We should be more strict when verifying paths with path_is_safe() for
potentially dangerous constructs, and that includes lengths of
PATH_MAX-1 and larger. Be more accurate here.
Add VARIANT as a standard value for /etc/os-release
Some distributions (such as Fedora) are using the VARIANT field to
indicate to select packages which of several default configurations
they should be using. For example, VARIANT=Server provides a
different default firewall configuration (blocking basically
everything but SSH and the management console) whereas
VARIANT=Workstation opens many other ports for application
compatibility.
By adding this patch to the manual pages, we can standardize on a
cross-distribution mechanism for accomplishing this.
Fedora implementation details are available at
https://fedoraproject.org/wiki/Packaging:Per-Product_Configuration
generators: rename add_{root,usr}_mount to add_{sysroot,sysroot_usr}_mount
This makes it obvious that those functions are only usable in the
initramfs.
Also, add a warning when noauto, nofail, or automount is used for the
root fs, instead of silently ignoring. Using those options would be a
sign of significant misconfiguration, and if we bother to check for
them, than let's go all the way and complain.
Other various small cleanups and reformattings elsewhere.
network: Implement fallback DHCPv6 prefix handling for older kernels
When setting IPv6 addresses acquired by DHCPv6, systemd-networkd sets
the IFA_F_NOPREFIXROUTE flag in the IFA_FLAGS netlink attribute. As
the flag and the attribute are present starting with Linux 3.14, older
kernels will need systemd-network to manage prefix route expiry.
By default, DHCPv6 addresses are first assigned setting the
IFA_F_NOPREFIXROUTE flag in the IFA_FLAGS netlink attribute. Should
the address assignment fail, the same assignment is tried without
the IFA_FLAGS attribute. Should also the second attempt fail, an error
is printed and address assignment ends with failure. As successful use
of the IFA_FLAGS netlink attribute is recorded in the Link structure,
the DHCPv6 code will know if the kernel or systemd-network fallback
code handles expiring prefixes.
filtered was used to store an allocated string twice. The first allocation was
thus lost. The string is not needed for anything, so simply skip the allocation.
11: ip6_vti0@NONE: <NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT
group default
link/tunnel6 :: brd ::
12: ip6vti@wlan0: <POINTOPOINT,NOARP> mtu 1500 qdisc noop state DOWN
mode DEFAULT group default
link/tunnel6 2a00:ffde:4567:edde::4987 peer 2001:473:fece:cafe::5179
sd-bus: properly handle creds that are known but undefined for a process
A number of fields do not apply to all processes, including: there a
processes without a controlling tty, without parent process, without
service, user services or session. To distuingish these cases from the
case where we simply don't have the data, always return ENXIO for them,
while returning ENODATA for the case where we really lack the
information.
Also update the credentials dumping code to show this properly. Fields
that are known but do not apply are now shown as "n/a".
Note that this also changes some of the calls in process-util.c and
cgroup-util.c to return ENXIO for these cases.
sd-bus: drop bus parameter from message callback prototype
This should simplify the prototype a bit. The bus parameter is redundant
in most cases, and in the few where it matters it can be derived from
the message via sd_bus_message_get_bus().
This introduces /run/systemd/fsck.progress as a simply
AF_UNIX/SOCK_STREAM socket. If it exists and is connectable we'll
connect fsck's -c switch with it. If external programs want to get
progress data they should hence listen on this socket and will get
all they need via that socket. To get information about the connecting
fsck client they should use SO_PEERCRED.
Unless /run/systemd/fsck.progress is around and connectable this change
reverts back to v219 behaviour where we'd forward fsck output to
/dev/console on our own.
Even trivial service occasionally get stuck, for example when
there's a problem with the journal. There's nothing more annoying
that looking at the cylon eye for a job with an infinite timeout.
Use standard 90s for jobs that do some work, and 30s for those which
should be almost instantenous.
Hans de Goede [Tue, 28 Apr 2015 09:07:42 +0000 (11:07 +0200)]
udev: hwdb: Add trackpoint sensitivity settings for Lenovo X240 and 540p
Like the T440s these need the sensitity to be set significantly higher
then the default of 128 for the trackpoint to be usable. Like with the
T440s 200 seems to be a good value to get a reasonable but not too high
sensitivity.
run: synchronously wait until the scope unit we create is started
Otherwise it might happen that by the time PID 1 adds our process to the
scope unit the process might already have died, if the process is
short-running (such as an invocation to /bin/true).
Ivan Shapovalov [Mon, 27 Apr 2015 18:19:02 +0000 (21:19 +0300)]
core: coldplug all units which participate in jobs during coldplugging
This is yet another attempt to fix coldplugging order (more especially,
the problem which happens when one creates a job during coldplugging and
it references a not-yet-coldplugged unit).
Now we forcibly coldplug all units which participate in jobs. This
is a superset of previously implemented handling of the UNIT_TRIGGERS
dependencies, so that handling is removed.
Tom Gundersen [Fri, 24 Apr 2015 18:36:02 +0000 (20:36 +0200)]
udevd: worker - log if worker result cannot be sent
If the main daemon is not notified about a worker finishing an event
the refcounting of the worker struct will be wrong, and we will lose
track of the number of children we have to wait for.
This should not happen, but if it does we better complain loudly about
it. Worst case udev will wait for 30 seconsd at shutdown waiting for
nonexistent workers.
Tom Gundersen [Fri, 24 Apr 2015 15:50:49 +0000 (17:50 +0200)]
udevd: improve logging in SIGCHLD handling
Remove some redundant logging, and reduce the log-level in most cases. The only
case that is really critical is if a worker failed while hanlding an event, so
keep that at error level.
Daniel Mack [Thu, 23 Apr 2015 15:30:23 +0000 (17:30 +0200)]
shutdownd: kill the old implementation
Not that all functionality has been ported over to logind, the old
implementation can be removed. There goes one of the oldest parts of
the systemd code base.
Daniel Mack [Thu, 23 Apr 2015 14:03:02 +0000 (16:03 +0200)]
systemctl: talk to logind for scheduled shutdowns
Drop the code which communicates with shutdownd via its private socket,
and use the functionality in logind instead.
The code pathes which talk to logind have to create their own ad-hoc
bus connection because by default, systemctl connects to systemd's
private socket.
Daniel Mack [Thu, 23 Apr 2015 15:11:28 +0000 (17:11 +0200)]
logind: add support for /run/nologin and /run/systemd/shutdown/scheduled
Port over more code from shutdownd and teach logind to write /run/nologin at
least 5 minutes before the system is going down, and
/run/systemd/shutdown/scheduled when a shutdown is scheduled.
Daniel Mack [Wed, 22 Apr 2015 15:20:42 +0000 (17:20 +0200)]
logind: add code for UTMP wall messages
Add a timer to print UTMP wall messages so that it repeatedly informs users
about a scheduled shutdown:
* every 1 minute with less than 10 minutes to go
* every 15 minutes with less than 60 minutes to go
* every 30 minutes with less than 180 minutes (3 hours) to go
* every 60 minutes if more than that to go
This functionality only active if the .EnableWallMessages DBus property
is set to true. Also, a custom string can be added to the wall message,
set through the WallMessagePrefix property.
Daniel Mack [Fri, 24 Apr 2015 13:31:29 +0000 (15:31 +0200)]
shared/utmp-wtmp: add parameter for origin tty and callback userdata
Instead of looking up the tty from STDIN, let utmp_wall() take an argument
to specify an origin tty for the wall message. Only if that argument is
NULL do the STDIN lookup.
Also add an void *userdata argument that is handed back to the callback
function.
Daniel Mack [Mon, 20 Apr 2015 13:27:15 +0000 (15:27 +0200)]
logind: add .ScheduleShutdown and .CancelScheduledShutdown methods
Add a method called ScheduleShutdown in org.freedesktop.login1.Manager
which adds a timer to shut down the system at a later point in time.
The first argument holds the type of the schedule that is about to
happen, and must be one of 'reboot', 'halt' or 'poweroff'.
The second argument specifies the absolute time, based on
CLOCK_REALTIME in nanoseconds, at which the the operation should be
executed.
To cancel a previously scheduled shutdown, the CancelScheduledShutdown()
can be called, which returns a bool, indicating whether a scheduled
timeout was cancelled.
Also add a new property called ScheduledShutdown which returns the
equivalent to what was passed in via ScheduleShutdown, as '(st)' type.
Daniel Mack [Mon, 20 Apr 2015 13:19:26 +0000 (15:19 +0200)]
logind: factor out polkit checks
Factor out the code to ask polkit for authorization from
method_do_shutdown_or_sleep() into an own function called
verify_shutdown_creds().
This is needed in order to also use the same checks when shutdown
operations are scheduled. For that, it's also necessary to allow
NULL values for that action{,_multiple_sessions,_ignore_inhibit)
arguments, which will suppress the call if no action string is
passed.
projects / thirdparty / systemd.git / log
