Tom Gundersen [Tue, 4 Feb 2014 22:13:52 +0000 (23:13 +0100)]
sd-dhcp-client: split sd_dhcp_lease from sd_dhcp_client
This allows us users of the library to keep copies of old leases. This is
used by networkd to know what addresses to drop (if any) when the lease
expires.
In the future this may be used by DNAv4 and sd-dhcp-server.
logind: given that we can now relatively safely shutdown sessions copes
without working cgroup empty notifications there's no need to set the
stop timeout of sessions scopes low
core: allow PIDs to be watched by two units at the same time
In some cases it is interesting to map a PID to two units at the same
time. For example, when a user logs in via a getty, which is reexeced to
/sbin/login that binary will be explicitly referenced as main pid of the
getty service, as well as implicitly referenced as part of the session
scope.
- Keep the session FIFO around in the PAM module, even after the session
shutdown hook has been finished. This allows logind to track precisely
when the PAM handler goes away.
- In the ReleaseSession() call start a timer, that will stop terminate
the session when elapsed.
- Never fiddle with the KillMode of scopes to configure whether user
processes should be killed or not. Instead, simply leave the scope
units around when we terminate a session whose processes should not be
killed.
- When killing is enabled, stop the session scope on FIFO EOF or after
the ReleaseSession() timeout. When killing is disabled, simply tell
PID 1 to abandon the scope.
Because the scopes stay around and hence all processes are always member
of a scope, the system shutdown logic should be more robust, as the
scopes can be shutdown as part of the usual shutdown logic.
core: watch SIGCHLD more closely to track processes of units with no reliable cgroup empty notifier
When a process dies that we can associate with a specific unit, start
watching all other processes of that unit, so that we can associate
those processes with the unit too.
Also, for service units start doing this as soon as we get the first
SIGCHLD for either control or main process, so that we can follow the
processes of the service from one to the other, as long as process that
remain are processes of the ones we watched that died and got reassigned
to us as parent.
Similar, for scope units start doing this as soon as the scope
controller abandons the unit, and thus management entirely reverts to
systemd. To abandon a unit introduce a new Abandon() scope unit method
call.
udev: add zram to the list of devices inappropriate for symlinks
udev seems to have a race condition with swapon to see which can open
/dev/zram0 first, causing swapon to fail. Seems to be most noticeable
on arm devices one out of every 7 times or something.
Also update logind error messages to print the full path to a file that
failed. This should make debugging easier for people who do not know
off the top of their head where logind stores it state.
man: introduce new "Desktop" property for sessions
This is initialized from XDG_SESSION_DESKTOP and is useful for GNOME
to recognize its own sessions. It's supposed to be set to a short string
identifying the session, such as "kde" or "gnome".
core: don't wait for non-control/non-main processes when killing processes on the host either
Since the current kernel cgroup notification logic is easily confused by
existing subgroups, let's do the same thing as in containers before. and
just not wait for non-control and non-main processes.
This should be corrected as soon as we have sane cgroup notifications
from the kernel.
Susant Sahani [Tue, 4 Feb 2014 08:49:20 +0000 (14:19 +0530)]
Added attribute support for sd-rtnl
Added sd_rtnl_message_append_u8 and
few attribute support in sd_rtnl_message_append_u32
IFLA_GROUP, IFLA_TXQLEN, IFLA_NUM_TX_QUEUES, IFLA_NUM_RX_QUEUES
Tom Gundersen [Mon, 3 Feb 2014 14:25:45 +0000 (15:25 +0100)]
build-sys: move -lresolv out of CFLAGS
Thomas H.P. Andersen <phomes@gmail.com> wrote:
> Does -lresolv belong in libsystemd_la_CFLAGS? I would have thought
> that it should be in LIBADD for the lib and LDADD for the test.
s390/getty-generator: initialize essential system terminals/consoles
Ensure to start getty programs on all essential system consoles on Linux on
System z. Add these essential devices to the list of virtualization_consoles
to always generate getty configurations.
For the sake of completion, the list of essential consoles is:
/dev/sclp_line0 - Operating system messages applet (LPAR)
/dev/ttysclp0 - Integrated ASCII console applet (z/VM and LPAR)
/dev/ttyS0 - Already handled by systemd (3215 console on z/VM)
/dev/hvc0 - Already handled by systemd (IUCV HVC terminal on z/VM)
Depending on the environment, z/VM or LPAR, only a subset of these terminals
are available.
See also RH BZ 860158[1] "Cannot login via Operating System Console into RHEL7
instance installed on a LPAR". This bugzilla actually blocks the installation
of Linux on System z instances in LPAR mode.
By specifiy a Controller property when creating the scope a client can
specify a bus name that will be notified with a RequestStop bus signal
when the scope has been asked to shut down, instead of sending SIGTERM
to the scope processes themselves.
Tom Gundersen [Fri, 31 Jan 2014 01:03:39 +0000 (02:03 +0100)]
networkd: don't check for ifindex in answer to RTM_NEWLINK
The kernel will not be changed to support this, so drop the code. Listening
for all RTM_NEWLINK messages and filtering on name is reliable, so it is not
a problem.
Patrik Flykt [Fri, 31 Jan 2014 09:31:25 +0000 (11:31 +0200)]
libsystemd-dhcp: Update secs field only when sending Discover
Compute the 'secs' field as seconds since start of lease acquisition
procedure. Start off with a value of zero and increase it only for
each resent DHCP discover message. See the discussion before and
after http://www.ietf.org/mail-archive/web/dhcwg/current/msg05836.html
and Section 3.1 of RFC 2131.
Greg KH [Fri, 31 Jan 2014 05:51:32 +0000 (06:51 +0100)]
use memzero(foo, length); for all memset(foo, 0, length); calls
In trying to track down a stupid linker bug, I noticed a bunch of
memset() calls that should be using memzero() to make it more "obvious"
that the options are correct (i.e. 0 is not the length, but the data to
set). So fix up all current calls to memset(foo, 0, length) to
memzero(foo, length).
Tom Gundersen [Wed, 29 Jan 2014 20:24:44 +0000 (21:24 +0100)]
networkd: netdev - reduce chance of race when receiving netdev's ifindex
When creating a new link, the kernel will not inform us about the new ifindex
in its ack. We have to listen for newly created devices and deduce the new
ifindex by matching on the ifname.
We used to do this by waiting for a new device from libudev, but that is asking
for trouble, as udev will happily rename the device before handing it to us.
Listen on rtnl instead, the chance of the name being changed before reaching us
is much smaller (if not nil).
Kernel patch in the works to make this unneccessary.
Tom Gundersen [Mon, 27 Jan 2014 19:52:07 +0000 (20:52 +0100)]
networkd: dhcpv4 - add notion of 'CriticalConnection'
These connections are never torn down, even when the DHCP specifications say that
they should be. This is useful/necessary when the rootfs (or another critical fs)
is mounted over this network connection, and dataloss would result if the connection
is lost.
This option defaults to off, but our initrd generator (TBD) will enable it when
applicable.
core: make sure to always go through both SIGTERM and SIGKILL states of units
Given that we now have KillMode=mixed where SIGTERM might kill a smaller
set than SIGKILL we need to make sure to always go explicitly throught
the SIGKILL state to get the right end result.
core: introduce new KillMode=mixed which sends SIGTERM only to the main process, but SIGKILL to all daemon processes
This should fix some race with terminating systemd --user, where the
system systemd instance might race against the user systemd instance
when sending SIGTERM.
In (v1) I changed the job start timestamp to be always set, so the
start time can be reported in the cylon eye message. The bug was that
when deserializing jobs, they would be ignored if their start
timestamp was unset which was synonymous with no timeout. But after
the change, jobs would have a start timestamp set despite having no
timeout. After deserialization they would be considered immediately
expired. Fix this by checking if the timeout is not zero when
considering jobs for expiration.
Current glibc implementation is safe. Kernel does this atomically,
and write is actually implemented through writev. So if write is
async-signal-safe, than writev pretty much must be too.
When set to auto, status will shown when the first ephemeral message
is shown (a job has been running for five seconds). Then until the
boot or shutdown ends, status messages will be shown.
No indication about the switch is done: I think it should be clear
for the user that first the cylon eye and the ephemeral messages appear,
and afterwards messages are displayed.
The initial arming of the event source was still wrong, but now should
really be fixed.
journal: guarantee async-signal-safety in sd_journald_sendv
signal(7) provides a list of functions which may be called from a
signal handler. Other functions, which only call those functions and
don't access global memory and are reentrant are also safe.
sd_j_sendv was mostly OK, but would call mkostemp and writev in a
fallback path, which are unsafe.
Being able to call sd_j_sendv in a async-signal-safe way is important
because it allows it be used in signal handlers.
Safety is achieved by replacing mkostemp with open(O_TMPFILE) and an
open-coded writev replacement which uses write. Unfortunately,
O_TMPFILE is only available on kernels >= 3.11. When O_TMPFILE is
unavailable, an open-coded mkostemp is used.
bus: rework bloom filter logic to operate with variable bloom filter
sizes and numbers of hash functions
In order to make the bloom filter logic more future proof communicate
bloom filter parameters from the original bus creator to the clients,
and allow them to be variable within certain ranges.
Add new calls sd_bus_open() and sd_bus_default() for connecting to the
starter bus a service was invoked for, or -- if the process is not a
bus-activated service -- the appropriate bus for the scope the process
has been started in.