core/condition: fix segfault when key not found in os-release
'ConditionOSRelease=|ID_LIKE$=*rhel*' results in a segfault.
The key 'ID_LIKE' is not present in Fedora's os-release file.
I think the most reasonable behaviour is to treat missing keys as empty.
This matches the "shell-like" sprit, since in a shell empty keys would
by default be treated as empty too. Thus, "ID_LIKE=" would match, if
ID_LIKE is not present in the file, and ID_LIKE=!$foo" would also match.
The other option would be to make those matches fail, but I think that'd
make the feature harder to use, esp. with negative matches.
Documentation is updated to clarify the new behaviour.
Daan De Meyer [Wed, 12 Feb 2025 10:09:36 +0000 (11:09 +0100)]
mkosi: Update to latest
In https://github.com/systemd/mkosi/pull/3497, mkosi has started parsing
options passed after the verb as regular mkosi options instead of options
for the invoked command. We adapt to this change by adding '--' as a delimiter
everywhere where required.
Daan De Meyer [Wed, 29 Jan 2025 13:44:27 +0000 (14:44 +0100)]
ukify: Calculate section size more correctly
We should only use Misc_VirtualSize if it's smaller than SizeOfRawData,
since in that case it'll be the non-aligned section size. Otherwise we
have to use SizeOfRawData to get the size on disk.
Yu Watanabe [Wed, 12 Feb 2025 00:23:33 +0000 (09:23 +0900)]
udev-watch: do not try to remove invalid watch handle
When a new device is processed, there should be no watch handle for
the device, hence udev_watch_clear() provides -1. Let's not try to call
inotify_rm_watch() in that case.
This should not change any behavior. Just for suppressing spurious
debugging log:
=====
(udev-worker)[3626140]: zram1: Removing watch handle -1.
=====
Let's move the currently used/default/oneshot entry output after the
basic info about the boot loader itself, since conceptually these are
objects kinda "one level down" from the boot loader perspective. Hence,
let's *first* show all info about the boot loader itself before we
display the objects it manages.
This is just a trivial change in output, just swaps th elines for these
fields with the ones showing where the boot loader is installed.
bootctl: suppress output of empty partition info if we also have no idea about EFI binary path
So far we'd output both the partition and the binary path always, even
if we didn't know either (but in that case show empty information).
Let's address this, and show partition info only if we know it, or if we
know the EFI binary path, but suppress both if we know neither.
Note that we'll show the partition info if we don't know it still if we
know the EFI binary path used for boot, since it is relative to the
partition of course, and hence it's really strange to know one but not
the other, hence it deserves some mentioning in the output.
bootctl: also shown whether stub loader partition data was passed
Let's make the stub and loader output sections more alike, and say in
both cases whether we recieved that data from the boot phase or not the
same way.
Yu Watanabe [Wed, 18 Dec 2024 13:27:29 +0000 (22:27 +0900)]
update-utmp: do not give up if the first attempt at connecting bus failed
Otherwise, the program exits with failure if the first attempt in run() failed:
```
Dec 18 20:27:37 systemd-update-utmp[254]: Bus n/a: changing state UNSET → OPENING
Dec 18 20:27:37 systemd-update-utmp[254]: sd-bus: starting bus by connecting to /run/systemd/private...
Dec 18 20:27:37 systemd-update-utmp[254]: Bus n/a: changing state OPENING → CLOSED
Dec 18 20:27:37 systemd-update-utmp[254]: Failed to get D-Bus connection: Connection refused
```
By default, suite of each built test is determined by the directory of
the source file. Hence, before the mentioned commit, all tests in
src/boot/efi/ are in the 'efi' suite. The commit changed the directory
tree, but forgot to update the name of the test suite.
Yu Watanabe [Mon, 16 Dec 2024 02:50:53 +0000 (11:50 +0900)]
meson: allow to customize the access mode for tty/pts devices
Then, switch the default value to "0600", due to general security
concerns about terminals being written to by other users.
Closing #35599.
Backport note: the default is changed back to 0620 to keep backward
compatbility intact for the purpose of backporting. This lets
security-conscious users fix the issue if they want to, without
affecting users that do not want changes in the stable branches.
Yu Watanabe [Wed, 5 Feb 2025 00:14:51 +0000 (09:14 +0900)]
network/routing-policy-rule: fix compare func
Previously, when comparing an existing and requested routing policy
rules, `all` flag was unset, thus the from and to addresses in the two
rules were not compared. Hence, a new request with from and/or to
addresses might be considered as it already exists even the addresses of
existing one were different from the newly requested one.
All existing rules have valid family, i.e. AF_INET or AF_INET6. And,
all requesting rules with from and/or to addresses also have a valid
family. Hence, even `all` flag is unset, the addresses can be and must
be compared in that case.
errno handling for NSS is always a bit weird since NSS modules generally
are not particularly careful with it. Hence let's initialize errno
explicitly before we invoke getpwent() so that we know it's in a
reasonable state afterwards on failure, or zero if not.
We do this in most places we use NSS, including in userdb when it comes
to getgrent(), just for getpwent() we don't so far. Address that.
The getopt() parser was completely wrong, it expected an argument where
wasn't expected or processes.
The test cases only passed by accident because they use the "user" verb
which is also the default verb. It would be accidently read as argument
for --fuzzy and ignored.
This definition is broken as rpm internally does the following
since 4.20 to calculate the buildroot:
```
char *bn = rpmExpand("%{NAME}-%{VERSION}-build", NULL);
/* Tilde and caret in paths are evil, convert to underscores */
for (char *t = bn; *t; t++) {
if (*t == '^' || *t == '~')
*t = '_';
}
```
This has broken our upstream opensuse CI builds in systemd as
we do the following to fetch the list of unpackaged files by the rpm build:
```
rpmbuild
...
--define "__check_files sh -c '$(rpm --define "_topdir /var/tmp" --eval %__check_files) | tee /tmp/unpackaged-files'"
...
```
which stopped working because the check files script tries
to look for unpackaged files in the "/var/tmp/BUILD/systemd-258~devel-build/BUILDROOT"
directory (%buildroot) whereas it should be looking in "/var/tmp/BUILD/systemd-258_devel-build/BUILDROOT".
Let's remove the %buildroot compat definition until the bug is
addressed in opensuse tumbleweed.
Michal Sekletar [Tue, 21 Jan 2025 14:31:14 +0000 (15:31 +0100)]
core/namespace: relabel bind mount source based on the target path
Some bind mounts, e.g. /tmp bind mount when PrivateTmp=disconnected,
must be explicitly relabeled because now it would have incorrect SELinux
label. /tmp is expected to have well-known SELinux label, tmp_t. Now it
has label inherited from the source directory of the bind mount.
Daan De Meyer [Thu, 6 Feb 2025 13:53:02 +0000 (14:53 +0100)]
mkosi: Only make build sources ephemeral if NO_BUILD is not enabled
If we're not building distribution packages from source, there's no
need to make the build sources ephemeral so don't enable the setting
if NO_BUILD is enabled.
Daan De Meyer [Wed, 5 Feb 2025 11:42:39 +0000 (12:42 +0100)]
repart: Don't fail when we're unable to read file attributes
We're getting EOVERFLOW when reading file attributes trying to get
mkosi running in a docker container (don't ask). I have a suspicion
this is coming from fuse-overlayfs. Anyway, since the file attributes
stuff is supposed to be purely optional, let's not fail when we can't
read file attributes for whatever reason.
Daan De Meyer [Tue, 4 Feb 2025 19:46:11 +0000 (20:46 +0100)]
test: Move external packages section down and reword a little
This is advanced level stuff that regular contributors don't care
about in the slightest, so move it further down. Also reword the
section a little while we're at it.
Daan De Meyer [Tue, 4 Feb 2025 19:21:36 +0000 (20:21 +0100)]
test: Drop -Dremote=enabled instructions from readme
The test commands now use mkosi sandbox which always makes sure the
required dependencies for systemd-journal-remote are enabled so no
need to reconfigure meson explicitly anymore.
Daan De Meyer [Tue, 4 Feb 2025 10:42:42 +0000 (11:42 +0100)]
sysupdate: Update example mode to 644 instead of 444
The UKI file has to be writable to be able to do boot counting in
the UEFI firmware which involves renaming the file by writing to
the file metadata which requires the file to be writable in the FAT
filesystem.
Daan De Meyer [Tue, 4 Feb 2025 08:24:26 +0000 (09:24 +0100)]
ukify/measure: Revert changes to use SizeOfImage from Linux PE binary
With 19812661f1f65ebe777d1626b5abf6475faababc, we make sure at runtime
in the stub itself that SizeOfImage from the Linux EFISTUB PE binary is
taken into account, so there's no need to take this into account in ukify
itself. By reverting the ukify change, we again ensure that Misc_VirtualSize
reflects the actual size of the Linux EFISTUB PE binary in the .linux section
which lots of tooling depends on. It also makes sure we don't measure a bunch
of extra zeroes in the stub which should fix systemd-pcrlock measurements as
well.
Devilish Spirits [Wed, 29 Jan 2025 20:54:27 +0000 (21:54 +0100)]
Fix inversion of timesyncd_usec/epoch_usec variables in clock-warp.c
In clock_apply_epoch() function, the /usr/lib/clock-epoch timestamp was set to timesyncd_usec instead of epoch_usec and vice-versa which produced a misleading log message about the clock source systemd used for early clock sanitization. This trivial commit fix the mistake.
Adam Williamson [Fri, 10 Jan 2025 21:01:47 +0000 (13:01 -0800)]
kbd-model-map: add a georgian mapping
https://github.com/legionus/kbd/pull/127 adds a Georgian mapping
to kbd. console-setup already has one. Let's support it here, so
it's used for Georgian installs on distros that use this table.
Yu Watanabe [Wed, 15 Jan 2025 16:29:04 +0000 (01:29 +0900)]
random-util: fix compilation error
Fixes the following error:
```
../src/basic/random-util.c: In function "fallback_random_bytes":
../src/basic/random-util.c:45:26: error: initializer-string for array of "char" is too long [-Werror=unterminated-string-initialization]
45 | .label = "systemd fallback random bytes v1",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
```
Luca Boccassi [Fri, 24 Jan 2025 23:37:33 +0000 (23:37 +0000)]
man: fix reference to non-existing ukify parameter
The --extend parameter was removed by https://github.com/systemd/systemd/pull/34608
and a --join-profile was added instead, fix leftover reference in manpage
Yu Watanabe [Fri, 24 Jan 2025 19:05:51 +0000 (04:05 +0900)]
machine: revert type change of "leader" in io.systemd.Machine.Register method
The varlink method io.systemd.Machine.Register() is in v256, hence type
of "leader" cannot be changed.
Let's revert the change by 755cb018c9b3e93245afb86ec94223756ddd70e4, and
introduce another field "leaderProcessId", which takes detailed information
of the process.
The commit reworked job merging logic so that reload jobs
won't get merged. However, they might get dropped from
transaction due to being deemed redundant, i.e. way before
it even hits job_install(). Let's make sure reload jobs
are always kept during transaction construction stage, too.
The documentation and code agree on the same name, since always, but
when I put together the IDL I made a mistake and insert a "Not" that
wasn't supposed to be there.
We were missing one service result (oom-kill), and the ratelimit one is
called differently. Correct that so that we generate proper log messages
for these cases.
Luca Boccassi [Fri, 10 Jan 2025 21:02:55 +0000 (21:02 +0000)]
stub: drop PE sections parsing cap
This was added originally as it was thought that Windows applied
the same cap. Nowadays the specs do not mention it, and it is
believed Windows no longer applies it either, so drop it in order
to allow an arbitrary number of DTBs to be included
Yu Watanabe [Mon, 6 Jan 2025 08:26:52 +0000 (17:26 +0900)]
core/device: do not drop backslashes in SYSTEMD_WANTS=/SYSTEMD_USER_WANTS=
Let consider the following udev rules:
===
PROGRAM="/usr/bin/systemd-escape foo-bar-baz", ENV{SYSTEMD_WANTS}+="test1@$result.service"
PROGRAM="/usr/bin/systemd-escape aaa-bbb-ccc", ENV{SYSTEMD_WANTS}+="test2@$result.service"
===
Then, a device expectedly gains a property:
===
SYSTEMD_WANTS=test1@foo\x2dbar\x2dbaz.service test2@aaa\x2dbbb\x2dccc.service
===
After the event being processed by udevd, PID1 processes the device, the
property previously was parsed with extract_first_word(EXTRACT_UNQUOTE),
then the device unit gained the following dependencies:
===
Wants=test1@foox2dbarx2dbaz.service test2@aaax2dbbbx2dccc.service
===
So both '%i' and '%I' for the template services did not match with the original
data, and it was hard to use systemd-escape in PROGRAM= udev rule token.
This makes the property parsed with extract_first_word(EXTRACT_UNQUOTE|EXTRACT_RETAIN_ESCAPE),
hence the device unit now gains the following dependencies:
===
Wants=test1@foo\x2dbar\x2dbaz.service test2@aaa\x2dbbb\x2dccc.service
===
and '%I' for the template services match with the original data.
wrvsrx [Sat, 7 Dec 2024 02:32:15 +0000 (10:32 +0800)]
efivars: deal with uncommitted efi variables
Unfortunately kernel reports EOF if there's an inconsistency between efivarfs var list
and what's actually stored in firmware, c.f. #34304. A zero size env var is not allowed in
efi and hence the variable doesn't really exist in the backing store as long as it is zero
sized, and the kernel calls this "uncommitted". Hence we translate EOF back to ENOENT here,
as with kernel behavior before
https://github.com/torvalds/linux/commit/3fab70c165795431f00ddf9be8b84ddd07bd1f8f
If the kernel changes behaviour (to flush dentries on resume), we can drop
this at some point in the future. But note that the commit is 11
years old at this point so we'll need to deal with the current behaviour for
a long time.
Daan De Meyer [Fri, 24 Jan 2025 16:28:15 +0000 (17:28 +0100)]
HACKING: Move OBS section further down
HACKING.md should first and foremost tell someone how to hack on
systemd, installing packages from OBS isn't the most likely section
a new contributor will be interested in, so let's move it further
down.
Daan De Meyer [Fri, 24 Jan 2025 09:54:51 +0000 (10:54 +0100)]
mkosi: Drop usage of _systemd_QUIET in arch build script
We dropped the variable in the packaging specs for Arch to keep the
integration points as minimal as possible so let's stop using it in
the build script as well.
Daan De Meyer [Wed, 22 Jan 2025 14:58:13 +0000 (15:58 +0100)]
mkosi: Update to latest
With the latest mkosi, mkosi takes care of making sure it is
available within mkosi sandbox so we get rid of all the --preserve-env=
options when we invoke mkosi sandbox with sudo as these are not
required anymore. It also doesn't matter anymore if mkosi is installed
in /usr on the host so we get rid of the documentation around that as
well.
Daan De Meyer [Wed, 22 Jan 2025 21:24:36 +0000 (22:24 +0100)]
mkosi: Run two more mkosi commands with sudo
Running some mkosi commands as root and other not can lead to cache
invalidations with the latest version, so make sure we run everything
as root after we've built the tools tree.
Daan De Meyer [Wed, 22 Jan 2025 13:55:45 +0000 (14:55 +0100)]
test: Make sure we run lcov from the meson source directory
In ac75c5192797082c1965ab30be4711490f2937bc, we accidentally changed
the working directory that the tools executed in the wrapper script
are invoked in. This broke our invocations of lcov. Let's explicitly
run those in the meson source directory again to fix the coverage
workflow.
projects / thirdparty / systemd.git / log
