Now that we properly leave sufficient space for inline execution of
the .linux section, let's remove the special casing of the .linux
section as it doesn't need to be the last section anymore now.
ukify: Use SizeOfImage from linux image as virtual size of .linux section
The SizeOfImage is bigger than the image itself so that space is
guaranteed to be available for in place execution of the linux image. Let's
make sure we take this into account and use SizeOfImage as the section's virtual
size instead of the size of the image itself.
tpm2-util: show loaded libraries in 'systemd-analyze has-tpm2'
After 3b16e9f41983f697bc38c40bb8e7119c1bb4f7c8, even the libraries are
documented in the man page, it is useful to mention which libraries are
checked in the command output.
Of course, the dependencies are kind of implementation detail, and may
be changed in the future version, but that's especially why I think
showing the library deps in the output is useful.
systemd-analyze is a debugging tool, and already shows many internal
states. I think there is nothing to prevent from showing the deps.
repart: Shortcut copy if source or target starts with exclude path
If the source or target we're copying to is a subdirectory of any of the
directories specified in ExcludeFiles= or ExcludeFilesTarget=, shortcut the
entire copy operation.
Every services and containers should be able to protect their users and
limit the impact of security bugs thanks to the security syscalls
provided by seccomp and Landlock. The goal of these syscalls is to
improve security with additional restrictions. They are designed to be
safely used by unprivileged (and then potentially malicious) users.
Remove the now-redundant "seccomp" entry for nspawn.
Somebody wrapped the text, but whitespace is preserved in <programlisting>, so
the output was mangled. It also doesn't make sense to run systemd-path as root
(as indicated by '#'), so drop that. Also, this chunk should be a separate
paragraph.
Ivan Kruglov [Fri, 20 Sep 2024 10:20:53 +0000 (12:20 +0200)]
machine: resolve race condition in TEST-13-NSPAWN.machinectl.sh
I encountered this race condition while working on TEST-13-NSPAWN.varlinkctl.sh.
The long-running machine's init script sometimes does not have time to start and
register signals. As result, occasiounally failed tests.
units: Order ldconfig after systemd-tmpfiles-setup.service
tmpfiles might be linking the configuration for ldconfig into /etc
so make sure it runs after it so that the configuration is guaranteed
to be in place.
Michal Koutný [Fri, 13 Sep 2024 17:27:13 +0000 (19:27 +0200)]
core/cgroup: Apply IODevice*= directives in configured order
Different device paths may resolve to same device node
(lookup_block_device()), e.g.
IOReadBandwidthMax=/dev/sda1 18879
IOReadBandwidthMax=/dev/sda2 18878
where both partitions resolve to /dev/sda and when these values are
applied (they are associated with original paths, i.e. as if applied for
different device) in the order from io_device_limits.
The parsing code prepends, so they end up in reverse order wrt config
file. Switch the direction so that the order of application matches the
order of configuration -- i.e. semantics in all other unit file
directives.
Apply same change to all directives that use per-device lists. (The
question whether partitions should be resolved to base device is
independent.)
And apply the changes equally to DBus properties write handlers.
repart: Determine verity sig size based on partition designator
Verity= is an image build concept, not a first boot concept, whereas
a partition designator is always available, so let's do the size stuff
based on that.
Ivan Shapovalov [Fri, 20 Sep 2024 11:01:51 +0000 (13:01 +0200)]
core/cgroup: cache IO accounting data when pruning a cgroup
When removing a cgroup in unit_prune_cgroup(), read IO metrics to cache
them similar to the existing treatment of the CPU and memory usage data.
Note that we do not do this for the IP metrics as the firewall objects
are only destroyed in unit_free() and thus stay alive long enough to
be read out directly by all interested parties.
man: say that SYSEXT_SCOPE=initrd also applies to exitrds
We generally do _not_ want the same sysexts to be loaded in both initrd and
exitrd phases. The environment is completely different and it's unlikely that
the same code can be useful in both places. Nevertheless, it can be useful in
_some_ cases, for example when the sysexts contains debugging tools.
I think we don't need to differentiate between initrds and exitrds through
SYSEXT_SCOPE, because the two types are made available in completely different
locations and loaded through a different mechanism, with very little chance of
an initrd being loaded as an exitrd without an explicit admin action (or the
other way around). So let's not complicate our code or definitions by an
explicit "exitrd" sysext designator, but just clarify that "initrd" also
encompasses exitrds in this context.
man: reword some sentences with umbiguous subjects
A sencence like "The system manager does, a, b, c, which is really d, and e.",
it is generally understood that the manager also does "e". This can be
quite confusing if the manager cannot do "e", in our case unmount the file
system on which it is sitting.
Similary, we cannot "fall back to x if it is missing", since "it" in that
sentence means "x".
With many fds the global windows count generally exceeds the
minimum. This results in always reusing the unused entry if
there is one, which becomes a sort of degenerate case where we're
just constantly unmapping->mapping.
Instead let's try always have at least several unused windows on
the unused list before we resort to churning through it.
We need to make sure the presets from /usr/lib/systemd/user-preset
are applied as well. Currently only the ones from
/usr/lib/systemd/system-preset are applied.
Ivan Shapovalov [Fri, 20 Sep 2024 15:02:13 +0000 (17:02 +0200)]
core/cgroup: drop `allow_cache` parameter in `unit_get_io_accounting()`
The name of the parameter is misleading and it does not save us much
work because it is not used during regular unit property queries.
It is only used during unit_log_resources(), and the cgroup is already
dead by that point so it won't be read anyway.
Michael Ferrari [Sat, 14 Sep 2024 00:01:52 +0000 (02:01 +0200)]
firstboot: add similar input suggestion
This uses the same logic as similar verb suggestion for command line
utilities. Try to be helpful when the user entered something invalid
instead of just showing the prompt again.
Adrian Vovk [Thu, 19 Sep 2024 15:44:42 +0000 (11:44 -0400)]
sysupdated: Rearrange error logging a little bit
First, this fixes a case where an error is logged twice at the LOG_ERR
level. Second, this goes through and raises the log level where
appropriate so that sysupdated is easier to debug. Finally, it replaces
EINVAL with EPROTO where appropriate, since EINVAL implies that the
caller passed some incorrect arguments (which is incorrect; sysupdate
passed some invalid JSON back to us)
Adrian Vovk [Thu, 19 Sep 2024 12:33:02 +0000 (08:33 -0400)]
updatectl: check: Don't print an empty table
If there are no updates available, `updatectl check` would previously
just print an empty table. We should instead just tell the user that
there are no updates available.
test-process-util: Ignore EINVAL from setresuid() and setresgid()
If we're running in a user namespace with a single user and without
the nobody user, we'll get EINVAL from these system calls so make
sure we handle those gracefully.
projects / thirdparty / systemd.git / log
