resolved: switch cache option to a tri-state option (systemd#5552).
Change the resolved.conf Cache option to a tri-state "no, no-negative, yes" values.
If a lookup returns SERVFAIL systemd-resolved will cache the result for 30s (See 201d995),
however, there are several use cases on which this condition is not acceptable (See systemd#5552 comments)
and the only workaround would be to disable cache entirely or flush it , which isn't optimal.
This change adds the 'no-negative' option when set it avoids putting in cache
negative answers but still works the same heuristics for positive answers.
network: drop fallback mechanism to assign DHCPv6 addresses with IFA_F_NOPREFIXROUTE
The flag IFA_F_NOPREFIXROUTE was introduced in kernel-3.14. But even if
the kernel does not support the flag, it should be just ignored. So, it
is not necessary to do the fallback logic. Moreover, the current logic
is not a fallback mechanism but just retrying. So, it should not work.
Let's drop that.
This restores proper speed with asan builds with gcc 9.1.1.
Fixes #12997.
$ rpm -q gcc
gcc-9.1.1-2.fc31.x86_64
$ time ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1 UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 build-rawhide-sanitize/test-conf-parser
(old) 86.99s user 20.22s system 361% cpu 29.635 total
(new) 3.05s user 0.29s system 99% cpu 3.377 total
firstboot: fix hang waiting for second Enter on input
The comment explains the reason: we'd wait for the second \n
and then ungetc() it. Then the buffered \n would cause a problem
when the next prompt was issued, so in effect it wasn't possible
to answer the second question.
The user most likely knows the name of their locale/keymap/whatever,
and paging through multiple pages of output has little benefit.
The header that was printed before is now not printed anymore. But
now it's obvious from the context what we are printing, so we don't
need to print the header.
The commit
"util: Do not clear parent mount flags when setting up namespaces"
introduced a statvfs call read the flags of the original mount
and have them applied to the bind mount.
This has two problems:
(1) The mount flags returned by statvfs(2) do not match the flags
accepted by mount(2). For example, the value 4096 means ST_RELATIME
when returned by statvfs(2), but means MS_BIND when passed to mount(2).
(2) A call to statvfs blocks indefinitely when ran against a disconnected
network drive ( https://github.com/systemd/systemd/issues/12667 ).
We already use libmount to parse `/proc/self/mountinfo` but did not use the
mount flag information from there. This patch changes that to use the mount
flags parsed by libmount instead of calling statvfs. Only if getting the
flags through libmount fails we call statvfs.
The test would not pass before, because EXTRACT_UNQUOTE|EXTRACT_RETAIN_ESCAPE
didn't work (we'd get "KEY3=val with \\quotation\\" as the last string. Now we
are only doing EXTRACT_UNQUOTE, so we get the expected "KEY3=val with \"quotation\"".
It's hard to even say what exactly this combination means. Escaping is
necessary when quoting to have quotes within the string. So the escaping of
quote characters is inherently tied to quoting. When unquoting, it seems
natural to remove escaping which was done for the quoting purposes. But with
both flags we would be expected to re-add this escaping after unqouting? Or
maybe keep the escaping which is not necessary for quoting but otherwise
present? This all seems too complicated, let's just forbid such usage and
always fully unescape when unquoting.
Dan Streetman [Fri, 12 Jul 2019 15:47:26 +0000 (11:47 -0400)]
test: add create_empty_image_rootdir() to simplify testcase setup
Almost all tests were manually mounting/unmounting $TESTDIR/root
from the loopback image; this moves all that into test-functions
so the test setup functions are simplier.
Also add test_setup_cleanup() function, to cleanup what is mounted
by create_empty_image_rootdir()
This patch extracts the code in charge of initializing the default values for
those rlimits in order to create dedicated functions, which take care of their
initialization.
These functions are then called in parse_configuration() so we make sure that
the default values for these rlimits get restored every time PID1 is reloading
its configuration.
Even if addresses provided by DHCP is assigned, the state file may not
be written yet, or resolved may not receive the state change signal
yet, or resolved may not process the signal yet...
Franck Bui [Thu, 27 Jun 2019 16:23:01 +0000 (18:23 +0200)]
coredump: gather all process metadata in iovecs first and then cache them
Now we first gather all process metadata and populate the process info cache
with them. In this way, the cache only references metadata recorded in iovecs[]
so there's no need to bother freeing (part of) cached metadata later.
The other advantage is that the coredump handler mode and the service mode are
more similar as the cache is populated in the same way for both cases.
It also renames the array indexes so it becomes clear which metadata are passed
by the kernel and which ones are retrieved from the runtime environment.
Franck Bui [Fri, 28 Jun 2019 04:52:07 +0000 (06:52 +0200)]
coredump: use 'input_fd' name for the pipe fd passed by the kernel everywhere
'input_fd' variable name is used mostly everywhere except in process_socket()
where it's named 'coredump_fd', which is pretty confusing since 'coredump_fd'
is used for the coredump filename in submit_coredump().
So let's use 'input_fd' consistently as name for the pipe fd passed by the
kernel.
https://github.com/systemd/systemd/pull/13062#discussion_r303847484
> the formatter uppercases them anyway, and this way the JSON output of the
> formatter is nicer as it uses the table header fields 1:1 for the json
> output.
format-table: add ability to set cell attributes within table_add_many()
table_add_many() is so much shorter and easier to read than
table_add_cell() with its accessors. Let's teach table_add_many() more
tricks, so that reverting to table_add_cell() is not needed that often
anymore.