We started systemd-vconsole-setup in two ways: via a dbus call from localed to
do systemd-vconsole-setup.service/restart, and from udev, calling the binary
directly. This patch makes udev call
systemctl restart systemd-vconsole-setup.service
effectively implementing the same method as localed.
Ordering is implemented at the unit level, so we can use --no-block to not
block here.
pid1: order units using TTYVHangup= after vconsole setup
The goal of this change is to delay getty services until after
systemd-vconsole-setup has finished. systemd-vconsole-setup starts loadkeys,
and it seems that when loadkeys is interrupted by the TTY hangup call we do
when starting tty services [1], so that loadkeys starts getting EIO from the
ioctl("/dev/tty1", KDSKBENT) syscall it does.
Initially I wanted to add ordering dependencies to individual units, but
TTYVHangup= can be added to other various external units too. The solution with
an implicit dependency should cover those cases too.
units: order getty units after getty-pre.target unconditionally
Those two units had this ordering conditionalized on HAVE_SYSV_COMPAT. This
seems strange. 45e27532971ac84e835a2879df510a581f933fcd added the ordering
differently for those two files without any comment, and I think it was just
pasted or scripted erroneously.
Luca Boccassi [Thu, 18 May 2023 12:08:56 +0000 (13:08 +0100)]
integration test: pass 'noresume' to qemu
When running on Debian/Ubuntu, I get a minute delay or so on every boot
because the local initramfs tries to resume from hibernation. This is
not really useful here, so always skip it
sd-bus,sd-event: allow querying of description even after fork
This in unnecessarilly unpleasant: the code might report about a bus
connection, e.g. in an error message or assert. Let's let it query
the name of the object.
sd-bus: do not assert if bus description is not set
The code has an explicit fallback using runtime_scope_to_string(), which
is also documented in the man page. So -ENXIO should only be returned when
the fallback doesn't work, i.e. bus->runtime_scope == -EINVAL.
This should fix the following errors during boot:
May 18 16:05:37 fedora systemd-update-utmp[263]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:38 fedora systemctl[360]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:38 fedora systemctl[363]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:38 fedora systemd-update-utmp[372]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:38 fedora @ystemctl[387]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:40 fedora systemd-update-utmp[477]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:41 fedora systemd-homed[509]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:41 fedora systemd-logind[510]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:41 fedora systemd-update-utmp[529]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:42 fedora systemd-user-runtime-dir[531]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:42 fedora systemctl[542]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
May 18 16:05:42 fedora systemd-hostnamed[556]: Assertion 'bus->description' failed at src/libsystemd/sd-bus/sd-bus.c:4201, function sd_bus_get_description(). Ignoring.
Frantisek Sumsal [Thu, 18 May 2023 10:54:15 +0000 (12:54 +0200)]
nspawn: correctly parse a list of interfaces
Interface=/MACVLAN=/IPVLAN= nspawn options take a _list_ of interface
names - this was recently enhanced by 2f091b1b49 to support interface
pairs. Unfortunately, this also introduced a regression where we don't
parse the list as a list, but just as a single value. For example,
having `Interface=sd-shared1 sd-shared2` in an nspawn config file would
throw:
systemd-nspawn[898]: Network interface, interface name not valid: sd-shared1 sd-shared2
systemd-nspawn[898]: /run/systemd/nspawn/testsuite-13.nspawn-settings.1po.nspawn:41: Failed to parse file: Invalid argument
DVE-2018-0001 has been fixed by the vendor, and this workaround is no longer
needed. Removal of this workaround improves performance as queries used to be
retried more than necessory.
Keep .clamp_feature_level_servfail name, as imho it is more descriptive than
just .clamp_feature_level, especially if we ever need to add similar
workarounds as the one we had for DVE-2018-0001.
Matt Johnston [Thu, 18 May 2023 04:28:06 +0000 (12:28 +0800)]
busctl: Add space before "tree" paths for copying
This allows a double-click on the path in a terminal to select the
whole path. Otherwise the leading '-' character is also included in
the copied path.
Frantisek Sumsal [Wed, 17 May 2023 17:10:55 +0000 (19:10 +0200)]
test: get rid of the busybox stuff
It already required a lot of workarounds, since the busybox utilities
often work differently than their "full" counterparts, and putting
the container together using our "tools" is quite simple anyway.
Frantisek Sumsal [Wed, 17 May 2023 07:05:04 +0000 (09:05 +0200)]
test: mangle the machine ID only for the QEMU test part
systemd-nspawn doesn't like invalid machine IDs and refuses to boot with one:
TEST-74-AUX-UTILS RUN: Tests for auxiliary utilities
...
Spawning container TEST-74-AUX-UTILS--3 on /var/tmp/systemd-test-TEST-74-AUX-UTILS_3/root.
Press Ctrl-] three times within 1s to kill container.
Failed to read machine ID from container image: Structure needs cleaning
E: nspawn failed with exit code 1
Fixes #26413: the docs said that the filter prevents writes, but it just a
filter at the system call level, and some of those calls are used for writing
and reading. This is confusing esp. when a higher level library call like
ntp_gettime() is denied.
I don't think it's realistic that we'll make the filter smarter in the near
future, so let's change the docs to describe the implementation.
Also, split out the advice part into a separate paragraph.
switch-root: when switching root via MS_MOVE unmount all remaining mounts first
Let's try to unmount anything left, since if we don't they will remain
as "shadow" mounts, hidden underneath our new root.
This is only necessary when we transition into a new root via MS_MOVE.
If we do so via pivot_root() this is not necessary as the kernel will
get rid of the mounts anyway for us.
mount-util: keep fd to /proc/self/mountinfo continously open in umount_recursive()
That way, if we end up unmounting /proc/ in our loop we can still
operate correctly, since we don't have to go through /proc/ again to
open the mount table again.
Unlike most other bus connections in our codebase this one is created
manually and every setting set invididually. It hence does not have a
description by default (as all automatic connections have). Set one
explicitly.
sd-bus: use the new information in the client's sockaddr in the creds structure
Now that clients might convey comm/description strings via the sockaddr,
let's actually use them on the other side, read the data via
getpeername() parse it, and include it in the "owner" creds (which is
how we call the peer's creds).
Frantisek Sumsal [Mon, 15 May 2023 18:25:43 +0000 (20:25 +0200)]
nspawn: fix a global-buffer-overflow
Whoopsie.
=================================================================
==3789231==ERROR: AddressSanitizer: global-buffer-overflow on address 0x00000051d0b8 at pc 0x7f70850bc904 bp 0x7ffd9bbdf660 sp 0x7ffd9bbdf658
READ of size 8 at 0x00000051d0b8 thread T0
#0 0x7f70850bc903 in json_dispatch ../src/shared/json.c:4347
#1 0x4a5b54 in oci_seccomp_syscalls ../src/nspawn/nspawn-oci.c:1838
#2 0x7f70850bd359 in json_dispatch ../src/shared/json.c:4395
#3 0x4a668c in oci_seccomp ../src/nspawn/nspawn-oci.c:1905
#4 0x7f70850bd359 in json_dispatch ../src/shared/json.c:4395
#5 0x4a7d8c in oci_linux ../src/nspawn/nspawn-oci.c:2030
#6 0x7f70850bd359 in json_dispatch ../src/shared/json.c:4395
#7 0x4aa31c in oci_load ../src/nspawn/nspawn-oci.c:2198
#8 0x446cec in load_oci_bundle ../src/nspawn/nspawn.c:4744
#9 0x44ffa7 in run ../src/nspawn/nspawn.c:5477
#10 0x4552fb in main ../src/nspawn/nspawn.c:5920
#11 0x7f7083a4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
#12 0x7f7083a4a5c8 in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x275c8)
#13 0x40d284 in _start (/home/fsumsal/repos/@systemd/systemd/build-san/systemd-nspawn+0x40d284)
0x00000051d0b8 is located 40 bytes to the left of global variable 'bus_standard_errors_copy_0' defined in '../src/libsystemd/sd-bus/bus-error.h:57:1' (0x51d0e0) of size 8
0x00000051d0b8 is located 0 bytes to the right of global variable 'table' defined in '../src/nspawn/nspawn-oci.c:1829:43' (0x51d040) of size 120
SUMMARY: AddressSanitizer: global-buffer-overflow ../src/shared/json.c:4347 in json_dispatch
Shadow bytes around the buggy address:
0x00008009b9c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00008009b9d0: 00 00 00 00 f9 f9 f9 f9 00 00 00 00 00 00 00 00
0x00008009b9e0: 00 00 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00
0x00008009b9f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00008009ba00: 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00
=>0x00008009ba10: 00 00 00 00 00 00 00[f9]f9 f9 f9 f9 00 f9 f9 f9
0x00008009ba20: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
0x00008009ba30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00008009ba40: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00008009ba50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00008009ba60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==3789231==ABORTING