test/TEST-12-ISSUE-3171: specify -w1 option to netcat due to default change. (#5722)
On Ubuntu 17.04 (zesty zapus) netcat-openbsd was upgraded from 1.105-7ubuntu1
to 1.130-3, at the same time the defaults got changed from -q0 to -q-1
(infinity) the net result is that `echo A | nc -U' call now hangs, preventing
the testcase to complete. One could use the old default of -q0, but that option
is not available in some netcat implementations. Thus settle to specify -w1
instead to mitigate the testcase hang.
manager_sync_bus_names() function retrieves the dbus names
and compares it with unit bus names. It could be right
after the list is retrieved, the dbus peer is disconnected.
In this case it is really not an ERROR print if
sd_bus_get_name_creds() or sd_bus_creds_get_unique_name()
fail.
Remove BTN_DPAD_* keys from ID_INPUT_KEY test (#5701)
At present, devices implementing the BTN_DPAD_UP/DOWN/LEFT/RIGHT
codes will be incorrectly classified as key devices. This causes
devices respecting the Linux gamepad spec (such as the DS3 as of
kernel 4.12) to be classified as keyboards by X11.
This is caused by the test_key function checking all codes on
[KEY_OK, BTN_TRIGGER_HAPPY). Unfortunately the BTN_DPAD_* codes
are placed between KEY_LIGHTS_TOGGLE and KEY_ALS_TOGGLE. This
patch splits the upper key block check into the block before and
after the BTN_DPAD_* codes. An array is used to avoid dedicated,
per block loops in the event that more event codes are added in
the future.
udev: rename gperf struct name to match other headers
This makes it easier to use the same generator script as for other
gperf scripts. With automake each gperf file had it's own rule, but
with meson I'm trying to use one script, and this inconsistency made
that harder.
tree-wide: standardize on $(PACKAGE_VERSION) for the version string
We defined both $(VERSION) and $(PACKAGE_VERSION) with the same contents.
$(PACKAGE_VERSION) is slightly more descriptive, so settle on that, and
drop the other define.
busctl is not part of libsystemd, and should not be stored under libsystemd.
In particular this is confusing because busctl is linked with libshared, but
stuff in libsystemd is not supposed to depend on libshared.
iio-sensor-proxy expects the accelerometer oriented as follows:
positive x - to the right, positive y - up (opposite to gravity).
The hardware in the Asus TP300LJ-DW049H is however oriented
differently:
positive x - down, positive y - to the left
This commit adds a ACCEL_MOUNT_MATRIX quirk for this
particular laptop model.
Jason Reeder [Fri, 31 Mar 2017 20:40:18 +0000 (15:40 -0500)]
libsystemd-network: sd-ipv4ll: acquire new address after claimed address conflict
If a conflict occurs on a claimed ipv4ll address, the device releases
the address and then does not attempt to acquire a new ipv4ll
address. According to RFC3927, releasing the address in this
situation is correct. However, this should be followed by an attempt
to configure a new ipv4ll address.
This commit restarts the ipv4ll address acquisition state machine
after releasing the conflicting address.
From RFC3927 Section 2.5 conflict defense method (b):
...
However, if this is not the first conflicting ARP packet the host has
seen, and the time recorded for the previous conflicting ARP packet is
recent, within DEFEND_INTERVAL seconds, then the host MUST immediately
cease using this address and configure a new IPv4 Link-Local address
as described above.
...
Signed-off-by: Jason Reeder <jasonreeder@gmail.com>
Jason Reeder [Fri, 31 Mar 2017 19:23:10 +0000 (14:23 -0500)]
libsystemd-network: sd-ipv4ll: Wrapper to restart address aquisition after conflict
After an ipv4ll claimed address conflict occurs a new address needs
to be chosen and then the acquisition state machine needs to be
restarted.
This commit adds a function (sd_ipv4ll_restart) that clears the
previously acquired address (ll->address) and then calls the existing
sd_ipv4ll_start function to choose the new address and start the
acquisition.
Signed-off-by: Jason Reeder <jasonreeder@gmail.com>
Franck Bui [Fri, 31 Mar 2017 14:32:09 +0000 (16:32 +0200)]
udev: net_id - support predictable ifnames on vio buses (#5675)
For IBM PowerVM Virtual I/O network devices, we can build predictable names
based on the slot number passed as part of the OF "reg" property. Valid slot
numbers range between 2-32767, so we only need the bottom half of the unit
address passed.
Yu Watanabe [Thu, 30 Mar 2017 16:01:03 +0000 (01:01 +0900)]
journal-upload: add state file directory to ReadWritePaths (#5578)
The commit c7fb922d6250543ba5462fa7a6ff03cc8f628e94 prohibits
journal-upload to save its state in /var/lib/systemd/journal-upload/state,
thus the daemon fails and outputs the following error message even if
the directory is not read-only file system
```Cannot save state to /var/lib/systemd/journal-upload/state: Read-only file system```
This commit adds the permission the daemon to write the state file.
Michael Biebl [Thu, 30 Mar 2017 09:56:25 +0000 (11:56 +0200)]
journal: fix up syslog facility when forwarding native messages (#5667)
Native journal messages (_TRANSPORT=journal) typically don't have a
syslog facility attached to it. As a result when forwarding the messages
to syslog they ended up with facility 0 (LOG_KERN).
Apply syslog_fixup_facility() so we use LOG_USER instead.
So far, all sections of the systemd.special(7) man page used
<varlistentry> for listing the targets, with one exception: the
"Special Passive User Units" one. Let's clean this up and use the same
formatting everywhere.
tblume [Thu, 30 Mar 2017 09:21:18 +0000 (11:21 +0200)]
units: move Before deps for quota services to remote-fs.target (#5627)
Creating quota on an iscsi device is causing dependency loops at next reboot.
Reason is that systemd-quotacheck and quotaon.service are ordered before
local-fs.target and quota enabled mounts have a before dependency to them.
This cannot work for _netdev mounts, because network activation is ordered
after local-fs.target.
Moving the Before dependency for systemd-quotacheck and quotaon.service
to remote-fs.target fixes this.
Lukáš Nykrýn [Thu, 30 Mar 2017 09:12:50 +0000 (11:12 +0200)]
sysv-generator: Provides: $network should also pull network.target to transaction (#5652)
network.target should be pulled in to the transaction
by the unit that provides network services, but currently
for initscripts it only pulls in network-online.target.
units: make enablement of s-n-wait-online.service follow systemd-networkd.service (#5635)
In 58a6dd15582c038a25bd7059435833943e2e4617 s-n-wait-online.service was added
to presets to synchronize the presets with the state after installation. But it
is harmful to have s-n-wait-online.service enabled when s-n.service is
disabled, because s-n-wait-online.service has Requsite=s-n.service and cannot
be activated. Thus remove s-n-wait-online.service from presets again, and let
it be enabled whenever s-n.service is enabled.
During installation we create enablement symlinks by hand, and since s-n.service
is enabled, s-n-w-o.service should be enabled too, so the symlink should still
be created during installation.
rules: add a rule to set /dev/kvm access mode and ownership (#5597)
Kernel default mode is 0600, but distributions change it to group kvm, mode
either 0660 (e.g. Debian) or 0666 (e.g. Fedora). Both approaches have valid
reasons (a stricter mode limits exposure to bugs in the kvm subsystem, a looser
mode makes libvirt and other virtualization mechanisms work out of the box for
unprivileged users over ssh).
In Fedora the qemu package carries the relevant rule, but it's nicer to have it
in systemd, so that the permissions are not dependent on the qemu package being
installed. Use of packaged qemu binaries is not required to make use of
/dev/kvm, e.g. it's possible to use a self-compiled qemu or some alternative.
To accomodate both approaches, add a rule to set the mode in 50-udev-default.rules,
but allow the mode to be overridden with a --with-dev-kvm-mode configure rule.
The default is 0660, as the (slightly) more secure option.
Thomas Haller [Fri, 24 Mar 2017 14:36:06 +0000 (15:36 +0100)]
basic: don't link "libm.so" into "libbasic.so" (#5628)
Very few parts of the systemd source require <math.h> or "libm.so".
Linking libbasic with -lm drags the mathematical library in for all
systemd components, and in turn for all users of systemd libraries.
Michael Biebl [Thu, 23 Mar 2017 03:37:06 +0000 (04:37 +0100)]
units: simplify rescue.service and emergency.service (#5623)
The emergency.service and rescue.service units have become rather
convoluted. We spawn multiple shells and the help text spans multiple lines
which makes the units hard to read.
Move the logic into a single shell script and call that via ExecStart.
Yu Watanabe [Tue, 21 Mar 2017 04:30:48 +0000 (13:30 +0900)]
resolved: detect and warn other running LLMNR stack
Previously, `SO_REUSEADDR` is set before `bind`-ing socket, Thus,
even if another LLMNR stack is running, `bind` always success and
we cannot detect the other stack. By this commit, we first try to
`bind` without `SO_REUSEADDR`, and if it fails, show warning and
retry with `SO_REUSEADDR`.
Yu Watanabe [Tue, 21 Mar 2017 04:34:52 +0000 (13:34 +0900)]
resolved: detect and warn other running mDNS stack
Previously, `SO_REUSEADDR` is set before `bind`-ing socket, Thus,
even if another mDNS stack (e.g. avahi) is running, `bind` always
success and we cannot detect the other stack.
By this commit, we first try to `bind` without `SO_REUSEADDR`,
and if it fails, show warning and retry with `SO_REUSEADDR`.
Yu Watanabe [Thu, 16 Mar 2017 06:52:34 +0000 (15:52 +0900)]
resolved: do not start LLMNR or mDNS stack when no network enables them
When no network enables LLMNR or mDNS, it is not necessary to create
LLMNR or mDNS related sockets. So, let's create them only when
LLMNR- or mDNS-enabled network becomes active or at least one network
enables `LLMNR=` or `MulticastDNS=` options.
Daniel Molkentin [Fri, 17 Mar 2017 11:13:19 +0000 (12:13 +0100)]
units: do not throw a warning in emergency mode if plymouth is not installed (#5528)
Ideally, plymouth should only be referenced via dependencies,
not ExecStartPre's. This at least avoids the confusing error message
on minimal installations that do not carry plymouth.
Djalal Harouni [Thu, 16 Mar 2017 02:30:15 +0000 (03:30 +0100)]
base-filesystem: skip fchownat() if the previous mkdirat() on same path failed (#5548)
If we are working on a path that was marked to be ignored on errors, and
the mkdirat() fails then add a continue statement and skip fchownat() call.
This avoids the case where UID/GID are valid and we run fchownat() on
non existent path which will fail hard even on paths that we want to
ignore in case of errors.
journal: prevent integer overflow while validating header (#5569)
It is possible to overflow uint64_t while validating the header of
a journal file. To prevent this, the addition itself is checked to
be within the limits of UINT64_MAX first.
To keep this readable, I have introduced two stack variables which
hold the converted values during validation.
Bastien Nocera [Thu, 9 Mar 2017 13:53:52 +0000 (14:53 +0100)]
hwdb: Add property for keyboards without LEDs
It is useful for desktop environments to be able to show Caps-Lock or
Num-Lock status changes as an on-screen display when using a keyboard
that doesn't have LEDs for this.
Martin Pitt [Wed, 8 Mar 2017 13:20:11 +0000 (14:20 +0100)]
build-sys: only install legacy *.pkla files with old polkit versions (#5555)
The legacy *.pkla files are not required when running against polkit ≥ 106,
and we want to avoid shipping files in /var if possible (but pkla files
can only be in /etc/ or /var).
Only install the *.pkla files if we detect an old polkit version during
configure. Don't install them if polkit isn't installed during build, as
distributions other than Debian-based ones have moved to the new polkit
long ago.
docs: add a note about reporting security vulns (#5541)
We *do* have the occasional security issue, where it would be nice to have
non-public disclosure and time to fix the issue before it's fully public. Our
github infrastracture does not make it easy to report vulnerabilities in
confidential manner, so let's leverage the distro mechanisms for that. I
think we're better off with this solution than leaving it up to individual
reporters to discover some mechanism on their own.
Peter Hutterer [Tue, 7 Mar 2017 06:55:58 +0000 (16:55 +1000)]
rules: set ID_BUS=bluetooth for any device with id/bustype attr of 0x0005 (#5539)
Not all bluetooth devices come through the bluetooth subsystem and those that
don't currently lack the ID_BUS=bluetooth env. This again fails to apply udev
rules and/or hwdb entries that rely on the bluetooth bustype to be set.
Fix this by checking the attribute id/bustype on the device instead of just
the subsystem.