From: Yu Watanabe Date: Fri, 18 Apr 2025 20:03:41 +0000 (+0900) Subject: core: remove deprecated StartAuxiliaryScope() DBus method X-Git-Tag: v258-rc1~767^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8c35e8a9d2b0c26453108d51873991af7ec7dfe1;p=thirdparty%2Fsystemd.git core: remove deprecated StartAuxiliaryScope() DBus method The method is deprecated since 64f173324ec98dc74a3057b6b36c1f24e882182e (v257) and announced that it will be removed in v258. Let's remove it now. This effectively reverts 84c01612de805d88875d4d91cfcf73cf10f99447. --- diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml index 211cc8c2783..8438a32e5f6 100644 --- a/man/org.freedesktop.systemd1.xml +++ b/man/org.freedesktop.systemd1.xml @@ -280,12 +280,6 @@ node /org/freedesktop/systemd1 { GetDynamicUsers(out a(us) users); DumpUnitFileDescriptorStore(in s name, out a(suuutuusu) entries); - @org.freedesktop.DBus.Deprecated("true") - StartAuxiliaryScope(in s name, - in ah pidfds, - in t flags, - in a(sv) properties, - out o job); signals: UnitNew(s id, o unit); @@ -621,8 +615,6 @@ node /org/freedesktop/systemd1 { - - @@ -985,8 +977,6 @@ node /org/freedesktop/systemd1 { - - @@ -12008,8 +11998,8 @@ $ gdbus introspect --system --dest org.freedesktop.systemd1 \ QueueSignalUnit(), SoftReboot(), and DumpUnitFileDescriptorStore() were added in version 254. - StartAuxiliaryScope(), - ShutdownStartTimestamp, + StartAuxiliaryScope() was added in version 256, deprecated in version 257, removed in version 258. + ShutdownStartTimestamp, ShutdownStartTimestampMonotonic, and SoftRebootsCount were added in version 256. RemoveSubgroupFromUnit() was added in version 258. diff --git a/src/core/cgroup.c b/src/core/cgroup.c index 8e99aacdb20..7e4f7efa5e5 100644 --- a/src/core/cgroup.c +++ b/src/core/cgroup.c @@ -33,7 +33,6 @@ #include "percent-util.h" #include "process-util.h" #include "procfs-util.h" -#include "set.h" #include "serialize.h" #include "special.h" #include "stdio-util.h" @@ -178,258 +177,6 @@ void cgroup_context_init(CGroupContext *c) { }; } -int cgroup_context_add_io_device_weight_dup(CGroupContext *c, const CGroupIODeviceWeight *w) { - _cleanup_free_ CGroupIODeviceWeight *n = NULL; - - assert(c); - assert(w); - - n = new(CGroupIODeviceWeight, 1); - if (!n) - return -ENOMEM; - - *n = (CGroupIODeviceWeight) { - .path = strdup(w->path), - .weight = w->weight, - }; - if (!n->path) - return -ENOMEM; - - LIST_PREPEND(device_weights, c->io_device_weights, TAKE_PTR(n)); - return 0; -} - -int cgroup_context_add_io_device_limit_dup(CGroupContext *c, const CGroupIODeviceLimit *l) { - _cleanup_free_ CGroupIODeviceLimit *n = NULL; - - assert(c); - assert(l); - - n = new0(CGroupIODeviceLimit, 1); - if (!n) - return -ENOMEM; - - n->path = strdup(l->path); - if (!n->path) - return -ENOMEM; - - for (CGroupIOLimitType type = 0; type < _CGROUP_IO_LIMIT_TYPE_MAX; type++) - n->limits[type] = l->limits[type]; - - LIST_PREPEND(device_limits, c->io_device_limits, TAKE_PTR(n)); - return 0; -} - -int cgroup_context_add_io_device_latency_dup(CGroupContext *c, const CGroupIODeviceLatency *l) { - _cleanup_free_ CGroupIODeviceLatency *n = NULL; - - assert(c); - assert(l); - - n = new(CGroupIODeviceLatency, 1); - if (!n) - return -ENOMEM; - - *n = (CGroupIODeviceLatency) { - .path = strdup(l->path), - .target_usec = l->target_usec, - }; - if (!n->path) - return -ENOMEM; - - LIST_PREPEND(device_latencies, c->io_device_latencies, TAKE_PTR(n)); - return 0; -} - -int cgroup_context_add_device_allow_dup(CGroupContext *c, const CGroupDeviceAllow *a) { - _cleanup_free_ CGroupDeviceAllow *n = NULL; - - assert(c); - assert(a); - - n = new(CGroupDeviceAllow, 1); - if (!n) - return -ENOMEM; - - *n = (CGroupDeviceAllow) { - .path = strdup(a->path), - .permissions = a->permissions, - }; - if (!n->path) - return -ENOMEM; - - LIST_PREPEND(device_allow, c->device_allow, TAKE_PTR(n)); - return 0; -} - -static int cgroup_context_add_socket_bind_item_dup(CGroupContext *c, const CGroupSocketBindItem *i, CGroupSocketBindItem *h) { - _cleanup_free_ CGroupSocketBindItem *n = NULL; - - assert(c); - assert(i); - - n = new(CGroupSocketBindItem, 1); - if (!n) - return -ENOMEM; - - *n = (CGroupSocketBindItem) { - .address_family = i->address_family, - .ip_protocol = i->ip_protocol, - .nr_ports = i->nr_ports, - .port_min = i->port_min, - }; - - LIST_PREPEND(socket_bind_items, h, TAKE_PTR(n)); - return 0; -} - -int cgroup_context_add_socket_bind_item_allow_dup(CGroupContext *c, const CGroupSocketBindItem *i) { - return cgroup_context_add_socket_bind_item_dup(c, i, c->socket_bind_allow); -} - -int cgroup_context_add_socket_bind_item_deny_dup(CGroupContext *c, const CGroupSocketBindItem *i) { - return cgroup_context_add_socket_bind_item_dup(c, i, c->socket_bind_deny); -} - -int cgroup_context_copy(CGroupContext *dst, const CGroupContext *src) { - struct in_addr_prefix *i; - char *iface; - int r; - - assert(src); - assert(dst); - - dst->cpu_accounting = src->cpu_accounting; - dst->io_accounting = src->io_accounting; - dst->memory_accounting = src->memory_accounting; - dst->tasks_accounting = src->tasks_accounting; - dst->ip_accounting = src->ip_accounting; - - dst->memory_oom_group = src->memory_oom_group; - - dst->cpu_weight = src->cpu_weight; - dst->startup_cpu_weight = src->startup_cpu_weight; - dst->cpu_quota_per_sec_usec = src->cpu_quota_per_sec_usec; - dst->cpu_quota_period_usec = src->cpu_quota_period_usec; - - dst->cpuset_cpus = src->cpuset_cpus; - dst->startup_cpuset_cpus = src->startup_cpuset_cpus; - dst->cpuset_mems = src->cpuset_mems; - dst->startup_cpuset_mems = src->startup_cpuset_mems; - - dst->io_weight = src->io_weight; - dst->startup_io_weight = src->startup_io_weight; - - LIST_FOREACH_BACKWARDS(device_weights, w, LIST_FIND_TAIL(device_weights, src->io_device_weights)) { - r = cgroup_context_add_io_device_weight_dup(dst, w); - if (r < 0) - return r; - } - - LIST_FOREACH_BACKWARDS(device_limits, l, LIST_FIND_TAIL(device_limits, src->io_device_limits)) { - r = cgroup_context_add_io_device_limit_dup(dst, l); - if (r < 0) - return r; - } - - LIST_FOREACH_BACKWARDS(device_latencies, l, LIST_FIND_TAIL(device_latencies, src->io_device_latencies)) { - r = cgroup_context_add_io_device_latency_dup(dst, l); - if (r < 0) - return r; - } - - dst->default_memory_min = src->default_memory_min; - dst->default_memory_low = src->default_memory_low; - dst->default_startup_memory_low = src->default_startup_memory_low; - dst->memory_min = src->memory_min; - dst->memory_low = src->memory_low; - dst->startup_memory_low = src->startup_memory_low; - dst->memory_high = src->memory_high; - dst->startup_memory_high = src->startup_memory_high; - dst->memory_max = src->memory_max; - dst->startup_memory_max = src->startup_memory_max; - dst->memory_swap_max = src->memory_swap_max; - dst->startup_memory_swap_max = src->startup_memory_swap_max; - dst->memory_zswap_max = src->memory_zswap_max; - dst->startup_memory_zswap_max = src->startup_memory_zswap_max; - - dst->default_memory_min_set = src->default_memory_min_set; - dst->default_memory_low_set = src->default_memory_low_set; - dst->default_startup_memory_low_set = src->default_startup_memory_low_set; - dst->memory_min_set = src->memory_min_set; - dst->memory_low_set = src->memory_low_set; - dst->startup_memory_low_set = src->startup_memory_low_set; - dst->startup_memory_high_set = src->startup_memory_high_set; - dst->startup_memory_max_set = src->startup_memory_max_set; - dst->startup_memory_swap_max_set = src->startup_memory_swap_max_set; - dst->startup_memory_zswap_max_set = src->startup_memory_zswap_max_set; - dst->memory_zswap_writeback = src->memory_zswap_writeback; - - SET_FOREACH(i, src->ip_address_allow) { - r = in_addr_prefix_add(&dst->ip_address_allow, i); - if (r < 0) - return r; - } - - SET_FOREACH(i, src->ip_address_deny) { - r = in_addr_prefix_add(&dst->ip_address_deny, i); - if (r < 0) - return r; - } - - dst->ip_address_allow_reduced = src->ip_address_allow_reduced; - dst->ip_address_deny_reduced = src->ip_address_deny_reduced; - - if (!strv_isempty(src->ip_filters_ingress)) { - dst->ip_filters_ingress = strv_copy(src->ip_filters_ingress); - if (!dst->ip_filters_ingress) - return -ENOMEM; - } - - if (!strv_isempty(src->ip_filters_egress)) { - dst->ip_filters_egress = strv_copy(src->ip_filters_egress); - if (!dst->ip_filters_egress) - return -ENOMEM; - } - - LIST_FOREACH_BACKWARDS(programs, l, LIST_FIND_TAIL(programs, src->bpf_foreign_programs)) { - r = cgroup_context_add_bpf_foreign_program_dup(dst, l); - if (r < 0) - return r; - } - - SET_FOREACH(iface, src->restrict_network_interfaces) { - r = set_put_strdup(&dst->restrict_network_interfaces, iface); - if (r < 0) - return r; - } - dst->restrict_network_interfaces_is_allow_list = src->restrict_network_interfaces_is_allow_list; - - dst->device_policy = src->device_policy; - LIST_FOREACH_BACKWARDS(device_allow, l, LIST_FIND_TAIL(device_allow, src->device_allow)) { - r = cgroup_context_add_device_allow_dup(dst, l); - if (r < 0) - return r; - } - - LIST_FOREACH_BACKWARDS(socket_bind_items, l, LIST_FIND_TAIL(socket_bind_items, src->socket_bind_allow)) { - r = cgroup_context_add_socket_bind_item_allow_dup(dst, l); - if (r < 0) - return r; - - } - - LIST_FOREACH_BACKWARDS(socket_bind_items, l, LIST_FIND_TAIL(socket_bind_items, src->socket_bind_deny)) { - r = cgroup_context_add_socket_bind_item_deny_dup(dst, l); - if (r < 0) - return r; - } - - dst->tasks_max = src->tasks_max; - - return 0; -} - void cgroup_context_free_device_allow(CGroupContext *c, CGroupDeviceAllow *a) { assert(c); assert(a); diff --git a/src/core/cgroup.h b/src/core/cgroup.h index f1c8c59b83c..88e90851524 100644 --- a/src/core/cgroup.h +++ b/src/core/cgroup.h @@ -121,7 +121,7 @@ typedef enum CGroupPressureWatch { /* The user-supplied cgroup-related configuration options. This remains mostly immutable while the service * manager is running (except for an occasional SetProperty() configuration change), outside of reload - * cycles. When adding members make sure to update cgroup_context_copy() accordingly. */ + * cycles. */ struct CGroupContext { bool cpu_accounting; bool io_accounting; @@ -382,15 +382,6 @@ static inline bool cgroup_context_want_memory_pressure(const CGroupContext *c) { int cgroup_context_add_device_allow(CGroupContext *c, const char *dev, CGroupDevicePermissions p); int cgroup_context_add_or_update_device_allow(CGroupContext *c, const char *dev, CGroupDevicePermissions p); int cgroup_context_add_bpf_foreign_program(CGroupContext *c, uint32_t attach_type, const char *path); -static inline int cgroup_context_add_bpf_foreign_program_dup(CGroupContext *c, const CGroupBPFForeignProgram *p) { - return cgroup_context_add_bpf_foreign_program(c, p->attach_type, p->bpffs_path); -} -int cgroup_context_add_io_device_limit_dup(CGroupContext *c, const CGroupIODeviceLimit *l); -int cgroup_context_add_io_device_weight_dup(CGroupContext *c, const CGroupIODeviceWeight *w); -int cgroup_context_add_io_device_latency_dup(CGroupContext *c, const CGroupIODeviceLatency *l); -int cgroup_context_add_device_allow_dup(CGroupContext *c, const CGroupDeviceAllow *a); -int cgroup_context_add_socket_bind_item_allow_dup(CGroupContext *c, const CGroupSocketBindItem *i); -int cgroup_context_add_socket_bind_item_deny_dup(CGroupContext *c, const CGroupSocketBindItem *i); void unit_modify_nft_set(Unit *u, bool add); diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c index bf86e799096..6320e267a1e 100644 --- a/src/core/dbus-manager.c +++ b/src/core/dbus-manager.c @@ -2814,178 +2814,8 @@ static int method_dump_unit_descriptor_store(sd_bus_message *message, void *user return method_generic_unit_operation(message, userdata, error, bus_service_method_dump_file_descriptor_store, 0); } -static int aux_scope_from_message(Manager *m, sd_bus_message *message, Unit **ret_scope, sd_bus_error *error) { - _cleanup_(pidref_done) PidRef sender_pidref = PIDREF_NULL; - _cleanup_free_ PidRef *pidrefs = NULL; - const char *name; - Unit *from, *scope; - PidRef *main_pid; - CGroupContext *cc; - size_t n_pids = 0; - uint64_t flags; - int r; - - assert(ret_scope); - - r = bus_query_sender_pidref(message, &sender_pidref); - if (r < 0) - return r; - - from = manager_get_unit_by_pidref(m, &sender_pidref); - if (!from) - return sd_bus_error_set(error, BUS_ERROR_NO_SUCH_UNIT, "Client not member of any unit."); - - if (!IN_SET(from->type, UNIT_SERVICE, UNIT_SCOPE)) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, - "Starting auxiliary scope is supported only for service and scope units, refusing."); - - if (!unit_name_is_valid(from->id, UNIT_NAME_PLAIN)) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, - "Auxiliary scope can be started only for non-template service units and scope units, refusing."); - - r = sd_bus_message_read(message, "s", &name); - if (r < 0) - return r; - - if (!unit_name_is_valid(name, UNIT_NAME_PLAIN)) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, - "Invalid name \"%s\" for auxiliary scope.", name); - - if (unit_name_to_type(name) != UNIT_SCOPE) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, - "Name \"%s\" of auxiliary scope doesn't have .scope suffix.", name); - - log_unit_warning(from, "D-Bus call StartAuxiliaryScope() has been invoked which is deprecated."); - main_pid = unit_main_pid(from); - - r = sd_bus_message_enter_container(message, 'a', "h"); - if (r < 0) - return r; - - for (;;) { - _cleanup_(pidref_done) PidRef p = PIDREF_NULL; - Unit *unit; - int fd; - - r = sd_bus_message_read(message, "h", &fd); - if (r < 0) - return r; - if (r == 0) - break; - - r = pidref_set_pidfd(&p, fd); - if (r < 0) { - log_unit_warning_errno(from, r, "Failed to create process reference from PIDFD, ignoring: %m"); - continue; - } - - unit = manager_get_unit_by_pidref(m, &p); - if (!unit) { - log_unit_warning(from, "Failed to get unit from PIDFD, ignoring."); - continue; - } - - if (!streq(unit->id, from->id)) { - log_unit_warning(from, "PID " PID_FMT " is not running in the same service as the calling process, ignoring.", p.pid); - continue; - } - - if (pidref_equal(main_pid, &p)) { - log_unit_warning(from, "Main PID cannot be migrated into auxiliary scope, ignoring."); - continue; - } - - if (!GREEDY_REALLOC(pidrefs, n_pids+1)) - return -ENOMEM; - - pidrefs[n_pids++] = TAKE_PIDREF(p); - } - - if (n_pids == 0) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "No processes can be migrated to auxiliary scope."); - - r = sd_bus_message_exit_container(message); - if (r < 0) - return r; - - r = sd_bus_message_read(message, "t", &flags); - if (r < 0) - return r; - - if (flags != 0) - return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Flags must be zero."); - - r = manager_load_unit(m, name, NULL, error, &scope); - if (r < 0) - return r; - - if (!unit_is_pristine(scope)) - return sd_bus_error_setf(error, BUS_ERROR_UNIT_EXISTS, - "Unit %s was already loaded or has a fragment file.", name); - - r = unit_set_slice(scope, UNIT_GET_SLICE(from)); - if (r < 0) - return r; - - cc = unit_get_cgroup_context(scope); - - r = cgroup_context_copy(cc, unit_get_cgroup_context(from)); - if (r < 0) - return r; - - r = unit_make_transient(scope); - if (r < 0) - return r; - - r = bus_unit_set_properties(scope, message, UNIT_RUNTIME, true, error); - if (r < 0) - return r; - - FOREACH_ARRAY(p, pidrefs, n_pids) { - r = unit_pid_attachable(scope, p, error); - if (r < 0) - return r; - - r = unit_watch_pidref(scope, p, /* exclusive= */ false); - if (r < 0) - return r; - } - - /* Now load the missing bits of the unit we just created */ - unit_add_to_load_queue(scope); - manager_dispatch_load_queue(m); - - *ret_scope = TAKE_PTR(scope); - - return 1; -} - static int method_start_aux_scope(sd_bus_message *message, void *userdata, sd_bus_error *error) { - Manager *m = ASSERT_PTR(userdata); - Unit *u = NULL; /* avoid false maybe-uninitialized warning */ - int r; - - assert(message); - - r = mac_selinux_access_check(message, "start", error); - if (r < 0) - return r; - - r = bus_verify_manage_units_async(m, message, error); - if (r < 0) - return r; - if (r == 0) - return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */ - - log_once(LOG_WARNING, "StartAuxiliaryScope() is deprecated because state of resources cannot be " - "migrated between cgroups. Please report this to " - "systemd-devel@lists.freedesktop.org or https://github.com/systemd/systemd/issues/ " - "if you see this message and know the software making use of this functionality."); - r = aux_scope_from_message(m, message, &u, error); - if (r < 0) - return r; - - return bus_unit_queue_job(message, u, JOB_START, JOB_REPLACE, 0, error); + return sd_bus_error_set(error, SD_BUS_ERROR_NOT_SUPPORTED, "StartAuxiliaryScope() method has been removed."); } const sd_bus_vtable bus_manager_vtable[] = { @@ -3558,7 +3388,7 @@ const sd_bus_vtable bus_manager_vtable[] = { SD_BUS_ARGS("s", name, "ah", pidfds, "t", flags, "a(sv)", properties), SD_BUS_RESULT("o", job), method_start_aux_scope, - SD_BUS_VTABLE_DEPRECATED|SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_VTABLE_DEPRECATED|SD_BUS_VTABLE_UNPRIVILEGED|SD_BUS_VTABLE_HIDDEN), SD_BUS_SIGNAL_WITH_ARGS("UnitNew", SD_BUS_ARGS("s", id, "o", unit),