core: add configuration directories to LookupPaths
Let's add a seperate fields for the directories where we place runtime and
persistent configuration, so that we can use this in install.c (to be added in
a later commit), and we store path information in the same place everywhere.
Now that we store the generator directories in LookupPaths we can use this to
intrdouce a new unit file state called "generated", for units in these
directories.
core: rework generator dir logic, move the dirs into LookupPaths structure
A long time ago – when generators where first introduced – the directories for
them were randomly created via mkdtemp(). This was changed later so that they
use fixed name directories now. Let's make use of this, and add the genrator
dirs to the LookupPaths structure and into the unit file search path maintained
in it. This has the benefit that the generator dirs are now normal part of the
search path for all tools, and thus are shown in "systemctl list-unit-files"
too.
rules: set SYSTEMD_READY=0 on DM_UDEV_DISABLE_OTHER_RULES_FLAG=1 only with ADD event (#2747)
The "SYSTEMD_READY=0" will cause automatic unmount
of mountpoint that is on top of such DM device
if this is used with multipath which sets
DM_UDEV_DISABLE_OTHER_RULES_FLAG in case
we have a CHANGE event thatcomes after DM multipath
device reload when one of the paths is down or up.
See https://bugzilla.redhat.com/show_bug.cgi?id=1312011
Martin Pitt [Mon, 11 Apr 2016 19:03:29 +0000 (21:03 +0200)]
Install: correctly report symlink creations
All callers of create_symlink(), such as install_info_symlink_wants(), expect
that to return > 0 if it actually did something, and then return that number.
unit_file_enable() uses that to determine if any action was done
(carries_install_info != 0) and if not, show a "The unit files have no
[Install] section" warning.
Return 1 instead of 0 in the two code paths of create_symlink() when the link
was created or replaced with a new value.
This fixes getting a bogus "No [Install] section" warning when enabling a unit
with full path, like "systemctl enable /some/path/myunit.service".
Michal Sekletar [Fri, 8 Apr 2016 11:22:54 +0000 (13:22 +0200)]
nspawn: always setup machine id
We check /etc/machine-id of the container and if it is already populated
we use value from there, possibly ignoring value of --uuid option from
the command line. When dealing with R/O image we setup transient machine
id.
Once we determined machine id of the container, we use this value for
registration with systemd-machined and we also export it via
container_uuid environment variable.
As registration with systemd-machined is done by the main nspawn process
we communicate container machine id established by setup_machine_id from
outer child to the main process by unix domain socket. Similarly to PID
of inner child.
Fixes:
$ sudo make distcheck
...
FAIL: test/udev-test.pl
...
$ vi systemd-229/_build/sub/test/udev-test.pl.log
...
failed to mount empty
/home/ubuntu/systemd/systemd-229/_inst/lib/udev/rules.d No such file or directory
...
failed to mount empty
/home/ubuntu/systemd/systemd-229/_inst/lib/udev/rules.d No such file or directory
...
414 errors occurred
build-sys: force generation of triggers.systemd file
We don't want to actually install it anywhere, because it
is only usable copied or %included directly into a spec file,
and must be available before %prep is run. But still, it's
useful to generate it automatically so it's easier to copy
and it doesn't go stale.
Martin Pitt [Wed, 6 Apr 2016 21:18:06 +0000 (23:18 +0200)]
test: udev: Check tags
Add two more tests:
- Add a single tag, match on it, don't match on another.
- Add 10.000 tags to a device, ensure that udev survives this.
(Reproduces crash fixed by commit 1d88a271a)
journal-upload: Update watchdog while in curl_easy_perform
It is observed that a combination of high log throughput, low I/O speed on journal remote side and many nodes uploading simultaneously caused the journal-upload process to dump core because of watchdog starvation. This is caused because journal-upload stays in curl_easy_perform(), because it cannot upload fast enough to reach the end of the journal. Currently journal-upload will return from curl_easy_perform() only when the end of the journal is reached. Therefore a check is added in journal_input_callback(), which will update the watchdog if the elapsed time since the start of the uploading process is greater than WATCHDOG_USEC/2.
* Don't receive notification when child processes stop
Eliminates annoying "Child died"-messages:
$ ./systemd-socket-activate -l 2000 --inetd -a cat
^Z
[1]+ Stopped ./systemd-socket-activate -l 2000 --inetd -a cat
$ bg %1
[1]+ ./systemd-socket-activate -l 2000 --inetd -a cat &
Child 15657 died with code 20
$ ps u 15657
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
ubuntu 15657 0.0 0.0 4540 680 pts/2 S 00:34 0:00 cat
* Don't fail to reap some zombie children
Fixes
$ ./systemd-socket-activate -l 2000 --inetd -a cat &
$ for i in {1..1000}; do echo a | nc localhost 2000 & done
$ ps f
...
18235 pts/2 Ss 0:01 -bash
15849 pts/2 S 0:00 \_ ./systemd-socket-activate -l 2000 --inetd
-a cat
16081 pts/2 Z 0:00 | \_ [cat] <defunct>
16381 pts/2 Z 0:00 | \_ [cat] <defunct>
and many more zombies
...
Martin Pitt [Tue, 5 Apr 2016 08:30:45 +0000 (10:30 +0200)]
polkit: don't start polkit agent when running as root
On the server side we already bypass the polkit checks if the caller is root
(see the sd_bus_query_sender_privilege() call in bus_verify_polkit_async()). So
there is no reason to invoke polkit when running
systemctl/machinectl/loginctl/timedatectl as root.
Martin Pitt [Mon, 4 Apr 2016 09:09:00 +0000 (11:09 +0200)]
sd-device: fix crash if a device has many tags or devlinks
strjoina() is unsafe to be used in an unbounded loop as alloca() has no error
reporting. Thus devices with a large number of tags or devlinks trigger a
segfault in device_properties_prepare() due to overflowing the stack.
Rewrite the building of the "tags" and "devlinks" strings using
GREEDY_REALLOC() and strpcpy() to work with arbitrarily long strings. This also
avoids re-copying the entire string in each loop iteration.
Before this commit we always appended one final ":" to "tags". Change this to
start with an iniital ":" and for each tag append instead of prepend a ":".
This unifies what happens for the first and all subsequent tags so that we can
use a for loop.
Address code-review items for pull-request #2890
1. Replace strtol with unhexchar, verified with valid and invalid DUID strings.
2. Fix logging to use log_syntax instead of log_error.
3. On error reading DUID, ignore read and preserve previous state.
4. Fix man-pages to use markup, remove options not yet implemented.
5. Remove spurious header line in new files.
With this option, systemctl will only print the rhs in show:
$ systemctl show -p Wants,After systemd-journald --value
systemd-journald.socket ...
systemd-journald-dev-log.socket ...
This is useful in scripts, because the need to call awk or similar
is removed.
David R. Hedges [Fri, 19 Feb 2016 03:31:38 +0000 (21:31 -0600)]
*.localdomain != localhost
".localdomain" is not a reserved suffix (or prefix). I'm not aware of any
product expecting *.localdomain to resolve to localhost, however I am aware of
at least one product that defaults to ".localdomain" as its DNS suffix provided
via DHCP (pfSense). This leads to unexpected results when attempting to access
a host that's offline (or a host that's online, when nsswitch.conf is
[mis-]configured to have myhostname ahead of DNS).
In 110ceee58e5bc796c03a7db2109f85a999d5bc2e we removed the period after
printing the started units. This makes copying the unit name easier but
results in improper English.
This adds a colon before printing the units, which makes the output
look better.