Yu Watanabe [Tue, 5 Dec 2023 05:57:13 +0000 (14:57 +0900)]
find-esp: do not fail when /boot on btrfs RAID on searching ESP or xbootldr
When /boot or friends is on btrfs RAID, btrfs_get_block_device_at() will
succeed with 0 and provide zero devnum. Then,
- if we are previleged, devname_from_devnum() maps the devnum to
/run/systemd/inaccessible/blk, and the subsequent verification by blkid
will fail,
- if we are unprevileged, sd_device_new_from_devnum() will fail.
This makes
- when find_esp() or find_xbootldr() is called without any paths, that
is, called with the searching mode, then returns -ENOKEY, which should
be handled gracefully by the caller,
- when they are called with an input path, then they provide the proper
error message and suggestion.
Frantisek Sumsal [Tue, 12 Dec 2023 22:01:31 +0000 (23:01 +0100)]
test: mask the mdmonitor.service
It's pulled in by one of the udev rules (63-md-raid-arrays.rules) and it
fails every time, because there's no valid email address in
/etc/mdadm.conf:
[ 5.778153] testsuite-64.sh[403]: mdadm: array /dev/md/mdmirror started.
[ 5.819137] kernel: md/raid1:md127: not clean -- starting background reconstruction
[ 5.819141] kernel: md/raid1:md127: active with 2 out of 2 mirrors
[ 5.819159] kernel: md127: detected capacity change from 0 to 129024
[ 5.821950] kernel: md: resync of RAID array md127
...
[ 5.887192] mdadm[424]: mdadm: No mail address or alert command - not monitoring.
[ 5.890772] systemd[1]: Starting mdmonitor.service...
[ 5.891718] systemd[1]: Started mdmonitor.service.
[ 5.892570] systemd[1]: mdmonitor.service: Main process exited, code=exited, status=1/FAILURE
[ 5.892618] systemd[1]: mdmonitor.service: Failed with result 'exit-code'.
And as we (re)assemble the MD devices multiple times, this gets quite
noisy, especially since we later start hitting the service start rate
limit.
Fedora has the mdmonitor.service patched, so it won't start without
/etc/mdadm.conf being present, but Arch uses the upstream unit which
doesn't have such guard.
Let's just mask the service completely, which replaces all that noise
with one warning:
[ 6.553583] testsuite-64.sh[294]: + udevadm wait --settle ...
[ 6.580700] systemd[1]: sys-devices-virtual-block-md127.device: Failed to enqueue SYSTEMD_WANTS job, ignoring: Unit mdmonitor.service is masked.
The image name is extracted from the image path originally passed in,
i.e. not the contents of the image. And the image UUID is directly
retrieved from the partition table, hence also not from the contents.
Let's hence move the comment to separate out the stuff extract from the
file systems (and thus only available when mounting/with privs/with
block devices) from the data available without any of that.
systemd-networkd[68396]: /run/systemd/network/25-address-static.network: unexpected address flags "n/a" were configured. Ignoring [Address] section from line 144.
Let's instead show the unexpected flags:
systemd-networkd[69160]: /run/systemd/network/25-address-static.network: unexpected address flags "home-address,manage-temporary-address" were configured. Ignoring [Address] section from line 144.
Mike Yuan [Tue, 12 Dec 2023 08:33:13 +0000 (16:33 +0800)]
core/job: emit job start message if we're only waiting for unit state
Currently, start/stop messages for device units are not used, since
job_perform_on_unit() does nothing and we simply wait for unit status
change. I think we still want some nice log messages explaining what
the start jobs for devices are doing, so let's fix this.
Luca Boccassi [Mon, 11 Dec 2023 01:03:39 +0000 (01:03 +0000)]
executor: don't duplicate FD array to avoid double closing
Just use ExecParam directly, as these are all internal to sd-exec now
anyway. Avoids double close when execution fails after FDs are set up
for inheritance and were already re-arranged.
sigwait() is documented to "suspend execution of the calling thread
until one of the signals specified in the signal set becomes pending".
And the only error it returns is EINVAL, when "set contains an invalid
signal number". Therefore, there's no need to run it in a loop or
to check for runtime error.
Yu Watanabe [Thu, 7 Dec 2023 05:45:07 +0000 (14:45 +0900)]
network/ipv4ll: do not start sd-ipv4ll on exit
When assert_return() is critical, the following assertion is triggered
on exit:
---
#0 0x00007f8b1f6b0884 in __pthread_kill_implementation () from target:/lib64/libc.so.6
#1 0x00007f8b1f65fafe in raise () from target:/lib64/libc.so.6
#2 0x00007f8b1f64887f in abort () from target:/lib64/libc.so.6
#3 0x00007f8b208d02d6 in log_assert_failed (text=0x7f8b210009e0 "e->state != SD_EVENT_FINISHED", file=0x7f8b20fff403 "src/libsystemd/sd-event/sd-event.c",
line=1252, func=0x7f8b21004400 <__func__.154> "sd_event_add_io") at ../src/basic/log.c:948
#4 0x00007f8b208d0457 in log_assert_failed_return (text=0x7f8b210009e0 "e->state != SD_EVENT_FINISHED",
file=0x7f8b20fff403 "src/libsystemd/sd-event/sd-event.c", line=1252, func=0x7f8b21004400 <__func__.154> "sd_event_add_io") at ../src/basic/log.c:967
#5 0x00007f8b20c7d102 in sd_event_add_io (e=0x617000000080, ret=0x60c000000a20, fd=11, events=1, callback=0x7dfd85 <ipv4acd_on_packet>,
userdata=0x60c000000a00) at ../src/libsystemd/sd-event/sd-event.c:1252
#6 0x00000000007e3934 in sd_ipv4acd_start (acd=0x60c000000a00, reset_conflicts=true) at ../src/libsystemd-network/sd-ipv4acd.c:597
#7 0x00000000007e72b9 in ipv4ll_start_internal (ll=0x6080000006a0, reset_generation=true) at ../src/libsystemd-network/sd-ipv4ll.c:278
#8 0x00000000007e7462 in sd_ipv4ll_start (ll=0x6080000006a0) at ../src/libsystemd-network/sd-ipv4ll.c:298
#9 0x00000000006047a1 in dhcp4_handler (client=0x617000000400, event=0, userdata=0x61a000000680) at ../src/network/networkd-dhcp4.c:1183
#10 0x000000000075b1ed in client_notify (client=0x617000000400, event=0) at ../src/libsystemd-network/sd-dhcp-client.c:783
#11 0x000000000075bf8d in client_stop (client=0x617000000400, error=0) at ../src/libsystemd-network/sd-dhcp-client.c:821
#12 0x000000000077710f in sd_dhcp_client_stop (client=0x617000000400) at ../src/libsystemd-network/sd-dhcp-client.c:2388
#13 0x000000000065cdd1 in link_stop_engines (link=0x61a000000680, may_keep_dhcp=true) at ../src/network/networkd-link.c:336
#14 0x000000000041f214 in manager_free (m=0x618000000080) at ../src/network/networkd-manager.c:613
#15 0x00000000004124e3 in manager_freep (p=0x7f8b1c800040) at ../src/network/networkd-manager.h:128
#16 0x00000000004139f6 in run (argc=1, argv=0x7ffffe4522e8) at ../src/network/networkd.c:24
#17 0x0000000000413b20 in main (argc=1, argv=0x7ffffe4522e8) at ../src/network/networkd.c:119
---
Prompted by https://github.com/systemd/systemd/pull/30049#issuecomment-1844087965.
Yu Watanabe [Thu, 7 Dec 2023 05:28:12 +0000 (14:28 +0900)]
resolve: do not trigger assertion on exit
By making assert_return() critical, we observe the following:
---
Program received signal SIGABRT, Aborted.
0x00007f01320b0884 in __pthread_kill_implementation () from /lib64/libc.so.6
(gdb) bt
#0 0x00007f01320b0884 in __pthread_kill_implementation ()
from /lib64/libc.so.6
#1 0x00007f013205fafe in raise () from /lib64/libc.so.6
#2 0x00007f013204887f in abort () from /lib64/libc.so.6
#3 0x00007f01338d02d6 in log_assert_failed (
text=0x7f01340009e0 "e->state != SD_EVENT_FINISHED",
file=0x7f0133fff403 "src/libsystemd/sd-event/sd-event.c", line=1399,
func=0x7f01340045a0 <__func__.148> "sd_event_add_time")
at ../src/basic/log.c:948
#4 0x00007f01338d0457 in log_assert_failed_return (
text=0x7f01340009e0 "e->state != SD_EVENT_FINISHED",
file=0x7f0133fff403 "src/libsystemd/sd-event/sd-event.c", line=1399,
func=0x7f01340045a0 <__func__.148> "sd_event_add_time")
at ../src/basic/log.c:967
#5 0x00007f0133c7ed83 in sd_event_add_time (e=0x617000022280,
ret=0x610000007e98, clock=7, usec=24054941030, accuracy=0,
callback=0x4625b4 <on_announcement_timeout>, userdata=0x610000007e40)
at ../src/libsystemd/sd-event/sd-event.c:1399
#6 0x00007f0133c7f725 in sd_event_add_time_relative (e=0x617000022280,
ret=0x610000007e98, clock=7, usec=1000000, accuracy=0,
callback=0x4625b4 <on_announcement_timeout>, userdata=0x610000007e40)
at ../src/libsystemd/sd-event/sd-event.c:1462
#7 0x0000000000464cac in dns_scope_announce (scope=0x610000007e40, goodbye=true) at ../src/resolve/resolved-dns-scope.c:1530
#8 0x0000000000504d08 in link_free (l=0x612000023d40) at ../src/resolve/resolved-link.c:83
#9 0x000000000052dbbd in manager_free (m=0x619000000a80) at ../src/resolve/resolved-manager.c:697
#10 0x0000000000562328 in manager_freep (p=0x7f012f800040) at ../src/resolve/resolved-manager.h:198
#11 0x000000000056315a in run (argc=1, argv=0x7fff22b06468) at ../src/resolve/resolved.c:25
#12 0x0000000000563284 in main (argc=1, argv=0x7fff22b06468) at ../src/resolve/resolved.c:99
---
Prompted by https://github.com/systemd/systemd/pull/30049#issuecomment-1844087965.
Mike Yuan [Fri, 8 Dec 2023 16:06:16 +0000 (00:06 +0800)]
core/executor: do destruct static variables and selinux before exiting
I was wondering why I couldn't trigger the assertion in safe_fclose()
when submitting #30251. It turned out that the static destructor was
not run at all :/
Replace main() with a minimized version of main-func.h. This also
prevents emitting negative exit codes.
Yu Watanabe [Sun, 10 Dec 2023 04:56:46 +0000 (13:56 +0900)]
network/route: fix reachability check when peer address is specified
When an address with peer address is specified, the kernel by default
adds the prefix route for the peer address. When ManageForeignRoute=no
is set, then we also needs to check the prefix for the peer address.
Mike Yuan [Sat, 9 Dec 2023 12:10:31 +0000 (20:10 +0800)]
core/cgroup: cache the last memory usage values before destroying cgroup
Currently, memory accounting values are only cached if it was queued
at least once before destroying cgroup. Let's always cache it like
what we already do for CPU usage.
With a sufficiently large initrd, the tests take 25 s on my laptop.
Normally, they'd be quicker, but since we use what we find on the
system, we don't control this. Let's raise the timeout to reduce the
chances of a spurious failure.
test_ukify: explicitly remove big temporary directories
pytest intentionally keeps around a limited number of the previous test
temporary directories [1]. This is generally OK, but in our tests that generate
initrds, we create a few very large files (both the initrd and kernel in a few
copies), which quickly adds up. I had a particularly large initrd (because of
some mkosi-initrd shenanigans), and I unded up with dozens of gigabytes of
temporary files from the tests. Let's just nuke the dirs where we write
kernel data.
Quoting https://docs.pytest.org/en/stable/how-to/tmp_path.html#the-default-base-temporary-directory:
> The tmpdir and tmpdir_factory fixtures are similar to tmp_path and
> tmp_path_factory, but use/return legacy py.path.local objects rather than
> standard pathlib.Path objects.
>
> These days, it is preferred to use tmp_path and tmp_path_factory.
Since we restart systemd-udevd here a couple of times, we might hit the
rate limit in later tests:
[ 26.028355] testsuite-17.sh[2074]: + udevadm control -e
[ 26.028355] testsuite-17.sh[2074]: + udevadm control -l emerg
[ 26.126160] systemd[1]: systemd-udevd.service: Start request repeated too quickly.
[ 26.126213] systemd[1]: systemd-udevd.service: Failed with result 'start-limit-hit'.
[ 26.140310] systemd[1]: Failed to start systemd-udevd.service.
[ 26.140897] systemd[1]: systemd-udevd-control.socket: Failed with result 'service-start-limit-hit'.
[ 26.141286] systemd[1]: systemd-udevd-kernel.socket: Failed with result 'service-start-limit-hit'.
[ 26.142225] testsuite-17.sh[2074]: + udevadm control -l alert
[ 26.149206] udevadm[2088]: Failed to send request to set log level: No such file or directory
Daan De Meyer [Thu, 7 Dec 2023 13:26:10 +0000 (14:26 +0100)]
repart: Don't look for --make-ddi= definitions inside --root=
It doesn't really make sense to go looking for these inside the
given root directory. While we should resolve specifiers and such
based on the given root directory, let's look up the image definitions
on the host system as there's a good chance they're coupled to the
repart version we're using so there's all kinds of chances for problems
if we use the definitions from the image we're building instead of those
from the host.
Luca Boccassi [Thu, 7 Dec 2023 23:19:36 +0000 (23:19 +0000)]
core: create workdir/upperdir when mounting a Type=overlay mount unit
So far we created the target directory, and the source for bind mounts,
but not workdir/upperdir for overlays, so it has to be done separately
and strictly before the unit is started, which is annoying. Check the
options when creating directories, and if upper/work directories are
specified, create them.
install: don't translate unit instances to paths when reenabling them
For unit instances install_info_discover() returns path to the template,
which then generates confusing errors when passed to
do_unit_file_enable():
~# build/systemctl --root=/tmp/systemctl-test.N9ysbz reenable templ1@two.service
Unit name: templ1@two.service; p: /etc/systemd/system/templ1@.service
Removed "/tmp/systemctl-test.N9ysbz/etc/systemd/system/services.target.wants/templ1@two.service".
Failed to reenable templ1@.service, destination unit services.target is a non-template unit.
This can also be seen with a different reproducer using getty@.service
and a simple bind mount to / - there's no error this time, but it tries
to create a symlink for the default instance (from DefaultInstance=tty1),
which is also incorrect:
Luca Boccassi [Mon, 27 Nov 2023 23:32:31 +0000 (23:32 +0000)]
core: relax dependency on RootImage= storage from Requires= to Wants=
If a unit is running in an image and wants to survive a soft-reboot,
then it can't be deactivated by the storage of the image going away.
Relax the dependency to a Wants=. Access to the image is not needed
when the unit is running anyway, so downgrade to Wants=.
Daan De Meyer [Tue, 5 Dec 2023 13:56:00 +0000 (14:56 +0100)]
repart: Re-open file descriptor to partition target after mkfs
The mkfs binary might unlink the path we give it and replace it with
a new file so let's make sure that our fd points to any new file rather
than the old deleted file.
Specifically this fixes erofs partition generation.
aslepykh [Fri, 8 Dec 2023 01:54:52 +0000 (04:54 +0300)]
test: avoid NO_CAST.INTEGER_OVERFLOW in test-oomd-util (#30365)
The `.mem_total` variable has `uint64_t` type, therefore, when multiplying the number
`20971512` by the number `1024` with the suffix `U`, we will not get the expected result of
`21,474,828,288`, since the number `20971512` without an explicit type indication has
`uint32_t` type.
First, multiplication will occur in accordance with the `uint32_t` type; this operation will
cause a **type overflow**, and only then will this result be assigned to a `uint64_t` type
variable.
It's worth adding the `UL` suffix to the number `20971512` to avoid **overflow**.
Found by Linux Verification Center (portal.linuxtesting.ru) with SVACE.
Author A. Slepykh.