]> git.ipfire.org Git - thirdparty/systemd.git/log
thirdparty/systemd.git
6 years agoudev-event: replace udev_device in subst_format_var() by sd_device 10512/head
Yu Watanabe [Thu, 25 Oct 2018 04:59:03 +0000 (13:59 +0900)] 
udev-event: replace udev_device in subst_format_var() by sd_device

6 years agoudev-event: drop prototype of nonexistent function
Yu Watanabe [Thu, 25 Oct 2018 05:00:36 +0000 (14:00 +0900)] 
udev-event: drop prototype of nonexistent function

6 years agoudev-event: move definition of struct subst_map
Yu Watanabe [Thu, 25 Oct 2018 04:07:09 +0000 (13:07 +0900)] 
udev-event: move definition of struct subst_map

6 years agoudev-event: replace udev_device in udev_event_execute_rules() by sd_device
Yu Watanabe [Thu, 25 Oct 2018 02:14:11 +0000 (11:14 +0900)] 
udev-event: replace udev_device in udev_event_execute_rules() by sd_device

Also, this adds many logs.

6 years agoudev-event: move devnode handling logic to a new function
Yu Watanabe [Thu, 25 Oct 2018 01:32:35 +0000 (10:32 +0900)] 
udev-event: move devnode handling logic to a new function

Also, replace udev_device by sd_device.

6 years agoudev-event: move conditions to rename network interface into rename_netif()
Yu Watanabe [Wed, 24 Oct 2018 22:45:48 +0000 (07:45 +0900)] 
udev-event: move conditions to rename network interface into rename_netif()

Also, replace udev_device by sd_device.

6 years agoudev-event: rename udev_event_unref() to udev_event_free()
Yu Watanabe [Wed, 24 Oct 2018 22:04:59 +0000 (07:04 +0900)] 
udev-event: rename udev_event_unref() to udev_event_free()

As struct udev_event does not have a reference counter.

6 years agoudev-event: fix memleak in udev_event
Yu Watanabe [Wed, 24 Oct 2018 22:03:24 +0000 (07:03 +0900)] 
udev-event: fix memleak in udev_event

The leak was introduced by 29448498c724da7ade1b5efb20d7472c1b128d2c.

6 years agoudev-event: use structured initializer at one more place
Yu Watanabe [Wed, 24 Oct 2018 22:02:03 +0000 (07:02 +0900)] 
udev-event: use structured initializer at one more place

6 years agoudev-event: add more assert()
Yu Watanabe [Wed, 24 Oct 2018 21:39:48 +0000 (06:39 +0900)] 
udev-event: add more assert()

6 years agoudev-event: check command is not empty before executing
Yu Watanabe [Wed, 24 Oct 2018 21:35:16 +0000 (06:35 +0900)] 
udev-event: check command is not empty before executing

6 years agoudev-event: include device name in error message one more place
Yu Watanabe [Wed, 24 Oct 2018 21:33:26 +0000 (06:33 +0900)] 
udev-event: include device name in error message one more place

6 years agonetwork,udev: drop unnecessary check whether ifindex is positive
Yu Watanabe [Thu, 25 Oct 2018 01:09:19 +0000 (10:09 +0900)] 
network,udev: drop unnecessary check whether ifindex is positive

As sd_device_get_ifindex() now returns positive ifindex when it
succeeds.

6 years agotest: check sd_device_get_ifindex() returns positive ifindex when it succeeds
Yu Watanabe [Thu, 25 Oct 2018 01:04:19 +0000 (10:04 +0900)] 
test: check sd_device_get_ifindex() returns positive ifindex when it succeeds

6 years agosd-device: return positive ifindex when sd_device_get_ifindex() succeeds
Yu Watanabe [Thu, 25 Oct 2018 00:56:15 +0000 (09:56 +0900)] 
sd-device: return positive ifindex when sd_device_get_ifindex() succeeds

As valid ifindex is positive value, not non-negative value.

Follow-up for dcfbde3a43d632ff6e286c77e1081087eca59d8e.

6 years agoMerge pull request #10506 from poettering/cgroup-mini-fixes
Lennart Poettering [Fri, 26 Oct 2018 18:16:50 +0000 (20:16 +0200)] 
Merge pull request #10506 from poettering/cgroup-mini-fixes

various cgroups mini fixes

6 years agocgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() unsigned 10506/head
Lennart Poettering [Fri, 26 Oct 2018 13:31:30 +0000 (15:31 +0200)] 
cgroup-util: make definition of CGROUP_CONTROLLER_TO_MASK() unsigned

Otherwise doing comparing a CGroupMask (which is unsigned in effect)
with the result of CGROUP_CONTROLLER_TO_MASK() will result in warnings
about signedness differences.

6 years agocgroup-util: FLAGS_SET()ify all things
Lennart Poettering [Fri, 26 Oct 2018 13:25:21 +0000 (15:25 +0200)] 
cgroup-util: FLAGS_SET()ify all things

6 years agocgroup: when discovering which controllers the kernel supports mask with what we...
Lennart Poettering [Wed, 24 Oct 2018 15:35:19 +0000 (17:35 +0200)] 
cgroup: when discovering which controllers the kernel supports mask with what we support

Let's use our new CGROUP_MASK_V1 and CGROUP_MASK_V2 definitions for
this.

6 years agocgroup-util: before operating on a mounted cgroup controller check if it actually...
Lennart Poettering [Wed, 24 Oct 2018 15:31:51 +0000 (17:31 +0200)] 
cgroup-util: before operating on a mounted cgroup controller check if it actually can be mounted

We now have the "BPF" pseudo-controllers. These should never be assumed
to be accessible as /sys/fs/cgroup/<controller> and not through
"cgroup.subtree_control" either, hence always check explicitly before we
go to the file system. We do this through our new CGROUP_MASK_V1 and
CGROUP_MASK_V2 definitions.

6 years agocgroup-util: add mask definitions for sets of controllers supported by cgroupsv1...
Lennart Poettering [Wed, 24 Oct 2018 15:30:46 +0000 (17:30 +0200)] 
cgroup-util: add mask definitions for sets of controllers supported by cgroupsv1 vs. cgroupsv2

6 years agocgroup-util: disable buffering for cg_enable_everywhere() when writing to cgroup...
Lennart Poettering [Wed, 24 Oct 2018 15:28:17 +0000 (17:28 +0200)] 
cgroup-util: disable buffering for cg_enable_everywhere() when writing to cgroup attributes

Let's better be safe than sorry.

6 years agocgroup-util: don't expect cg_mask_from_string()'s return value to be initialized
Lennart Poettering [Wed, 24 Oct 2018 15:25:51 +0000 (17:25 +0200)] 
cgroup-util: don't expect cg_mask_from_string()'s return value to be initialized

Also, when we fail, don't clobber the return value.

This brings the call more in-line with our usual coding style, and
removes surprises.

None of the callers seemed to care about this behaviour.

6 years agocgroup-util: debug log if /proc/self/ns/cgroup is not available for unexpected reasons
Lennart Poettering [Wed, 24 Oct 2018 15:25:11 +0000 (17:25 +0200)] 
cgroup-util: debug log if /proc/self/ns/cgroup is not available for unexpected reasons

6 years agoMerge pull request #10536 from keszybz/serialize-fixes
Lennart Poettering [Fri, 26 Oct 2018 15:56:43 +0000 (17:56 +0200)] 
Merge pull request #10536 from keszybz/serialize-fixes

Tests for the new serialization functions

6 years agoMerge pull request #10517 from poettering/chown-rec-fixes
Lennart Poettering [Fri, 26 Oct 2018 14:26:20 +0000 (16:26 +0200)] 
Merge pull request #10517 from poettering/chown-rec-fixes

recursive chowning fixes

6 years agotest: add test case for recursive chown()ing 10517/head
Lennart Poettering [Fri, 19 Oct 2018 09:31:37 +0000 (11:31 +0200)] 
test: add test case for recursive chown()ing

6 years agochown-recursive: TAKE_FD() is your friend
Lennart Poettering [Fri, 19 Oct 2018 09:42:11 +0000 (11:42 +0200)] 
chown-recursive: TAKE_FD() is your friend

6 years agochown-recursive: also drop ACLs when recursively chown()ing
Lennart Poettering [Fri, 19 Oct 2018 09:28:40 +0000 (11:28 +0200)] 
chown-recursive: also drop ACLs when recursively chown()ing

Let's better be safe than sorry and also drop ACLs.

6 years agochown-recursive: let's rework the recursive logic to use O_PATH
Lennart Poettering [Fri, 19 Oct 2018 09:26:59 +0000 (11:26 +0200)] 
chown-recursive: let's rework the recursive logic to use O_PATH

That way we can pin a specific inode and analyze it and manipulate it
without it being swapped out beneath our hands.

Fixes a vulnerability originally found by Jann Horn from Google.

CVE-2018-15687
LP: #1796692
https://bugzilla.redhat.com/show_bug.cgi?id=1639076

6 years agolgtm: drop redundant newlines
Evgeny Vereshchagin [Fri, 26 Oct 2018 10:25:36 +0000 (10:25 +0000)] 
lgtm: drop redundant newlines

6 years agoMerge pull request #10508 from poettering/watchdog-original-fix
Lennart Poettering [Fri, 26 Oct 2018 12:50:17 +0000 (14:50 +0200)] 
Merge pull request #10508 from poettering/watchdog-original-fix

various service watchdog fixes

6 years agoMerge pull request #10534 from poettering/cmdline-fixlets
Lennart Poettering [Fri, 26 Oct 2018 12:49:53 +0000 (14:49 +0200)] 
Merge pull request #10534 from poettering/cmdline-fixlets

proc-cmdline.c fixlets

6 years agoMove tests for *serialize_environment into test-serialize.c 10536/head
Zbigniew Jędrzejewski-Szmek [Fri, 26 Oct 2018 10:30:04 +0000 (12:30 +0200)] 
Move tests for *serialize_environment into test-serialize.c

The implementation is in serialize.c.

6 years agotest-serialize: allocate long_string dynamically
Zbigniew Jędrzejewski-Szmek [Fri, 26 Oct 2018 11:17:44 +0000 (13:17 +0200)] 
test-serialize: allocate long_string dynamically

6 years agoservice: when starting a service make a copy of the watchdog timeout and use that 10508/head
Lennart Poettering [Wed, 24 Oct 2018 17:04:41 +0000 (19:04 +0200)] 
service: when starting a service make a copy of the watchdog timeout and use that

When we start a service process we pass the selected watchdog timeout to
it with the $WATCHDOG_USEC environment variable. If the unit file is
reconfigured later, we need to make sure to continue to honour the
original timeout, i.e. watch $WATCHDOG_USEC was set to, otherwise we'll
expect the ping at a different time as the service process is sending it
to us.

Hence, whenever we start a unit, save the watchdog timeout, and stick to
that for everything we do.

Fixes: #9467
6 years agoservice: continue to use the overriden timeout when forking off again
Lennart Poettering [Wed, 24 Oct 2018 17:03:41 +0000 (19:03 +0200)] 
service: continue to use the overriden timeout when forking off again

Let's make sure we always use the right watchdog timeout: when a service
has overwritten it, then stick to it, also for follow-up processes of
the same service.

6 years agoservice: rename service_reset_watchdog_timeout() → service_override_watchdog_timeout()
Lennart Poettering [Wed, 24 Oct 2018 17:03:04 +0000 (19:03 +0200)] 
service: rename service_reset_watchdog_timeout() → service_override_watchdog_timeout()

This is what the function really does, hence name it that way.

6 years agoservice: rework service_extend_timeout()
Lennart Poettering [Wed, 24 Oct 2018 17:02:13 +0000 (19:02 +0200)] 
service: rework service_extend_timeout()

Let's unify common code: let's extend the watchdog timeout and the
regular timeout with the same helper function.

6 years agotest-serialize: a smoke test for the serialization functions
Zbigniew Jędrzejewski-Szmek [Tue, 23 Oct 2018 10:00:31 +0000 (12:00 +0200)] 
test-serialize: a smoke test for the serialization functions

6 years agotest: _cleanup_(unlink_tempfilep) in two more places
Zbigniew Jędrzejewski-Szmek [Tue, 23 Oct 2018 08:50:38 +0000 (10:50 +0200)] 
test: _cleanup_(unlink_tempfilep) in two more places

6 years agoIntroduce fmkostemp_safe and use it in tests
Zbigniew Jędrzejewski-Szmek [Tue, 23 Oct 2018 08:50:09 +0000 (10:50 +0200)] 
Introduce fmkostemp_safe and use it in tests

No functional change.

6 years agoservice: explicit stop the watchdog when we shall not use it
Lennart Poettering [Wed, 24 Oct 2018 16:59:03 +0000 (18:59 +0200)] 
service: explicit stop the watchdog when we shall not use it

This is useful so that WATCHDOG_USEC=0 sent from a process does the
right thing if turning off the watchdog logic.

6 years agojournalctl: in --follow mode watch stdout for POLLHUP/POLLERR and exit
Lennart Poettering [Wed, 24 Oct 2018 19:49:52 +0000 (21:49 +0200)] 
journalctl: in --follow mode watch stdout for POLLHUP/POLLERR and exit

Fixes: #9374
6 years agolgtm: add a custom query for catching the use of fgets
Evgeny Vereshchagin [Fri, 26 Oct 2018 09:19:09 +0000 (09:19 +0000)] 
lgtm: add a custom query for catching the use of fgets

As everybody knows, nodoby really reads CODING_STYLE (especially
the last paragraph :-)) so let's utilize LGTM to help us catch the
use of fgets.

6 years agoMerge pull request #10519 from poettering/serialize-fixes
Zbigniew Jędrzejewski-Szmek [Fri, 26 Oct 2018 10:17:13 +0000 (12:17 +0200)] 
Merge pull request #10519 from poettering/serialize-fixes

pid1 serialization/deserialization fixes

6 years agoproc-cmdline: teach proc_cmdline_get_key() the same flags magic as proc_cmdline_parse() 10534/head
Lennart Poettering [Fri, 26 Oct 2018 10:02:55 +0000 (12:02 +0200)] 
proc-cmdline: teach proc_cmdline_get_key() the same flags magic as proc_cmdline_parse()

6 years agoproc-cmdline: use FLAGS_SET() where appropriate
Lennart Poettering [Fri, 26 Oct 2018 10:00:37 +0000 (12:00 +0200)] 
proc-cmdline: use FLAGS_SET() where appropriate

This was mostly prompted by seeing the expression "in_initrd() && flags
& PROC_CMDLINE_RD_STRICT", which uses & and && without any brackets.
Let's make that a bit more readable and hide all doubts about operator
precedence.

6 years agoproc-cmdline: use our usual syntax for denoting bit mask enums
Lennart Poettering [Fri, 26 Oct 2018 10:00:01 +0000 (12:00 +0200)] 
proc-cmdline: use our usual syntax for denoting bit mask enums

6 years agoCODING_STYLE: briefly mention that fgets() should not be used anymore 10519/head
Lennart Poettering [Fri, 19 Oct 2018 19:56:10 +0000 (21:56 +0200)] 
CODING_STYLE: briefly mention that fgets() should not be used anymore

6 years agofileio: drop FOREACH_LINE(), it's not used anymore
Lennart Poettering [Fri, 19 Oct 2018 19:56:29 +0000 (21:56 +0200)] 
fileio: drop FOREACH_LINE(), it's not used anymore

6 years agocore: rework serialization
Lennart Poettering [Wed, 17 Oct 2018 18:40:09 +0000 (20:40 +0200)] 
core: rework serialization

Let's be more careful with what we serialize: let's ensure we never
serialize strings that are longer than LONG_LINE_MAX, so that we know we
can read them back with read_line(…, LONG_LINE_MAX, …) safely.

In order to implement this all serialization functions are move to
serialize.[ch], and internally will do line size checks. We'd rather
skip a serialization line (with a loud warning) than write an overly
long line out. Of course, this is just a second level protection, after
all the data we serialize shouldn't be this long in the first place.

While we are at it also clean up logging: while serializing make sure to
always log about errors immediately. Also, (void)ify all calls we don't
expect errors in (or catch errors as part of the general
fflush_and_check() at the end.

6 years agocore: make manager_serialize() a bit easier to read by adding predicate function
Lennart Poettering [Wed, 17 Oct 2018 18:35:28 +0000 (20:35 +0200)] 
core: make manager_serialize() a bit easier to read by adding predicate function

The predicate function manager_timestamp_shall_serialize() simply says
whether to serialize or not serialize a timestamp, and should make
things a bit easier to read.

6 years agocore: strjoina() in a loop is never OK
Lennart Poettering [Wed, 17 Oct 2018 18:32:20 +0000 (20:32 +0200)] 
core: strjoina() in a loop is never OK

Let's use plain strjoin() instead.

6 years agoautomount: fix deserialization of dev_t
Lennart Poettering [Wed, 17 Oct 2018 18:15:26 +0000 (20:15 +0200)] 
automount: fix deserialization of dev_t

let's prefer "unsigned long" rather than "unsigned", in case there are
archs that have 32bit int, but 64bit dev_t.

(Also one cast was wrong anyway.)

6 years agocore: enforce a limit on STATUS= texts recvd from services
Lennart Poettering [Wed, 17 Oct 2018 16:37:48 +0000 (18:37 +0200)] 
core: enforce a limit on STATUS= texts recvd from services

Let's better be safe than sorry, and put a limit on what we receive.

6 years agocore: when deserializing state always use read_line(…, LONG_LINE_MAX, …)
Lennart Poettering [Wed, 17 Oct 2018 16:36:24 +0000 (18:36 +0200)] 
core: when deserializing state always use read_line(…, LONG_LINE_MAX, …)

This should be much better than fgets(), as we can read substantially
longer lines and overly long lines result in proper errors.

Fixes a vulnerability discovered by Jann Horn at Google.

CVE-2018-15686
LP: #1796402
https://bugzilla.redhat.com/show_bug.cgi?id=1639071

6 years agoMerge pull request #10525 from poettering/journal-vaccum-all
Zbigniew Jędrzejewski-Szmek [Fri, 26 Oct 2018 08:36:25 +0000 (10:36 +0200)] 
Merge pull request #10525 from poettering/journal-vaccum-all

journald: add ability to vacuum active files too

6 years agoMerge pull request #10522 from lnykryn/initrd_debug
Zbigniew Jędrzejewski-Szmek [Fri, 26 Oct 2018 08:08:39 +0000 (10:08 +0200)] 
Merge pull request #10522 from lnykryn/initrd_debug

Let's make systemd-debug-generator usable also in initrd

6 years agoman: journalctl: expand description of --all
Lucas Werkmeister [Thu, 25 Oct 2018 21:34:05 +0000 (23:34 +0200)] 
man: journalctl: expand description of --all

In the default journalctl output, unprintable entries are abbreviated as
“[<amount> blob data]”; using the same term in the documentation helps
users to quickly discover the option they need to add in order to see
those entries.

6 years agosd-device: fix wrong assertion (#10530)
Yu Watanabe [Fri, 26 Oct 2018 01:16:00 +0000 (10:16 +0900)] 
sd-device: fix wrong assertion (#10530)

6 years agoMerge pull request #10523 from poettering/fd-get-path-optimize
Yu Watanabe [Fri, 26 Oct 2018 00:34:07 +0000 (09:34 +0900)] 
Merge pull request #10523 from poettering/fd-get-path-optimize

fd_get_path() optimization

6 years agocore: reword polkit request a bit (#10524)
Lennart Poettering [Thu, 25 Oct 2018 21:01:41 +0000 (23:01 +0200)] 
core: reword polkit request a bit (#10524)

"killing" is very UNIX terminology, and not really what this is about.
Let's be more correct and say "send a UNIX signal" for the operation.

Otherwise things are really weird if users call "journalctl --rotate"
from the command line, which internally asks systemd to send SIGUSR2 to
to journald: when german locale is selected this asks the user — roughly
transliterated — whether they want to "eliminate" journald, which is
definitely not the intended meaning.

6 years agojournal-file: structured initialization is your friend 10525/head
Lennart Poettering [Thu, 25 Oct 2018 19:35:32 +0000 (21:35 +0200)] 
journal-file: structured initialization is your friend

6 years agojournald: when we are asked to rotate all files, let's also look at closed files
Lennart Poettering [Thu, 25 Oct 2018 16:39:27 +0000 (18:39 +0200)] 
journald: when we are asked to rotate all files, let's also look at closed files

Before this when asked for rotation we'd only rotate files we have open
anyway. However there might be a number of other files on disk that are
active (i.e. not archived yet) but not open. Let's take care of those
too, so that rotation is always comprehensive, and the user gets the
guarantee that afterthe rotation all stored data is in archived files.

Fixes: #1017
6 years agoman: document the new combined --vacuum*= and --rotate invocation
Lennart Poettering [Thu, 25 Oct 2018 19:16:38 +0000 (21:16 +0200)] 
man: document the new combined --vacuum*= and --rotate invocation

6 years agojournalctl: fix error number in error message
Lennart Poettering [Thu, 25 Oct 2018 16:38:50 +0000 (18:38 +0200)] 
journalctl: fix error number in error message

6 years agojournalctl: add ability to vacuum and rotate in one step
Lennart Poettering [Thu, 25 Oct 2018 16:36:56 +0000 (18:36 +0200)] 
journalctl: add ability to vacuum and rotate in one step

journalctl --vacuum-*= only vacuums archived files. To archive all
active files the rotate operation is used. Let's add a new switch that
combines both, so that the user a single command to first move all
running journal files into archival and then vacuum them.

See: #1017

6 years agojournald: log about an OOM condition
Lennart Poettering [Thu, 25 Oct 2018 16:35:55 +0000 (18:35 +0200)] 
journald: log about an OOM condition

6 years agojournald: debug log when we cannot read the machine ID
Lennart Poettering [Thu, 25 Oct 2018 16:35:39 +0000 (18:35 +0200)] 
journald: debug log when we cannot read the machine ID

6 years agojournal-file: refactor journal_file_open_reliably()
Lennart Poettering [Thu, 25 Oct 2018 17:23:23 +0000 (19:23 +0200)] 
journal-file: refactor journal_file_open_reliably()

Let's split out the part that actually renames the file in case we can't
open it into a new function journal_file_dispose().

This way we can reuse the function in other cases where we want to open
a file but can't.

6 years agojournal-file: refactor journal_file_rotate()
Lennart Poettering [Thu, 25 Oct 2018 16:33:11 +0000 (18:33 +0200)] 
journal-file: refactor journal_file_rotate()

Let's split the function in three: the part where we archive the old
file into journal_file_archive(), and the part where we initiate the
deferred closing into journal_file_initiate_close().
journal_file_rotate() then simply becomes a wrapper around these two
calls, and the opening of the new journal file.

This useful so that we can archive journal files without having to open
new ones, i.e. to do only the archival part of the rotation, without the
rotation part.

6 years agojournal: refactor out loop that processes deferred closes into its own function
Lennart Poettering [Thu, 25 Oct 2018 15:42:30 +0000 (17:42 +0200)] 
journal: refactor out loop that processes deferred closes into its own function

6 years agojournal: fix some type confusion in journal_directory_vacuum()
Lennart Poettering [Thu, 25 Oct 2018 15:40:41 +0000 (17:40 +0200)] 
journal: fix some type confusion in journal_directory_vacuum()

Let's store array sizes and indexes in size_t. And let's count numbers
of files in uint64_t (simply because that is the type of the input
parameter for this of the function)

6 years agojournald: use structured initialization
Lennart Poettering [Thu, 25 Oct 2018 10:30:48 +0000 (12:30 +0200)] 
journald: use structured initialization

6 years agojournald: use usec_sub_unsigned() where we can
Lennart Poettering [Thu, 25 Oct 2018 10:30:36 +0000 (12:30 +0200)] 
journald: use usec_sub_unsigned() where we can

6 years agofd-util: optimize fd_get_path() a bit 10523/head
Lennart Poettering [Thu, 25 Oct 2018 19:27:00 +0000 (21:27 +0200)] 
fd-util: optimize fd_get_path() a bit

journald calls fd_get_path() a lot (it probably shouldn't, there's some
room for improvement there, but I'll leave that for another time), hence
it's worth optimizing the call a bit, in particular as it's easy.

Previously we'd open the dir /proc/self/fd/ first, before reading the
symlink inside it. This means the whole function requires three system
calls: open(), readlinkat(), close(). The reason for doing it this way
is to distinguish the case when we see ENOENT because /proc is not
mounted and the case when the fd doesn't exist.

With this change we'll directly go for the readlink(), and only if that
fails do an access() to see if /proc is mounted at all.

This optimizes the common case (where the fd is valid and /proc
mounted), in favour of the uncommon case (where the fd doesn#t exist or
/proc is not mounted).

6 years agofs-util: increase start buffer size in readlinkat_malloc()
Lennart Poettering [Thu, 25 Oct 2018 19:16:47 +0000 (21:16 +0200)] 
fs-util: increase start buffer size in readlinkat_malloc()

I noticed while profiling journald that we invoke readlinkat() a ton on
open /proc/self/fd/<fd>, and that the returned paths are more often than
not longer than the 99 chars used before, when we look at archived
journal files. This means for these cases we generally need to execute
two rather than one syscalls.

Let's increase the buffer size a tiny bit, so that we reduce the number
of syscalls executed. This is really a low-hanging fruit of
optimization.

6 years agodebug-generator: introduce rd.* version of all options 10522/head
Lukas Nykryn [Thu, 25 Oct 2018 14:34:00 +0000 (16:34 +0200)] 
debug-generator: introduce rd.* version of all options

6 years agoMerge pull request #10378 from poettering/json-fuzz-fix
Zbigniew Jędrzejewski-Szmek [Thu, 25 Oct 2018 14:25:39 +0000 (16:25 +0200)] 
Merge pull request #10378 from poettering/json-fuzz-fix

json: a comprehensive fix for oss-fuzz#10908

6 years agoproc-cmdline: introduce PROC_CMDLINE_RD_STRICT
Lukas Nykryn [Thu, 25 Oct 2018 14:21:26 +0000 (16:21 +0200)] 
proc-cmdline: introduce PROC_CMDLINE_RD_STRICT

Our current set of flags allows an option to be either
use just in initrd or both in initrd and normal system.
This new flag is intended to be used in the case where
you want apply some settings just in initrd or just
in normal system.

6 years agoMerge pull request #10518 from poettering/dhcp6-size-fixes
Lennart Poettering [Thu, 25 Oct 2018 11:29:42 +0000 (13:29 +0200)] 
Merge pull request #10518 from poettering/dhcp6-size-fixes

dhcp6 packet size calculation fixes

6 years agoMerge pull request #10504 from poettering/hibernate-fallback
Zbigniew Jędrzejewski-Szmek [Thu, 25 Oct 2018 10:54:47 +0000 (12:54 +0200)] 
Merge pull request #10504 from poettering/hibernate-fallback

s2h: when hibernate fails after coming back from suspend, go back to suspend

6 years agocore: don't create Requires for workdir if "missing ok"
Martin Wilck [Wed, 24 Oct 2018 11:22:01 +0000 (13:22 +0200)] 
core: don't create Requires for workdir if "missing ok"

Don't add an implicit RequiresMountsFor depenency for the
WorkingDirectory of a unit if the "-" character was used to
indicate that "a missing working directory is not considered fatal"
(see systemd.exec(5)). Otherwise systemd might fail the unit
because of missing dependencies.

6 years agodhcp6: prefer offsetof() over sizeof() for structs with undefined sizes 10518/head
Lennart Poettering [Fri, 19 Oct 2018 10:14:22 +0000 (12:14 +0200)] 
dhcp6: prefer offsetof() over sizeof() for structs with undefined sizes

This doesn't change anything in the generated source, but I think makes
semantically more sense, as these structures have undefined size, and we
only want to know the size up to the data field in these cases.

6 years agodhcp6: make sure we have enough space for the DHCP6 option header
Lennart Poettering [Fri, 19 Oct 2018 10:12:33 +0000 (12:12 +0200)] 
dhcp6: make sure we have enough space for the DHCP6 option header

Fixes a vulnerability originally discovered by Felix Wilhelm from
Google.

CVE-2018-15688
LP: #1795921
https://bugzilla.redhat.com/show_bug.cgi?id=1639067

6 years agodhcp6: reduce whitespace a bit
Lennart Poettering [Fri, 19 Oct 2018 10:11:59 +0000 (12:11 +0200)] 
dhcp6: reduce whitespace a bit

6 years agodhcp6: split assert_return() to be more debuggable when hit
Lennart Poettering [Fri, 19 Oct 2018 10:11:48 +0000 (12:11 +0200)] 
dhcp6: split assert_return() to be more debuggable when hit

6 years agodhcp6: constify things where we can
Lennart Poettering [Fri, 19 Oct 2018 10:11:29 +0000 (12:11 +0200)] 
dhcp6: constify things where we can

6 years agostring-util: fix prototype of explicit_bzero_safe() (#10513)
Yu Watanabe [Thu, 25 Oct 2018 02:41:55 +0000 (11:41 +0900)] 
string-util: fix prototype of explicit_bzero_safe() (#10513)

Follow-up for 87f54463117654af48d6027986c2b21831d41616.

6 years agotime-util: change parse_sec_fix_0() to accept "0s" for infinity too (#10501)
Lennart Poettering [Wed, 24 Oct 2018 20:21:28 +0000 (22:21 +0200)] 
time-util: change parse_sec_fix_0() to accept "0s" for infinity too (#10501)

This function is about compatibility, nothing else, hence we should make
it properly compatible.

Fixes: #9556
6 years agoMerge pull request #10510 from poettering/uacess-brackets
Lennart Poettering [Wed, 24 Oct 2018 20:18:33 +0000 (22:18 +0200)] 
Merge pull request #10510 from poettering/uacess-brackets

coverity fixes

6 years agoman: fix wording a bit on the cgroup accountings options (#10509)
Lennart Poettering [Wed, 24 Oct 2018 20:08:07 +0000 (22:08 +0200)] 
man: fix wording a bit on the cgroup accountings options (#10509)

The &MEMORY_ACCOUNTING_DEFAULT; resolves to "yes" or "no" while the rest
of the paragraph talked about "on" and "off". Let's adjust this and
stick to "yes" and "no"...

Quite frankly I think it's not a particularly good idea to change the
docs based configuration changes... THis can only be incomplete, and the
wording is still very awkward since we repeat the same sentence twice.

6 years agoMerge pull request #10505 from poettering/have-namespace
Lennart Poettering [Wed, 24 Oct 2018 20:00:42 +0000 (22:00 +0200)] 
Merge pull request #10505 from poettering/have-namespace

skip various test-execute tests when we have no namespacing

6 years agounits: drop systemd-user-sessions.service ordering dep on systemd-journal-flush.servi...
Lennart Poettering [Wed, 24 Oct 2018 19:41:02 +0000 (21:41 +0200)] 
units: drop systemd-user-sessions.service ordering dep on systemd-journal-flush.service (#10502)

THis dep existed since the unit was introduced, but I cannot see what
good it would do. Hence in the interest of simplifying things, let's
drop it. If breakages appear later we can certainly revert this again.

Fixes: #10469
6 years agostring-util: introduce explicit_zero_safe() 10510/head
Lennart Poettering [Wed, 24 Oct 2018 19:00:15 +0000 (21:00 +0200)] 
string-util: introduce explicit_zero_safe()

The only real difference is that this wrapper can deal with NULL
pointer arguments, but only if the length is also zero.

CID 1396277

6 years agoudev: use right error variable to make level decision
Lennart Poettering [Wed, 24 Oct 2018 18:47:52 +0000 (20:47 +0200)] 
udev: use right error variable to make level decision

6 years agoudev: fix bad if {}
Lennart Poettering [Wed, 24 Oct 2018 18:46:41 +0000 (20:46 +0200)] 
udev: fix bad if {}

CID 1396318
CID 1396319

6 years agotest: skip various tests if namespacing is not available 10505/head
Lennart Poettering [Wed, 24 Oct 2018 14:53:14 +0000 (16:53 +0200)] 
test: skip various tests if namespacing is not available

Apparently on Debian LXC/AppArmor doesn't allow namespacing to container
payloads. Deal with it.

Fixes: #9700
6 years agotests: add helper call have_namespaces() to test whether Linux namespaces are available
Lennart Poettering [Wed, 24 Oct 2018 15:07:04 +0000 (17:07 +0200)] 
tests: add helper call have_namespaces() to test whether Linux namespaces are available

A slighly sloppy test call for conditionalizing several tests.