units: explicitly require /var, /tmp and /var/tmp to be mounted before basic.target
We support /var, /tmp and /var/tmp on NFS. NFS shares however are by
default ordered only before remote-fs.target which is a late-boot
service. /var, /tmp, /var/tmp need to be around earlier though, hence
explicitly order them before basic.target.
Note that this change simply makes explicit what was implicit before,
since many early-boot services pulled in parts of /var anyway early.
units: move After=systemd-hwdb-update.service dependency from udev to udev-trigger
Let's move the hwdb regeneration a bit later. Given that hwdb is
non-essential it should be OK to allow udev to run without it until we
do the full trigger.
Tom Gundersen [Wed, 1 Apr 2015 11:50:31 +0000 (13:50 +0200)]
libsystemd: add sd-device library
This provides equivalent functionality to libudev-device, but in the
systemd style. The public API only caters to creating sd_device objects
from for devices that already exist in /sys, there is no support for
listening for monitoring events or creating devices received over
the udev netlink protocol.
The private API contains the necessary functionality to make sd-device
a drop-in replacement for libudev-device, but which we would not
otherwise want to export.
Lukas Nykryn [Mon, 30 Mar 2015 12:42:02 +0000 (14:42 +0200)]
mount: don't run quotaon only for network filesystems
If you have for example ext4 on iscsi devices it is possible to setup
qoutas there. Unfortunately, because such fstab entry contains _netdev,
systemd will not add dependency to quotaon.service.
Alban Crequy [Tue, 31 Mar 2015 15:14:48 +0000 (17:14 +0200)]
nspawn: fallback on bind mount when mknod fails
Some systems abusively restrict mknod, even when the device node already
exists in /dev. This is unfortunate because it prevents systemd-nspawn
from creating the basic devices in /dev in the container.
This patch implements a workaround: when mknod fails, fallback on bind
mounts.
Additionally, /dev/console was created with a mknod with the same
major/minor as /dev/null before bind mounting a pts on it. This patch
removes the mknod and creates an empty regular file instead.
In order to test this patch, I used the following configuration, which I
think should replicate the system with the abusive restriction on mknod:
# grep devices /proc/self/cgroup
4:devices:/user.slice/restrict
# cat /sys/fs/cgroup/devices/user.slice/restrict/devices.list
c 1:9 r
c 5:2 rw
c 136:* rw
# systemd-nspawn --register=false -D .
v2:
- remove "bind", it is not needed since there is already MS_BIND
v3:
- fix error management when calling touch()
- fix lowercase in error message
We have no such check in any of the other tools, hence don't have one in
nspawn either.
(This should make things nicer for Rocket, among other things)
Note: removing this check does not mean that we support running nspawn
on non-systemd. We explicitly don't. It just means that we remove the
check for running it like that. You are still on your own if you do...
Andrew Jones [Tue, 31 Mar 2015 09:08:13 +0000 (11:08 +0200)]
ARM: detect-virt: detect QEMU/KVM
QEMU/KVM guests do not have hypervisor nodes, but they do have
fw-cfg nodes (since qemu v2.3.0-rc0). fw-cfg nodes are documented,
see kernel doc Documentation/devicetree/bindings/arm/fw-cfg.txt,
and therefore we should be able to rely on it in this detection.
Unfortunately, we currently don't have enough information in the
DT, or elsewhere, to determine if we're using KVM acceleration
with QEMU or not, so we can only report 'qemu' at this time, even
if KVM is in use. This shouldn't really matter in practice though,
because if detect-virt is used interactively it will be clear to
the user whether or not KVM acceleration is present by the overall
speed of the guest. If used by a script, then the script's behavior
should not change whether it's 'qemu' or 'kvm'. QEMU emulated
guests and QEMU/KVM guests of the same type should behave
identically, only the speed at which they run should differ.
Andrew Jones [Tue, 31 Mar 2015 09:08:11 +0000 (11:08 +0200)]
detect-virt: use /proc/device-tree
Kernel doc Documentation/ABI/testing/sysfs-firmware-ofw says that
the /proc/device-tree symlink should be used, as opposed to
directly accessing /sys/firmware/devicetree/base. The former is
ABI, but not the later.
Entropy Graph code doesn't handle the error condition if open() of /proc entry
fails. Moreover, the file is only opened once and only first sample will contain
the correct value because the return value of pread() is also not handled
properly and file is not re-opened. Fix both problems.
systemd-bootchart: Prevent leaking file descriptors in open-fdopen combination
Correctly handle the potential failure of fdopen() (because of OOM, for instance)
after potentially successful open(). Prevent leaking open fd in such case.
systemd-bootchart: Prevent closing random file descriptors
If the kernel has no CONFIG_SCHED_DEBUG option set, systemd-bootchart produces
empty .svg file. The reason for this is very fragile file descriptor logic in
log_sample() and main() (/* do some cleanup, close fd's */ block). There are
many places where file descriptors are closed on failure (missing SCHED_DEBUG
provokes it), but there are several problems with it:
- following iterations in the loop see that the descriptor is non zero and do
not open the corresponding file again;
- "some cleanup" code closes already closed files and the descriptors are reused
already, in particular for resulting .svg file;
- static "vmstat" and "schedstat" variables in log_sample() made the situation
even worse.
Harald Hoyer [Fri, 27 Mar 2015 12:47:32 +0000 (13:47 +0100)]
cdrom_id: unroll and simplify data check loop
also removes this warning:
src/udev/cdrom_id/cdrom_id.c: In function ‘cd_media_info.isra.13’:
src/udev/cdrom_id/cdrom_id.c:612:12: warning: assuming signed overflow
does not occur when assuming that (X + c) >= X is always true
[-Wstrict-overflow]
static int cd_media_info(struct udev *udev, int fd)
^
Harald Hoyer [Fri, 27 Mar 2015 11:02:49 +0000 (12:02 +0100)]
fix gcc warnings about uninitialized variables
like:
src/shared/install.c: In function ‘unit_file_lookup_state’:
src/shared/install.c:1861:16: warning: ‘r’ may be used uninitialized in
this function [-Wmaybe-uninitialized]
return r < 0 ? r : state;
^
src/shared/install.c:1796:13: note: ‘r’ was declared here
int r;
^
Patrik Flykt [Wed, 25 Mar 2015 11:22:43 +0000 (13:22 +0200)]
networkd-dhcp6: Do not handle prefix expiry
Expiring prefixes need not be handled anymore as the kernel has been
instructed not to create routes for DHCPv6 assigned addresses via the
IFA_F_NOPREFIXROUTE flag.
Patrik Flykt [Mon, 2 Feb 2015 11:13:17 +0000 (13:13 +0200)]
systemd-networkd: Use IFA_F_NOPREFIXROUTE with IPv6 addresses
The IFA_F_NOPREFIXROUTE flag prevents the kernel from creating new onlink
prefixes when a DHCPv6 IPv6 address with a prefix length is set from user
space. IPv6 routing will follow the onlink status from Router Advertisment
Prefix Information options or any manually set route, which is the correct
thing to do.
As this flag has a larger value than what fits into an unsigned char, update
the flag attribute to an uint32_t and set it with an IFA_FLAGS attribute
when writing netlink messages to the kernel.
When parsing words from input files, optionally automatically unescape
the passed strings, controllable via a new flags parameter.
Make use of this in tmpfiles, and port everything else over, too.
This improves parsing quite a bit, since we no longer have to process the
same string multiple times with different calls, where an earlier call
might corrupt the input for a later call.
Tobias Hunger [Tue, 24 Mar 2015 23:05:38 +0000 (00:05 +0100)]
fstab-generator: don't accept missing root=, but accept root=none
And other non-device entries (like fstab does).
Mount whatever the user asked to be mounted on / on the kernel
command line. Do less sanity check and do *not* bail out
when the mount device looks strange or does not exist.
This basically makes the changes for deviceless filesystems
from yesterday unnecessary and is in line with what we do for
filesystems set up in fstab.
[tomegun:
- change patch title/description a bit.
- don't touch the /usr logic, that would be a separate change and
we don't currently have a convincing use-case for that.
- don't bail out on /sys ro. This only makes sense in containers,
where we would not be doing this anyway. If there is a use-case
we could consider that as a separate patch.]
Kay Sievers [Tue, 24 Mar 2015 22:28:25 +0000 (23:28 +0100)]
rules: storage - whitelist partitioned MS & MMC devices
On Mon, Mar 23, 2015 at 8:55 AM, Mantas Mikulėnas <grawity@gmail.com> wrote:
> On Tue, Mar 17, 2015 at 11:50 PM, Kay Sievers <kay@vrfy.org> wrote:
>> On Tue, Mar 17, 2015 at 5:00 PM, Mantas Mikulėnas <grawity@gmail.com>
>> wrote:
>> > Accidentally dropped in 1aff20687f4868575.
>> > ---
>> > rules/60-persistent-storage.rules | 2 +-
>> > 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> > +KERNEL!="loop*|mmcblk[0-9]*|mspblk[0-9]*|nvme*|sd*|sr*|vd*",
>> > GOTO="persistent_storage_end"
>>
>> We can't do that, we need to ignore the mmc*rpmb devices:
>>
>> http://cgit.freedesktop.org/systemd/systemd/commit/?id=b87b01cf83947f467f3c46d9831cd67955fc46b9
>>
>> Maybe "mmcblk*[0-9]" will work?
>
> Yeah, that would probably work (the names are like mmcblk0p1 etc.)
Kay Sievers [Tue, 24 Mar 2015 12:52:04 +0000 (13:52 +0100)]
timedate: remove daylight saving time handling and tzfile parser
We planned to support (the conceptually broken) daylight saving
time/local time features in the kernel, SCSI, networking, FAT
filesystem, but it turned out to be a race we cannot win and do
not want to get involved. Systemd should not fiddle with daylight
saving time or parse timezone information itself.
Leave everything to glibc or tools like date(1) and do not make any
promises or raise expectations that systemd should handle anything
like this.
Alin Rauta [Wed, 18 Mar 2015 12:06:19 +0000 (05:06 -0700)]
sd-rtnl: handle empty multi-part message from the kernel
We strips out NLMSG_DONE piece from a multi-part message adding into the
receive queue only the messages containing actual data.
If we send a request to the kernel for getting the forwarding database table (just an example),
the response will be a multi-part message like below:
1. FDB entry 1;
2. FDB entry 2;
3. NLMSG_DONE;
We strip out "3. NLMSG_DONE;" part and places into the receive queue a pointer to
"1. FDB entry 1; 2. FDB entry 2".
But if the FDB table is empty, the respose from the kernel will look like below:
1. NLMSG_DONE;
We strip out "1. NLMSG_DONE;" part and since there is no actual data got, it continues
waiting until reaching timeout.
Therefore, a call to "sd_rtnl_call" to send and wait for a response from kernel will exit
with timeout which is interpreted as error in communication.
This patch puts the NLMSG_DONE message on the receive queue if it ends an empty multi-part
message. This situation is detected in sd_rtnl_call() and in the callback code and NULL is
returned to the caller instead.
[tomegun:
- added/reworded commit message
- extend the same support to sd_rtnl_call_async()
- drop debug logging from library, we only do this if something is really wrong, but an
empty multi-part message is perfectly normal
- modernize the code we touch whilst we are at it]
timedated: flip internal status after executing operation
timedated would set the internal status before calling out to systemd to do
the actual change. When the operation was refused because of a SELinux denial,
the state kept in timedated would get out of sync, and the second call from
timedatectl would appear to succeed.
A failed priority is not something worth stopping boot over. Most people
have only one swap device, in which case priority is irrelevant, and even
if there is more than one swap device, they are all usable, and ignoring the
priority field should only result in some loss of performance.
The kernel will report the priority as -1 if not set, so it's easy for
people to make this mistake.
David Herrmann [Fri, 20 Mar 2015 11:28:12 +0000 (12:28 +0100)]
rules: avoid 'device/' accesses
We should never access parents, as the sysfs hierarchy is in no way
stable. Use KERNELS== etc. to match on a parent, then access it via
$attr{} (which accesses the matching device, not the current device).
Allow systemd-tmpfiles to set the file/directory attributes
Allow systemd-tmpfiles to set the file/directory attributes, like
chattr(1) does. Two more commands are added: 'H' and 'h' to set the
attributes, recursively and not.
is not happy and checking the journal in the container, there is a stream of
Mar 13 04:50:15 11bf07f59fff agetty[66]: /dev/console: No such file or directory
Mar 13 04:50:25 11bf07f59fff systemd[1]: console-getty.service holdoff time over, scheduling restart.
Mar 13 04:50:25 11bf07f59fff systemd[1]: Stopping Console Getty...
Mar 13 04:50:25 11bf07f59fff systemd[1]: Starting Console Getty...
Mar 13 04:50:25 11bf07f59fff systemd[1]: Started Console Getty.
Mar 13 04:50:25 11bf07f59fff agetty[67]: /dev/console: No such file or directory
Mar 13 04:50:35 11bf07f59fff systemd[1]: console-getty.service holdoff time over, scheduling restart.
Mar 13 04:50:35 11bf07f59fff systemd[1]: Stopping Console Getty...
Mar 13 04:50:35 11bf07f59fff systemd[1]: Starting Console Getty...
Mar 13 04:50:35 11bf07f59fff systemd[1]: Started Console Getty.
Mar 13 04:50:35 11bf07f59fff agetty[74]: /dev/console: No such file or directory
Mar 13 04:50:45 11bf07f59fff systemd[1]: console-getty.service holdoff time over, scheduling restart.
Mar 13 04:50:45 11bf07f59fff systemd[1]: Stopping Console Getty...
Mar 13 04:50:45 11bf07f59fff systemd[1]: Starting Console Getty...
Michal Schmidt [Mon, 16 Mar 2015 21:04:21 +0000 (22:04 +0100)]
core/namespace: fix path sorting
The comparison function we use for qsorting paths is overly indifferent.
Consider these 3 paths for sorting:
/foo
/bar
/foo/foo
qsort() may compare:
"/foo" with "/bar" => 0, indifference
"/bar" with "/foo/foo" => 0, indifference
and assume transitively that "/foo" and "/foo/foo" are also indifferent.
But this is wrong, we want "/foo" sorted before "/foo/foo".
The comparison function must be transitive.
Even if plymouth is running, it might have not displayed the splash yet,
so we'll see a few lines on fbcon when we should have otherwise had
nothing.
Plymouth integration was added to systemd in commit 6faa11140bf776cdaeb8d22d01816e6e48296971. That same day, Plymouth got
systemd integration [0]. As such, the Plymouth integration has always
been obsolete, and was probably only for older Plymouth's. But I can't
imagine anybody running a Plymouth from 2011 with a systemd from 2015.
Remove the Plymouth/systemd integration, and let Plymouth's code tell
systemd to print the details.
David Herrmann [Mon, 16 Mar 2015 14:51:25 +0000 (15:51 +0100)]
Revert "hwdb: merge atkbd into platform matches"
This reverts commit ba76ee29bc02879fb42c048132af8889b00220d5. As it turns
out, we need to match on driver=atkbd to not load the fixups on any
plugged USB devices.
That is, whenever you use "name:<name>:dmi:<dmi>" style matches, you
better provide a name or you're screwing things up.
Martin Pitt [Fri, 13 Mar 2015 07:35:59 +0000 (08:35 +0100)]
core: don't change removed devices to state "tentative"
Commit 628c89c introduced the "tentative" device state, which caused
devices to go from "plugged" to "tentative" on a remove uevent. This
breaks the cleanup of stale mounts (see commit 3b48ce4), as that only
applies to "dead" devices.
The "tentative" state only really makes sense on adding a device when
we don't know where it was coming from (i. e. not from udev). But when
we get a device removal from udev we definitively know that it's gone,
so change the device state back to "dead" as before 628c89c.
David Herrmann [Mon, 16 Mar 2015 11:19:09 +0000 (12:19 +0100)]
hwdb: merge atkbd into platform matches
Currently, we always run
hwdb 'keyboard:name:$attr{name}:$attr{[dmi/id]modalias}'
as last step to match keyboards. Therefore, if nothing else matched so
far, we still try the device-name+dmi combination.
However, we have a special atkbd rule which is only run for atkbd as:
hwdb 'keyboard:$attr{[dmi/id]modalias}'
This is redundant, as we already pass the same information to hwdb in the
last fallback step.
This patch converts the hwdb "keyboard:dmi:*" matches to
"keyboard:name:*:dmi:*" matches and drops the redundant rule.
David Herrmann [Mon, 16 Mar 2015 11:00:46 +0000 (12:00 +0100)]
hwdb: convert to generic input-modalias matches
There is no reason to match on usb-modaliases, if we can use the
input-modalias to achieve the same. This commit changes the
keyboard-lookups to not be restricted to USB, but pass all modaliases to
the hwdb. Furthermore, we convert all usb:* matches to input:* matches,
thus getting rid of any ambiguity if multiple usb devices are chained (or
a bluetooth device / etc. is on top).
Note that legacy keyboard:usb:* matches are still supported, but
deprecated. If possible, please use keyboard:input:* matches instead.
This is a required step to make other input devices work with
60-keyboard.hwdb. Other bus-types are often chained on usb and we want to
avoid any ambiguity here if we incorrectly match on a USB hub.
Lucas De Marchi [Fri, 13 Mar 2015 17:47:28 +0000 (17:47 +0000)]
vconsole-setup: check error of child process
If we don't check the error of the child process, systemd-vconsole-setup
would exit with 0 even if it could not really setup the console.
For a simple test, move loadkeys elsewhere and execute
systemd-vconsole-setup:
[root@localhost ~]# strace -f -e execve /usr/lib/systemd/systemd-vconsole-setup
execve("/usr/lib/systemd/systemd-vconsole-setup", ["/usr/lib/systemd/systemd-vconsol"...], [/* 15 vars */]) = 0
Process 171 attached
[pid 171] execve("/usr/bin/loadkeys", ["/usr/bin/loadkeys", "-q", "-C", "/dev/tty0", "br-abnt2"], [/* 15 vars */]) = -1 ENOENT (No such file or directory)
[pid 171] +++ exited with 1 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=171, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
+++ exited with 0 +++
Note that loadkeys returned 1 while systemd-vconsole-setup return 0.
Since the font and keyboard setup are already serialized, refactor the
code a little bit so the functions do the wait by themselves. One change
in behavior in this patch is that we don't return early, but we do try
to setup the keyboard even if the font load failed.