Yu Watanabe [Wed, 11 Jun 2025 09:05:46 +0000 (18:05 +0900)]
network: also check ID_NET_MANAGED_BY property on reconfigure
Previously, the property was checked only when an uevent is received,
so even if an interface has ID_NET_MANAGED_BY property, the interface
will be configured by networkd when reconfiguration is triggered e.g.
when interface state is changed.
Yu Watanabe [Thu, 15 May 2025 03:34:35 +0000 (12:34 +0900)]
core: introduce Unit.dependency_generation counter and restart loop when dependency is updated in the loop
When starting unit A, a dependent unit B may be loaded if it is not
loaded yet, and the dependencies in unit A may be updated.
As Hashmap does not allow a new entry to be added in a loop, we need to
restart loop in such case.
Yu Watanabe [Tue, 20 May 2025 19:38:07 +0000 (04:38 +0900)]
core/transaction: do not override unit load state when unit_load() failed
When unit_load() failed for some reasons, previously we overrided the
load state with UNIT_NOT_FOUND, but we did not update the
Unit.fragment_not_found_timestamp_hash. So, the unit may be loaded
multiple times when the unit is in a dependency list of another unit,
as manager_unit_cache_should_retry_load() will be true again even on
next call.
Let's not override the unit state set by unit_load().
Note, after unit_load(), the unit state should not be UNIT_STUB.
Let's also add the assertion about that.
This change is important when combined with the next commit, as with the
next commit we will restart the FOREACH_UNIT_DEPENDENCY() loop if an unit
is reloaded, hence overriding load state with UNIT_NOT_FOUND may cause
infinit loop.
Yu Watanabe [Tue, 20 May 2025 19:32:09 +0000 (04:32 +0900)]
core/transaction: drop redundant call of bus_unit_validate_load_state()
The function manager_unit_cache_should_retry_load() reutrns true only
when the unit state is UNIT_NOT_FOUND. Hence, it is not necessary to
call bus_unit_validate_load_state() before checking
manager_unit_cache_should_retry_load().
console: when switching console modes and one doesn't work, always go for the next
So far we already had a logic in place to go for the next mode if some
mode doesn't work – but it was only applied if we'd actively cycle
through resolutions.
Let's extend the logic and always apply it: whenever we try to switch to
a mode, and it doesn't work, go to the next one until we find one that
works.
homed: set "secrets" section to 'sensitive' in more places
We already do this in all placed where we it *really* matters, i.e. for
passwords PINs. But let's do this also at any place where we add the
section at all, regardless whether it is for storing a pw or something
else.
With this we establish the rule that if it's in "secrets", then it
shall be marked "sensitive".
It's not sufficient to append a DNS key to a packet, we must also update
the qdcount too. We got this right in most tests but didn#t here.
Moreover, we must extract the packet then to actually have a DnsQuestion
properly filled in.
Fix that. Without this the tests didn't test anything reasonable.
Lukas Nykryn [Wed, 18 Jun 2025 11:33:25 +0000 (13:33 +0200)]
man: encourage the creation of empty machine-id instead of deleting it
Current text hints that machine-id in template image should be empty
if the system is read-only. But most of the bare metal systems and
regular VMs have /etc read-only at this phase of boot.
We now consider link-local addresses routable when we have configured
unicast link-local dns servers. This allows creating the DNS scope, even
when the interface doesn't get a routable address.
Luca Boccassi [Mon, 16 Jun 2025 22:28:57 +0000 (23:28 +0100)]
fstab-generator: set mode=0755 with root=tmpfs
If mode= is not set in rootflags= add mode=0755 when a tmpfs
is used on the rootfs, otherwise it will be group/world writable
as that's the default mode for tmpfs filesystems.
Yu Watanabe [Mon, 16 Jun 2025 08:55:11 +0000 (17:55 +0900)]
manager: also restart stub listner on reload
Previously, the extra stub listners were stopped but new ones were not
started. Also, the main stub listners were not restarted, hence the
new settings were not applied. This fixes the above two issues.
Note, to fix the issue, we need to keep CAP_NET_BIND_SERVICE capability
to make it allow to bind stub listner later.
Yu Watanabe [Thu, 12 Jun 2025 09:25:54 +0000 (18:25 +0900)]
udev/rules.d: import hwdb before calling net_id builtin
The commit cdcb1eeeb883b2ecb3992865f458f874900ddb87 adds
ID_NET_NAME_INCLUDE_DOMAIN property support in net_id builtin.
The property is basically set through hwdb. However, previously hwdb was
imported after calling net_id builtin, hence when net_id is called, the
property was never set.
This makes hwdb is imported before calling net_id builtin, so that the
property is set when net_id is called if hwdb has an entry about that
for the interface.
Yu Watanabe [Fri, 6 Jun 2025 15:09:37 +0000 (00:09 +0900)]
test: extend timeout and enable generating debugging logs
Not sure why the test failed, but maybe the test environment is too
slow? Even this does not fix the failure, by enabling debugging logs,
this hopefully provides more useful information for debugging.
Yu Watanabe [Fri, 6 Jun 2025 12:14:20 +0000 (21:14 +0900)]
sd-device: replace '!' with '/' before calling sd_device_new_from_subsystem_sysname()
Device ID uses device directory name as is, hence may contain '!', but
sd_device_new_from_subsystem_sysname() expects that the input is sysname.
So, we need to replace '!' with '/'.
Daan De Meyer [Thu, 5 Jun 2025 10:14:45 +0000 (12:14 +0200)]
meson: Don't fail install script if file doesn't exist
Depending on which optional features are enabled, the NSS module
might not have been built, which means the custom install script
will fail to remove the file. Let's pass -f so it succeeds regardless
of whether the file exists or not.
vmspawn: do not preserve access permissions and xattrs of template OVMF vars
This makes vmspawn work when /usr/share/qemu/edk2-i386-vars.fd is on
disk with 0444 permissions as is the case on NixOS.
The nix package manager does not store any access permissions, ownership,
timestamps, or extended attributes in its package format to increase
reproducibility. The only meta-data that is stored is the executable bit.
Thus when unpacking a nix package, the executable bit is preserved, but no other
access permissions are preserved and all files in /nix/store end up as
read-only.
This causes the template OVMF vars file to have 0444 permissions. If we preserve
those permissions when copying the template file to /tmp that means QEMU can not
write to the file and fails.
So lets not preserve permissions and keep the 0600 permissions that are set by
default.
Alex [Mon, 2 Jun 2025 22:47:49 +0000 (18:47 -0400)]
network: fix a potential divide-by-zero (#37705)
In function `tc_init`, hz is parsed from the content of file
`"/proc/net/psched"` and can be 0.
In function `hierarchy_token_bucket_class_verify`, hz is directly used
as a divisor in
`htb->buffer = htb->rate / hz + htb->mtu;` without any check. This adds a check on hz before using it as a divisor.
mount-util: avoid unnecessary mount_setattr() call in make_fsmount()
If .attr_set is zero (and .att_clr, .propagation too), then there's no
point in calling mount_setattr().
Fixes: #37062
Note that this optimization is not precisely load-bearing anymore, since 3cc23a2c2345eb188551565349c89ec1fa8f650f got merged which removes the
only caller of make_fsmount() that might trigger it. But it's worth
fixing generic code anyway, in case it gets used like this later again.
A "string" is a concept in C. In a text-based API, this is implicit, especially
if we say that something was "formatted". So change occurences of "decimal
string" to just "decimal". Similarly, "numerics" is unclear, say "digits".
Also, a "timestamp is in a clock" just sounds wrong. Reword those sentences.
Yu Watanabe [Tue, 27 May 2025 17:09:52 +0000 (02:09 +0900)]
network/link: update state file when master ifindex is changed
If master ifindex is non-zero, then the carrier state and operational
state of the interface may be the enslaved state.
As the operational state is saved in link state file, and read by
wait-online, we need to update the state file when the master ifindex is
changed.
Yu Watanabe [Tue, 27 May 2025 14:17:40 +0000 (23:17 +0900)]
network/link: ENODATA from reading IFLA_MASTER when an interface has no master
When an interface leaved from the master interface, then reading
IFLA_MASTER attribute causes ENODATA. When the interface was previously
enslaved to another interface, we need to remove reference to the
interface from the previous master interface.
This is especially important when
```
ip link set dev eth0 nomaster
```
is called.
Adrian Vovk [Tue, 18 Feb 2025 20:59:03 +0000 (15:59 -0500)]
man/systemd.timer: Correct inaccuracy in man page
The docs previously stated that RandomizedDelaySec is applied onto the
next scheduled time, but after 9fa326b18aef0c1e5c80e23a5b41de02155e6f7e
this is no longer the case.
I also reworded FixedRandomDelay= slightly, to make it a bit clearer
Daan De Meyer [Sun, 11 May 2025 07:42:28 +0000 (09:42 +0200)]
meson: Stop doing nested build when fuzzers are enabled
Currently, when fuzzers are enabled, we run meson from within meson
to build the fuzzer executables with sanitizers. The idea is that
we can build the fuzzers with different kinds of sanitizers
independently from the main build.
The issue with this setup is that we don't actually make use of it.
We only build the fuzzers with one set of sanitizers (address,undefined)
so we're adding a bunch of extra complexity without any benefit as we
can just setup the top level meson build with these sanitizers and get
the same result.
The other issue with this setup is that we don't pass on all the options
passed to the top level meson build to the nested meson build. The only things
we pass on are extra compiler arguments and the value of the auto_features
option, but none of the individual feature options if overridden are passed on,
which can lead to very hard to debug issues as an option enabled in the top
level build is not enabled in the nested build.
Since we're not getting anything useful out of this setup, let's simplify
and get rid of the nested meson build. Instead, sanitizers should be enabled
for the top level meson.build. This currently didn't work as we were overriding
the sanitizers passed to the meson build with the fuzzer sanitizer, so we
fix that as well by making sure we combine the fuzzer sanitizer with the ones
passed in by the user.
We also drop support for looking up libFuzzer as a separate library as
it has been shipped builtin in clang since clang 6.0, so we can assume
that -fsanitize=fuzzer is available.
To make sure we still run the fuzzing tests, we enable the fuzz-tests option
by default now to make sure they still always run (without instrumentation unless
one of llvm-fuzz or oss-fuzz is enabled).
* 5e739ef1ed mkosi-initrd: Optionally match t64 suffix for tss2
libraries
* ec70393077 Merge pull request https://github.com/systemd/mkosi/pull/3742 from DaanDeMeyer/man
|\
| * 94cc136fbe mkosi-tools: Install man tool and pages as part of misc
profile
| * eda2ed533d Enforce C.UTF-8 locale for all commands we run
* | 9821e9a3e3 sandbox: Support using mkosi-sandbox as a library
* | 4145382edf Serialize pid in state and check if still exists on load
* | 3d119cba07 Merge pull request https://github.com/systemd/mkosi/pull/3736 from DaanDeMeyer/rpm-gpgkey
|\ \
| |/
|/|
| * 0a5d87b7bb Only pick up /etc/pki/tls and /etc/pki/ca-trust as
certificate dirs
| * c30eee187f Look for rpm gpg keys from inside the sandbox
|/
* ef2842dfea Fix version bump check if image version was passed on CLI
* 12b6251153 apt: Install apt sources if apt was installed via base tree
* a0b4e1af9a Make sure git doesn't fail when running as root
* 585a47705d repart: use --append-fstab=auto if available
* cec6ae1dda sandbox: handle case where dev node for tty doesn't exist
* a60dade823 initrd: shadow-utils removal is only necessary on old
Fedora
* ca11acbd5b Use SPDX identifier instead of file path for license in
pyproject.toml
* 4d031bc57d Revert license-files property
* c80dd09008 Merge pull request https://github.com/systemd/mkosi/pull/3722 from behrmann/versiontweaks
|\
| * c76e5dc4bc make version test more readable
| * 90ba99dde1 version: add __repr__ to GenericVersion
|/
* dd794ec832 Fix licenses path in pyproject.toml
* 7eeb749840 Merge pull request https://github.com/systemd/mkosi/pull/3702 from aafeijoo-suse/initrd-kmp
|\
| * 565b905aa1 mkosi-initrd: handle symlinks under weak-updates
| * a83ccc10c7 mkosi-initrd: perform basic checks on the kernel dir
before calling mkosi
| * 73cad79c9e mkosi-initrd: --kernel-modules-include ->
--kernel-modules
* bac76904c3 build(deps): bump github/codeql-action from 3.28.13 to
3.28.16
* 44161624a2 Supress ssh unit generation if sshd is not present
* b8758dac28 Partially revert 640000a861e9cd9a3807e4158e110a098c74d078
* 6f11937dc6 Don't use default value if optional settings are set to
none
* 640000a861 Use a default tools tree by default if mkosi.tools.conf
exists
* 63d91cc285 mkosi: Override misconfigured gitconfig HTTP/HTTPS proxy
with ProxyUrl
* a859b5eb13 Make sure we create the default workspace directory as well
mkosi: Run clangd within the tools tree instead of the build container
Running within the build sandbox has a number of disadvantages:
- We have a separate clangd cache for each distribution/release combo
- It requires to build the full image before clangd can be used
- It breaks every time the image becomes out of date and requires a
rebuild
- We can't look at system headers as we don't have the knowledge to map
them from inside the build sandbox to the corresponding path on the host
Instead, let's have mkosi.clangd run clangd within the tools tree. We
already require building systemd for both the host and the target anyway,
and all the dependencies to build systemd are installed in the tools tree
already for that, as well as clangd since it's installed together with the
other clang tooling we install in the tools tree. Unlike the previous approach,
this approach only requires the mkosi tools tree to be built upfront, which has
a much higher chance of not invalidating its cache. We can also trivially map
system header lookups from within the sandbox to the path within mkosi.tools
on the host so that starts working as well.
* dbb4020bee mkosi: Use tools tree by default in repository config
* a2407a305c dnf: Stop messing around with plugins
* eee382ebc6 Fix mkosi help
* 8d4f9969bb mkosi-obs: simplify generation of signed UEFI auth files
* 364dfc65eb Merge pull request #3661 from septatrix/ssh-runtime
|\
| * ab3b52841c Improve Ssh= documentation
| * 79878d7e6c Add new Ssh=auto and Ssh=runtime options
* 49036322c2 Merge pull request #3682 from DaanDeMeyer/history
|\
| * 96e512fe6e installer: Make sure package manager state is preserved in the image
| * b859a7cf0a Only copy repository metadata from specific subdirs from /var
| * c8bf8e4278 Rename cache_subdirs() to package_subdirs()
* | 54b59c4a2e Merge pull request #3696 from DaanDeMeyer/history-cli
|\ \
| * | 898d89e887 Rework version bumping
| * | cc45fe3bad Only write CLI arguments to history instead of full config
| * | 1def443097 Disallow using --rerun-build-scripts with --force again
| * | 87b03ee264 Rename get_configdir() to finalize_configdir()
| * | 9c1217a217 Get rid of to_json() methods on Args and Config
| |/
* | 124f551e77 mkosi-obs: do not publish roothash
* | fc86100e51 mkosi-obs: append certs from mkosi.uefi.db/ to 'db'
* | 8bee4cb8e2 Make sure sync scripts are executable
|/
* a7e90514fa Simplify tools tree out of date error
* f9956daba7 Fail if --rerun-build-scripts is used and tools is out of date
* d94bf56ae8 mkosi-initrd: add specific configuration for plymouth in Debian
* 8235ddbc5b Take shared lock in copy_ephemeral()
* 19c74d5ba5 Two follow ups for #3678
* 0d6f15e8c3 Merge pull request #3678 from DaanDeMeyer/history
|\
| * 5410c4c7af tests: Require genkey to be run once upfront
| * 86b8c611a1 tests: Drop unused tools field
| * c3d1bd0dde Rework history <=> sandbox integration
* fce4db970f zypper: display debugging output if ARG_DEBUG is set
* 2c052b9d45 Allow PCR signing settings to be overridden in sub-images
* 00c220225b zypper: do not fail if a package configured to be removed is not found
mkosi: Rename mkosi.prepare scripts for systemd deps to systemd.prepare
These scripts are reused by multiple images, so let's give them a
non-standard name to indicate that. Otherwise it's all too easy to add
something to mkosi.prepare for the main image and accidentally have it
included in all the subimages as well even though that's not desired.
mkosi: Reuse main image prepare scripts in subimages
In the subimages we also want to make sure all dependencies of the
systemd packages are cached so reuse the same prepare scripts from
the main image to do that.
We only want required dependencies in the subimages, not recommended
or suggested dependendencies, so add an environment variable
$SYSTEMD_REQUIRED_DEPS_ONLY which the prepare scripts can check for
and enable it for the subimages.
mkosi: Make sure coreutils is installed in initrd/exitrd
This is already installed but Fedora/CentOS systems are nudged towards
installing coreutils-single which then later causes issues when we try
to install coreutils as a dependency of systemd so let's make sure we
pick coreutils from the beginning.
mkosi: Move TEST-24-CRYPTSETUP files to mkosi/ directory
If the integration tests have been installed in the systemd-tests
package, the path to these in mkosi.postinst.chroot will be wrong.
Let's fix the issue by moving these files into the mkosi/ directory
as they're only used by mkosi regardless so they make more sense to
be there anyway.
Turns out makepkg sets $SOURCE_DATE_EPOCH= to the current time for
every build if not set explicitly which causes full rebuilds if we
don't set time-epoch explicitly ourselves, so let's do that everywhere
to avoid unnecessary rebuilds.
mkosi: drop os-release symlink for minimal-base image
[ 385s] ERROR: link target doesn't exist (neither in build root nor in installed system):
[ 385s] /usr/lib/systemd/tests/mkosi/mkosi.images/minimal-base/mkosi.extra/etc/os-release -> ../usr/lib/os-release
It shouldn't be even needed, everything should look in /usr/lib/os-release too
With the latest mkosi it's possible for MinimumVersion= to be a git
commit so let's start making use of that. This will make mkosi fail
if it's executed within the systemd repository and the checked out
commit is too old.
Putting the mkosi commit sha in mkosi/mkosi.conf also allows retrieving
it without having the full source tree available.
We also make a bunch of improvements to the fetch-mkosi.py script.
coredump: introduce an enum to wrap dumpable constants
Two constants are described in the man page, but are not defined by a header.
The third constant is described in the kernel docs. Use explicit values to
show that those are values are defined externally.
projects / thirdparty / systemd.git / log
