]> git.ipfire.org Git - thirdparty/systemd.git/log
thirdparty/systemd.git
2 years agoMerge pull request #21171 from DaanDeMeyer/tty-dimensions
Lennart Poettering [Sat, 6 Nov 2021 09:16:45 +0000 (10:16 +0100)] 
Merge pull request #21171 from DaanDeMeyer/tty-dimensions

exec: Add TTYRows and TTYColumns properties to set TTY dimensions

2 years agouser-record: show CIFS extra mount options, in output too
Lennart Poettering [Fri, 5 Nov 2021 14:30:36 +0000 (15:30 +0100)] 
user-record: show CIFS extra mount options, in output too

Follow-up for 4c2ee5c7f26fda41d7eb1250c61c85cc869a90de

2 years agotest: wait until `lvm-activate-$vgroup.service` finishes
Frantisek Sumsal [Fri, 5 Nov 2021 17:57:26 +0000 (18:57 +0100)] 
test: wait until `lvm-activate-$vgroup.service` finishes

The new lvm autoactivation method runs `vgchange` via
`systemd-run --no-block`[0], which means that checking if the unit
is in the `active` state is not enough, since the main binary might
still be running. Let's fix this by waiting until the unit reaches
the `exited` sub state.

Follow-up to:
  * 29f8bef05eb9a4bb7f578b31409ca38ec1b1a069
  * e50d743f99fa66c9f55e534c4e109a2cf6323f04

[0] https://sourceware.org/git/?p=lvm2.git;a=blob;f=udev/69-dm-lvm.rules.in;h=39e5b98074010745f78a7a86a05929700c9cd690;hb=67722b312390cdab29c076c912e14bd739c5c0f6#l83

Example:
```
[   17.102002] systemd-udevd[282]: sdf: '/usr/bin/systemd-run -r --no-block --property DefaultDependencies=no --unit lvm-activate-iscsi_lvm2212 /usr/bin/lvm vgchange -aay --nohints iscsi_lvm2212'(err) 'Running as unit: lvm-activate-iscsi_>
[   17.102522] systemd-udevd[282]: sdf: Process '/usr/bin/systemd-run -r --no-block --property DefaultDependencies=no --unit lvm-activate-iscsi_lvm2212 /usr/bin/lvm vgchange -aay --nohints iscsi_lvm2212' succeeded.
[   17.102697] systemd-udevd[282]: sdf: Adding watch on '/dev/sdf'
[   17.104944] systemd[1]: lvm-activate-iscsi_lvm2212.service: Changed dead -> running
...
[   17.105434] systemd[1]: Started /usr/bin/lvm vgchange -aay --nohints iscsi_lvm2212.
[   17.105601] systemd[931]: lvm-activate-iscsi_lvm2212.service: Executing: /usr/bin/lvm vgchange -aay --nohints iscsi_lvm2212
...
[   17.420228] testsuite-64.sh[268]: + systemctl -q is-active lvm-activate-iscsi_lvm2212.service
[   17.420228] testsuite-64.sh[268]: + return 0
[   17.420228] testsuite-64.sh[268]: + test -e /dev/disk/by-path/ip-127.0.0.1:3260-iscsi-iqn.2021-09.com.example:iscsi.lvm.test-lun-4
[   17.420228] testsuite-64.sh[268]: + udevadm settle
[   17.420228] testsuite-64.sh[268]: + test -e /dev/iscsi_lvm2212/mypart1
...
[   17.451313] systemd[1]: testsuite-64.service: Main process exited, code=exited, status=1/FAILURE
[   17.451475] systemd[1]: testsuite-64.service: Failed with result 'exit-code'.
...
[   17.555759] systemd[1]: Starting End the test...
[   17.556972] sh[941]: + systemctl poweroff --no-block
...
[   17.688923] lvm[931]:   2 logical volume(s) in volume group "iscsi_lvm2212" now active
...
[   17.838484] systemd[1]: lvm-activate-iscsi_lvm2212.service: Child 931 belongs to lvm-activate-iscsi_lvm2212.service.
[   17.838718] systemd[1]: lvm-activate-iscsi_lvm2212.service: Main process exited, code=exited, status=0/SUCCESS (success)

```

2 years agocoredump: fix filename in journal when not compressed
xdavidwu [Fri, 5 Nov 2021 14:37:06 +0000 (22:37 +0800)] 
coredump: fix filename in journal when not compressed

Since 587f2a5e564cf434c2e0a653f52b8f73e86092d8, filename for
not-compressed coredump is missing from save_external_coredump, making
it write COREDUMP_FILENAME= (empty) in journal, making `coredumpctl`
report it missing but it is actually saved.
This fixes it.

2 years agoexec: Add TTYRows and TTYColumns properties to set TTY dimensions 21171/head
Daan De Meyer [Thu, 28 Oct 2021 15:26:50 +0000 (16:26 +0100)] 
exec: Add TTYRows and TTYColumns properties to set TTY dimensions

2 years agogetty: Pass tty to use by agetty via stdin
Daan De Meyer [Fri, 29 Oct 2021 12:54:31 +0000 (13:54 +0100)] 
getty: Pass tty to use by agetty via stdin

If the tty arg is set to "-", agetty uses the stdin fd as the tty.
Let's pass the tty this way so that we keep an fd open to the tty
at all times. If all fd's to a tty are closed, the kernel might
reset the tty which we want to avoid.

2 years agotest: exercise sytemd-integritysetup & generator
Tony Asleson [Thu, 4 Nov 2021 19:19:56 +0000 (14:19 -0500)] 
test: exercise sytemd-integritysetup & generator

Ensures we can open a dm-integrity volume formated with
integritysetup.

2 years agosd-boot: Add .osrel section
Jan Janssen [Thu, 4 Nov 2021 09:37:25 +0000 (10:37 +0100)] 
sd-boot: Add .osrel section

This allows starting systemd-boot from \EFI\Linux for easier testing
and bisection without risking an unbootable system as the user does not
need to replace their working loader.

2 years agoMerge pull request #21252 from poettering/homed-record-dir-env-var
Lennart Poettering [Fri, 5 Nov 2021 20:52:00 +0000 (21:52 +0100)] 
Merge pull request #21252 from poettering/homed-record-dir-env-var

homed: add env var to override dir where we fine stored user records

2 years agouser-record: fix display of access mode
Lennart Poettering [Fri, 5 Nov 2021 15:36:32 +0000 (16:36 +0100)] 
user-record: fix display of access mode

2 years agouser-record: show fs/luks/gpt UUIDs as proper UUIDs
Lennart Poettering [Fri, 5 Nov 2021 17:04:53 +0000 (18:04 +0100)] 
user-record: show fs/luks/gpt UUIDs as proper UUIDs

These are not defined by us, but are defined as proper UUIDs by their
respective specs, hence show them as such.

2 years agodocs: document systemd-homed development env vars 21252/head
Lennart Poettering [Fri, 5 Nov 2021 18:07:52 +0000 (19:07 +0100)] 
docs: document systemd-homed development env vars

2 years agohomed: add env var to override dir where we fine stored user records
Lennart Poettering [Fri, 5 Nov 2021 17:03:05 +0000 (18:03 +0100)] 
homed: add env var to override dir where we fine stored user records

This adds an env var which we can use to redirect where homed stores and
looks for user records kept on the host. This is useful for debugging
purposes so that one can easily run another homed instnce that doesn't
interfere with the main instance.

2 years agotest: Add test for flag macros
Jan Janssen [Fri, 5 Nov 2021 11:53:09 +0000 (12:53 +0100)] 
test: Add test for flag macros

2 years agoMerge pull request #20056 from calestyo/split-up-sysusers.d-systemd.conf.in
Zbigniew Jędrzejewski-Szmek [Fri, 5 Nov 2021 14:30:33 +0000 (15:30 +0100)] 
Merge pull request #20056 from calestyo/split-up-sysusers.d-systemd.conf.in

sysusers: split up systemd.conf

2 years agoMerge pull request #20138 from keszybz/coding-style-variable-decls
Luca Boccassi [Fri, 5 Nov 2021 13:57:30 +0000 (13:57 +0000)] 
Merge pull request #20138 from keszybz/coding-style-variable-decls

A coding style tweak and checking of sd_notify() calls and voidification of pager_open()

2 years agomeson-render-jinja2: use ast.literal_eval()
Zbigniew Jędrzejewski-Szmek [Fri, 5 Nov 2021 10:51:17 +0000 (11:51 +0100)] 
meson-render-jinja2: use ast.literal_eval()

Imports are sorted in the usual fashion: stdlib first.

literal_eval() parses string/numbers/lists/sets/dicts, and nothing else, while
eval will execute any python code. Using literal_eval() is generally more
correct, because it avoids the risk of side effects from the parsed expression.
In this case, we generate the parsed strings ourselves, so it's very unlikely
to have anything unexpected in the expressions. But let's do the correct thing
anyway.

2 years agoMerge pull request #21225 from medhefgo/boot-cleanup
Zbigniew Jędrzejewski-Szmek [Fri, 5 Nov 2021 13:53:47 +0000 (14:53 +0100)] 
Merge pull request #21225 from medhefgo/boot-cleanup

Boot cleanup

2 years agobasic/mountpoint-util: detect erofs as a read-only FS
Luca Boccassi [Thu, 4 Nov 2021 20:29:43 +0000 (20:29 +0000)] 
basic/mountpoint-util: detect erofs as a read-only FS

2 years agoloop-util: reopen device node if we shortcut loop device creation
Lennart Poettering [Thu, 4 Nov 2021 14:01:33 +0000 (15:01 +0100)] 
loop-util: reopen device node if we shortcut loop device creation

The LoopDevice object supports a shortcut: if the backing fd we are
supposed to create a loopback device of refers to a
block device alrady then we'll use it as is – if we can – instead of
setting up an unnecessary loopback device that would be pretty much
the same as its backing device.

Previously, when doing this we'd just dup() the original backing fd and
use that. But that's problematic in case O_DIRECT was set on the fd,
since we'll keep that flag set on our copy too, which means we can't do
simple, regular IO on it anymore.

Thus, let's reopen the inode in this case with the exact access flags
we'd apply if we'd actually allocate and open a new loopback device.

Fixes: #21176
2 years agoMerge pull request #21229 from keszybz/improve-m-hint
Luca Boccassi [Thu, 4 Nov 2021 18:40:26 +0000 (18:40 +0000)] 
Merge pull request #21229 from keszybz/improve-m-hint

Improve hint to use -M in various tools

2 years agosd-boot: Fix efi_arch checks 21225/head
Jan Janssen [Tue, 2 Nov 2021 09:47:41 +0000 (10:47 +0100)] 
sd-boot: Fix efi_arch checks

efi_arch is set to whatever meson returns from host_machine.cpu_family() and
gnu_efi_arch is then set accordingly.

On x86, efi_arch == x86 and gnu_efi_arch == ia32. Surprisingly, compilation
worked (without disabling some instruction sets) and nobody ever complained
about systemd-bootia32.efi not working.

2 years agosd-boot: Detect supported compile args
Jan Janssen [Tue, 2 Nov 2021 09:21:19 +0000 (10:21 +0100)] 
sd-boot: Detect supported compile args

This brings the final list of compiler arguments more in line with
how meson does things. In particular, --buildtype=plain will not
add any optimizations on its own (and would have to be provided
through CFLAGS=).

2 years agosd-boot: Add some link flags
Jan Janssen [Mon, 1 Nov 2021 09:36:12 +0000 (10:36 +0100)] 
sd-boot: Add some link flags

These flags are used by gnu-efi. Adding --no-undefined even allows
us to drop the no-undefined-symbols.sh test in favor of immediate
compile time errors.

2 years agosd-stub: Fix possible memory leak
Jan Janssen [Tue, 26 Oct 2021 10:39:16 +0000 (12:39 +0200)] 
sd-stub: Fix possible memory leak

2 years agosd-boot: Check for existence of required pe sections
Jan Janssen [Tue, 26 Oct 2021 10:33:43 +0000 (12:33 +0200)] 
sd-boot: Check for existence of required pe sections

2 years agosd-boot: Move optional header verification into verify_pe
Jan Janssen [Tue, 26 Oct 2021 10:25:41 +0000 (12:25 +0200)] 
sd-boot: Move optional header verification into verify_pe

2 years agosd-boot: Use FLAGS_SET
Jan Janssen [Tue, 26 Oct 2021 10:17:31 +0000 (12:17 +0200)] 
sd-boot: Use FLAGS_SET

2 years agosd-boot: Move flags helpers to macro-fundamental.h
Jan Janssen [Tue, 26 Oct 2021 09:07:39 +0000 (11:07 +0200)] 
sd-boot: Move flags helpers to macro-fundamental.h

2 years agosd-boot: Always compile with -ffreestanding and -fshort-wchar
Jan Janssen [Tue, 26 Oct 2021 08:56:17 +0000 (10:56 +0200)] 
sd-boot: Always compile with -ffreestanding and -fshort-wchar

This is not a hosted environment and we should not pretend otherwise
if -ffreestanding is not supported.

With EFI strings being in UCS2, it is not supported to build without
-fshort-wchar as gcc/clang default to a w_char_t size of 4 bytes.

This also makes the charset for wide chars explicit on gcc. This way
we get a nice error message if anyone ever tries to add 💩 to strings.

2 years agosd-boot: Save and restore console attributes
Jan Janssen [Tue, 26 Oct 2021 07:56:32 +0000 (09:56 +0200)] 
sd-boot: Save and restore console attributes

This also only writes the message on a new line if we aren't at the
beginning of one already.

2 years agoMerge pull request #21070 from medhefgo/boot-save
Lennart Poettering [Thu, 4 Nov 2021 16:37:12 +0000 (17:37 +0100)] 
Merge pull request #21070 from medhefgo/boot-save

sd-boot: Add support to boot last select entry

2 years agoMerge pull request #21030 from DaanDeMeyer/path-skipped
Lennart Poettering [Thu, 4 Nov 2021 14:20:00 +0000 (15:20 +0100)] 
Merge pull request #21030 from DaanDeMeyer/path-skipped

core: Propagate condition failed state from service to path unit.

2 years agoupdate-helper: add missing loop over user units
Zbigniew Jędrzejewski-Szmek [Thu, 4 Nov 2021 08:49:18 +0000 (09:49 +0100)] 
update-helper: add missing loop over user units

Noticed by Luca.

shellcheck doens't catch this, and somehow it was missed in review
and testing ;(

2 years agotree-wide: do not print hint about -M if -M is already used 21229/head
Zbigniew Jędrzejewski-Szmek [Thu, 4 Nov 2021 09:41:47 +0000 (10:41 +0100)] 
tree-wide: do not print hint about -M if -M is already used

(Or when -H is used, since -H and -M are incompatible.)

Note that the slightly unusual form with separate boolean variables (hint_vars,
hint_addr) instead of e.g. a const char* variable to hold the message, because this
way we don't trigger the warning about non-literal format.

2 years agobusctl: do not print hint about -M if -M is already used
Zbigniew Jędrzejewski-Szmek [Thu, 4 Nov 2021 09:41:47 +0000 (10:41 +0100)] 
busctl: do not print hint about -M if -M is already used

(Or when -H is used, since -H and -M are incompatible.)

2 years agoshared/bus-util: make bus_log_*_error() functions functions
Zbigniew Jędrzejewski-Szmek [Thu, 4 Nov 2021 09:37:11 +0000 (10:37 +0100)] 
shared/bus-util: make bus_log_*_error() functions functions

They were defined as macros, but they are a bit too complicated for this,
so it's getting unwieldy. We can make them functions without any loss.

2 years agotree-wide: always use TAKE_FD() when calling rearrange_stdio()
Lennart Poettering [Tue, 2 Nov 2021 14:50:55 +0000 (15:50 +0100)] 
tree-wide: always use TAKE_FD() when calling rearrange_stdio()

rearrange_stdio() invalidates specified fds even on failure, which means
we should always invalidate the fds we pass in no matter what. Let's
make this explicit by using TAKE_FD() for that everywhere.

Note that in many places we such invalidation doesnt get us much
behaviour-wise, since we don't use the variables anymore later. But
TAKE_FD() in a way is also documentation, it encodes explicitly that the
fds are invalidated here, so I think it's a good thing to always make
this explicit here.

2 years agocore: Propagate condition failed state to triggering units. 21030/head
Daan De Meyer [Mon, 18 Oct 2021 12:17:02 +0000 (14:17 +0200)] 
core: Propagate condition failed state to triggering units.

Alternative to https://github.com/systemd/systemd/pull/20531.

Whenever a service triggered by another unit fails condition checks,
stop the triggering unit to prevent systemd busy looping trying to
start the triggered unit.

2 years agoMerge pull request #21217 from keszybz/debug-test-process-util
Yu Watanabe [Wed, 3 Nov 2021 19:03:56 +0000 (04:03 +0900)] 
Merge pull request #21217 from keszybz/debug-test-process-util

procfs-util: fix confusion wrt. quantity limit and maximum value

2 years agoMerge pull request #21216 from poettering/take-fd-tweak
Yu Watanabe [Wed, 3 Nov 2021 19:01:45 +0000 (04:01 +0900)] 
Merge pull request #21216 from poettering/take-fd-tweak

fd-util: make TAKE_FD free of double evaluation

2 years agomacro: make TAKE_PTR() side-effect free 21216/head
Lennart Poettering [Wed, 3 Nov 2021 14:56:34 +0000 (15:56 +0100)] 
macro: make TAKE_PTR() side-effect free

2 years agotree-wide: port more code to sigkill_wait()
Lennart Poettering [Wed, 3 Nov 2021 15:35:44 +0000 (16:35 +0100)] 
tree-wide: port more code to sigkill_wait()

2 years agotree-wide: port various places to use TAKE_PID()
Lennart Poettering [Wed, 3 Nov 2021 14:56:09 +0000 (15:56 +0100)] 
tree-wide: port various places to use TAKE_PID()

2 years agoprocess-util: rework TAKE_PID() to be side-effect free
Lennart Poettering [Wed, 3 Nov 2021 14:55:14 +0000 (15:55 +0100)] 
process-util: rework TAKE_PID() to be side-effect free

2 years agoprocess-util: wait for processes we killed even if killing failed
Lennart Poettering [Wed, 3 Nov 2021 14:54:28 +0000 (15:54 +0100)] 
process-util: wait for processes we killed even if killing failed

The processes might be zombies in which case killing will fail, but
reaping them still matters.

2 years agotest: add test that ensures TAKE_FD() works as it should
Lennart Poettering [Wed, 3 Nov 2021 14:56:48 +0000 (15:56 +0100)] 
test: add test that ensures TAKE_FD() works as it should

2 years agoMake pager_open() return void 20138/head
Zbigniew Jędrzejewski-Szmek [Tue, 3 Aug 2021 14:59:09 +0000 (16:59 +0200)] 
Make pager_open() return void

2 years agofd-util: make TAKE_FD free of double evaluation
Lennart Poettering [Tue, 2 Nov 2021 16:52:24 +0000 (17:52 +0100)] 
fd-util: make TAKE_FD free of double evaluation

Better be safe than sorry.

2 years agomanager: fix confusion when to send READY=1
Zbigniew Jędrzejewski-Szmek [Wed, 3 Nov 2021 10:22:28 +0000 (11:22 +0100)] 
manager: fix confusion when to send READY=1

I got the logic reversed in 6d9326595592f98e8126eacb4176acd8c3516d5c.
Let's just remove the conditionalization of the status message: if we're
sending something, we might just as well always attach READY=1, the extra
few bytes don't make much of a difference.

FWIW, it seems that this bug didn't cause problems, probably because we'd send
READY=1 either from user_manager_send_ready() or from a later call to
manager_send_ready().

2 years agotree-wide: drop "f" from sd_notify() calls with a static string
Zbigniew Jędrzejewski-Szmek [Wed, 3 Nov 2021 10:12:25 +0000 (11:12 +0100)] 
tree-wide: drop "f" from sd_notify() calls with a static string

If we don't need to do any formatting, let's optimize things a bit.

2 years agojournald: modernize code to send notifications
Zbigniew Jędrzejewski-Szmek [Wed, 3 Nov 2021 10:05:23 +0000 (11:05 +0100)] 
journald: modernize code to send notifications

No change except making things a bit less verbose.

2 years agotree-wide: warn when sd_notify fails with READY=1 or FDSTOREREMOVE=1
Zbigniew Jędrzejewski-Szmek [Wed, 3 Nov 2021 10:04:46 +0000 (11:04 +0100)] 
tree-wide: warn when sd_notify fails with READY=1 or FDSTOREREMOVE=1

Most sd_notify() calls are like log_info() — the result is only informative
and if they fail, it's best ignore this. But if a call with READY=1 fails,
the unit may enter a failed state, so we should warn about this. Similarly
for FSTOREREMOVE=1: the manager may be left with a stale fd, at least wasting
resources.

2 years agoCODING_STYLE: allow joined variable declarations and function calls
Zbigniew Jędrzejewski-Szmek [Tue, 6 Jul 2021 11:44:51 +0000 (13:44 +0200)] 
CODING_STYLE: allow joined variable declarations and function calls

… but only for a single variable.

The guidelines already allowed declaring variables at the point of
initialization. But not making a function call to do that. Let's allow that
now.  The existing style of declaring and initializing seperate is still
allowed, and whatever makes most sense should be used.

2 years agotest-process-util: also add EROFS to the list of "good" errors 21217/head
Zbigniew Jędrzejewski-Szmek [Wed, 3 Nov 2021 08:39:16 +0000 (09:39 +0100)] 
test-process-util: also add EROFS to the list of "good" errors

It is only added in the one place where we actually try to set the
setting to a new value. Before we were testing if we can set to it the
existing value, which was a noop. We could still get a permission error,
but this is the first place where we would propagate EROFS.

2 years agoprocfs-util: fix confusion wrt. quantity limit and maximum value
Zbigniew Jędrzejewski-Szmek [Tue, 2 Nov 2021 17:18:21 +0000 (18:18 +0100)] 
procfs-util: fix confusion wrt. quantity limit and maximum value

From packit/rawhide-arm64 logs:
Assertion 'limit >= INT_MAX || get_process_ppid(limit+1, NULL) == -ESRCH' failed at src/test/test-process-util.c:855, function test_get_process_ppid(). Aborting.
――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――

The kernel has a few different limits. In particular kernel.threads-max can be
set to some lower value, and kernel.pid_max can be set to a higher value. This
is nice because it reduces PID reuse, even if the number of threads that is
allowed is limited. But the tests assumed that we cannot have a thread with
PID above MIN(kernel.threads-max, kernel.pid_max-1), which is not valid.

So let's rework the whole thing: let's expose the helpers to read
kernel.threads-max and kernel.pid_max, and print what they return in tests.
procfs_tasks_get_limit() was something that is only used in tests, and wasn't
very well defined, so let's drop it.

Fixes #21193.

2 years agoMerge pull request #21210 from yuwata/network-dhcp-server-introduce-router-setting
Yu Watanabe [Wed, 3 Nov 2021 03:41:34 +0000 (12:41 +0900)] 
Merge pull request #21210 from yuwata/network-dhcp-server-introduce-router-setting

network: dhcp-server: introduce Router= setting to specify router address

2 years agopercent-util: clamp percent range before converting to 2^32 scale
Lennart Poettering [Fri, 29 Oct 2021 12:33:37 +0000 (14:33 +0200)] 
percent-util: clamp percent range before converting to 2^32 scale

Let#s better be safe than sorry and clamp the input, so that we don't
hit overflow issues.

2 years agomissing: add missing header inclusions
Lennart Poettering [Tue, 2 Nov 2021 17:15:32 +0000 (18:15 +0100)] 
missing: add missing header inclusions

These headers should work without any manual header inclusion.

2 years agotest-network: add a testcase for Router= setting 21210/head
Yu Watanabe [Tue, 2 Nov 2021 04:06:48 +0000 (13:06 +0900)] 
test-network: add a testcase for Router= setting

2 years agonetwork: dhcp-server: introduce Router= setting to specify router address
Yu Watanabe [Tue, 2 Nov 2021 03:58:50 +0000 (12:58 +0900)] 
network: dhcp-server: introduce Router= setting to specify router address

Closes #21202.

2 years agotest-keymap-util: always use kbd-model-map we ship
Franck Bui [Wed, 19 May 2021 12:14:58 +0000 (14:14 +0200)] 
test-keymap-util: always use kbd-model-map we ship

This test makes assumptions on the availability of some mappings contained in
kbd-model-map and therefore strongly relies on the version shipped by
upstream. IOW the test is likely to fail if it's installed on a system with a
more comprehensive kbd-model-map.

This patch makes the upstream kbd-model-map file available via a symlink in
test/testdata/test-keymap-util dir and makes sure that this specific version is
always used by test-keymap-util regardless of whether the test is installed and
run on a different system or directly run (optionally via meson) from the
project working dir.

2 years agoman: document cryptenroll limitations
Lennart Poettering [Tue, 2 Nov 2021 12:37:27 +0000 (13:37 +0100)] 
man: document cryptenroll limitations

Let's document this for now. We should be able to lift these limitations
sooner or later, at which point we can drop this documentation again.

These two limitations are a pitfall that people should be aware of,
before going FIDO2-only.

See: #20230 #19208

2 years agoMerge pull request #21207 from mrc0mmand/test-tweak-lvm-installation
Frantisek Sumsal [Tue, 2 Nov 2021 14:09:57 +0000 (14:09 +0000)] 
Merge pull request #21207 from mrc0mmand/test-tweak-lvm-installation

test: support the new lvm udev autoactivation

2 years agotest: support both lvm vgroup activation methods 21207/head
Frantisek Sumsal [Mon, 1 Nov 2021 22:03:26 +0000 (23:03 +0100)] 
test: support both lvm vgroup activation methods

2 years agoMerge pull request #21209 from yuwata/veth-peer-mtu
Daan De Meyer [Tue, 2 Nov 2021 09:58:39 +0000 (09:58 +0000)] 
Merge pull request #21209 from yuwata/veth-peer-mtu

network: also set MTU for veth peer interface

2 years agotest-network: add test case for MTUBytes= for veth 21209/head
Yu Watanabe [Tue, 2 Nov 2021 03:35:07 +0000 (12:35 +0900)] 
test-network: add test case for MTUBytes= for veth

2 years agonetwork/veth: also set MTU for peer interface
Yu Watanabe [Tue, 2 Nov 2021 03:25:12 +0000 (12:25 +0900)] 
network/veth: also set MTU for peer interface

Fixes #21206.

2 years agotest: support the new lvm udev autoactivation
Frantisek Sumsal [Mon, 1 Nov 2021 19:55:38 +0000 (20:55 +0100)] 
test: support the new lvm udev autoactivation

Introduced in lvm 2.03.14.
See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=67722b312390cdab29c076c912e14bd739c5c0f6

2 years agoMerge pull request #21204 from yuwata/sd-dhcp6-client-cleanups
Yu Watanabe [Mon, 1 Nov 2021 18:11:02 +0000 (03:11 +0900)] 
Merge pull request #21204 from yuwata/sd-dhcp6-client-cleanups

sd-dhcp6-client: further cleanups

2 years agosd-dhcp6-client: simplify code a bit 21204/head
Yu Watanabe [Mon, 1 Nov 2021 13:50:55 +0000 (22:50 +0900)] 
sd-dhcp6-client: simplify code a bit

Also this adds a note.

2 years agosd-dhcp6-client: do not implicitly cast to boolean
Yu Watanabe [Mon, 1 Nov 2021 13:37:26 +0000 (22:37 +0900)] 
sd-dhcp6-client: do not implicitly cast to boolean

2 years agosd-dhcp6-client: introduce dhcp6_lease_{get,set}_clientid()
Yu Watanabe [Mon, 1 Nov 2021 05:19:16 +0000 (14:19 +0900)] 
sd-dhcp6-client: introduce dhcp6_lease_{get,set}_clientid()

2 years agosd-dhcp6-client: shorten code a bit
Yu Watanabe [Mon, 1 Nov 2021 05:10:35 +0000 (14:10 +0900)] 
sd-dhcp6-client: shorten code a bit

2 years agosd-dhcp6-client: prefix variables which store results with "ret_"
Yu Watanabe [Mon, 1 Nov 2021 05:04:34 +0000 (14:04 +0900)] 
sd-dhcp6-client: prefix variables which store results with "ret_"

2 years agosd-dhcp6-client: update log messages
Yu Watanabe [Mon, 1 Nov 2021 04:57:11 +0000 (13:57 +0900)] 
sd-dhcp6-client: update log messages

2 years agoMerge pull request #21200 from yuwata/sd-dhcp6-client-server-address
Yu Watanabe [Mon, 1 Nov 2021 12:04:48 +0000 (21:04 +0900)] 
Merge pull request #21200 from yuwata/sd-dhcp6-client-server-address

sd-dhcp6-client: introduce sd_dhcp6_lease_get_server_address()

2 years agoMerge pull request #21199 from yuwata/sd-dhcp6-client-trivial-cleanups
Yu Watanabe [Mon, 1 Nov 2021 12:04:05 +0000 (21:04 +0900)] 
Merge pull request #21199 from yuwata/sd-dhcp6-client-trivial-cleanups

sd-dhcp6-client: trivial cleanups

2 years agonetwork: save server address to DHCPv6 addresses 21200/head
Yu Watanabe [Mon, 1 Nov 2021 01:35:43 +0000 (10:35 +0900)] 
network: save server address to DHCPv6 addresses

The server address will be used in later commits.

2 years agosd-dhcp6-client: introduce sd_dhcp6_lease_get_server_address()
Yu Watanabe [Mon, 1 Nov 2021 01:31:31 +0000 (10:31 +0900)] 
sd-dhcp6-client: introduce sd_dhcp6_lease_get_server_address()

2 years agosd-lldp-tx: drop unused and useless function
Yu Watanabe [Mon, 1 Nov 2021 00:34:41 +0000 (09:34 +0900)] 
sd-lldp-tx: drop unused and useless function

sd-lldp-tx does not call any callback function. So, the function is
mostly useless.

2 years agosd-dhcp6: drop unused functions
Yu Watanabe [Mon, 1 Nov 2021 00:45:29 +0000 (09:45 +0900)] 
sd-dhcp6: drop unused functions

2 years agocore: ignore failure on setting smack process label when allowed
Yu Watanabe [Mon, 1 Nov 2021 04:48:32 +0000 (13:48 +0900)] 
core: ignore failure on setting smack process label when allowed

2 years agosd-dhcp6-client: request IA_PD by default 21199/head
Yu Watanabe [Mon, 1 Nov 2021 01:02:47 +0000 (10:02 +0900)] 
sd-dhcp6-client: request IA_PD by default

For consistency with 0f5ef9b62a8f454208db69f3219c7484f87a068a.

2 years agosd-dhcp6-client: always set suitable ARP type
Yu Watanabe [Mon, 1 Nov 2021 00:51:49 +0000 (09:51 +0900)] 
sd-dhcp6-client: always set suitable ARP type

Also, drops unnecessary comparisons.

2 years agoexecute: respect selinux_context_ignore
Topi Miettinen [Sat, 30 Oct 2021 16:58:41 +0000 (19:58 +0300)] 
execute: respect selinux_context_ignore

When `SELinuxContext=` parameter is prefixed with `-`, the documentation states
that any errors determining or changing context should be ignored, but this
doesn't actually happen and the service may fail with `229/SELINUX_CONTEXT`.

Fix by adding checks to `context->selinux_context_ignore`.

Closes: #21057
2 years agomkosi: Add netcat to fedora image
Daan De Meyer [Tue, 19 Oct 2021 12:37:10 +0000 (13:37 +0100)] 
mkosi: Add netcat to fedora image

This helps with testing socket units.

2 years agocore: Delay start rate limit check when starting a unit
Daan De Meyer [Tue, 19 Oct 2021 09:45:48 +0000 (10:45 +0100)] 
core: Delay start rate limit check when starting a unit

Doing start rate limit checks before doing condition checks made
condition check failures count towards the start rate limit which
broke existing assumptions (see #21025). Run the rate limit checks
after the condition checks again to restore the previous behaviour.

2 years agocore: Move 'r' variable declaration to start of unit_start()
Daan De Meyer [Sat, 30 Oct 2021 21:12:06 +0000 (22:12 +0100)] 
core: Move 'r' variable declaration to start of unit_start()

2 years agomkosi: Install less in the mkosi Fedora image
Daan De Meyer [Sat, 30 Oct 2021 10:15:22 +0000 (11:15 +0100)] 
mkosi: Install less in the mkosi Fedora image

We're actually falling back to `more` in the mkosi image which doesn't
behave quite the same as less which is somewhat annoying. Let's make
sure `less` is installed so systemd can use it as the pager.

2 years agoMerge pull request #21175 from tohojo/dhcp-server-expire
Yu Watanabe [Fri, 29 Oct 2021 19:13:40 +0000 (04:13 +0900)] 
Merge pull request #21175 from tohojo/dhcp-server-expire

sd-dhcp-server: clear out expired leases when finding new address

2 years agoMerge pull request #21180 from yuwata/libsystemd-network-cleanups
Yu Watanabe [Fri, 29 Oct 2021 16:18:28 +0000 (01:18 +0900)] 
Merge pull request #21180 from yuwata/libsystemd-network-cleanups

libsystemd-network: drop unused functions, and _public_ attribute

2 years agosd-dhcp-server: fix address availability checks 21175/head
Toke Høiland-Jørgensen [Fri, 29 Oct 2021 10:24:33 +0000 (12:24 +0200)] 
sd-dhcp-server: fix address availability checks

The checks for finding a new available address in the pool were broken in two
ways: not using UINT32_TO_PTR() on hashmap lookups resulted in false negatives,
and the check wasn't skipping the server address if that was part of the pool.

Move the check for available addresses to a small helper function and fix both
issues, and also add a check to the REQUEST code for the server address.

2 years agosd-dhcp-server: clear out expired leases when processing requests
Toke Høiland-Jørgensen [Thu, 28 Oct 2021 20:36:51 +0000 (22:36 +0200)] 
sd-dhcp-server: clear out expired leases when processing requests

The DHCP server configuration supports setting a maximum lease time, but old
leases are never actually cleared out if the client doesn't send a RELEASE.
This causes the pool to run out of addresses on networks where clients just
disappear, which is a fairly common occurrence on wireless networks.

Fix this by cleaning up expired leases before processing client requests, so
addresses can be reused for new clients.

2 years agolibsystemd-network: drop _public_ attribute 21180/head
Yu Watanabe [Fri, 29 Oct 2021 13:13:18 +0000 (22:13 +0900)] 
libsystemd-network: drop _public_ attribute

No function in libsystemd-network is exposed yet.

2 years agosd-radv: fix implicit conversion to boolean
Yu Watanabe [Fri, 29 Oct 2021 13:10:43 +0000 (22:10 +0900)] 
sd-radv: fix implicit conversion to boolean

2 years agosd-ndisc: drop unused functions
Yu Watanabe [Fri, 29 Oct 2021 13:05:16 +0000 (22:05 +0900)] 
sd-ndisc: drop unused functions

All received information is stored in sd_ndisc_router, and we have
sd_ndisc_router_get_mtu() and sd_ndisc_router_get_hop_limit().

2 years agohome: fix use of uninitialized value
Yu Watanabe [Fri, 29 Oct 2021 07:27:50 +0000 (16:27 +0900)] 
home: fix use of uninitialized value

Fixes CID#1465077.

2 years agosd-boot: Add support to boot last selected entry 21070/head
Jan Janssen [Thu, 28 Oct 2021 11:00:13 +0000 (13:00 +0200)] 
sd-boot: Add support to boot last selected entry

Fixes: #18994
2 years agosd-boot: Allow glob patterns for default and oneshot EFI vars too
Jan Janssen [Thu, 28 Oct 2021 10:15:33 +0000 (12:15 +0200)] 
sd-boot: Allow glob patterns for default and oneshot EFI vars too