various tools: be more explicit when a glob is passed when not supported
See https://bugzilla.redhat.com/show_bug.cgi?id=1763488: when we say that
'foo@*.service' is not a valid unit name, this is not clear enough. Let's
include the name of the operation that does not support globbing in the
error message:
$ build/systemctl enable 'foo@*.service'
Glob pattern passed to enable, but globs are not supported for this.
Invalid unit name "foo@*.service" escaped as "foo@\x2a.service".
...
Dan Streetman [Wed, 23 Oct 2019 18:47:59 +0000 (14:47 -0400)]
resolved: set stream type during DnsStream creation
The DnsStreamType was added to track different types of DNS TCP streams,
instead of refcounting all of them together. However, the stream type was
not actually set into the stream->type field, so while the reference count
was correctly incremented per-stream-type, the reference count was always
decremented in the cleanup function for stream type 0, leading to
underflow for the type 0 stream (unsigned) refcount, and preventing new
type 0 streams from being created.
Since type 0 is DNS_STREAM_LOOKUP, which is used to communicate with
upstream nameservers, once the refcount underflows the stub resolver
no longer is able to successfully fall back to TCP upstream lookups
for any truncated UDP packets.
This was found because lookups of A records with a large number of
addresses, too much to fit into a single 512 byte DNS UDP reply,
were causing getaddrinfo() to fall back to TCP and trigger this bug,
which then caused the TCP fallback for later large record lookups
to fail with 'connection timed out; no servers could be reached'.
basic/fs-util: change CHASE_OPEN flag into a separate output parameter
chase_symlinks() would return negative on error, and either a non-negative status
or a non-negative fd when CHASE_OPEN was given. This made the interface quite
complicated, because dependning on the flags used, we would get two different
"types" of return object. Coverity was always confused by this, and flagged
every use of chase_symlinks() without CHASE_OPEN as a resource leak (because it
would this that an fd is returned). This patch uses a saparate output parameter,
so there is no confusion.
(I think it is OK to have functions which return either an error or an fd. It's
only returning *either* an fd or a non-fd that is confusing.)
test-socket-util: avoid writing past the defined buffer
.sun_path has 108 bytes, and we'd write a string of 108 bytes + NUL.
I added this test, but I don't know what it was supposed to test. Let's
just remove.
sd-netlink: constify object pointers passed to getters
sd-netlink is not public yet, so we can change the interface.
I did not touch interfaces of functions like sd_netlink_wait() and
sd_rtnl_message_new_link() which do not modify the object that is passed in,
because in the future we might want to change the code to e.g. take a
reference to the parent object or otherwise require a non-const reference.
Michal Suchanek [Sun, 20 Oct 2019 10:12:20 +0000 (12:12 +0200)]
udev/cdrom_id: Do not open CD-rom in exclusive mode.
When you have a CD automunt solution that talks directly to the kernel
independently of udev it races with cdrom_id for exclusive access to the
device failing unpredictably.
The whole is_mounted function in cdrom_id is broken: there is no saying
what happens between calling is_mounted and opening the device.
Hence assume that the device can be mounted asynchronously at any time,
do not use exclusive access, and do away with is_mouted.
Signed-off-by: Michal Suchanek <msuchanek@suse.de>
The default value was described at the end of two long paragraphs.
Make the first para self contained, and move the description of --console=pipe
into the second para.
We shouldn't lock the accounts because people actually need to use them, and
if they are locked, various tools will refuse.
See https://github.com/systemd/systemd/pull/13277#issuecomment-529964578
and follow-up comments.
Peter Wu [Sun, 20 Oct 2019 17:10:31 +0000 (18:10 +0100)]
resolved: fix connection failures with TLS 1.3 and GnuTLS
Prefer TLS 1.3 before TLS 1.2 for DNS-over-TLS support, otherwise
servers compliant with RFC 8446 might end up agreeing TLS 1.2 plus a
downgrade signal which is not expected by GnuTLS clients. This manifests
in the following error:
Failed to invoke gnutls_handshake: An illegal parameter has been received.
Fixes: #13528 Fixes: v242-962-g9c0624dcdb ("resolved: support TLS 1.3 when using GnuTLS for DNS-over-TLS")
logind: fix emission of PropertiesChanged for users
The same as parent commit, but users. This is the third and last
foo_object_find() function in logind, so I think that this particular
family of bugs is finally squashed.
logind: fix emission of PropertiesChanged on seats
The story is the same as in 471cffcfb0e005b7c4044b3b52cc4f25d217efac:
device_attach() → seat_send_changed() → sd_bus_emit_properties_changed_strv()
→ emit_properties_changed_on_interface() → node_vtable_get_userdata()
→ seat_object_find(), which returns 0 because message == NULL.
But when we are emitting a signal, message is always NULL. Removing the
overeager check and assert in the called function allow the signal to be
emitted.
udev: tag any display devices as master-of-seat when nomodeset is used
Fixes #13773. See also https://bugzilla.redhat.com/show_bug.cgi?id=1728240,
https://github.com/sddm/sddm/issues/1204.
When nomodeset is used on the kernel command line, there is no graphics
device that the kernel knows, so we don't tag anything as master-of-seat,
and seat0 has CanGraphical=no.
Dan Streetman [Thu, 17 Oct 2019 15:06:18 +0000 (11:06 -0400)]
test: correct TEST-41 StartLimitBurst test
TEST-41 verifies that the StartLimitBurst property will correctly
limit the number of unit restarts, but the test currently doesn't
adjust the StartLimitIntervalSec which defaults to 10 seconds.
On Ubuntu CI, running under un-accelerated qemu, it can take more than
10 seconds to perform all 3 restarts, which avoids the burst limit,
and fails the test.
Instead, specify a long StartLimitIntervalSec in the test, so we can
be sure to correctly test StartLimitBurst even on slow testbeds.
systemd-fsck: fix systemd-fsck/fsck pipe bad closure
Currently, when console is disabled but progress is tracked, pipe opened
for communication between systemd-fsck and fsck may be closed
inadvertently (when opening of /dev/console return in error). That lead
to finish fsck prematurely (because it receives a SIGPIPE) and so fsck
may not check correctly filesystems and do not have time to fix memory
corruptions.
This commit changes the opening of /dev/console to be done previously to
pipe creation and so fix the bug described just above.
Aaron Plattner [Thu, 17 Oct 2019 19:56:15 +0000 (12:56 -0700)]
coredump: Include module offsets in stack traces
These offsets can be useful to decode stack traces through modules that don't
have symbol names. For example, with a simple test that crashes after calling
through several static functions, systemd-coredump reports this:
Oct 17 : Process 640333 (a.out) of user 1000 dumped core.
core/load-fragment: constify Unit* arguments where possible
This makes it easy to tell that the function only uses the Unit* for
reporting, and only makes changes to the other argument (which most likely
also points at the same Unit structure) for modifications.