homework: upload home password into kernel keyring if needed
If we do automatic disk space rebalancing, we must be able to unlock the
encrypted volume for that in the background, thus we need to decryption
key around in userspace. Let's do this via the kernel keyring. This
allows us to do this in a relatively secure way, so that it sticks
around between homework invocations, but still is destroyed
automatically when homed goes down.
resolved: properly signal transient errors back to NSS stack
NSS mostly knows four error cases: SUCCESS, NOTFOUND, UNAVAIL, TRYAGAIN,
and they can all be used in nsswitch.conf to route requests.
So far nss-resolve would return SUCCESS + NOTFOUND + UNAVAIL. Let's also
return TRYAGAIN in some cases, specifically the ones where we are
currntly unable to resolve a request but likely could later. i.e.
errors caused by networking issues or such.
This beefs up the DNS stub logic to listen on two IP addresses:
127.0.0.53 (as before) + 127.0.0.54 (new). When the latter is contact
our stub will operate in "bypass" mode only, i.e we'll try to pass DNS
requests as unmodified upstream as we can (and not do mDNS/LLMNR and
such, also no DNSSEC validation – but we'll still do DNS-over-TLS
wrapping).
This is supposed to be useful for container environments or tethering:
this stub could be exposed (via NAT redirect) to clients of this system
and we'll try to stay out of the way with doing too much DNS magic
ourselves, but still expose whatever the current DNS server is from
upstream under a stable address/port.
Luca Boccassi [Mon, 22 Nov 2021 13:09:38 +0000 (13:09 +0000)]
Merge pull request #21357 from mbd98/usr-verity-auto
veritysetup-generator, fstab-generator: Setup and mount usr verity device when 'usrhash' (and optionally systemd.verity_usr_*) is present as kernel command line parameter
Robert-L-Turner [Mon, 22 Nov 2021 11:43:44 +0000 (19:43 +0800)]
FIDO2 device removal instructions (#21426)
* man: document FIDO2 device removal
Indicate to users how to remove FIDO2 device in the --fido2-device=path section by setting path to an empty string (""). Tested on systemd 249 (249.6-3-arch)
analyze: fix printing config when there is no main config file
Since 8b8024f1c231c166f5c450905c8fd91d11704ae7 and the follow-up commits, the
main config file may be located in /usr or in other paths. But the code in
analyze.c was still assuming that it must be in /etc. Things mostly worked for
our own config files because we usually install a comments-only file in /etc,
but was not correct in the general case.
This fixes in particular 'systemd-analyze cat-config systemd/zram-generator.conf'.
In Fedora we distribute a config file in zram-generator-defaults.rpm that is in
/usr/lib, and 'cat-config' would refuse to show it because
/etc/systemd/zram-generator.conf does not exist.
The main config file is optional, but let's print an informative message
because this is a slightly unusual case.
The file paths that we printed were missing the root prefix.
core: prefix functions to avoid identical static function names
The function name `method_reload` is used both in dbus-unit.c and
dbus-manager.c for static functions.
With the previous addition of adding the function name to the audit
information on SELinux denials, rename the one (and its relatives) in
dbus-unit.c as most of the functions in src/core/dbus-unit.c are already
prefixed with `bus_unit_`.
selinux: name mac_selinux_generic_access_check as internal function
`mac_selinux_generic_access_check()` should not be called directly, only
via the wrapper macros `mac_selinux_access_check` and
`mac_selinux_unit_access_check`.
Include the systemd C function name in the audit message to improve the
debug ability on denials.
Similar like kernel denial messages include the syscall name.
Vito Caputo [Wed, 17 Nov 2021 01:03:15 +0000 (17:03 -0800)]
mmap-cache: simplify API around MMapFileDescriptor
MMapFileDescriptor carries a reference to its originating
MMapCache, there's no value in supplying the
MMapFileDescriptor-centric functions a separate MMapCache.
A future commit will rename these functions to consistently use
an mmap_cache_fd_* prefix for improved clarity.
> As some downstream projects are already using the UUID as in the docs, most
> notably util-linux [1], we should adjust code to match doc; no shipping
> LoongArch systems are using upstream systemd, and no open-source distro is
> merging LoongArch support yet, so the change should break no one. This also
> matches the work being done by @yetist at loongarch64/systemd#7.
shared/gpt: add entries for a bunch of architectures
I don't think we want people to send us pull requests over the next two years.
Let's just make something up ourselves, this is going to have at least as good
results, and will be much quicker.
Note that this only includes architectures for which there's some indication
that they are in active use. In architecture.h there are some more esoteric
ones like ARC_BE. We can add those if there's some actual user demand.
In particular, I included everything on the Debian "List of official ports" [1]
and a few other arches that we have received patches for in recent times.
This is based on the information in #14311 and
https://refspecs.linuxfoundation.org/LSB_3.2.0/LSB-Core-S390X/LSB-Core-S390X.pdf
and https://wiki.debian.org/Multiarch/Tuples.
https://wiki.debian.org/ArchitectureSpecificsMemo shows the triplet, but no the
linker paths. I used the linker path from Fedora, but I can't look up the
linker paths for BE and 32 bit. At least the ifdef scaffolding is provided, so
it should be trivial to fill in if somebody has access to such a system.
shared/base-filesystem: add (empty) iffdery for the table
I think this is going to be very annoying for our downstream maintainers.
Let's at least provide the ifdef scaffolding so that only filling in the
actual entries remains. The structure is copied from missing_syscall.h.
oss-fuzz: move apt-gets and pips to the systemd repository
to be able to control our dependencies right here without
sending PRs like https://github.com/google/oss-fuzz/pull/5199 and
https://github.com/google/oss-fuzz/pull/5601.
It should also allow us to pin meson to let Dependabot keep track of
it and jump from one version to another without breaking anything
Yu Watanabe [Thu, 18 Nov 2021 20:12:35 +0000 (05:12 +0900)]
network: always try to reconfigure when carrier gained
When networkd detects a wlan interface, the interface may not be
connected to any access point, and may enter the unmanaged state.
After the interface connected to an access point, previously networkd
did not reconfigure the interface. This fixes the issue.
test: extend homed test to test home dir "maximization"
This moves the backing store to a separate tmpfs which we can nicely put
a size limit on to make sure we can test maximization sanely: if we ask
for the home dir to be grown really large it should effectively only be
grown until the size of the backing tmpfs.
(While we are at it, also set a cheaper KDF so that we don't waste CI
cycles for password hashing that aren#t secure anyway.)
homework: make it safe to invoke home_setup_luks() twice in a row
Being able to invoke the call twice on the same HomeSetup object will
simplify auto-growing/auto-shrinking since we can issue a resize
operatio directly from activate/deactivate
homework: make destroying of HomeSetup optional when resizing
This will be useful when we want to issue a resize operation right when
activating, where the HomeSetup object should be destroyed only after
both activation is done.
Daan De Meyer [Wed, 17 Nov 2021 16:44:21 +0000 (16:44 +0000)]
journal: Use separate variable for Data object in sd_journal_get_data()
A little cleanup to make the next change easier. We're not moving to a
new Entry object in the for loop so there's no danger of changing the
Entry object window.
Daan De Meyer [Wed, 17 Nov 2021 15:54:35 +0000 (15:54 +0000)]
journal: Skip over corrupt entry items in enumerate_data()
Similar to sd_journal_next(), if trying to access an entry item
offset's data results in EBADMSG, skip to the next entry item so
we handle corruption better.
Yu Watanabe [Thu, 18 Nov 2021 20:36:44 +0000 (05:36 +0900)]
network: do not clear map from alternative names to link when IFLA_PROP_LIST attribute is not contained
No IFLA_PROP_LIST attribute contained does not means the interface
has no alternative name.
E.g. the message created by inet6_fill_ifinfo() in net/ipv6/addrconf.c
does not contain IFLA_PROP_LIST.
Frantisek Sumsal [Thu, 18 Nov 2021 16:19:03 +0000 (17:19 +0100)]
test: make the diff regex BRE-compatible
Since the GNU `diff` utility uses grep-style regular expressions[0], which
use the BRE style, we need to tweak the regex to make it work properly
(most notably - in BRE the meta characters need to be escaped).
```
$ diff a b
21c21
< Volume Key: 256bit
---
> Volume Key: 257bit
25c25
< Disk Ceiling: 323.2M
---
> Disk Ceiling: 323.1M
$ diff -I '^\s*Disk (Size|Free|Floor|Ceiling):' a b
21c21
< Volume Key: 256bit
---
> Volume Key: 257bit
25c25
< Disk Ceiling: 323.2M
---
> Disk Ceiling: 323.1M
$ diff -I '^\s*Disk \(Size\|Free\|Floor\|Ceiling\):' a b && echo OK
21c21
< Volume Key: 256bit
---
> Volume Key: 257bit
```
Daan De Meyer [Mon, 11 Oct 2021 13:05:08 +0000 (14:05 +0100)]
journal: Don't discard kmsg messages coming from journald itself
Previously, we discarded any kmsg messages coming from journald
itself to avoid infinite loops where potentially the processing
of a kmsg message causes journald to log one or more messages to
kmsg which then get read again by the kmsg handler, ...
However, if we completely disable logging whenever we're processing
a kmsg message coming from journald itself, we also prevent any
infinite loops as we can be sure that journald won't accidentally
generate logging messages while processing a kmsg log message.
This change allows us to store all journald logs generated during
the processing of log messages from other services in the system
journal. Previously these could only be found in kmsg which has
low retention, can't be queried using journalctl and whose logs
don't survive reboots.
meson: add check:true/false to all run_command() invocations
meson-0.59.4-1.fc35.noarch says:
WARNING: You should add the boolean check kwarg to the run_command call.
It currently defaults to false,
but it will default to true in future releases of meson.
See also: https://github.com/mesonbuild/meson/issues/9300
We were already asserting that the intmax_t and uintmax_t types
are the same as int64_t and uint64_t. Pretty much everywhere in
the code base we use the latter types. In principle intmax_t could
be something different on some new architecture, and then the code would
fail to compile or behave differently. We actually do not want the code
to behave differently on those architectures, because that'd break
interoperability. So let's just use int64_t/uint64_t since that's what
we indend to use.
projects / thirdparty / systemd.git / log
