Merge pull request #5146 from ssahani/ifname-alias
networkd: Allow ':' in label
This reverts a341dfe563 and takes a slightly different approach: anything is
allowed in network interface labels, but network interface names are verified
as before (i.e. amongst other things, no colons are allowed there).
```
-bash-4.3# systemd-run --property BindPaths=/etc:tmp/hey sh -c 'ls /tmp/hey'
```
prints
`Destination path tmp/hey is not absolute.`
instead of
`Destination path /etc is not absolute.`
Also, fixes CID #1368263
```
==352== 130 bytes in 1 blocks are definitely lost in loss record 1 of 2
==352== at 0x4C2ED5F: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==352== by 0x4ED8581: greedy_realloc (alloc-util.c:57)
==352== by 0x4ECAAD5: get_process_cmdline (process-util.c:147)
==352== by 0x10E385: get_process_container_parent_cmdline (coredump.c:645)
==352== by 0x112949: process_kernel (coredump.c:1240)
==352== by 0x113003: main (coredump.c:1297)
==352==
```
3chas3 [Tue, 31 Jan 2017 13:21:15 +0000 (08:21 -0500)]
util-lib: Fix chase_symlinks() with absolute symlinks (#5185)
If chase_symlinks() encouters an absolute symlink, it resets the todo
buffer to just the newly discovered symlink and discards any of the
remaining previous symlink path. Regardless of whether or not the
symlink is absolute or relative, we need to preserve the remainder of
the path that has not yet been resolved.
units: restore Before dependencies for systemd-vconsole-setup.service
When the service is run in the initramfs, it is possible for it to get started
and not be fast enough to exit before the root switch happens. It is started
multiple times (depending on the consoles being detected), and runs
asynchronously, so this is quite likely. It'll then get killed by killall(),
and systemd will consider the service failed. To avoid all this, just wait
for the service to terminate on it's own.
Before=initrd-switch-root.target should be good for the initramfs, and
Before=shutdown.tuarget should be good for the real system, although it's
unlikely to make any difference there.
units: drop KillMode= from initrd-switch-root.service
The service already has DefaultDeps disabled, so systemd should not try to stop
it. And if it *does* get stopped, we don't want the zombie process around.
KillMode=none does not change anything in the killall() phase, and we already
use argv[0][0] = '@' to protect against that anyway. KillMode=none should not
be useful in normal operation, so let's leave it out.
Dan Streetman [Thu, 26 Jan 2017 19:18:10 +0000 (14:18 -0500)]
udev-event: use in-place whitespace replacement
Instead of using a temp buffer to replace whitespace in variable
substitutions, just allow util_replace_whitespace to replace in-place.
Add a comment to util_replace_whitespace indicating it is used to replace
in-place, to prevent accidental future breakage.
core: fix memleak in bus_exec_context_set_transient_property (#5143)
Fixes:
```sh
systemd-run --property EnvironmentFile=/some/environment/file /bin/sleep 30
```
```
23 bytes in 1 blocks are definitely lost in loss record 1 of 7
at 0x4C2DB9D: malloc (vg_replace_malloc.c:299)
by 0x4E85488: malloc_multiply (alloc-util.h:70)
by 0x4E85F19: strjoin_real (string-util.c:252)
by 0x1AF741: bus_exec_context_set_transient_property (dbus-execute.c:1418)
by 0x1A907C: bus_service_set_property (dbus-service.c:330)
by 0x1A66DD: bus_unit_set_properties (dbus-unit.c:1456)
by 0x19CF93: transient_unit_from_message (dbus-manager.c:892)
by 0x19D388: method_start_transient_unit (dbus-manager.c:980)
by 0x4F60544: method_callbacks_run (bus-objects.c:418)
by 0x4F62D9D: object_find_and_run (bus-objects.c:1255)
by 0x4F633CE: bus_process_object (bus-objects.c:1371)
by 0x4F2CE1D: process_message (sd-bus.c:2563)
``` Closes: #5142
Franck Bui [Tue, 24 Jan 2017 13:29:57 +0000 (14:29 +0100)]
core: don't load dropin data multiple times for the same unit (#5139)
When an alias is loaded, we resolve this alias to its final unit first to load
the dropin data.
However if the final unit was already loaded, there's no point in reloading the
dropin data a second time.
This patch optimizes this case.
Also this allows the dropin loading code to assume that only units not yet
loaded are passed down. This assumption is not yet used but might be in the
future.
Direct leak of 10 byte(s) in 1 object(s) allocated from:
#0 0x7f90e7d21160 in strdup (/lib64/libasan.so.3+0x5a160)
#1 0x7f90e7467f69 in strv_extend src/basic/strv.c:552
#2 0x5612fcc19379 in dhcp6_option_parse_domainname src/libsystemd-network/dhcp6-option.c:399
#3 0x5612fcc1acdf in dhcp6_lease_set_domains src/libsystemd-network/sd-dhcp6-lease.c:225
#4 0x5612fcc06b95 in test_advertise_option src/libsystemd-network/test-dhcp6-client.c:287
#5 0x5612fcc0a987 in main src/libsystemd-network/test-dhcp6-client.c:761
#6 0x7f90e6d46400 in __libc_start_main (/lib64/libc.so.6+0x20400)
SUMMARY: AddressSanitizer: 10 byte(s) leaked in 1 allocation(s).
```
Direct leak of 4 byte(s) in 1 object(s) allocated from:
#0 0x7f13c8564160 in strdup (/lib64/libasan.so.3+0x5a160)
#1 0x7f13c7caaf69 in strv_extend src/basic/strv.c:552
#2 0x55f775787230 in dhcp6_option_parse_domainname src/libsystemd-network/dhcp6-option.c:399
#3 0x55f775788b96 in dhcp6_lease_set_domains src/libsystemd-network/sd-dhcp6-lease.c:225
#4 0x55f775774b95 in test_advertise_option src/libsystemd-network/test-dhcp6-client.c:287
#5 0x55f77577883e in main src/libsystemd-network/test-dhcp6-client.c:759
#6 0x7f13c7589400 in __libc_start_main (/lib64/libc.so.6+0x20400)
Direct leak of 4 byte(s) in 1 object(s) allocated from:
#0 0x7f13c8564160 in strdup (/lib64/libasan.so.3+0x5a160)
#1 0x7f13c7caaf69 in strv_extend src/basic/strv.c:552
#2 0x55f775787230 in dhcp6_option_parse_domainname src/libsystemd-network/dhcp6-option.c:399
#3 0x55f775788b96 in dhcp6_lease_set_domains src/libsystemd-network/sd-dhcp6-lease.c:225
#4 0x55f775781348 in client_parse_message src/libsystemd-network/sd-dhcp6-client.c:807
#5 0x55f775781ba2 in client_receive_advertise src/libsystemd-network/sd-dhcp6-client.c:895
#6 0x55f775782453 in client_receive_message src/libsystemd-network/sd-dhcp6-client.c:994
#7 0x7f13c7e447f4 in source_dispatch src/libsystemd/sd-event/sd-event.c:2268
#8 0x7f13c7e471b0 in sd_event_dispatch src/libsystemd/sd-event/sd-event.c:2627
#9 0x7f13c7e47ab3 in sd_event_run src/libsystemd/sd-event/sd-event.c:2686
#10 0x7f13c7e47c21 in sd_event_loop src/libsystemd/sd-event/sd-event.c:2706
#11 0x55f77577863c in test_client_solicit src/libsystemd-network/test-dhcp6-client.c:737
#12 0x55f77577884b in main src/libsystemd-network/test-dhcp6-client.c:760
#13 0x7f13c7589400 in __libc_start_main (/lib64/libc.so.6+0x20400)
SUMMARY: AddressSanitizer: 8 byte(s) leaked in 2 allocation(s).
```
1. typo in cache filename: "SYS_ALL_PROPRTIES", so cache just not loading from this file
2. cache stored in one file, despite user or system mode. So it can be loaded later in wrong mode
3. most serious problem: broken logic - it retrieves cache when _cache_invalid is true
How to reproduce: type "systemctl --user status <TAB>" and you will see user units. Then press
control+C and type "systemctl --system status <TAB>" in same session and you'll see user units again
seccomp: rework seccomp code, to improve compat with some archs
This substantially reworks the seccomp code, to ensure better
compatibility with some architectures, including i386.
So far we relied on libseccomp's internal handling of the multiple
syscall ABIs supported on Linux. This is problematic however, as it does
not define clear semantics if an ABI is not able to support specific
seccomp rules we install.
This rework hence changes a couple of things:
- We no longer use seccomp_rule_add(), but only
seccomp_rule_add_exact(), and fail the installation of a filter if the
architecture doesn't support it.
- We no longer rely on adding multiple syscall architectures to a single filter,
but instead install a separate filter for each syscall architecture
supported. This way, we can install a strict filter for x86-64, while
permitting a less strict filter for i386.
- All high-level filter additions are now moved from execute.c to
seccomp-util.c, so that we can test them independently of the service
execution logic.
- Tests have been added for all types of our seccomp filters.
- SystemCallFilters= and SystemCallArchitectures= are now implemented in
independent filters and installation logic, as they semantically are
very much independent of each other.
Franck Bui [Mon, 16 Jan 2017 20:19:13 +0000 (21:19 +0100)]
core: make sure to init mount params before calling mount_is_extrinsic() (#5087)
When a new entry appears in /proc/self/mountinfo, mount_setup_unit()
allocated a new mount unit for it and starts initializing it.
mount_setup_unit() is also used to update a mount unit when a change happens in
/proc/self/mountinfo, for example a mountpoint can be remounted with additional
mount options.
This patch introduces 2 separate functions to deal with those 2 cases instead
of mount_setup_unit() dealing with both of them. The common code is small and
doing the split makes the code easier to read and less error prone if extended
later.
It also makes sure to initialize in both functions the mount parameters of the
mount unit before calling mount_is_extrinsic() since this function relies on
them.
Cédric Schieli [Mon, 16 Jan 2017 17:23:26 +0000 (18:23 +0100)]
ndisc: honor IPv6AcceptRA.UseDNS when parsing RA options (#5071)
RDNSS and DNSLL options received in RA are always used, possibly breaking the resolution of private domains hosted on a local DNS server. When setting UseDNS=no in a [IPv6AcceptRA] section of a .network file, both RDNSS and DNSLL options in received RA should be ignored.
Björn [Mon, 16 Jan 2017 17:19:04 +0000 (18:19 +0100)]
hwdb: add axis range corrections for Lenovo X1 Carbon 4th gen. / X1 Yoga (#5089)
The parameters were calculated on my X1 Yoga using touchpad-edge-detector; As as the device name indicates, the Touchpad is exactly the same as the X1 Carbon 4th gen.
journalctl: expunge verification key from argv (#5081)
After parsing the --verify-key argument, overwrite it with null bytes.
This minimizes (but does not completely eliminate) the time frame within
which another process on the system can extract the verification key
from the journalctl command line.
Mark Stosberg [Wed, 21 Dec 2016 19:55:04 +0000 (14:55 -0500)]
man: provide a basic guide to the `systemctl status` output (#4950)
- Show example of all `systemctl status` output and documents what possible
"Loaded:", "Active" and "Enabled" values mean.
- Documents what different colors of the dot mean.
- Documents "gotcha" with load-on-demand behavior which will report units as
"loaded" even if they are only loaded to show their status.
(From @poettering: https://github.com/systemd/systemd/issues/5063#issuecomment-272115024 )
rpm triggers: do nothing if systemd is not running (#5065)
If we are running in a chroot/container/..., we would print a useless warning about
not being able to communicate with systemd. Trying to do daemon-reload is pointless
in those cases, so let's just skip all actions in that case.
The check uses /run/system/system, as recommended by sd_booted(3).
Franck Bui [Thu, 12 Jan 2017 02:37:15 +0000 (03:37 +0100)]
systemctl: remove duplicate entries showed by list-dependencies (#5049)
When a unit is part of several dependency constraints of another
unit, list-dependencies repeats the name of the dependency for each
dep constraint the unit is encountered.
In eb64b435ebb2a7cb1274d5 ActiveSlave/PrimarySlave were inserted in between
IPv6AcceptRA and IPv6AcceptRouterAdvertisements and the comment then didn't
make sense. It turns out that gperf does not understand C-style comments, and
that there's no comment syntax in the keywords section. The following was
generated:
{"/* legacy alias for the above */"},
{"Network.IPv6AcceptRA", config_parse_tristate, 0, offsetof(Network, ipv6_accept_ra)},
In practice this wouldn't lead to problems because this fake pattern would be
hard to match, but it seems better to remove the comments altogether.
Readers of the .gperf file will have to look for the repeated output field to
notice legacy options. To make this easier, let's always keep the legacy option
second.
Michal Schmidt [Fri, 16 Dec 2016 17:14:47 +0000 (18:14 +0100)]
kernel-install: avoid process substitution
bash implements process substitution using /dev/fd/N (this is documented
in man bash). We'd like kernel-install to work in chrooted RPM
scriptlets without /dev.
We can use here-strings instead. bash uses temporary files to implement
those.
micah [Wed, 11 Jan 2017 20:07:35 +0000 (15:07 -0500)]
Document how restart actions work (#5052)
When a user is trying to understand what is going on with a restart action, it is useful to explicitly describe how the action is run. It may seem obvious, but it is helpful to be explicit so one knows there isn't a special ExecRestart= or similar option that they could be looking at.
projects / thirdparty / systemd.git / log
