time-util: refuse formatting/parsing times that we can't store
usec_t is always 64bit, which means it can cover quite a number of
years. However, 4 digit year display and glibc limitations around time_t
limit what we can actually parse and format. Let's make this explicit,
so that we never end up formatting dates we can#t parse and vice versa.
Note that this is really just about formatting/parsing. Internal
calculations with times outside of the formattable range are not
affected.
time: time_t is signed, and mktime() is happy to return negative time
Passing a year such as 1960 to mktime() will result in a negative return
value. This is quite confusing, as the man page claims that on failure
the call will return -1...
Given that our own usec_t type is unsigned, and we can't express times
before 1970 hence, let's consider all negative times returned by
mktime() as invalid, regardless if just -1, or anything else negative.
There's no point in updating exec_target for each binary we try to
execute, if we override it right-away anyway... Let's just do this once,
and include all binaries we try each time.
cgls: allow --unit, --user-unit to take optional argument
The following are all equivalent:
--unit foo.service bar.service
--unit=foo.service bar.service
--unit=foo.service --unit=bar.service
foo.service bar.service --unit
Similarly for --user-unit.
The only case that doesn't work well is when --unit and --user-unit are mixed:
--unit=foo.service --user-unit=bar.service
We'll treat both names as user units. I think this is OK.
I opted for a "global" switch, instead of modifying the behaviour of just one
argument. It seem to be a more useful setting, since usually one will want to
query one or more units, and not mix unit names with paths.
76ec966f0e33685f833 changed the code from ESHUTDOWN to ERFKILL, but missed one
spot in bus-common-errors.c. Fix that.
The code in transaction.c was checking for ERFKILL, but I'm not sure if this
mismatch had any effect, i.e. if there were any code paths in which the wrong
code actually made difference.
Also add comments when ESHUTDOWN is used in the journal code, so it's easy to
distinguish those cases when grepping. Standarize on the same capitalization.
(There's also a bunch of uses in sd-bus.c, but that's clearly different.)
system-update-generator: warn if the command line blocks updates (#5173)
If "3", "5", "systemd.unit=", or similar are present on the kernel command line,
the system will not enter into offline update. This behaviour is in line with the
general logic that configuration on the kernel command line has higher priority
than the configuration on disk, but is rather surprising. Emit a warning to help
users diagnose the situation.
Philip Withnall [Wed, 1 Feb 2017 13:36:16 +0000 (13:36 +0000)]
nspawn: Print attempted execv() path on failure (#5199)
The failure message is typically currently:
execv() failed: No such file or directory
which is not very useful because it doesn’t tell you which file or
directory it was trying to exec.
Merge pull request #5146 from ssahani/ifname-alias
networkd: Allow ':' in label
This reverts a341dfe563 and takes a slightly different approach: anything is
allowed in network interface labels, but network interface names are verified
as before (i.e. amongst other things, no colons are allowed there).
nss-util: silence warning about deprecated RES_USE_INET6
src/nss-resolve/nss-resolve.c: In function ‘_nss_resolve_gethostbyname_r’:
src/nss-resolve/nss-resolve.c:680:13: warning: RES_USE_INET6 is deprecated
NSS_GETHOSTBYNAME_FALLBACKS(resolve);
^~~~~~~~~~~~~~~~~~~~~~~~~
In glibc bz #19582, RES_USE_INET6 was deprecated. This might make sense for
clients, but they didn't take into account nss module implementations which
*must* continue to support the option. glibc internally defines
DEPRECATED_RES_USE_INET6 which can be used without emitting a warning, but
it's not exported publicly. Let's do the same, and just copy the definition
to our header.
tree-wide: adjust fall through comments so that gcc is happy
gcc 7 adds -Wimplicit-fallthrough=3 to -Wextra. There are a few ways
we could deal with that. After we take into account the need to stay compatible
with older versions of the compiler (and other compilers), I don't think adding
__attribute__((fallthrough)), even as a macro, is worth the trouble. It sticks
out too much, a comment is just as good. But gcc has some very specific
requiremnts how the comment should look. Adjust it the specific form that it
likes. I don't think the extra stuff we had in those comments was adding much
value.
(Note: the documentation seems to be wrong, and seems to describe a different
pattern from the one that is actually used. I guess either the docs or the code
will have to change before gcc 7 is finalized.)
```
-bash-4.3# systemd-run --property BindPaths=/etc:tmp/hey sh -c 'ls /tmp/hey'
```
prints
`Destination path tmp/hey is not absolute.`
instead of
`Destination path /etc is not absolute.`
Also, fixes CID #1368263
```
==352== 130 bytes in 1 blocks are definitely lost in loss record 1 of 2
==352== at 0x4C2ED5F: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==352== by 0x4ED8581: greedy_realloc (alloc-util.c:57)
==352== by 0x4ECAAD5: get_process_cmdline (process-util.c:147)
==352== by 0x10E385: get_process_container_parent_cmdline (coredump.c:645)
==352== by 0x112949: process_kernel (coredump.c:1240)
==352== by 0x113003: main (coredump.c:1297)
==352==
```
3chas3 [Tue, 31 Jan 2017 13:21:15 +0000 (08:21 -0500)]
util-lib: Fix chase_symlinks() with absolute symlinks (#5185)
If chase_symlinks() encouters an absolute symlink, it resets the todo
buffer to just the newly discovered symlink and discards any of the
remaining previous symlink path. Regardless of whether or not the
symlink is absolute or relative, we need to preserve the remainder of
the path that has not yet been resolved.
units: restore Before dependencies for systemd-vconsole-setup.service
When the service is run in the initramfs, it is possible for it to get started
and not be fast enough to exit before the root switch happens. It is started
multiple times (depending on the consoles being detected), and runs
asynchronously, so this is quite likely. It'll then get killed by killall(),
and systemd will consider the service failed. To avoid all this, just wait
for the service to terminate on it's own.
Before=initrd-switch-root.target should be good for the initramfs, and
Before=shutdown.tuarget should be good for the real system, although it's
unlikely to make any difference there.
units: drop KillMode= from initrd-switch-root.service
The service already has DefaultDeps disabled, so systemd should not try to stop
it. And if it *does* get stopped, we don't want the zombie process around.
KillMode=none does not change anything in the killall() phase, and we already
use argv[0][0] = '@' to protect against that anyway. KillMode=none should not
be useful in normal operation, so let's leave it out.
Dan Streetman [Thu, 26 Jan 2017 19:18:10 +0000 (14:18 -0500)]
udev-event: use in-place whitespace replacement
Instead of using a temp buffer to replace whitespace in variable
substitutions, just allow util_replace_whitespace to replace in-place.
Add a comment to util_replace_whitespace indicating it is used to replace
in-place, to prevent accidental future breakage.
core: fix memleak in bus_exec_context_set_transient_property (#5143)
Fixes:
```sh
systemd-run --property EnvironmentFile=/some/environment/file /bin/sleep 30
```
```
23 bytes in 1 blocks are definitely lost in loss record 1 of 7
at 0x4C2DB9D: malloc (vg_replace_malloc.c:299)
by 0x4E85488: malloc_multiply (alloc-util.h:70)
by 0x4E85F19: strjoin_real (string-util.c:252)
by 0x1AF741: bus_exec_context_set_transient_property (dbus-execute.c:1418)
by 0x1A907C: bus_service_set_property (dbus-service.c:330)
by 0x1A66DD: bus_unit_set_properties (dbus-unit.c:1456)
by 0x19CF93: transient_unit_from_message (dbus-manager.c:892)
by 0x19D388: method_start_transient_unit (dbus-manager.c:980)
by 0x4F60544: method_callbacks_run (bus-objects.c:418)
by 0x4F62D9D: object_find_and_run (bus-objects.c:1255)
by 0x4F633CE: bus_process_object (bus-objects.c:1371)
by 0x4F2CE1D: process_message (sd-bus.c:2563)
``` Closes: #5142
Franck Bui [Tue, 24 Jan 2017 13:29:57 +0000 (14:29 +0100)]
core: don't load dropin data multiple times for the same unit (#5139)
When an alias is loaded, we resolve this alias to its final unit first to load
the dropin data.
However if the final unit was already loaded, there's no point in reloading the
dropin data a second time.
This patch optimizes this case.
Also this allows the dropin loading code to assume that only units not yet
loaded are passed down. This assumption is not yet used but might be in the
future.
Direct leak of 10 byte(s) in 1 object(s) allocated from:
#0 0x7f90e7d21160 in strdup (/lib64/libasan.so.3+0x5a160)
#1 0x7f90e7467f69 in strv_extend src/basic/strv.c:552
#2 0x5612fcc19379 in dhcp6_option_parse_domainname src/libsystemd-network/dhcp6-option.c:399
#3 0x5612fcc1acdf in dhcp6_lease_set_domains src/libsystemd-network/sd-dhcp6-lease.c:225
#4 0x5612fcc06b95 in test_advertise_option src/libsystemd-network/test-dhcp6-client.c:287
#5 0x5612fcc0a987 in main src/libsystemd-network/test-dhcp6-client.c:761
#6 0x7f90e6d46400 in __libc_start_main (/lib64/libc.so.6+0x20400)
SUMMARY: AddressSanitizer: 10 byte(s) leaked in 1 allocation(s).
```
Direct leak of 4 byte(s) in 1 object(s) allocated from:
#0 0x7f13c8564160 in strdup (/lib64/libasan.so.3+0x5a160)
#1 0x7f13c7caaf69 in strv_extend src/basic/strv.c:552
#2 0x55f775787230 in dhcp6_option_parse_domainname src/libsystemd-network/dhcp6-option.c:399
#3 0x55f775788b96 in dhcp6_lease_set_domains src/libsystemd-network/sd-dhcp6-lease.c:225
#4 0x55f775774b95 in test_advertise_option src/libsystemd-network/test-dhcp6-client.c:287
#5 0x55f77577883e in main src/libsystemd-network/test-dhcp6-client.c:759
#6 0x7f13c7589400 in __libc_start_main (/lib64/libc.so.6+0x20400)
Direct leak of 4 byte(s) in 1 object(s) allocated from:
#0 0x7f13c8564160 in strdup (/lib64/libasan.so.3+0x5a160)
#1 0x7f13c7caaf69 in strv_extend src/basic/strv.c:552
#2 0x55f775787230 in dhcp6_option_parse_domainname src/libsystemd-network/dhcp6-option.c:399
#3 0x55f775788b96 in dhcp6_lease_set_domains src/libsystemd-network/sd-dhcp6-lease.c:225
#4 0x55f775781348 in client_parse_message src/libsystemd-network/sd-dhcp6-client.c:807
#5 0x55f775781ba2 in client_receive_advertise src/libsystemd-network/sd-dhcp6-client.c:895
#6 0x55f775782453 in client_receive_message src/libsystemd-network/sd-dhcp6-client.c:994
#7 0x7f13c7e447f4 in source_dispatch src/libsystemd/sd-event/sd-event.c:2268
#8 0x7f13c7e471b0 in sd_event_dispatch src/libsystemd/sd-event/sd-event.c:2627
#9 0x7f13c7e47ab3 in sd_event_run src/libsystemd/sd-event/sd-event.c:2686
#10 0x7f13c7e47c21 in sd_event_loop src/libsystemd/sd-event/sd-event.c:2706
#11 0x55f77577863c in test_client_solicit src/libsystemd-network/test-dhcp6-client.c:737
#12 0x55f77577884b in main src/libsystemd-network/test-dhcp6-client.c:760
#13 0x7f13c7589400 in __libc_start_main (/lib64/libc.so.6+0x20400)
SUMMARY: AddressSanitizer: 8 byte(s) leaked in 2 allocation(s).
```
1. typo in cache filename: "SYS_ALL_PROPRTIES", so cache just not loading from this file
2. cache stored in one file, despite user or system mode. So it can be loaded later in wrong mode
3. most serious problem: broken logic - it retrieves cache when _cache_invalid is true
How to reproduce: type "systemctl --user status <TAB>" and you will see user units. Then press
control+C and type "systemctl --system status <TAB>" in same session and you'll see user units again