Jörg Thalheim [Tue, 3 Mar 2020 23:31:25 +0000 (23:31 +0000)]
systemd-resolved: use hostname for certificate validation in DoT
Widely accepted certificates for IP addresses are expensive and only
affordable for larger organizations. Therefore if the user provides
the hostname in the DNS= option, we should use it instead of the IP
address.
Benjamin Berg [Thu, 5 Mar 2020 10:35:45 +0000 (11:35 +0100)]
core: Fix resolution of nested DM devices for cgroups
When using the cgroups IO controller, the device that is controlled
should always be the toplevel block device. This did not get resolved
correctly for an LVM volume inside a LUKS device, because the code would
only resolve one level of indirection.
Fix this by recursively looking up the originating block device for DM
devices.
units: skip modprobe@.service if the unit appears to be already loaded
Possible alternative to #14819.
For me, setting RemainAfterExit=yes would be OK, but if people think that it
might cause issues, then this could be a reasonable alternative that still
let's us skip the invocation of the separate binary.
As with the previous changes the same arguments apply
- distributions have scripts to rewrite shebangs on installation and
they know what locations to rely on.
- For tests/compilation we should rather rely on the user to have setup
there PATH correctly.
In particular this makes testing from git easier on NixOS where do not provide
/bin/bash to improve compose-ability.
Use Finished instead of Started for Type=oneshot services (#14851)
UnitStatusMessageFormats.finished_job, if present,
will be called with the same arguments as
job_get_done_status_message_format() to provide a format string
appropriate for the context
This commit replaces "Started" with "Finished" for started oneshot
units, as mentioned in the referenced issue
units: restore RemainAfterExit=yes in systemd-vconsole-setup.service
This reverts the second part of 8125e8d38e3aa099c7dce8b0161997b8842aebdc.
The first part was reverted in 750e550eba362096d56a35104c6a32631aa67b8e.
The problem starts when s-v-s.s is pulled in by something that is then pulled
in by sysinit.target. Every time a unit is started, systemd recursively checks
all dependencies, and since sysinit.target is pull in by almost anything, we'll
start s-v-s.s over and over. In particular, plymouth-start.service currently
has Wants=s-v-s.s and After=s-v-s.s.
units: do not ignore return value from systemd --user
This minus has been there since the unit was added in d42d27ead91e470cb12986d928441e56c0f543ca. I think the idea was not cause things
to fail if the user instance doesn't work. But ignoring the return value
doesn't seem to be the right way to approach the problem. In particular, if
the program fails to run, we'll get a bogus fail state, see
https://bugzilla.redhat.com/show_bug.cgi?id=1727895#c1:
with the minus:
$ systemctl start user@1002
Job for user@1002.service failed because the service did not take the steps required by its unit configuration.
See "systemctl status user@1002.service" and "journalctl -xe" for details.
without the minus:
$ systemctl start user@1002
Job for user@1002.service failed because the control process exited with error code.
See "systemctl status user@1002.service" and "journalctl -xe" for details.
Benjamin Berg [Wed, 4 Mar 2020 10:30:31 +0000 (11:30 +0100)]
man: Add documentation for generator path environment variables
This adds documentation for the SYSTEMD_GENERATOR_PATH and
SYSTEMD_ENVIRONMENT_GENERATOR_PATH variables to the systemd man page
grouped with the existing SYSTEMD_UNIT_PATH.
Also added is a description about how these variables work, i.e. that a
trailing : can be used to prepend paths to the usual set.
Benjamin Berg [Mon, 17 Feb 2020 11:51:23 +0000 (12:51 +0100)]
path-lookup: Allow setting generator paths via environment
This adds SYSTEMD_GENERATOR_PATH and SYSTEMD_ENVIRONMENT_GENERATOR_PATH
environment variables that will be read in the same manner as
SYSTEMD_UNIT_PATH is. i.e. if set, these paths will be used and a
trailing empty entry means that the usual paths will be appended, while
no trailing entry means that solely the given paths are used.
selinux: add trigger for policy reload to refresh internal selabel cache
Reload the internal selabel cache automatically on SELinux policy reloads so non pid-1 daemons are participating.
Run the reload function `mac_selinux_reload()` not manually on daemon-reload, but rather pass it as callback to libselinux.
Trigger the callback prior usage of the systemd internal selabel cache by depleting the selinux netlink socket via `avc_netlink_check_nb()`.
We're operating on known paths in root-owned directories here, so the detour
through toctou-safe methods that require /proc to be mounted is not necessary.
Should fix https://bugzilla.redhat.com/show_bug.cgi?id=1807768.
sysusers: many different errnos to express one condition
See https://bugzilla.redhat.com/show_bug.cgi?id=1807768. It turns
out that sysusers cannot query if the group exists:
Failed to check if group dnsmasq already exists: No such process
...
Failed to check if group systemd-timesync already exists: No such process
When the same command is executed later, the issue does not occur. Not sure why
the behaviour in the initial transaction is different. But let's accept all
errors that the man pages list. We check if the user/group exists before creating
anyway, so this seems pretty safe.
tree-wide: use the return value from sockaddr_un_set_path()
It fully initializes the address structure, so no need for pre-initialization,
and also returns the length of the address, so no need to recalculate using
SOCKADDR_UN_LEN().
socklen_t is unsigned, so let's not use an int for it. (It doesn't matter, but
seems cleaner and more portable to not assume anything about the type.)
It returns 32 bits, unsigned on amd64, so it's probably similar everywhere
with glibc. But let's make the code generic, without assuming specific size
or signedness.
.msg_namelen was set to a bogus value before we actually stored the path in the
the structure. sockaddr_un_set_path() returns the length, so just use that.
Kevin P. Fleming [Mon, 24 Feb 2020 14:54:35 +0000 (09:54 -0500)]
RequireMountsFor in systemd-nspawn should wait for machine mount
This patch modifies the RequireMountsFor setting in systemd-nspawn@.service to wait for the machine instance directory to be mounted, not just /var/lib/machines.
HATAYAMA Daisuke [Sat, 29 Feb 2020 21:31:38 +0000 (06:31 +0900)]
shared/logs-show: Remove unused OUTPUT_FOLLOW
As of the commit aae9a96d4b3a8562af9e8c6a23871b442645b954 removing --follow
option in systemctl command, OUTPUT_FOLLOW has never been set anywhere. Let's
remove it.
The condition expression of the if-statement in show_journal() that refers to
OUTPUT_FOLLOW now thus evaluates always to true. Hence, the call of
sd_journal_wait() is in dead code, and the outer infinite for-loop is
meaningless, which we remove as cleanup.
machined needs access to the host mount namespace to propagate bind
mounts created with the "machinectl bind" command. However, the
"ProtectKernelLogs" directive relies on mount namespaces to make the
kernel ring buffer inaccessible. This commit removes the
"ProtectKernelLogs=yes" directive from machined service file introduced
in 6168ae5.