run: tweak algorithm for generating unit name from dbus unique name
This reverts behaviour of systemd-run's unit name generation to the
status quo ante of #18871: we chop off the ":1." prefix if we can.
However, to address the issue that the unique name can overrun we then
do what #18871 did as fallback: only chop off the ":" prefix.
This way we should have pretty names that look like they always looked
in the common case, but in the case of a unique name overrun we still
will have names that work.
rm-rf: fix up chmod in the _cleanup_ rm_rf() destructors
REMOVE_CHMOD is necessary to remove files/dirs that are owned by us but
have an access mode that would not allow us to remove them. In generic
destructor calls for use with `_cleanup_` that are "fire-and-forget"
style we should make use of that, to maximize the chance we can actually
remove the files/dirs.
(Also, add in REMOVE_MISSING_OK. Just because prettier, we ignore the
return codes anyway, but it' a bit nicer to ignore a bit fewer errors.)
Anita Zhang [Thu, 4 Mar 2021 01:25:40 +0000 (17:25 -0800)]
run: update dbus unique names check
Some code in systemd-run checks that a bus's unique name must start with
`:1.`. However the dbus specification on unique connection names only specifies
that it must begin with a colon. And the freedesktop/dbus implementation allows
allows unique names to go up to `:INT_MAX.INT_MAX`. So update the
current check to only look for a colon at the beginning.
Nominally, the bug was in unit_load_dropin(), which just took the last mtime
instead of calculating the maximum. But instead of adding code to wrap the
loop, this patch goes in the other direction.
All (correct) callers of config_parse() followed a very similar pattern to
calculate the maximum mtime. So let's simplify things by making config_parse()
assume that mtime is initialized and update it to the maximum. This makes all
the callers that care about mtime simpler and also fixes the issue in
unit_load_dropin().
config_parse_many_nulstr() and config_parse_many() are different, because it
makes sense to call them just once, and current ret_mtime behaviour make sense.
rules: Move ID_SMARTCARD_READER definition to a <70 configuration.
70-uaccess.rules sets the uaccess tag on devices with ID_SMARTCARD_READER
set, but it is set in 99-systemd.rules .
Move this to a 60-*.rules which already matches USB CCID class, factorising
the matching, so 70-uaccess.rules sets up these devices as expected.
It's useful to be able to combine a regular /usr/ file system with a
tmpfs as root, for an OS that boots up in volatile mode on every single
boot. Let's add explicit support for this via root=tmpfs.
Note the relationship to the existing systemd.volatile= option:
1. The kernel command line "root=/dev/… systemd.volatile=yes" will mount
the specified root fs, and then hide everything at the top by
overmounting it with a tmpfs, except for the /usr subtree.
2. The kernel command line "root=tmpfs mount.usr=/dev/…" otoh will mount
a toot fs at the top (just like the case above), but will then mount
the top-level dir of the fs specified in mount.usr= directly below
it.
Or to say this differently: in the first case /usr/ from the physical
storage fs is going to become /usr/ of the hierarchy ultimately booted,
while in the second case / from the physical storage fs is going to
become /usr of the hierarchy booted.
Philosophically I figure systemd.volatile= is more an option for
"one-off" boots, while root=tmpfs is something to have as default mode
of operation for suitable images.
This is currently hard to test reasonably, since Dracut refuses to
accept root=tmpfs. This needs to be addressed separately though.
path-util: return O_DIRECTORY from path_extract_filename() when path ends in slash
Let's fine-tune the path_extract_filename() interface: on succes return
O_DIRECTORY as indicator that the input path was slash-suffixed, and
regular 0 otherwise. This is useful since in many cases it is useful to
filter out paths that must refer to dirs early on.
I opted for O_DIRECTORY instead of the following other ideas:
1. return -EISDIR: I think the function should return an extracted
filename even when referring to an obvious dir, so this is not an
option.
2. S_ISDIR, this was a strong contender, but I think O_DIRECTORY is a
tiny bit nicer since quite likely we will go on and open the thing,
maybe with openat(), and hence it's quite nice to be able to OR in
the return value into the flags argument of openat().
3. A new enum defined with two values "dont-know" and
"definitely-directory". But I figured this was unnecessary, given we
have other options too, that reuse existing definitions for very
similar purposes.
path-util: add path_extract_directory(), to match path_extract_filename()
These two together are a lot like dirname() + basename() but have the
benefit that they return clear errors when one passes a special case
path to them where the extraction doesn't make sense, i.e. "", "/",
"foo", "foo/" and so on.
Sooner or later we should probably port all our uses of
dirname()/basename() over to this, to catch these special cases more
safely.
Tom Shield [Tue, 2 Mar 2021 09:56:06 +0000 (03:56 -0600)]
udev: add i2c to 60-persistent-input.rules for by-path (#18808)
Add the i2c subsystem to those that create by-path links.
i2c devices may not have IDs so we can't rely on the by-id links
but they (or some of them) should at least have a path that we can use.
Martin Wilck [Thu, 25 Feb 2021 16:09:03 +0000 (17:09 +0100)]
sd-device: don't use BPF filtering for kernel monitors
BPF filtering accesses fields in the netlink header that are
only filled in by libudev, never by the kernel. Therefore adding
BPF filters for kernel monitors is pointless. Even false filtering
of kernel events might be possible; at least it's hard to prove that
it can't occur.
resolved: disable event sources before unreffing them
We generally operate on the assumption that a source is "gone" as soon
as we unref it. This is generally true because we have the only reference.
But if something else holds the reference, our unref doesn't really stop
the source and it could fire again.
In particular, on_query_timeout() is called with DnsQuery* as userdata, and
it calls dns_query_stop() which invalidates that pointer. If it was ever
called again, we'd be accessing already-freed memory.
I don't see what would hold the reference. sd-event takes a temporary reference,
but on the sd_event object, not on the individual sources. And our sources
are non-floating, so there is no reference from the sd_event object to the
sources.
This got moved under the systemd umbrella a long time ago.
Github redirects from the old path, so the link worked, but it's
nicer to use the real location.
test-socket-util: fix test for address parsing w/o IPv6 support
sockaddr_pretty() is the function that is ultimately called to print
the address, and afaics, it'll always use 0.0.0.0 if family==AF_INET.
So the test must have always been broken on systems with IPv6 support.
Fixes a failure in semaphore debian autopkgtest ci:
"65535" → ✓ 0 → "0.0.0.0:65535" (expect 0 / "[::]:65535") 15:15
Assertion 'streq(out, expected ?: in)' failed at src/test/test-socket-netlink.c:32, function test_socket_address_parse_one(). Aborting. 15:15
Charles Lee [Mon, 1 Mar 2021 09:40:15 +0000 (10:40 +0100)]
po: Translated using Weblate (Chinese (Simplified) (zh_CN))
Currently translated at 100.0% (189 of 189 strings)
Co-authored-by: Charles Lee <lchopn@gmail.com>
Translate-URL: https://translate.fedoraproject.org/projects/systemd/master/zh_CN/
Translation: systemd/main
man: make systemd-coredump and coredumpctl descriptions more accessible
Fixes #17910: we didn't clearly explain that coredumps may exist without
journal entries, and vice versa.
Also, make the examples more concrete, and use '$' instead of '#' to avoid
suggesting that running as root is required. The text is extended a bit in
various places. In the description of systemd-coredump, the details of executor
separation are split out to a separate subsection, since they are rather
detailed and not necessary to understand for normal use.
copy: handle copy_file_range() weirdness on procfs/sysfs
This addresses the issue described in https://lwn.net/Articles/846403/
and makes sure we will be able to stream bytes from procfs/sysfs via
copy_bytes() if people ask us to.