meson: add -pthreads and more libs when -Dlink-udev-shared=false (#6159)
Three binaries would fail to link when ld.bfd was used and link-udev-shared was
false. Add -pthreads (again) to the failing binaries and synchronize the
dependency list between libsystemd-shared .a and .so versions.
Apart from allowing the build to succeed, this shouldn't have much effect becuase
systemd-networkd was already using pthreads.
Use "dollar-single-quotes" to escape shell-sensitive strings
Also called "ANSI-C Quoting" in info:(bash) ANSI-C Quoting.
The escaping rules are a POSIX proposal, and are described in
http://austingroupbugs.net/view.php?id=249. There's a lot of back-and-forth on
the details of escaping of control characters, but we'll be only using a small
subset of the syntax that is common to all proposals and is widely supported.
Unfortunately dash and fish and maybe some other shells do not support it (see
the man page patch for a list).
This allows environment variables to be safely exported using show-environment
and imported into the shell. Shells which do not support this syntax will have
to do something like
export $(systemctl show-environment|grep -v '=\$')
or whatever is appropriate in their case. I think csh and fish do not support
the A=B syntax anyway, so the change is moot for them.
Fixes #5536.
v2:
- also escape newlines (which currently disallowed in shell values, so this
doesn't really matter), and tabs (as $'\t'), and ! (as $'!'). This way quoted
output can be included directly in both interactive and noninteractive bash.
This is a fixup of commit a2df3ea4ae058693bc7bf203d144e8af3c9493d2.
When there is a running job with JobRunningTimeoutSec= and systemd serializes
its state (e.g. during daemon-reload), the timer event source won't be properly
restored in job_coldplug().
Thus save and serialize begin_running_usec too and reinitialize the timer based
on that value.
udev: use interface before the string that interface points to is freed by device_add_property_internal (#6105)
This prevents udev from reading the data after freeing it.
See https://github.com/systemd/systemd/issues/6040#issuecomment-306589836
==264== Invalid read of size 1
==264== at 0x4C2E112: strlen (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==264== by 0x5943EBD: strdup (in /usr/lib/libc-2.25.so)
==264== by 0x13E263: device_add_property_aux (sd-device.c:122)
==264== by 0x14788C: device_add_property_internal (sd-device.c:150)
==264== by 0x14788C: device_rename (device-private.c:786)
==264== by 0x120DB6: udev_device_rename (libudev-device-private.c:213)
==264== by 0x120DB6: udev_event_execute_rules (udev-event.c:895)
==264== by 0x120DB6: worker_spawn (udevd.c:456)
==264== by 0x1216E5: event_run (udevd.c:584)
==264== by 0x1216E5: event_queue_start (udevd.c:823)
==264== by 0x122213: on_uevent (udevd.c:927)
==264== by 0x141F2F: source_dispatch (sd-event.c:2272)
==264== by 0x142D52: sd_event_dispatch (sd-event.c:2631)
==264== by 0x142D52: sd_event_run (sd-event.c:2690)
==264== by 0x142D52: sd_event_loop (sd-event.c:2710)
==264== by 0x1159CB: run (udevd.c:1643)
==264== by 0x1159CB: main (udevd.c:1772)
==264== Address 0x7b251a0 is 0 bytes inside a block of size 5 free'd
==264== at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==264== by 0x13E2A2: freep (alloc-util.h:57)
==264== by 0x13E2A2: device_add_property_aux (sd-device.c:111)
==264== by 0x147873: device_add_property_internal (sd-device.c:150)
==264== by 0x147873: device_rename (device-private.c:781)
==264== by 0x120DB6: udev_device_rename (libudev-device-private.c:213)
==264== by 0x120DB6: udev_event_execute_rules (udev-event.c:895)
==264== by 0x120DB6: worker_spawn (udevd.c:456)
==264== by 0x1216E5: event_run (udevd.c:584)
==264== by 0x1216E5: event_queue_start (udevd.c:823)
==264== by 0x122213: on_uevent (udevd.c:927)
==264== by 0x141F2F: source_dispatch (sd-event.c:2272)
==264== by 0x142D52: sd_event_dispatch (sd-event.c:2631)
==264== by 0x142D52: sd_event_run (sd-event.c:2690)
==264== by 0x142D52: sd_event_loop (sd-event.c:2710)
==264== by 0x1159CB: run (udevd.c:1643)
==264== by 0x1159CB: main (udevd.c:1772)
==264== Block was alloc'd at
==264== at 0x4C2AF1F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==264== by 0x5943EC9: strdup (in /usr/lib/libc-2.25.so)
==264== by 0x13E263: device_add_property_aux (sd-device.c:122)
==264== by 0x143B45: device_add_property_internal (sd-device.c:150)
==264== by 0x143B45: device_amend.lto_priv.235 (device-private.c:454)
==264== by 0x1387B7: device_append (device-private.c:516)
==264== by 0x1387B7: device_new_from_nulstr (device-private.c:620)
==264== by 0x1387B7: udev_device_new_from_nulstr (libudev-device-private.c:268)
==264== by 0x1387B7: udev_monitor_receive_device (libudev-monitor.c:682)
==264== by 0x11FC69: worker_spawn (udevd.c:509)
==264== by 0x1216E5: event_run (udevd.c:584)
==264== by 0x1216E5: event_queue_start (udevd.c:823)
==264== by 0x122213: on_uevent (udevd.c:927)
==264== by 0x141F2F: source_dispatch (sd-event.c:2272)
==264== by 0x142D52: sd_event_dispatch (sd-event.c:2631)
==264== by 0x142D52: sd_event_run (sd-event.c:2690)
==264== by 0x142D52: sd_event_loop (sd-event.c:2710)
==264== by 0x1159CB: run (udevd.c:1643)
==264== by 0x1159CB: main (udevd.c:1772)
==264==
pid1: properly encode infinity when writing CPUQuota snippet (#6141)
We would write
[Slice]
CPUQuota=1844674407370955%
which is (numerically) correct, but it seems better to just write
[Slice]
CPUQuota=
which is interpreted as USEC_INFINITY by the parser in config_parse_cpu_quota().
We open the target path with O_DIRECTORY|O_NOFOLLOW, and if that doesn't work,
we call unlink() on the path. In neither case we will follow the symlink, so
we can relax our check to also not follow symlinks.
NeilBrown [Wed, 7 Jun 2017 12:28:23 +0000 (22:28 +1000)]
core/mount: pass "-c" flag to /bin/umount (#6093)
"-c", which is short for "--no-canonicalize", tells /bin/umount
that the path name is canonical (no .. or symlinks etc).
systemd always uses a canonical name, so this flag is appropriate
for systemd to use.
Knowing that the path is canonical allows umount to avoid
some calls to lstat() on the path.
From v2.30 "-c" goes further and causes umount to avoid all
attempts to 'lstat()' (or similar) the path. This is important
when automatically unmounting a filesystem, as lstat() can
hang indefinitely in some cases such as when an NFS server
is not accessible.
"-c" has been supported since util-linux 2.17 which is before the
earliest version supported by systemd.
So "-c" is safe to use now, and once util-linux v2.30 is in use,
it will allow mounts from non-responsive NFS servers to be
unmounted.
udev: stop freeing value after using it for setting sysattr (#6094)
This prevents udev from double-freeing and crashing.
See https://github.com/systemd/systemd/issues/6040#issuecomment-306589836
==351== Invalid free() / delete / delete[] / realloc()
==351== at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==351== by 0x13CBE8: hashmap_clear_free_free (hashmap.c:900)
==351== by 0x13CBE8: hashmap_free_free_free (hashmap.c:852)
==351== by 0x147F4F: sd_device_unref (sd-device.c:88)
==351== by 0x130CCC: udev_device_unref (libudev-device.c:552)
==351== by 0x130CD5: udev_device_unref (libudev-device.c:553)
==351== by 0x11FBBB: worker_spawn (udevd.c:488)
==351== by 0x1216E5: event_run (udevd.c:584)
==351== by 0x1216E5: event_queue_start (udevd.c:823)
==351== by 0x122213: on_uevent (udevd.c:927)
==351== by 0x141F2F: source_dispatch (sd-event.c:2272)
==351== by 0x142D52: sd_event_dispatch (sd-event.c:2631)
==351== by 0x142D52: sd_event_run (sd-event.c:2690)
==351== by 0x142D52: sd_event_loop (sd-event.c:2710)
==351== by 0x1159CB: run (udevd.c:1643)
==351== by 0x1159CB: main (udevd.c:1772)
==351== Address 0x81745b0 is 0 bytes inside a block of size 1 free'd
==351== at 0x4C2C14B: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==351== by 0x1447F0: freep (alloc-util.h:57)
==351== by 0x1447F0: sd_device_set_sysattr_value (sd-device.c:1859)
==351== by 0x132081: udev_device_set_sysattr_value (libudev-device.c:849)
==351== by 0x12E777: set_trackpoint_sensitivity (udev-builtin-keyboard.c:180)
==351== by 0x12E777: builtin_keyboard.lto_priv.170 (udev-builtin-keyboard.c:263)
==351== by 0x14D03F: udev_builtin_run.constprop.75 (udev-builtin.c:133)
==351== by 0x11FAEB: udev_event_execute_run (udev-event.c:957)
==351== by 0x11FAEB: worker_spawn (udevd.c:461)
==351== by 0x1216E5: event_run (udevd.c:584)
==351== by 0x1216E5: event_queue_start (udevd.c:823)
==351== by 0x122213: on_uevent (udevd.c:927)
==351== by 0x141F2F: source_dispatch (sd-event.c:2272)
==351== by 0x142D52: sd_event_dispatch (sd-event.c:2631)
==351== by 0x142D52: sd_event_run (sd-event.c:2690)
==351== by 0x142D52: sd_event_loop (sd-event.c:2710)
==351== by 0x1159CB: run (udevd.c:1643)
==351== by 0x1159CB: main (udevd.c:1772)
==351== Block was alloc'd at
==351== at 0x4C2CF35: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==351== by 0x144853: sd_device_set_sysattr_value (sd-device.c:1888)
==351== by 0x132081: udev_device_set_sysattr_value (libudev-device.c:849)
==351== by 0x12E777: set_trackpoint_sensitivity (udev-builtin-keyboard.c:180)
==351== by 0x12E777: builtin_keyboard.lto_priv.170 (udev-builtin-keyboard.c:263)
==351== by 0x14D03F: udev_builtin_run.constprop.75 (udev-builtin.c:133)
==351== by 0x11FAEB: udev_event_execute_run (udev-event.c:957)
==351== by 0x11FAEB: worker_spawn (udevd.c:461)
==351== by 0x1216E5: event_run (udevd.c:584)
==351== by 0x1216E5: event_queue_start (udevd.c:823)
==351== by 0x122213: on_uevent (udevd.c:927)
==351== by 0x141F2F: source_dispatch (sd-event.c:2272)
==351== by 0x142D52: sd_event_dispatch (sd-event.c:2631)
==351== by 0x142D52: sd_event_run (sd-event.c:2690)
==351== by 0x142D52: sd_event_loop (sd-event.c:2710)
==351== by 0x1159CB: run (udevd.c:1643)
==351== by 0x1159CB: main (udevd.c:1772)
sd-device: Try /sys/firmware for sysname to allow device-tree (#5837)
This adds /sys/firmware lookup for sysname when creating a new device,
which allows device-tree properties lookup. This look-up can then be
used in udev rules, allowing device-tree-based model detection.
sd-bus: silence format warnings in kdbus code (#6072)
The code is mostly correct, but gcc is trying to outsmart us, and emits a
warning for a "llu vs lu" mismatch, even though they are the same size (on alpha):
src/libsystemd/sd-bus/bus-control.c: In function ‘kernel_get_list’:
src/libsystemd/sd-bus/bus-control.c:267:42: error: format ‘%llu’ expects argument of type ‘long long unsigned int’, but argument 3 has type ‘__u64 {aka long unsigned int}’ [-Werror=format=]
if (asprintf(&n, ":1.%llu", name->id) < 0) {
^
src/libsystemd/sd-bus/bus-control.c: In function ‘bus_get_name_creds_kdbus’:
src/libsystemd/sd-bus/bus-control.c:714:47: error: format ‘%llu’ expects argument of type ‘long long unsigned int’, but argument 3 has type ‘__u64 {aka long unsigned int}’ [-Werror=format=]
if (asprintf(&c->unique_name, ":1.%llu", conn_info->id) < 0) {
^
This is hard to work around properly, because kdbus.h uses __u64 which is
defined-differently-despite-being-the-same-size then uint64_t. Thus the simple
solution of using %PRIu64 fails on amd64:
src/libsystemd/sd-bus/bus-control.c:714:47: error: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 3 has type ‘__u64 {aka long long unsigned int}’ [-Werror=format=]
if (asprintf(&c->unique_name, ":1.%"PRIu64, conn_info->id) < 0) {
^~~~~~
Let's just avoid the whole issue for now by silencing the warning.
After the next release, we should just get rid of the kdbus code.
Instead of always letting logind guess what the caller's session is, let's
give it the value from $XDG_SESSION_ID when it is present in the caller's
environment.
Nowadays terminal emulators are often running as services under systemd --user,
and not as part of an actual session, so all loginctl calls which depend on
logind guessing the session will fail. I don't see a reason not to honour
$XDG_SESSION_ID.
This applies to LockSession, UnlockSession, TerminateSession, ActivateSession,
SetUserLinger.
Yu Watanabe [Wed, 31 May 2017 15:12:32 +0000 (00:12 +0900)]
sd-login: sd_get_machine_names(): do not return -EINVAL when output parameter is NULL
Other functions in sd-login generally allow the output parameter to be NULL, in
which case only the number of items that would be stored in the array is returned.
Be nice and do the same here.
Yu Watanabe [Wed, 31 May 2017 14:48:47 +0000 (23:48 +0900)]
sd-login: treat missing /run/systemd/{seats,sessions,users} the same as empty
C.f. 0543105b0fb13e4243b71a78f62f81fb9dde5d51.
This makes if /run/systemd/{seats,sessions,users} are missing, then
sd_get_seats(), sd_get_sessions() and sd_get_uids() return 0, that is,
an empty list, instead of -ENOENT.
Franck Bui [Wed, 31 May 2017 13:44:08 +0000 (15:44 +0200)]
build: *really* install tmpfiles.d/systemd-remote.conf when necessary (#6061)
This fixes commit 5e354b22520bbb02e which was an attempt to avoid installation
of tmpfiles.d/systemd-remote.conf when it was not needed (ie HAVE_REMOTE=false).
Before this fix and with the autotool build, systemd-remote.conf was
distributed and also installed (although it was empty) even though
HAVE_REMOTE=false.
That's what happens when doing last second changes without retesting...
While at it, update tmpfiles.d/.gitignore (var.conf was missing as well
since commit a083537e5d11b).
meson: output TAGS file in source not build directory
The TAGS file was generated in build/ following what autotools did.
Nevertheless, it's more convenient to put in the source dir.
(It doesn't get deleted by mistake, and it's easier to find for the
editor.)
The -ENOMEDIUM return value was introduced in v232-1001-g2977724b09,
('core: make hybrid cgroup unified mode keep compat /sys/fs/cgroup/systemd hierarchy'),
and would be returned by cg_pid_get_path_shifted(), but the documented and
expected return value is -ENODATA. Let's just catch ENXIO/ENOMEDIUM and translate
it to ENODATA in all cases.
Yu Watanabe [Tue, 30 May 2017 13:45:10 +0000 (22:45 +0900)]
kernel-install: support the case /etc/machine-id is missing or empty (#5975)
Some .install plugins does not require that machine ID is set such as
20-grubby.install for Fedora and 50-depmod.install.
To support such plugins to run without valid machine-id, this commit
makes the following change:
* if /etc/machine-id is missing or empty, create temporary directory
and set its path to BOOT_DIR_ABS,
* run the .install helpers with KERNEL_INSTALL_MACHINE_ID environment
variable that'd be empty if /etc/machine-id is missing or empty.
This may be useful for installing kernel for e.g. stateless systems
which initialize machine-id while booting the systems.
kjackiewicz [Tue, 30 May 2017 13:19:03 +0000 (15:19 +0200)]
rules: watch metadata changes in mmcblk devices (#6050)
Formatting sd-cards does not trigger "change" uevents. As a result clients
using udev API don't get any updates afterwards and get outdated information
about the device.
Include mmcblk* in a match for watch option assignment.
Patrik Flykt [Fri, 19 May 2017 13:22:47 +0000 (16:22 +0300)]
test-ndisc-rs.c: Test Router Solicitation timer computation
Test ICMPv6 Router Solicitation exponential backoff timer by
computing the minimum and maximum values according to RFC 7559,
Section 2 and the algorithm itself described in RFC 3315, Section
14. Reset the sd_ndisc timer to trigger after a zero second delay,
which causes the ndisc timeout to be triggered immediately once
the caller of the "sending" function returns to the main loop.
Patrik Flykt [Fri, 19 May 2017 13:22:46 +0000 (16:22 +0300)]
sd-ndisc.c: Move Router Solicitation sending after timer computaion
Move ICMPv6 Router Solicitation sending after timer computation so
that timers are already set up when the packet is being sent. This
makes it possible to create a test that inspects Router
Solicitation timer values when the Router Solicitation is sent out
on the network.
Instead of sending a fixed amount of Router Solicitiations, implement
the backoff algorithm proposed in RFC 7559. The backoff algorithm is
the same as used by DHCPv6.
Time out after 12s as specified in RFC 4861 in order not to delay
setting up a link for too long while sending Router Solicitations
in the background. Notice that after this change the callback will
receive a SD_NDISC_EVENT_TIMEOUT timeout event, and at a later point
when a router appears, a received Router Advertisment will cause the
callback to be called again with the SD_NDISC_EVENT_ROUTER event.
Many eMMC devices have separate boot partitions that aren't part of the
normal partition table that show up as /dev/mmcblk[0-9]boot[0-9]. These
partitions are generally small (128KB to 16MB) and typically hold a boot
loader, boot loader data or a recovery image. Match these and create
-boot%n by-path symlinks.
Prior to this change by-path symlinks for the main device would be
incorrectly linked to one of the boot partitions.
For instance before:
/dev/disk/by-path/platform-219c000.usdhc linked to /dev/mmcblk1boot1
Now:
/dev/disk/by-path/platform-219c000.usdhc links to /dev/mmcblk1
/dev/disk/by-path/platform-219c000.usdhc-boot0 links to /dev/mmcblk1boot0
/dev/disk/by-path/platform-219c000.usdhc-boot1 links to /dev/mmcblk1boot1
On systems that support multiple SD/MMC devices it can be essential to
have by-path links to these devices since device names vary depending on
which other devices are connected.
test-timesync: add first test for timesyncd conf parsing
We parse the string supplied in NTP_SERVERS during configuration under an
assert_se(). Right now we will accept pretty much anything there, but in case
we are more picky in the future, add a simple test which checks that we can
actually parse whatever is in NTP_SERVERS so that we don't fail the assertion
at runtime.
vconsole-setup: skip setting fonts when setfont returns EX_OSERR
On a machine without a VGA console, /dev/tty{0,1,…} exist, so
systemd-vconsole-setup is started, but all setfont operations fail.
setfont has a bunch of return codes for different failure modes. It uses
EX_OSERR when the communication with the kernel using ioctls fails. This isn't
too specific, but at least it's only used this general class of errors. Let's
swallow the error in this case to avoid systemd-vconsole-setup.service failing
on cloud vms.
On a machine from https://bugzilla.redhat.com/show_bug.cgi?id=1272686#c4:
$ build/systemd-vconsole-setup
setfont: putfont: 512,8x16: failed: -1
putfont: PIO_FONT: Invalid argument
/usr/bin/setfont failed with error code 71.
Setting fonts failed with a "system error", ignoring.
$ SYSTEMD_LOG_LEVEL=debug build/systemd-vconsole-setup
Found container virtualization none.
Sysfs UTF-8 flag enabled
UTF-8 kbdmode enabled on /dev/tty0
Executing "/usr/bin/setfont -C /dev/tty0 eurlatgr"...
setfont: putfont: 512,8x16: failed: -1
putfont: PIO_FONT: Invalid argument
/usr/bin/setfont failed with error code 71.
Executing "/usr/bin/loadkeys -q -C /dev/tty0 -u us"...
/usr/bin/loadkeys succeeded.
Setting fonts failed with a "system error", ignoring.
If we have a better test for /dev/tty? being connected to something that has a
font, we could avoid running setfont at all… ATM, I'm not aware of a simple
test like that.
Daniel Wang [Wed, 24 May 2017 12:05:49 +0000 (05:05 -0700)]
DHCP: Fail link_dhcp_set_routes promotely if no address is assigned from lease (#6009)
Currently the local variable `address` is unintialized if the DHCP lease
doesn't provide a router address (when r == -ENODATA). Thus the
subsequent call to route_scope_from_address will result in accessing an
unintialized variable.
As a matter of fact, sd-dhcp-client ignores DHCP leases without an
address so link_dhcp_set_routes probably will never be called without a
valid address.
NeilBrown [Tue, 23 May 2017 07:42:26 +0000 (17:42 +1000)]
Allow TimeoutSec=0 to work as documented in mount units and elsewhere (#6013)
Since commit 36c16a7cdd6c ("core: rework unit timeout handling, and add
new setting RuntimeMaxSec=") TimeoutSec=0 in mount units has
cause the mount to timeout immediately instead of never as documented.
There is a similar problem with Socket.TimeoutSec and Swap.TimeoutSec.
These are easily fixed using config_parse_sec_fix_0().
Automount.TimeoutIdleSec looks like it could have the same problem,
but doesn't because the kernel treats '0' as 'no timeout'.
It handle USEC_INFINITY correctly only because that constant has
the value '-1', and when round up, it becomes zero.
To avoid possible confusion, use config_parse_sec_fix_0() as well, and
explicitly handle USEC_INFINITY.
tomty89 [Tue, 23 May 2017 07:41:36 +0000 (15:41 +0800)]
nspawn: add nosuid and nodev to /tmp mount (#6004)
When automatic /tmp mount was introduced to nspawn in v219, it was done without having the nosuid and nodev mount options, which was the same case as systemd's default tmp.mount unit back then.
nosuid and nodev was added to tmp.mount(.m4) in v231 for security reasons. matching the nspawn /tmp mount entry against that.
sjoerd-ccu [Tue, 23 May 2017 07:10:59 +0000 (09:10 +0200)]
networkd-link: Receive LLDP on Bridge slaves not master (#5995)
LLDP should be received on bridge slaves as they're the entities
directly connected to a peer. Receiving LLDP on the bridge device makes
little sense, Linux by default even filters out LLDP going onto the
bridge device.
Flip the current logic, receive LLDP on bridge slaves don't listen for
them on the bridge itself.
Let's downgrade the warning introduced by 955d99edc7991386a36e3d33924cc584931fde91 to debug, as we really
shouldn't log at more than debug level from library code.
(And while we are at it, print the MTU as the right (unsigned) type in
the format string.)