Martin Pitt [Thu, 19 Nov 2015 06:50:56 +0000 (07:50 +0100)]
test: remove wrong endianess conversion in test-siphash24
Commit 933f9caee changed the returned result of siphash24_finalize() from
little-endian to native. Follow suit in test-siphash24 and drop the endianess
conversion there as well, so that this succeeds on big-endian machines again.
Tom Gundersen [Thu, 19 Nov 2015 00:23:24 +0000 (01:23 +0100)]
sd-ndisc: drop RA packets from non-link-local addresses
See https://tools.ietf.org/html/rfc4861#section-4.2. Some routers (dnsmasq) will send packets
from global addresses, which would break the default route setup, so ignore those.
resolved: shortcut lookups names in the local zone
Previously, we'd always generate a packet on the wire, even for names
that are within our local zone. Shortcut this, and always check the
local zone first. This should minimize generated traffic and improve
security.
resolved: simplify dns zone logic: take a single key when looking up entries
Instead of taking a DnsQuestion object (i.e. an array of keys) only take
a single key. This simplifies things a bit, and as DNS/LLMNR require a
single question per query message was unnecessary anyway.
This mimics a similar change that was done a while ago for the dns cache
logic.
journald: turn ForwardToSyslog= off by default
After all, rsyslog and friends nowadays read their data directly from
the journal, hence the forwarding is unnecessary in most cases.
core: add RemainAfterElapse= setting to timer units
Previously, after a timer unit elapsed we'd leave it around for good,
which has the nice benefit that starting a timer that shall trigger at a
specific point in time multiple times will only result in one trigger
instead of possibly many. With this change a new option
RemainAfterElapse= is added. It defaults to "true", to mimic the old
behaviour. If set to "false" timer units will be unloaded after they
elapsed. This is specifically useful for transient timer units.
run: when automatically generating names for transient units, use unique bus ID, fallback to random
Previously we used the process ID to generate transient unit names.
However, that is problematic as PIDs get reused easily, and applying
them to remote systems makes little sense.
Fortunately, each bus peer gets a unique, non-reusable ID assigned when
attaching to a bus, hence let's use that, if we can. In some cases we
cannot however, because we connect directly to PID's private socket, and
thus are not a proper bus peer with a unique ID. In that case generate a
random UUID to name the unit after.
core: dispatch load queue each time we set up a transient units
manager_load_unit() will dispatch the load queue anyway, but let's make
sure we also dispatch it immediately, after truning a unit into a
transient one and loading the properties from the message. That way the
know about the validity of the unit before we begin processing the next
auxiliary unit.
core: move check whether a unit is suitable to become transient into unit.c
Lets introduce unit_is_pristine() that verifies whether a unit is
suitable to become a transient unit, by checking that it is no
referenced yet and has no data on disk assigned.
core: generate nice error messages for auxiliary transient units, too
Let's move the validation checks into the loop that sets up the main and
auxiliary transient units, so that we can generate pretty error messages
for all units a transient unit transaction generates, not just for the
main unit.
Tom Gundersen [Tue, 17 Nov 2015 14:32:39 +0000 (15:32 +0100)]
networkd: ndisc - consider configured on timeout
Don't block indefinitely, when control has been passed on from NDisc to DHCPv6.
In this case there is likely no IPv6 support on the local link, so otherwise
this would block indefinitely.
libsystemd-network: add support for "Client FQDN" DHCP option
This adds support for the Client Fully Qualified Domain Name (FQDN)
option [RFC 4702] to libsystemd-network. The option can be used to
exchange information about a DHCPv4 client's fully qualified domain
name and about responsibility for updating the DNS RR related to the
client's address assignment.
Other popular DHCP clients (dhclient, dhcpcd) support this option and
it would be useful to have it in networkd too.
Tom Gundersen [Mon, 16 Nov 2015 15:47:18 +0000 (16:47 +0100)]
networkd: ndisc - always configure dhcp6 client
The ndisc client may trigger the dhcpv6 client to be started (this is the common case),
so we should allocate the dhcpv6 client whenever we allocate the ndisc one.
tests: copy /etc/pam.d/systemd-user from the host on Debian, Ubuntu
Fixes:
systemd-testsuite systemd[34]: PAM _pam_load_conf_file: unable to open /etc/pam.d/system-auth
systemd-testsuite systemd[34]: PAM _pam_load_conf_file: unable to open /etc/pam.d/system-auth
systemd-testsuite systemd[34]: user@0.service: Failed at step PAM spawning /lib/systemd/systemd: Operation not permitted
...
on Debian, Ubuntu
Daniel Mack [Mon, 16 Nov 2015 22:17:52 +0000 (23:17 +0100)]
siphash24: let siphash24_finalize() and siphash24() return the result directly
Rather than passing a pointer to return the result, return it directly
from the function calls.
Also, return the result in native endianess, and let the callers care
about the conversion. For hash tables and bloom filters, we don't care,
but in order to keep MAC addresses and DHCP client IDs stable, we
explicitly convert to LE.
David Herrmann [Mon, 16 Nov 2015 14:45:02 +0000 (15:45 +0100)]
login: ignore JobRemoved of old jobs
If we requeue jobs, we are no longer interested in old jobs. Hence, we
better ignore any JobRemoved signals for old jobs and concentrate on our
replacements.
David Herrmann [Mon, 16 Nov 2015 14:43:18 +0000 (15:43 +0100)]
login: make sure to replace existing units
When queuing unit jobs, we should rather replace existing units than
fail. This is especially important when we queued a user-shutdown and a
new login is encountered. In this case, we better raplce the shutdown
jobs. systemd takes care of everything else.
David Herrmann [Tue, 29 Sep 2015 09:36:18 +0000 (11:36 +0200)]
login: fix re-use of users
If the last reference to a user is released, we queue stop-jobs for the
user-service and slice. Only once those are finished, we drop the
user-object. However, if a new session is opened before the user object is
fully dropped, we currently incorrectly re-use the object. This has the
effect, that we get stale sessions without a valid "systemd --user"
instance.
Fix this by properly allowing user_start() to be called, even if
user->stopping is true.
David Herrmann [Tue, 29 Sep 2015 09:18:46 +0000 (11:18 +0200)]
login: make user->service static
Just like user->slice, there is no reason to store the unit name in /run,
nor should we allocate it dynamically on job instantiation/removal. Just
keep it statically around at all times and rely on user->started ||
user->stopping to figure out whether the unit exists or not.
David Herrmann [Tue, 29 Sep 2015 09:10:01 +0000 (11:10 +0200)]
login: make user_new() and user_free() follow coding-style
Few changes to user_new() and user_free():
- Use _cleanup_(user_freep) in constructor
- return 'int' from user_new()
- make user_free() deal with partially initialized objects
- keep reverse-order in user_free() compared to user_new()
- make user_free() return NULL
- make user_free() accept NULL as no-op
David Herrmann [Tue, 29 Sep 2015 09:03:04 +0000 (11:03 +0200)]
login: keep user->slice constant
Currently, we allocate user->slice when starting a slice, but we never
release it. This is incompatible if we want to re-use a user object once
it was stopped. Hence, make sure user->slice is allocated statically on
the user object and use "u->started || u->stopping" as an indication
whether the slice is actually available on pid1 or not.
David Herrmann [Mon, 28 Sep 2015 10:53:42 +0000 (12:53 +0200)]
login: simply XDG_RUNTIME_DIR management
Lets not pretend we support changing XDG_RUNTIME_DIR via logind state
files. There is no reason to ever write the string into /run, as we
allocate it statically based on the UID, anyway. Lets stop that and just
allocate the runtime_path in "struct User" at all times.
We keep writing it into the /run state to make sure pam_systemd of
previous installs can still read it. However, pam_systemd is now fixed to
allocate it statically as well, so we can safely remove that some time in
the future.
Last but not least: If software depends on systemd, they're more than free
to assume /run/user/$uid is their runtime dir. Lets not require sane
applications to query the environment to get their runtime dir. As long as
applications know their login-UID, they should be safe to deduce the
runtime dir.
tmpfiles: create subvolumes for "v", "q", and "Q" only if / is a subvolume
It's not a good idea to create subvolumes for parts of the OS tree (such
as /home, or /var) if the root directory is not a subvolume too. We
shouldn't assume control of "heavier" objects such as subvolumes, if the
originating object (the root directory) is a "light-weight" object, i.e.
a plain directory.
Effectively this means that chroot() environments that are run on a
plain directory do not have to deal with problems around systemd
creating subvolumes that cannot be removed with a simple "rm" anymore.
However, if the chroot manager creates a proper subvolume for such an
environment it will also get further subvolumes placed in there, under
the assumption that the manager understands the concept of subvolumes in
that case.
Martin Pitt [Mon, 16 Nov 2015 08:21:20 +0000 (09:21 +0100)]
siphash24: change result argument to uint64_t
Change the "out" parameter from uint8_t[8] to uint64_t. On architectures which
enforce pointer alignment this fixes crashes when we previously cast an
unaligned array to uint64_t*, and on others this should at least improve
performance as the compiler now aligns these properly.
This also simplifies the code in most cases by getting rid of typecasts. The
only place which we can't change is struct duid's en.id, as that is _packed_
and public API, so we can't enforce alignment of the "id" field and have to
use memcpy instead.