Double newlines (i.e. one empty lines) are great to structure code. But
let's avoid triple newlines (i.e. two empty lines), quadruple newlines,
quintuple newlines, …, that's just spurious whitespace.
It's an easy way to drop 121 lines of code, and keeps the coding style
of our sources a bit tigther.
mkosi: drop dumping all test output to console again
As it appears meson's test cases nowadays (?) show useful logs for
failing tests anyway, hence there's no need to show them unconditionally
in full every time anymore. Let's hence simplify and drop this.
This makes `resolvectl` use the verb style command line, e.g.,
`resolvectl status` or `resolvectl tlsa tcp fedoraproject.org:443`.
For compatibility, if the invocation name is `systemd-resolve`,
then it accepts the old syntax, e.g. `systemd-resolve --status`.
First of all, it's frickin' ugly and wrong, as IPC sockets should be
placed in /run and definitely not under a guessable name under
world-writable /tmp. Secondly, it can't even work as we set
PrivateTmp=yes on the service.
Hence, let's clean up the example, and simply use a socket in /run
instead.
namespace: rework how we resolve symlinks in mount points
Before this patch we'd resolve all symlinks of bind mounts and other
mount points to establish for a service in advance, and only then start
mounting them. This is problematic, if symlink chains jump around
between directories in a namespace tree, so that to resolve a specific
symlink chain we need to establish another mount already. A typical case
where this happens is if /etc/resolv.conf is a symlink to some file in
/run: in that case we'd normally resolve and mount /etc/resolv.conf
early on, but that's broken, as to do this properly we'd need to resolve
/etc/resolv.conf first, then figure out that /run needs to be mounted
before we can proceed, and thus reorder the order in which we apply
mounts dynamically.
With this change, whenever we are about to apply a mount, we'll do a
single step of the symlink normalization process, patch the mount entry
accordingly, and then sort the list of mounts to establish again, taking
the new path into account. This means that we can correctly deal with
the example above: we might start with wanting to mount /etc/resolv.conf
early, but after resolving it to the path in /run/ we'd push it to the
end of the list, ensuring that /run is mounted first.
(Note that this also fixes another bug: we were following symlinks on
the bind mount source relative to the root directory of the service,
rather than of the host. That's wrong though as we explicitly document
tha the source of bind mounts is always on the host.)
We have plenty of code in our codebase that outputs tables to the
console, and all is homegrown and awful. Let's replace it with a generic
implementation that can do automatically what the old implementations
did manually.
pager.[ch] doesn't use any APIs from src/libsystemd/ or src/shared/
hence there's no reason for it to be in src/shared/, let's move it to
src/basic/ instead.
This enables us to use pager.[ch] APIs from other code in src/basic/,
for example pager_have() and suchlike.
1. Ellipsation to 0, 1 or 2 characters is now supported. Previously we'd
hit an assert if the new lengths was < 3, this is now permitted. The
result strings won't show too much info still of course, but the code
becomes a bit more generic and robust to use.
2. If a UTF-8 mode is disabled and the input string is pure ASCII, then
"..." is used for ellipsation, otherwise (as before) "…". This means
on a pure-ASCII system we should remain pure-ASCII, matching
behaviour otherwise exposed with special_glyph() and friends. Note
that we'll use "…" for ellipsiation as soon as either the locale
settings indicate an UTF-8 mode or the input string already contains
non-ASCII unicode characters.
man: add a new page with a general description of common syntax
We have a common parser, but for the user it might be
completely unobvious that the same general rules apply
to all those files. Let's add a page about the basic syntax
so that the more specific pages don't have to repeat those
details.
path-util: Finish DEFAULT_PATH_NULSTR with an extra NUL (#8745)
The NULSTR_FOREACH iterator needs to see an empty string at the end, so
we need to insert an extra NUL explicitly.
Also update PATH0_BIN_SBIN(x) to include an extra NUL terminator, rename
it to PATH_BIN_SBIN_NULSTR(x), which is more consistent with the similar
CONF_PATHS_NULSTR(x) macro.
timesync: establish connection when network become online and the manager is not connected yet (#8727)
This also introduces `manager_is_connected()` helper function, which
returns true when the manager is sending a request, resolving a server
name, or in a poll interval.
1. Don't unnecessarily export functions we don't call outside of
machined.c
2. Use cleanup logic for the manager object.
3. Propagate errors properly from manager_new(). So far if
sd_event_new() returns EMFILE/ENFILE for some reason we would have
logged that as log_oom(), which isn#t right, really.
4. Handle SIGTERM/SIGINT cleanly. It's easy, and prettier then letting
the kernel just abort us. It also makes it possible to valgrind
machined properly.
networkd: fix dhcp4 link without routes not being considered ready (#8728)
The dhcp4 code sets link->dhcp4_configured when dhcp4_route_handler()
has processed the last message.
However, in case UseRoutes=no has been set in the [DHCP] section, or
in case the DHCP server simply sends no routes, link_set_dhcp_routes()
will not send any netlink messages and dhcp4_route_handler() will
therefore never be called.
This causes the link to never reach LINK_STATE_CONFIGURED, and e.g.
systemd-networkd-wait-online will not consider the link as ready.
Fix that by setting link->dhcp4_configured = true and calling
link_check_ready() in dhcp4_address_handler() in case
link_set_dhcp_routes() sent no netlink messages (dhcp4_messages is
zero).
networkd: fix crash if fails to get network file (#8714)
In some situation if networkd fails to get the network file
then networkd crashes becasse the link->network is not initalized;
```
veth99: Failed to get network dhcp-client-ipv4-only: No such file or directory
Segmentation fault
gdb) r
The program being debugged has been started already.
Start it from the beginning? (y or n) y
Starting program: /home/sus/tt/systemd/build/systemd-networkd
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
warning: Loadable section ".note.gnu.property" outside of ELF segments
warning: Loadable section ".note.gnu.property" outside of ELF segments
warning: Loadable section ".note.gnu.property" outside of ELF segments
Program received signal SIGSEGV, Segmentation fault.
link_load (link=0x55555582ccd0) at ../src/network/networkd-link.c:2973
2973 r = sd_dhcp_client_new(&link->dhcp_client, link->network->dhcp_anonymize);
(gdb) bt
(gdb) p link->network
$1 = (Network *) 0x0
(gdb) list
2968 if (r < 0) {
2969 log_link_debug_errno(link, r, "Failed to parse DHCPv4 address %s: %m", dhcp4_address);
2970 goto dhcp4_address_fail;
2971 }
2972
2973 r = sd_dhcp_client_new(&link->dhcp_client, link->network->dhcp_anonymize);
2974 if (r < 0)
2975 return log_link_error_errno(link, r, "Failed to create DHCPv4 client: %m");
2976
2977 r = sd_dhcp_client_set_request_address(link->dhcp_client, &address.in);
(gdb) r
```
test-execute: make find invocation a bit more efficent, increase timeout
We go through the whole file system, so this test can take arbitrary time. But
this test is still quite useful, so let's at least try to make it more efficent
by not descending at all into the directories we would filter out later on
anyway.
Also increase the timeout, in case the previous step doesn't help enough.
systemd: do not require absolute paths in ExecStart
Absolute paths make everything simple and quick, but sometimes this requirement
can be annoying. A good example is calling 'test', which will be located in
/usr/bin/ or /bin depending on the distro. The need the provide the full path
makes it harder a portable unit file in such cases.
This patch uses a fixed search path (DEFAULT_PATH which was already used as the
default value of $PATH), and if a non-absolute file name is found, it is
immediately resolved to a full path using this search path when the unit is
loaded. After that, everything behaves as if an absolute path was specified. In
particular, the executable must exist when the unit is loaded.
verify: use manager_load_startable_unit_or_warn() to load units for verification
This doesn't change the outcome:
(before)
/home/zbyszek/src/systemd/test/test-execute/exec-basic.service:6: Executable path specifies a directory: /usr/bin/test/
exec-basic.service: Failed to create exec-basic.service/start: Unit exec-basic.service is not loaded properly: Exec format error.
(after)
/home/zbyszek/src/systemd/test/test-execute/exec-basic.service:6: Executable path specifies a directory: /usr/bin/test/
Failed to load file /home/zbyszek/src/systemd/test/test-execute/exec-basic.service: Exec format error
(before)
masked.service: Failed to create masked.service/start: Unit masked.service is masked.
(after)
File /home/zbyszek/src/systemd/test/test-execute/masked.service is masked.
but the failure is immediate and the error messages are more direct.
tests: use manager_load_startable_unit_or_warn() to load units
Doing manager_load_unit() followed by UNIT_VTABLE(unit)->start(unit) would
result in an assertion failure in ->start() if the unit failed to load
properly. Something like this is okey-ish is tests, since the test units are
not expected to fail to load, but the reason for failure is clearer if we
fail immediately.
Peter A. Bigot [Mon, 9 Apr 2018 18:39:16 +0000 (13:39 -0500)]
time-wait-sync: use watchfile to coordinate with timesyncd
Systems that have an accurate real-time clock may have an initial
unsynchronized time that is close enough to the synchronized time that
the final adjustment doesn't trigger a waking "clock set" event. Have
timesyncd touch a file in its runtime directory as a secondary signal
for synchronization. Continue to support the timerfd-based trigger as a
sufficient condition when the watchfile is not present.
dropin: when looking for dropins for a unit, also look within "-" prefix unit dirs
This extends the logic by which we look for drop-ins for unit files when
loading them. Previously for a unit "foo-quux-bar.service" we'd look in
a directory "foo-quux-bar.service.d" accompanying it for extension
dropins. With this change we'll additionally look in:
"foo-quux-.service.d" and "foo-.service.d", i.e. we'll truncate the unit
name after every dash.
This is an alternative to templating for many services, as it permits
configuring defaults for sets of units that all use the same prefix in
the unit name. This is particularly useful in slice, mount and
automount units which reflect a hierarchy of concepts, as it permits
setting defaults for specific subsets of the tree. For example, in order
to provide every user with a memory of 1G it's now possible to do:
copy: drop _unlikely_() that isn't obviously the case
If a tool only invokes copy_bytes() a single time the _unlikely_() will always be
wrong, and is hence not useful. Let's drop it and let the compiler
figure our what to do, instead of misleading it.
copy: hide in copy_bytes() the strange way splice() handles O_NONBLOCK
splice() ignores O_NONBLOCK on pipes but not on other fds. Let's handle
that properly, and query O_ONBLOCK manually in that case, ensuring
systematic behaviour in either case.
Optionally, when we copy between fds with simple read/write, let's
return any remaining data we already read into the buffer if write
fails. This is useful to allow callers to use the read data otherwise,
perhaps implementing a different fallback for copying.