Michal Sekletar [Thu, 25 Nov 2021 17:28:25 +0000 (18:28 +0100)]
unit: add jobs that were skipped because of ratelimit back to run_queue
Assumption in edc027b was that job we first skipped because of active
ratelimit is still in run_queue. Hence we trigger the queue and dispatch
it in the next iteration. Actually we remove jobs from run_queue in
job_run_and_invalidate() before we call unit_start(). Hence if we want
to attempt to run the job again in the future we need to add it back
to run_queue.
Nacho Barrientos [Mon, 29 Nov 2021 13:17:55 +0000 (14:17 +0100)]
Byte order to host before using the lifetime
I've seen this in `NetworkManager-1.34.0-0.3.el8.x86_64` (latest in CentOS
Stream 8 at the time of writing this message) which does not use the latest
Systemd but probably the code base is the same (see
https://github.com/NetworkManager/NetworkManager/commit/51f93e00a23fbd09f5ad96da6290bf4ca737d46a).
Before the patch:
```
libsystemd: eth0: DHCPv6 client: T1 expires in 34y 3w 6d 45min 31s
libsystemd: eth0: DHCPv6 client: T2 expires in 54y 5month 3w 3d 23h 20min 35s
```
After the patch:
```
libsystemd: eth0: DHCPv6 client: T1 expires in 3d 7h 58min 3s
libsystemd: eth0: DHCPv6 client: T2 expires in 5d 2h 26min 50s
```
Marco Scardovi [Mon, 29 Nov 2021 08:53:56 +0000 (09:53 +0100)]
Add missing greater than/less than tab on some HP
Some HP keyboards (like https://h30434.www3.hp.com/t5/image/serverpage/image-id/203235i01AD626584587DA1?v=v2) have <> between AltGr and left arrow. This add the fix and make it working again
Luca Boccassi [Fri, 26 Nov 2021 02:13:57 +0000 (02:13 +0000)]
coredump: fix parsing metadata without access to executable
This was broken in a subtle way: we'd get an ELF ref, but not the right one,
so no metadata note would be found.
Change the parsing function to return 1 when it finds something, so that
we can return early only when that happens.
networkd: replace a table with log2 fields by a list
The code looks a bit more complicated, but the compiler generates a simpler and
more compact text.
An additional advantage is that if any of the fields were repeating or not
power-of-two, the compiler would warn about an overridden entry in the table.
The macro variants can be used in static initializers.
The same guard against calling __builtin_clz(0) is added as for
__builtin_clzll(0), since that's undefined behaviour too. Our code
wouldn't call it, but this avoids a potential pitfall with the macro.
All variants map 0→0. Otherwise we'd often have to handle 0 specially
in callers.
__builtin_clz takes unsigned as the argument, so there's no LOG2I macro.
Topi Miettinen [Fri, 26 Nov 2021 14:34:48 +0000 (16:34 +0200)]
pam_systemd: Check also abstract socket for X11
It seems that `pam_systemd` was the only thing left that wanted to use sockets
in file system path `/tmp/.X11-unix/X*`. X11 apps actually prefer using the
abstract socket version.
This allows running Xserver with `-nolisten tcp -nolisten unix`, which makes
the server only listen to an abstract socket.
Also in my setup, Xserver is running as a separate system service instead of
starting from display manager service, and now `PrivateTmp=yes` can be used for
both. The file system of the display manager service is inherited by user apps
and now their `/tmp` will be separate from `/tmp` of PID1 namespace as well as
`/tmp` of Xserver.
Jan Janssen [Fri, 26 Nov 2021 13:00:02 +0000 (14:00 +0100)]
meson: Default to sbat-distro=auto
Any recent shim will refuse starting an image that does not have an sbat section
and will do so with a generic "Security Violation" message. And it is very easy
to forget passing -Dsbat-distro=auto to meson when creating a fresh build dir.
Adding sbat info when shim is not used or secure boot is disabled does not hurt
anyone, so default to auto. This still ensures to not add auto-detected info in
case we are cross building.
Topi Miettinen [Sat, 27 Nov 2021 10:51:39 +0000 (12:51 +0200)]
namespace: allow ProcSubset=pid with some ProtectKernel options
In case `/proc` is successfully mounted with pid tree subset only due to
`ProcSubset=pid`, the protective mounts for `ProtectKernelTunables=yes` and
`ProtectKernelLogs=yes` to non-pid `/proc` paths are failing because the paths
don't exist. But the pid only option may have failed gracefully (for example
because of ancient kernel), so let's try the mounts but it's not fatal if they
don't succeed.
Alyssa Ross [Sat, 27 Nov 2021 12:10:38 +0000 (12:10 +0000)]
docs: fix descriptions in discoverable partitions
00db9a114e ("docs: generate table from header using a script") got the
descriptions for the partition types mixed up. After that change, the
spec claimed, for example, that the /usr partition should contain
"dm-verity integrity hash data for the matching root partition", and
that the /usr verity partition should be of type "Any native, optionally
in LUKS". This made the spec an extremely confusing read before I
figured out what must have happened!
I've gone through the table as it existed prior to 00db9a114e, and moved
the descriptions around in the script that generates the table until
they matched up with what they used to be. Then I regenerated the
table from the fixed script.
Luca Boccassi [Fri, 26 Nov 2021 15:46:40 +0000 (15:46 +0000)]
analyze: add --profile switch to security verb
Allows to pass a portable profile when doing offline analysis of
units. Especially useful for analyzing portable images, since a
lot of the security-relevant settings in those cases come from
the profiles, but they are not shipped in the portable images.
I think the function name is confusing: we generally say "free_free" when
both keys and values are freed in a hash map, but here the type is an
array of strvs, so the name should be something like strv_array_free.
test-journal-flush: do not croak on corrupted input files
We would fail if the input file was corrupted:
build/test-journal-flush ./system@0005b7dac334f805-0021aca076ae5c5e.journal\~
journal_file_copy_entry failed: Bad message
Assertion 'r >= 0' failed at src/libsystemd/sd-journal/test-journal-flush.c:55, function main(). Aborting.
[1] 619472 IOT instruction (core dumped) build/test-journal-flush ./system@0005b7dac334f805-0021aca076ae5c5e.journal\~
Vito Caputo [Thu, 25 Nov 2021 18:39:34 +0000 (10:39 -0800)]
mmap-cache: embed MMapCache.contexts[]
Code simplification; no idea why the Context structs were being
heap-allocated piecemeal. There aren't many and they're small,
and made even smaller with this commit.
This also gets rid of the Context.cache backreference by just
accompanying the Context* with MMapCache* to the few private
Context* operations, resolving the context ID to a Context* at
the single public entrypoint: mmap_cache_fd_get(), which asserts
on the value being within bounds. The Context.id member and
checks are also removed, as there's far less opportunity for
these things to become inconsistent now.
Of course this drops all context_{add,free}() related code,
making for a tasty diffstat.
Daan De Meyer [Fri, 12 Nov 2021 14:32:40 +0000 (14:32 +0000)]
journal: Deduplicate entry items before they are stored in the entry object
If the iovec contains the same data more than once, we'll end up with
duplicate offsets in the items array. Let's make sure we remove any
duplicates before we store the items in an entry object.
Vito Caputo [Thu, 25 Nov 2021 15:05:06 +0000 (07:05 -0800)]
mmap-cache: LIST_REMOVE() *after* w->unused_prev
The LIST_REMOVE() macro always assigns NULL to w->unused_prev,
meaning every time this window was in last_unused, the remainder
of the unused list was lost to the ether.
Turns out there's been a memory leak in journald after all, this
code has been there since at least 2013...
Henri Chain [Tue, 23 Nov 2021 15:47:18 +0000 (16:47 +0100)]
Try to fix exittype test flakyness
The test was changed at @bluca 's request to avoid sleeps,
but the change insufficient to avoid all races.
The kill command is now run from the script itself to avoid using
ExecStartPost
Daan De Meyer [Fri, 12 Nov 2021 14:29:02 +0000 (14:29 +0000)]
journal: Remove entry seqnum revert logic
This actually causes mismatches between the header tail entry seqnum
and the last entry seqnum since when we revert the header seqnum, we
don't remove the entry object we added. If adding the entry object
itself fails, we don't need to revert the seqnum since it's never
incremented so let's remove this logic alltogether.
homed: support LogControl1 D-Bus API too, and make use of it
All our D-Bus services support the LogControl1 API, but homed didn't so
far. Fix that, and make use of it in the test case, to make debugging it
easier.
Jan Janssen [Wed, 24 Nov 2021 11:11:17 +0000 (12:11 +0100)]
test: Use TEST macro in more cases
This converts to TEST macro in less trivial cases. This is mostly
due to having an intro or outro before/after the actual tests.
Some notable changes:
- add a "test" to make sure the hashmap and ordered_hashmap tests
from different compilation units are actually run in test-hashmap.c
- make root arg a global var in test-install-root.c
- slightly rework an EFI specific test in test-proc-cmdline.c
- usage of saved_argv/saved_argc in test-process-util.c
- splitting test-rlimit-util.c into several tests
- moving the hwdb open check into intro in test-sd-hwdb.c
- condense several "tests" into one in test-udev-util.c
Jan Janssen [Wed, 24 Nov 2021 11:00:02 +0000 (12:00 +0100)]
test: Use TEST macro
This converts to TEST macro where it is trivial.
Some additional notable changes:
- simplify HAVE_LIBIDN #ifdef in test-dns-domain.c
- use saved_argc/saved_argv in test-copy.c, test-path-util.c,
test-tmpfiles.c and test-unit-file.c
Jan Janssen [Wed, 24 Nov 2021 17:45:16 +0000 (18:45 +0100)]
test-time-util: Properly restore TZ variable
The test fails to call tzset() after unsetting TZ variable, which
could break other tests. Also, let's be nicer and actually restore
the TZ to its original value.