the information there
was already present in the man page. I moved the remaing part (discussion)
into the man page and adjusted all links to point to the man page instead.
daemon(7) has a some examples of packaging scriptlets… I don't think it fits
there very well. Most likely they should be moved to systemd.preset(5) or maybe
even removed, but I'm leaving that for later.
Yu Watanabe [Mon, 1 Feb 2021 17:16:01 +0000 (02:16 +0900)]
libudev: also drop the entry from LIST even if unique flag is set
Otherwise, the list becomes dirty when an entry is freed.
This also remove the entry from the hashmap only when its name is set.
The name should be always set, so that does not change anything. But
just for safety.
Yu Watanabe [Mon, 1 Feb 2021 17:18:49 +0000 (02:18 +0900)]
libudev: set entry->list after the entry is stored in the list
This should not change anything. As hashmap_remove() is called before
hashmap_ensure_put(). So, even if hashmap_ensure_put() fails, a wrong
entry will not removed from the hashmap by udev_list_entry_free().
But anyway, just for safety.
It should help to make it more clear what causes issues like
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30140
and https://github.com/google/oss-fuzz/pull/5084
Anita Zhang [Mon, 1 Feb 2021 03:04:34 +0000 (19:04 -0800)]
tools: make update-dbus-docs compatible with Python 3.6
668b3a42fe9e250912bd3efa4460ed691452d9bf allowed update-dbus-docs.py to start
running on Cent OS 8 (instead of skipping). But subprocess.check_output()'s
text argument didn't exist until Python 3.7 and C8 is still running
Python 3.6. Use universal_newlines instead for backwards compatibility.
Daan De Meyer [Sat, 30 Jan 2021 23:25:24 +0000 (23:25 +0000)]
boot: Make all efivar util functions take the guid as an argument
Let's make these functions a little more generic so we can have
them work on more than one GUID. More specifically, this allows
using them with the global guid which will be used a bit more to
extend the secure boot support.
Daan De Meyer [Sat, 30 Jan 2021 23:02:24 +0000 (23:02 +0000)]
boot: Enable C99
Instead of using -nostdinc, we use -nostdlib. This is necessary
to allow moving to C99 as efibind.h includes stdint.h when C99
is enabled. It isn't necessarily problematic to use some standard
library headers as long as they don't contain functions defined in
libc or another system library (or in other words, header only
headers are fine to use in sd-boot).
The device is very similar to MACH-WX9 in many ways, including this
particular one. Adding these rules gets rid of evdev warnings as buttons
are being pressed on this device.
Daan De Meyer [Sat, 30 Jan 2021 14:13:04 +0000 (14:13 +0000)]
tree-wide: Drop custom formatting for print() help messages
I think this formatting was originally used because it simplified
adding new options to the help messages. However, these days, most
tools their help message end with "\nSee the %s for details.\n" so
the final line almost never has to be edited which eliminates the
benefit of the custom formatting used for printf() help messages.
Let's make things more consistent and use the same formatting for
printf() help messages that we use everywhere else.
Prompted by https://github.com/systemd/systemd/pull/18355#discussion_r567241580
Daan De Meyer [Sat, 23 Jan 2021 17:33:24 +0000 (17:33 +0000)]
resolve: Add GetMulticastHosts() D-Bus method
GetMulticastHosts() returns an array of hostnames/addresses discovered via
LLMNR or Multicast DNS. It does not trigger any discovery on its own.
Instead, it simply returns whatever is already in resolved's cache.
Daan De Meyer [Sat, 23 Jan 2021 17:26:33 +0000 (17:26 +0000)]
mkosi: Add a postinstall script to setup .gdbinit.
systemd is compiled with relative source file paths so we need to
issue a directory command to make sure gdb can find systemd's
source files. Let's put this in a .gdbinit file so it's executed
automatically when we run gdb.
Einsler Lee [Sat, 30 Jan 2021 03:14:35 +0000 (11:14 +0800)]
man: make it clear how systemd calculate the DefaultTasksMax.
Actually, systemd takes the minimum of
* a) the maximum tasks value the kernel allows on this architecture
* b) the cgroups pids_max attribute for the system
* c) the kernel's configured maximum PID value
to calculate the DefaultTasksMax. Here, kernel.thread-max should also be methioned.
Peter Hutterer [Fri, 29 Jan 2021 04:57:30 +0000 (14:57 +1000)]
hwdb: check for the right set of MOUSE_WHEEL_CLICK_ properties
As documented at the top of the file we require the normal property if we have
the horizontal property, and we require the CLICK_ANGLE property if the
CLICK_COUNT property is present. Codify this into the hwdb parser so we can
pick up on it.
resolved: use reference counting for DnsQueryCandidate objects
Follow-up for 4ea8b443de. The logic that manages DnsQueryCandidate is rather
complicated: a calls to dns_query_complete() that wants to destroy a
DnsQueryCandidate can be nested inside a deep chain of calls. Using reference
counts seems like the simplest approach.
DnsSearchDomain already uses reference counting.
This patch effectively brings dns_query_candidate_go() to the state before 4ea8b443de, but wraps the iteration over DnsQueryCandidate.transactions in
dns_query_candidate_ref+dns_query_candidate_unref.
While we are at it, bring the parameters into the same order as we
declare them in the PullRaw/PullTar objects, i.e. match them to the
canonical order.
Topi Miettinen [Sat, 16 Jan 2021 11:49:32 +0000 (13:49 +0200)]
New directives NoExecPaths= ExecPaths=
Implement directives `NoExecPaths=` and `ExecPaths=` to control `MS_NOEXEC`
mount flag for the file system tree. This can be used to implement file system
W^X policies, and for example with allow-listing mode (NoExecPaths=/) a
compromised service would not be able to execute a shell, if that was not
explicitly allowed.
Frantisek Sumsal [Thu, 19 Mar 2020 10:37:41 +0000 (11:37 +0100)]
ci: enable Packit integration
Let's enable the Packit integration and see if it's a viable option for
us. This configuration builds systemd on Fedora (on x86_64, i386, and
aarch64) and runs the unit test suite. To do that, it uses the specfile
from Fedora Rawhide[0] with some minor modifications, thus dropping the
need to have a specfile in the upstream repository.
So far the builds took around 25 minutes each, so speed-wise it's pretty
good. The two remaining supported architectures (s390x and armhfp) are
excluded, for now, since they're emulated and build there takes a really
long time (~4 hours).
The target is update-syscall-tables, so let's call the script
update-syscall-tables.sh to reduce the cognitive overhead when
trying to find the right file.
Upstream uses .text, but this is rather unusual. Let's use .txt as the usual
suffix for text files. This tells various editors and such that the file should
be treated as plain text. I also want to a script to summarize license status,
and having an easy-to-recognize suffix makes this easier.
We don't include a license header in .conf and similar files,
but we should include a header that tells the user that this is
our file and points to some docs.
tree-wide: add spdx header on all scripts and helpers
Even though many of those scripts are very simple, it is easier to include
the header than to try to say whether each of those files is trivial enough
not to require one.
Meson itself requires Python 3.6, which has f-strings. So I think it's fine to
use them here too. I wanted to use walrus for 'if m:= re.search(...)', but that'd
require 3.8.