bootctl: let's be paranoid and synchronize the ESP in full after all changes
We already synchronize all files we write individually, as well as the
directories they are stored in. Let's also synchronize the ESP as a
whole after our work, just in case.
shared/sleep-config: add switches to kill specific sleep modes
/etc/systemd/sleep.conf gains four new switches:
AllowSuspend=, AllowHibernation=, AllowSuspendThenHibernate=, AllowHybridSleep=.
Disabling specific modes was already possible by masking suspend.target,
hibernate.target, suspend-then-hibernate.target, or hybrid-sleep.target.
But this is not convenient for distributions, which want to set some defaults
based on what they want to support. Having those available as configuration
makes it easy to put a config file in /usr/lib/systemd/sleep.conf.d/ that
overrides the defaults and gives instructions how to undo that override.
Ray Strode [Sat, 6 Oct 2018 10:08:31 +0000 (06:08 -0400)]
logind: ensure seat0 CanGraphical state is written
For non-`seat0` seats, attaching a graphics card to a seat can
lead to it getting created. This is because the graphics device
is a "master device" which means that device is a seat-defining
device.
`seat0` may get created, even before the graphics driver is loaded,
though. This is because the graphics driver is loaded
asynchronously at startup, and `seat0` is the primary seat of
system, associated with the system VTs.
When a graphics card is attached to a seat the `CanGraphical`
property on that seat will flip to `true`.
For seats that haven't been created yet (non-`seat0` seats), this
leads to `seat_start` getting called which ultimately causes the
seat to get serialized to `/run/systemd/seats`.
For `seat0`, which is already created, `seat_start` will return
immediately, which means the updated `CanGraphical` state will
never get written to `/run/systemd/seats`.
The end result is that clients querying `sd_seat_can_graphical`
won't get the correct answer for `seat0` in cases where the
graphics device takes a long time to load until some other peice
of seat state is updated.
This commit fixes the problem by calling `seat_save` explicitly
for already running seats at the time a graphics device is
attached.
cryptsetup: don't use %m if there's no error to show
We are not the ones receiving an error here, but the ones generating it,
hence we shouldn't show it with %m, that's just confusing, as it
suggests we received an error from some other call.
Alan Jenkins [Fri, 14 Sep 2018 10:57:57 +0000 (11:57 +0100)]
man/systemd.exec: MountFlags=shared behaviour was changed (fixed?)
The behaviour described *was* observed on Fedora 28
(systemd-238-9.git0e0aa59), with and without SELinux. I don't actually
know why though! It contradicts my understanding of the code, including an
explicit comment in the code.
Patrik Flykt [Tue, 2 Oct 2018 18:48:22 +0000 (12:48 -0600)]
networkd-link: Don't start a DHCPv6 informational exchange automatically
When a link is configured, wait until there is a Router Advertisement before
attempting to start DHCPv6. The intended DHCPv6 mode will be evaluated in
ndisc_router_handler() in networkd-ndisc.c.
Thomas Haller [Thu, 4 Oct 2018 16:54:58 +0000 (18:54 +0200)]
dhcp6: don't include internal header "sparse-endian.h" in "sd-dhcp6-client.h"
Arguably, libsystemd-network is (still) entirely internal API.
However there is the aim of maybe exposing it as public API.
For that reason, it cannot include internal headers from
"src/basic/".
Note how files "src/systemd/sd-*.h" don't include any systemd
headers which don't themself have an "sd-" prefix.
Add DOCUMENTATION_URL as a standard value for /etc/os-release
It is very useful for distributions to be able to set a primary
documentation URL in a standard location so that users and
applications on the system can identify it. For example, many
headless systems these days use the "Cockpit" admin console. It
would be ideal if we could specify this location directly in the
os-release file so that any application or service could have a
well-known location for retrieving this and displaying it
appropriately. Users could likewise examine /etc/os-release to
learn this location.
test-fs-util: run all tests on the specified directory
This removes $RENAME_NOREPLACE_DIR and uses a command-line argument instead.
Logging is added, and tests are skipped if we get -EPERM or friends
(which happens on FAT and other filesystems).
Joe Hershberger [Fri, 28 Sep 2018 20:32:35 +0000 (15:32 -0500)]
udev: Allow acpi_index and index to be "0"
0 can be a valid index returned by the BIOS, so allow that by using the
parsing function safe_atolu() to check for errors without excluding the
valid value "0".
Signed-off-by: Joe Hershberger <joe.hershberger@ni.com>
Patrik Flykt [Tue, 2 Oct 2018 18:29:09 +0000 (12:29 -0600)]
networkd-dhcp6: Request prefix delegation for a new link
Request prefix delegation for a new downstream link that is enabled
after any number of upstream DHCPv6 links. Submit the request after
the link has been configured with a link-local address.
If the upstream DHCPv6 client has already been configured to request
prefixes, attempt to re-assign any possible prefixes between the
already existing links and the new one. If no prefixes are yet
acquired, nothing will happen right away and any prefixes will be
distributed after a reply from the DHCPv6 server.
If none of the already existing downstream links have requested
DHCPv6 prefixes to be assigned, enable prefix delegation for each
client and restart them one by one if they are already running. This
causes the DHCPv6 clients to re-acquire addresses and prefixes and
to re-distribute them to all links when receiving an updated
response from their respective DHCPv6 servers. If the DHCPv6 client
in question was not already running, it is set to request prefixes
but not restarted.
When an error occurs while setting or restarting the DHCPv6 client,
log the incident and move over to the next link.
According to our CODING_STYLE our library code should generally not log
beyond LOG_DEBUG. Let's hence get rid of log_radv_warning_errno() and
just use log_radv_errno() instead.
fs-util: add racy RENAME_NOREPLACE fallback using access()
Apparently FAT on some recent kernels can't do RENAME_NOREPLACE, and of
course cannot do linkat()/unlinkat() either (as the hard link concept
does not exist on FAT). Add a fallback using an explicit beforehand
faccessat() check. This sucks, but what we can do if the safe operations
are not available?
bus-unit-util: fix parsing of IPAddress{Allow,Deny}
While the config parser correctly handles the case of multiple IPs,
bus_append_cgroup_property was only parsing one IP,
and it would fail with "Failed to parse IP address prefix" when given
a list of IPs.
journal-upload: add asserts that snprintf does not return an error
LGMT complains:
> The size argument of this snprintf call is derived from its return value,
> which may exceed the size of the buffer and overflow.
Let's make sure that r is non-negative. (This shouldn't occur unless the format
string is borked, so let's just add an assert.)
Then, let's reorder the comparison to avoid the potential overflow.
shared/install: avoid overwriting 'r' counter with a partial result
We want to store either the first error or the total number of changes in 'r'.
Instead, we were overwriting this with the return value from
install_info_traverse().
LGTM complained later in the loop that:
> Comparison is always true because r >= 0.
systemd-id128: a new tool to print machine/boot/invocation/app-specific ids
The raison d'etre for this program is printing machine-app-specific IDs. We
provide a library function for that, but not a convenient API. We can hardly
ask people to quickly hack their own C programs or call libsystemd through CFFI
in python or another scripting language if they just want to print an ID.
Verb 'new' was already available as 'journalctl --new-id128', but this makes
it more discoverable.
v2:
- rename binary to systemd-id128
- make --app-specific= into a switch that applies to boot-id and machine-id
icmp6-util: stop ignoring EAGAIN and EINTR in icmp6_receive
The code handling the errors was originally part of ndisc_recv, which,
being an event handler, would be simply turned off if it returned a negative
error code. It's no longer necessary. Plus, it helps avoid passing
an uninitialized value to radv_send.
LGTM was complaining:
> Multiplication result may overflow 'int' before it is converted to 'long'.
Fix this by changing all types to ssize_t and add a check for overflow
while at it.
bus-message: fix skipping of array fields in !gvariant messages
We copied part of the string into a buffer that was off by two.
If the element signature had length one, we'd copy 0 bytes and crash when
looking at the "first" byte. Otherwise, we would crash because strncpy would
not terminate the string.
bus-message: fix calculation of offsets table for arrays
This is similar to the grandparent commit 'fix calculation of offsets table',
except that now the change is for array elements. Same story as before: we need
to make sure that the offsets increase enough taking alignment into account.
While at it, rename 'p' to 'previous' to match similar code in other places.
The offsets specify the ends of variable length data. We would trust the
incoming data, putting the offsets specified in our message
into the offsets tables after doing some superficial verification.
But when actually reading the data we apply alignment, so we would take
the previous offset, align it, making it bigger then current offset, and
then we'd try to read data of negative length.
In the attached example, the message specifies the following offsets:
[1, 4]
but the alignment of those items is
[1, 8]
so we'd calculate the second item as starting at 8 and ending at 4.