logind: refuse operations if the target unit is masked or unavailable
If hibernate.target is masked, and systemctl hibernate is invoked, havoc ensues.
logind starts the hibernation operation, but then doesn't go through with it;
gnome-shell segfaults. Let's be nice to the user and refuse doing anything in
that case.
$ sudo systemctl mask hibernate.target
$ busctl call org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager CanHibernate
s "no"
$ sudo systemctl hibernate
Failed to hibernate system via logind: Access denied
Failed to start hibernate.target: Unit hibernate.target is masked.
shared/sleep-fix: fix check if s-then-h is possible
can_sleep() returns 0 if the operation is impossible, but
the code assumed that negative is returned in that case,
in effect reporting s2h was possible even if hibernation or
suspend were not possible.
Devices in Hyper-V/Azure exist on vmbus and are identified by
UUID value. This patch adds a hardware table so that udevadm
can report properties. I chose names are based on the values
reported in Window Device Manager (for consistency).
The table includes several devices that are not used by Linux
but are present and ignored.
sleep: Add support for setting a disk offset when hibernating
The Linux kernel is adding support for configuring the offset
into a disk. This allows swapfiles to be more usable as users
will no longer need to set the offset on their kernel command
line.
Use this API in systemd when hibernating as well.
Signed-off-by: Mario Limonciello <mario.limonciello@dell.com>
analyze: give a hint what is it means that boot is still active
$ build/systemd-analyze time
Bootup is not yet finished (org.freedesktop.systemd1.Manager.FinishTimestampMonotonic=0).
Please try again later.
Hint: Use 'systemctl list-jobs' to see active jobs
analyze: Do no require a full d-bus bus for the plot command (#8539)
The plot command requires a full d-bus bus to fetch the host
information, which seems rather optional, and having a running dbus
daemon is not always desirable. So instead, we try to acquire a full
bus, and if that fails we acquire the systemd bus, in which case we
omit the host information from the output.
We refactor acquire_bus() into two new functions which in addition
makes the call sites clearer.
Martin Wilck [Sat, 7 Apr 2018 15:33:48 +0000 (17:33 +0200)]
systemd-udevd: limit children-max by available memory (#8668)
Udev workers consume typically 50-100MiB virtual memory.
On systems with lots of CPUs and relatively low memory, that may
easily cause workers to be OOM-killed.
This patch limits the number of workers to 8 per GiB memory.
But don't let the limit drop below the smallest value we had
without this patch (8 + 1 * 2 = 10); on small systems, udev's
memory footprint is likely lower.
Clarify checker/helper in systemd-fsck@.service manpage (#8674)
Clarify the helper/checker terminology in the systemd-fsck@.service manpage to
make the description more clear about what is responsible for deciding if a filesystem
needs checking.
Files which are installed as-is (any .service and other unit files, .conf
files, .policy files, etc), are left as is. My assumption is that SPDX
identifiers are not yet that well known, so it's better to retain the
extended header to avoid any doubt.
I also kept any copyright lines. We can probably remove them, but it'd nice to
obtain explicit acks from all involved authors before doing that.
Philip Sequeira [Thu, 5 Apr 2018 14:04:27 +0000 (14:04 +0000)]
nspawn: wait for network namespace creation before interface setup (#8633)
Otherwise, network interfaces can be "moved" into the container's
namespace while it's still the same as the host namespace, in which case
e.g. host0 for a veth ends up on the host side instead of inside the
container.
dissect: when pulling metadata from an image, don't bother with /home or ESP
When we try to read meta-data from an image, don't bother with mounting
/home or the ESP, as that's not where the metadata is. This not only
speeds things up a bit, but also has the benefit that setups where an
unencrypted root is mixed with an encrypted /home (which I have on one
of my own systems) won't result in errors that the crypto key is needed.
1. We'll now explicitly check that the child devices of a block device
we are interested in (i.e. the partitions) are block devices themselves.
On newer kernels the mmc rpmb stuff is actually exposed as char rather
than block device as before, and they probably should have been that in
the first place. By adding this check we'll hence filter out these weird
devices through a second rule too, that hopefully makes things a bit
more future-proof, should more devices like this be added eventually,
or other subsystems do a similar thing.
2. When counting partitions we'll now also check the devnum of the
device being non-null, which we already do when matching up the devices
in the second iteration. This should make things more robust, and
prevent other kinds of miscounting, which after all was the main
issue #8609 fixed.
If an rfkill device disappears between the time we get notified about
the existance and we fully opened it we might get ENXIO or ENODEV (i.e.
the two kinds of "device not found" errors, which are typically
generated when for example a device node has no actual backing device
behind it). let's handle that the same way as ENOENT, and downgrade the
log message to LOG_DEBUG.
tmpfiles: ignore "operational" errors during setup
We still get the errors logged, but we don't fail the service. This
is better for users because rerunning tmpfiles-setup.service a second
time is dangerous (c.f. cd9f5b68ce08375eb1d68a4ddaa7a24a5092d7ba).
Note that this only touches sd-tmpfiles-setup.service and
sd-tmpfiles-setup-dev.service. sd-tmpfiles-clean.service is as before.
tmpfiles: add a new return code for "operational failure" when processing
Things can fail, and we have no control over it:
- file system issues (immutable bits, file system errors, MAC refusals, etc)
- kernel refusing certain arguments when writing to /proc/sys or /sys
Let's add a new code for the case where we parsed configuration but failed
to execute it because of external errors.
units: use `systemctl exit` to kill the user manager (#8648)
Use `systemctl --user --force exit` to implement the systemd-exit
user service.
This removes our dependence on an external `kill` binary and the
concerns about whether they recognize SIGRTMIN+n by name or what their
interpretation of SIGRTMIN is.
Tested: `systemctl --user start systemd-exit.service` kills the
`systemd --user` instance for my user.
oss-fuzz: Fallback to `ninja-build` when available (#8641)
The ninja binary is deployed as `ninja-build` in older distros such as
RHEL 7/CentOS 7. Detect that and use `ninja-build` instead of `ninja`
when it's available.
dissect: Don't count RPMB and boot partitions (#8609)
Filter-out RPMB partitions and boot partitions from MMC devices when
counting partitions enumerated by the kernel. Also factor out the now
duplicated code into a separate function.
This complement the previous fixes to the problem reported in
https://github.com/systemd/systemd/issues/5806
Accept definitions to other AF_ constants, not just PF_ ones,
such as:
#define AF_LINUX AF_LOCAL
It may not be necessary to impose any restriction on the
definitions of the macros extracted, but for now
keep most of that requirement but match AF_* as well.
Hans de Goede [Fri, 30 Mar 2018 18:00:27 +0000 (20:00 +0200)]
hwdb: Add accelerometer orientation quirk for the Lenovo Ideapad Miix 310
Add an accelerometer orientation quirk for the Lenovo Ideapad Miix 310.
Note this quirk is limited to the production batches which ship with a
portrait panel, rather then with a landscape panel (recognized by the
different BIOS version these 2 variants use).
Hans de Goede [Fri, 9 Mar 2018 13:55:11 +0000 (14:55 +0100)]
hwdb: Add accelerometer orientation quirk for the Yours Y8W81 tablet
Add an accelerometer orientation quirk for the Yours Y8W81 8" tablet.
For future reference: this tablet has the same case and mostly the same
internals as the Chuwi Vi8. Both seem to be from an ODM called inet-tek.
Both are labelled: "INET-I86M-REVxx" on the PCB, with the Chuwi Vi8 being
REV03 (and having a ALC5640 audio codec) and the Yours Y8W81 being REV21
(and having a ALC5651 audio codec).
Hans de Goede [Sun, 18 Feb 2018 20:42:43 +0000 (21:42 +0100)]
hwdb: Add accelerometer orientation entry for the I.T.Works TW701 tablet
Add accelerometer orientation entry for the I.T.Works TW701 7"
windows tablet, note this is the same hardware/PCB as the Trekstor
ST70416-6 for which we already have the same quirk.
sd-bus: allow description to be set for system/user busses (#8594)
sd_bus_open/sd_bus_open_system/sd_bus_open_user are convenient, but
don't allow the description to be set. After they return, the bus is
is already started, and sd_bus_set_description() fails with -EBUSY.
It would be possible to allow sd_bus_set_description() to update the
description "live", but messages are already emitted from sd_bus_open
functions, so it's better to allow the description to be set in
sd_bus_open/sd_bus_open_system/sd_bus_open_user.
Fixes message like:
Bus n/a: changing state UNSET → OPENING
install: don't enforce that .d/ dropin files (and their symlink chain elements) for units must have names that qualify as unit names
The names of drop-in files can be anything as long as they are suffixed
in ".conf", hence don't be stricter than necessary when validating the
names used in symlink chains of such drop-in files.
Also, drop-in files should not be ale to change the type of unit file
itself, i.e. not affect whether it is considered masked or an alias as a
whole.
This adds a flag SEARCH_DROPIN that is passed whenever we load a drop-in
rather the main unit file, and in that case loosen checks and behaviour
we otherwise enforce for the unit file itself. Specifically:
1. If SEARCH_DROPIN is passed we won't change the unit's info->type
field anymore, as that field (which can be REGULAR, MASKED, SYMLINK)
should not be affected by drop-ins, but only by the unit file itself.
2. If SEARCH_DROPIN is passed we will shortcut following of symlink
chains, and not validate the naming of each element in the chain,
since that's irrelevant for drop-ins, and only matters for the unit
file itself.
Or in other words, without this:
1. A symlink /etc/systemd/system/foobar.service.d/20-quux.conf →
/dev/null might have caused the whole of foobar.service to be
considered "masked".
2. A symlink /etc/systemd/system/foobar.service.d/20-quux.conf →
/tmp/miepf might have caused the whole loading of foobar.service to
fail as EINVAL, as "miepf" is not a valid unit name.
fd-util: introduce fd_reopen() helper for reopening an fd
We have the same code for this in place at various locations, let's
unify that. Also, let's repurpose test-fs-util.c as a test for this new
helper cal..
tests: run `udevadm settle` after `sfdisk` (#8610)
This makes the script wait for the newly created partition to
show up before trying to put a filesystem on it, which should
prevent the tests from failing with the following error:
```
New situation:
Disklabel type: dos
Disk identifier: 0x3541a0ec
Device Boot Start End Sectors Size Id Type
/dev/loop6p1 2048 800767 798720 390M 83 Linux
/dev/loop6p2 800768 819199 18432 9M 83 Linux
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
The file /dev/loop6p1 does not exist and no size was specified.
make: *** [setup] Error 1
F: Failed to mkfs -t ext4
Makefile:4: recipe for target 'setup' failed
```