With --file, shen the file is created by mkswap, stat() fails with -ENOENT
and the st_mode field is not populated, so the IS_REG() check fails. But if
we created by mkswap, we know it's just a regular file and we should apply
the selinux label.
Reported in https://bugzilla.redhat.com/show_bug.cgi?id=2324811#c56.
Skip tmpfs-sensitive tests if fstype cannot be determined
In certain isolation environments (f.e. Debian's sbuild+unshare),
`/proc/mounts` does not have an entry for the directory we're building in.
Then, findmnt as used in the tests returns nothing. As the build directory
might very well be on tmpfs (and often is, in Debian), disable the two tests
known to fail on tmpfs.
In yet another scenario, if ran in a Docker/podman container, the fstype
will read "overlay", which in the end can also be tmpfs, and we see problems
there, too.
Karel Zak [Fri, 15 Nov 2024 10:53:37 +0000 (11:53 +0100)]
mesg: remove ability to compile with fchmod(S_IWOTH)
The default is to use mesg(1) to modify write access for the "tty"
group, but there is an obscure legacy. If mesg(1) is compiled with the
option "--disable-use-tty-group", then it defaults to using
fchmod(S_IWGRP | S_IWOTH). This means that your tty is then writable
for everyone. Let's get rid of this ugly feature.
Reported-by: Chris Hofstaedtler <zeha@debian.org> Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Fri, 15 Nov 2024 10:32:34 +0000 (11:32 +0100)]
meson: add -D tty-setgid=[false|true]
If your distribution does not define permissions for installed
binaries and follows the upstream guidelines, disabling the tty
group's setgid could be a beneficial decision in certain situations.
Karel Zak [Fri, 15 Nov 2024 10:30:17 +0000 (11:30 +0100)]
autotools: add --disable-makeinstall-tty-setgid
If your distribution does not define permissions for installed
binaries and follows the upstream guidelines, disabling the tty
group's setgid could be a beneficial decision in certain situations.
Ameer Hamza [Fri, 4 Oct 2024 16:57:44 +0000 (21:57 +0500)]
libblkid: zfs: Use nvlist for detection instead of Uber blocks
Currently, blkid relies on the presence of Uber blocks to detect ZFS
partition types. However, Uber blocks are not consistently dumped for
cache and spare vdevs, particularly in pools created prior to
https://github.com/openzfs/zfs/commit/d9885b3. Additionally, indirect
vdevs are incorrectly detected by blkid due to the presence of Uber
blocks in the label. ZFS itself does not depend on Uber blocks either
when reading ZFS labels; instead, it parses the nvlist.
This commit aligns blkid's approach with ZFS by parsing the nvlist in
the label to detect ZFS partition types, requiring at least one valid
label for successful detection. This change also ensures compatibility
with wipefs, as it now uses nvlist headers for offsets instead of the
Uber Magic offset. Consequently, running wipefs -a will zero out the
nvlist header in each label, fully removing the ZFS partition type and
making the pool unimportable. Previously, wipefs -a did not clear all
the Uber blocks or delete all nvlist headers, allowing pools to remain
importable even after wiping.
Robin Jarry [Tue, 5 Nov 2024 10:22:06 +0000 (11:22 +0100)]
lsirq,irqtop: add threshold option
Add a new option to filter out IRQs whose counters are below the
specified value. The argument supports plain integers and human readable
values (e.g. 1.2K).
Karel Zak [Wed, 6 Nov 2024 09:18:17 +0000 (10:18 +0100)]
nsenter: improve portability to older kernels
The pidfd cannot be used to enter namespaces using setns() before
Linux 5.7. To ensure compatibility with older kernels, we will check
the kernel version before using pidfd_open() and, if necessary, fall
back to using the classic /proc/#/ns/ files.
Reported-by: Alex Xu Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Tue, 5 Nov 2024 10:17:10 +0000 (11:17 +0100)]
Merge branch 'PR/nsenter-pidfd' of https://github.com/karelzak/util-linux-work
* 'PR/nsenter-pidfd' of https://github.com/karelzak/util-linux-work:
nsenter: Rewrite --user-parent to use pidfd
include/pidfd-utils: add namespaces ioctls
nsenter: reuse pidfd for --net-socket
nsenter: use macros to access the nsfiles array
nsenter: use pidfd to enter target namespaces
nsenter: use separate function to enter namespaces
nsenter: add functions to enable/disable namespaces
Karel Zak [Tue, 5 Nov 2024 10:10:31 +0000 (11:10 +0100)]
libsmartcols: make __attributes__ more portable
Let's use what is already used for libmount. The header file is a public
header and does not require support for the __attribute__() compiler
feature. We need an additional #ifdef to ensure portability.
Karel Zak [Tue, 5 Nov 2024 10:08:26 +0000 (11:08 +0100)]
Merge branch 'smartcols-printf' of https://github.com/rjarry/util-linux
* 'smartcols-printf' of https://github.com/rjarry/util-linux:
treewide: use scols printf api where possible
libsmartcols: add printf api to fill in column data
Karel Zak [Tue, 5 Nov 2024 10:00:11 +0000 (11:00 +0100)]
Merge branch 'mkfds--minor-fixes' of https://github.com/masatake/util-linux
* 'mkfds--minor-fixes' of https://github.com/masatake/util-linux:
tests: (test_mkfds::make-regular-file) fix the default union member for \"readable\" parameter
test_mkfds: reserve file descriptors in the early stage of execution
Anjali K [Mon, 4 Nov 2024 06:32:26 +0000 (12:02 +0530)]
lscpu: fix incorrect number of sockets during hotplug
lscpu sometimes shows incorrect 'Socket(s)' value if a hotplug operation
is running.
On a 32 CPU 2-socket system, the expected output is as shown below:
Architecture: ppc64le
Byte Order: Little Endian
CPU(s): 32
On-line CPU(s) list: 0-31
Model name: POWER10 (architected), altivec supported
Model: 2.0 (pvr 0080 0200)
Thread(s) per core: 8
Core(s) per socket: 2
Socket(s): 2
On the same system, if hotplug is running along with lscpu, it shows
"Socket(s):" as 3 and 4 incorrectly sometimes.
Architecture: ppc64le
Byte Order: Little Endian
CPU(s): 32
On-line CPU(s) list: 0-11,16-31
Off-line CPU(s) list: 12-15
Model name: POWER10 (architected), altivec supported
Model: 2.0 (pvr 0080 0200)
Thread(s) per core: 8
Core(s) per socket: 1
Socket(s): 3
The number of sockets is considered as the number of unique core_siblings
CPU groups. The issues causing the number of sockets to sometimes be
higher during hotplug is:
1. The core_siblings of CPUs on the same socket are different because a CPU
on the socket has been onlined/offlined in between. In the below example,
nr sockets was wrongly incremented for CPU 5 though CPU 4 and 5 are on the
same socket because their core_siblings was different as CPU 12 was onlined
in between.
CPU: 4
core_siblings: ff f0 0 0 0 0 0 0
CPU: 5
core_siblings: ff f8 0 0 0 0 0 0
2. The core_siblings file of a CPU is created when a CPU is onlined. It may
have an invalid value for some time until the online operation is fully
complete. In the below example, nr sockets is wrongly incremented because
the core_siblings of CPU 14 was 0 as it had just been onlined.
CPU: 14
core_siblings: 0 0 0 0 0 0 0 0
To fix this, make the below changes:
1. Instead of considering CPUs to be on different sockets if their
core_siblings masks are unequal, consider them to be on different sockets
only if their core_siblings masks don't have even one common CPU. Then CPUs
on the same socket will be correctly identified even if offline/online
operations happen while they are read if at least one CPU in the socket is
online during both reads.
2. Check if a CPU's hotplug operation has been completed before using its
core_siblings file
[kzak@redhat.com: - use xmalloc(),
- use ul_strtos32(),
- use err() on CPU_ALLOC() error]
Reported-by: Anushree Mathur <anushree.mathur@linux.vnet.ibm.com> Signed-off-by: Anjali K <anjalik@linux.ibm.com> Signed-off-by: Karel Zak <kzak@redhat.com>
Robin Jarry [Thu, 31 Oct 2024 22:55:44 +0000 (23:55 +0100)]
treewide: use scols printf api where possible
Everywhere a string generated with xasprintf() is directly passed to
scols_line_refer_data(), use scols_line_sprintf() to remove the need for
an intermediate buffer.
Replace the (now redundant) private scols_line_asprintf() function.
Masatake YAMATO [Sat, 26 Oct 2024 17:05:45 +0000 (02:05 +0900)]
test_mkfds: reserve file descriptors in the early stage of execution
A factory specified with command line opens some files. After
opening, the factory remaps the opened file descriptors (ofds) to file
descriptors (rfds) specified with the command line with dup2 system all.
This remapping may fail if there is an overlap between ofds and rfds.
With this change, there cannot be an overlap between ofds and rfds;
test_mkfds reserves rfds in the early stage of execution.
Karel Zak [Thu, 31 Oct 2024 10:21:20 +0000 (11:21 +0100)]
hardlink: implement --mount
Let's export another feature of nftw() to the hardlink command line.
In this case, we will force the file-tree-walk to stay within the same
filesystem.
Addresses: https://github.com/util-linux/util-linux/discussions/3244 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Thu, 31 Oct 2024 09:51:11 +0000 (10:51 +0100)]
hardlink: implement --exclude-subtree
Now, it is possible to exclude files by their names, but it does not
allow for ignoring entire subtrees of the scanned hierarchy. The new
option only applies to directory names and forces the file-tree-walk
to skip the directory and all of its subdirectories.
This is based on FTW_SKIP_SUBTREE, which was originally only available
in glibc (since 2004). Therefore, the code is #ifdef-ed to make it
portable to other libc versions.
Addresses: https://github.com/util-linux/util-linux/discussions/3244 Signed-off-by: Karel Zak <kzak@redhat.com>
наб [Mon, 28 Oct 2024 18:19:34 +0000 (19:19 +0100)]
hardlink: fix 0-sized file processing
The manual says that -s0 will process 0-sized files normally,
but as it stands (a) hardlink considers 0-sized files unlinkable
(so, with -l, unlistable) and (b) fileeq considers reading an empty
prologue to be an error
наб [Mon, 28 Oct 2024 18:19:30 +0000 (19:19 +0100)]
hardlink: add --list-duplicates and --zero
--list-duplicates codifies what everyone keeps re-implementing with
find -exec b2sum or src:perforate's finddup or whatever.
hardlink already knows this, so make the data available thusly,
in a format well-suited for pipeline processing
(fixed-width key for uniq/cut/&c.,
tab delimiter for cut &a.,
-z for correct filename handling).
Karel Zak [Wed, 30 Oct 2024 10:14:19 +0000 (11:14 +0100)]
Merge branch 'lsfd--bpf-prog-id-and-tag' of https://github.com/masatake/util-linux
* 'lsfd--bpf-prog-id-and-tag' of https://github.com/masatake/util-linux:
tests: (lsfd::mkfds-bpf-prog) verify BPF-PROG.{ID,TAG} column
tests: (test_mkfds::bpf-prog) report id and tag
lsfd: add BPF-PROG.TAG column
lsfd: update bpf related tables
lsfd: (bugfix) fix wrong type usage in anon_bpf_map_fill_column
test_mkfds: (bugfix) listing ALL output values for a given factory
Karel Zak [Tue, 29 Oct 2024 14:56:31 +0000 (15:56 +0100)]
libmount: implement ro[=vfs,fs]
The new mount API allows for specifying whether to use a read-only
setting on the VFS or FS. Let's export this feature to the mount(8)
command line and fstab by adding new optional arguments "fs" and "vfs"
for the readonly mount flags. If nothing is specified, then the
default will be to mount as read-only on both layers for a normal
mount.
Karel Zak [Tue, 29 Oct 2024 07:58:14 +0000 (08:58 +0100)]
libmount: improving readability
The function name mnt_optlist_is_recursive() is not accurate. It is
only used for propagation operations based on the MS_REC flag and
should not be confused with any other recursive stuff, such as
ro=recursive.
A more appropriate name for this function would be mnt_optlist_is_rpropagation().
Masatake YAMATO [Mon, 14 Oct 2024 08:39:15 +0000 (17:39 +0900)]
lsfd: (bugfix) fix wrong type usage in anon_bpf_map_fill_column
Where we should use anon_bpf_map_data, anon_bpf_prog_data was used.
Fortunately, this has not been a big trouble because anon_bpf_map_data
and anon_bpf_prog_data had no difference in their member layout
Robin Jarry [Mon, 6 May 2024 21:45:21 +0000 (23:45 +0200)]
text-utils: add bits command
Add a new text utility to convert bit masks in various formats.
This can be handy to avoid parsing affinity masks in one's head and/or
to interact with the kernel in a more human friendly way. It is
a rewrite in C of the bits command from my linux-tools python package so
that it can be more widely available.
Karel Zak [Mon, 21 Oct 2024 11:09:43 +0000 (13:09 +0200)]
nsenter: Rewrite --user-parent to use pidfd
The latest kernel pidfd supports ioctls to ask for the target's
namespaces. It seems we can use it for --user-parent if no user
namespace is explicitly specified. The fallback is to use any other
namespace or open the target's /proc/<pid>/ns/user file directly.
Karel Zak [Fri, 18 Oct 2024 10:16:04 +0000 (12:16 +0200)]
nsenter: use pidfd to enter target namespaces
The typical use case is to enter namespaces of the task (--target
<pid>). The original nsenter opens /proc/<pid>/ns/* files and uses the
file descriptors to enter the namespaces by setns(). The recent kernel
allows using the pid file descriptor instead of the files in /proc,
making it possible to enter multiple namespaces with one setns call.
This solution reduces the number of syscalls (open+setns for each
namespace), removes the dependence on /proc, and allows entering
nested namespaces.
This commit should be backwardly compatible, meaning it can be used on
systems without pidfd_open(). Explicitly specified namespaces by
filenames are still supported, and user namespaces are still entered
first/last according to permissions privileging/deprivileging.
Addresses: https://github.com/util-linux/util-linux/pull/301 Signed-off-by: Karel Zak <kzak@redhat.com>
Karel Zak [Thu, 17 Oct 2024 09:14:49 +0000 (11:14 +0200)]
nsenter: add functions to enable/disable namespaces
Currently, enabled namespaces are those with an open file descriptor.
However, if we support pidfd, this will become unnecessary and we will
need an FD-independent enable/disable mechanism.
It also makes sense to delay opening --target <pid> namespaces files
until everything is ready and only handle it in one place.
Karel Zak [Mon, 14 Oct 2024 09:45:32 +0000 (11:45 +0200)]
libfdisk: make sure libblkid uses the same sector size
Libfdisk uses libblkid to check for filesystems on the device. It
makes sense for both libraries to share the logical sector size
setting, as this setting can be modified by using the fdisk command
line.
We do not see this as an issue, as filesystem detection rarely depends
on sector size (with the exception of some RAIDs). Additionally,
libblkid is usually intelligent enough to check multiple locations
independently of the current device's sector size setting.
Addresses: https://github.com/util-linux/util-linux/pull/3235 Signed-off-by: Karel Zak <kzak@redhat.com>
Maks Mishin [Thu, 10 Oct 2024 17:23:49 +0000 (20:23 +0300)]
sys-utils: (setpriv): fix potential memory leak
Dynamic memory, referenced by 'buf' is allocated by calling function 'xstrdup'
add then changed by calling of strsep function.
The free(buf) call is incorrect if buf != NULL, and points to some
place inside or outside the source string.
Karel Zak [Mon, 7 Oct 2024 11:27:43 +0000 (13:27 +0200)]
Merge branch 'sock-netns-with-tests' of https://github.com/masatake/util-linux
* 'sock-netns-with-tests' of https://github.com/masatake/util-linux:
tests: (lsfd) verify SOCK.NETID and ENDPOINTS for sockets made in another netns
tests: (lsns) verify the code finding an isolated netns via socket
tests: (nsenter) verify the code entering the network ns via socket made in the ns
tests: (test_sysinfo) add a helper to detect NS_GET_USERNS
tests: (test_mkfds::foreign-sockets) new factory
tests: (test_mkfds, refactor) use xmemdup newly added in xalloc.h
xalloc.h: add xmemdup
tests: (test_mkfds) fix a typo in an option name
test_mkfds: (cosmetic) remove whitespaces between a function and its arguments
projects / thirdparty / util-linux.git / log
