Michael Olbrich [Tue, 25 Mar 2014 13:15:45 +0000 (14:15 +0100)]
service: add support for reboot argument when triggered by StartLimitAction=
When rebooting with systemctl, an optional argument can be passed to the
reboot system call. This makes it possible the specify the argument in a
service file and use it when the service triggers a restart.
This is useful to distinguish between manual reboots and reboots caused by
failing services.
Dave Reisner [Sat, 19 Apr 2014 17:22:35 +0000 (13:22 -0400)]
implement a union to pad out file_handle
Cases where name_to_handle_at is used allocated the full struct to be
MAX_HANDLE_SZ, and assigned this size to handle_bytes. This is wrong
since handle_bytes should describe the length of the flexible array
member and not the whole struct.
Define a union type which includes sufficient padding to allow
assignment of MAX_HANDLE_SZ to be correct.
Tom Gundersen [Sat, 19 Apr 2014 15:14:36 +0000 (17:14 +0200)]
networkd: netdev - give up early when setting already set ifindex
We may receive RTM_NEWLINK messages with missing LINKINFO after the initial NEWLINK message,
don't bother verifying these, just drop out early after checking that the ifindex is not in conflict.
Tom Gundersen [Tue, 15 Apr 2014 12:21:44 +0000 (14:21 +0200)]
networkd: tie links to rtnl rather than udev
This essentially swaps the roles of rtnl and udev in networkd. After this
change libudev is only used for waiting for udev to initialize devices and
to get udev-specific information needed for some [Match] attributes.
This in particular simplifies the code in containers where udev is not really
useful, but also simplifies things and reduces round-trips in the non-container
case.
It causes a crash in PID1:
Apr 19 13:49:32 lon systemd[1]: Code should not be reached 'Unhandled socket type.'
at src/core/socket.c:684, function instance_from_socket(). Aborting.
Apr 19 13:49:32 lon systemd[1]: Caught <ABRT>, dumped core as pid 336.
Apr 19 13:49:32 lon systemd[1]: Freezing execution.
install: create_symlink() check unlink() return value
create_symlink() do not check the return value of unlink(), this may
confuse the user.
Before the unlink() call we check the 'force' argument. If it is not set
we fail with -EEXIST, otherwise we unlink() the file, therefore the next
symlink() should not fail with -EEXIST (do not count races...).
However since callers may not have appropriate privileges to unlink()
the file we lose the -EPERM or any other errno code of unlink(), and
return the -EEXIST of the next symlink(). Fix this by checking unlink()
results.
Before:
$ systemctl --force --root=~/container-03 set-default multi-user.target
Failed to set default target: File exists
After:
$ systemctl --force --root=~/container-03 set-default multi-user.target
Failed to set default target: Permission denied
systemctl: allow to change the default target without the --force switch
Currently "systemctl set-default" will fail to change the default target
due to the 'default.target' being a symlink which is always the case.
To work around this, the user must specify the "--force" switch to be
able to overwrite the existing symlink.
This is clearly a regression that was introduced by commit 718db96199e
since it worked before without the "--force" switch and the man pages do
not mention that you need to specify it. It is expected that this is a
symlink.
So just explicity set the force flag to make it work again.
Handle Unix domain socket connections from outside our namespace
NixOS uses Unix domain sockets for certain host <-> container
interaction; i.e. the host connects to a socket visible in the
container's directory tree, where the container uses a .socket unit to
spawn the handler program on demand. This worked in systemd 203, but
in 212 fails with "foo.socket failed to queue service startup job
(Maybe the service file is missing or not a template unit?): No data
available".
The reason is that getpeercred() now returns ENODATA if it can't get
the PID of the client, which happens in this case because the client
is not in the same PID namespace. Since getpeercred() is only used to
generate the instance name, this patch simply handles ENODATA by
creating an instance name "<nr>-unknown".
[zj: reorder clauses and remove (unsigned long) casts.]
sec is not set if have_time is false so avoid using it. have_time
was introduced in 9ff09bcb86fb125768667aca9bc0b10b1745370a but only
the first uses for sec were covered
Tom Gundersen [Mon, 14 Apr 2014 15:20:51 +0000 (17:20 +0200)]
sd-rtnl: socket_read - use a read buffer
Rather than allocating/freeing memory for each message read, keep a global read buffer
in the rtnl object. Also, rather than using a fixed size, peek at the pending message
header to get the message size and reallocate as necessary.
Tom Gundersen [Sun, 13 Apr 2014 19:37:53 +0000 (21:37 +0200)]
sd-rtnl: multi-part message - store as linked-list rather than independent messages
This means the API can stay the same as for single-part messages by simply passing the head message around. Unrefing
the head of the linked list unrefs the whole list.
Kay Sievers [Mon, 14 Apr 2014 14:54:35 +0000 (07:54 -0700)]
hwdb: PCI - include "primary" model string in subsystem model string
The data in the PCI ids file is randomly inconsistent. Many
subvendor model strings just describe the "product" where the
hardware is built into, not the hardware itself. This causes
some "Network Card Model Foo" to show up as "Laptop Model Bar".
Try to make the best out of this mess and concatenate both
strings to describe the hardware.
bus: process AddMatch/RemoveMatch driver call in proxy
Previously, AddMatch/RemoveMatch calls where processed exclusively in
the proxy. That's racy however, since subscribing to a signal might not
complete before the signal is sent due to some subsequent method call.
Hence, in order to expose the same ordering guarantees as dbus1 process
the AddMatch/RemoveMatch calls from the proxy, so that they are
dispatched synchronously to all following messages, thus fixing the
race.
Ultimately, we should probabably dissolve the driver entirely into the
proxy, as it is purely a compatibility feature anyway...
Kay Sievers [Sun, 13 Apr 2014 05:35:50 +0000 (22:35 -0700)]
udev: remove seqnum API and all assumptions about seqnums
The way the kernel namespaces have been implemented breaks assumptions
udev made regarding uevent sequence numbers. Creating devices in a
namespace "steals" uevents and its sequence numbers from the host. It
confuses the "udevadmin settle" logic, which might block until util a
timeout is reached, even when no uevent is pending.
Remove any assumptions about sequence numbers and deprecate libudev's
API exposing these numbers; none of that can reliably be used anymore
when namespaces are involved.
path-util: also check for existence of binary when given absolute path
In contrast to a filename-only argument, find_binary() did not
actually check if an path exists, allowing the code to fail later on.
This was OK, but it seems nicer to treat both paths identically.
Also take advantage of path_make_absolute_cwd doing strdup() by itself
if necessary to simplify.
Thomas Bächler [Wed, 2 Apr 2014 18:18:44 +0000 (20:18 +0200)]
core: Make sure a stamp file exists for all Persistent=true timers
If a persistent timer has no stamp file yet, it behaves just like a normal
timer until it runs for the first time. If the system is always shut down
while the timer is supposed to run, a stamp file is never created and
Peristent=true has no effect.
This patch fixes this by creating a stamp file with the current time
when the timer is first started.
journal: cleanup up error handling in update_catalog()
- Negative/positive errno mixup caused duplicates not to be detected properly.
Now we get a warning about some duplicate entries in our own catalogs...
- Errors in update_catalog would be ignored, but they should not be.
greedy_realloc() and greedy_realloc0() now store the allocated
size as the count, not bytes.
Replace GREEDY_REALLOC uses with GREEDY_REALLOC_T everywhere,
and then rename GREEDY_REALLOC_T to GREEDY_REALLOC. It is just
too error-prone to have two slightly different macros which do the
same thing.
Tom Gundersen [Sat, 12 Apr 2014 10:27:22 +0000 (12:27 +0200)]
networkd: link - require both RUNNING and LOWER_UP before using link
Usually RUNNING implies LOWER_UP, but for drivers that don't support oper state, RUNNING can
also mean that the state is unknown. In that case we should just trust LOWER_UP directly.
Tom Gundersen [Sat, 12 Apr 2014 10:05:43 +0000 (12:05 +0200)]
networkd: wait for IFF_RUNNING rather than IFF_LOWER_UP
The interface is not fully ready until it enterns RUNNING. This was causing
problems with sending out DHCP messages before the interface was ready, so they
would get lost. In particular this affected DHCP INIT-REBOOT, as it relies on
the first package sent being successful (or it will fall back to a full reboot).
Also improve the logging a lot, to make future debugging of link state a lot
easier.
Add an explicit stop state for IPv4LL so that the user can stop the
IPv4LL client from the callback. When returning from the callback,
check also the stop state in order to halt any further protocol
processing.
Similar to DHCP, the IPv4LL library user can decide to free the LL
client any time the callback is called. Guard against freeing the
LL client in the callback by introducing proper reference counting.
Also update code using the IPv4LL library to properly handle a
returned NULL from the notify and stop functions if the IPv4LL
client was freed.
sd-dhcp-client: Add an explicit stop state for the DHCP client
Add an explicit stop state for the DHCP client so that the library
user can issue a stop at any time the callback has been called.
When returning from the callback, check also the stop state and
stop any further DHCP processing.
The DHCP library user can decide to free the DHCP client any time
the callback is called. After the callback has been called, other
computations may still be needed - the best example being a full
restart of the DHCP procedure in case of lease expiry.
Fix this by introducing proper reference counting. Properly handle
a returned NULL from the notify and stop functions if the DHCP
client was freed.