The commit 846f1da465beda990c1c01346311393f485df467 made systemd.unit=
filtered out from the command line. That causes debug-generator does not
work as expected on daemon-reexecute, and we cannot call `systemctl
daemon-reexecute` in our test suite running on nspawn.
Fixes issue reported in https://github.com/systemd/systemd/pull/23851#issuecomment-1170992052.
units: add IgnoreOnIsolate=yes to systemd-journald too
We already had it on the socket units, so it's possible that
systemd-journald.service would be stopped and then restarted when trafic hits
the sockets when something logs. Let's not try to stop it. It is supposed to
run until the end and be eventually killed in the final killing spree.
Currently kde installs a fake utmp session to listen for this. This provides an
alternative mechanism as discussed in #23574.
Example with 'shutdown 6 -r' and shutdown -c':
PRIORITY=6
SYSLOG_FACILITY=4
SYSLOG_IDENTIFIER=systemd-logind
...
CODE_FILE=src/login/logind-utmp.c
CODE_LINE=90
CODE_FUNC=warn_wall
MESSAGE_ID=9e7066279dc8403da79ce4b1a69064b2
OPERATOR=root
MESSAGE=The system will reboot at Thu 2022-06-30 12:16:43 CEST!
ACTION=reboot
PRIORITY=5
SYSLOG_FACILITY=4
SYSLOG_IDENTIFIER=systemd-logind
...
OPERATOR=root
CODE_FILE=src/login/logind-dbus.c
CODE_LINE=2407
CODE_FUNC=method_cancel_scheduled_shutdown
MESSAGE=System shutdown has been cancelled
MESSAGE_ID=249f6fb9e6e2428c96f3f0875681ffa3
ACTION=reboot
We have RxBufferSize= and TxBufferSize= in .link files. Let's use the same
abbreviation here. OTOH, "inc" could be short for "increment" or "increase",
let's avoid that.
sd-event: let sd_event_source_set_enabled accept NULL
Same story as before: disabling a non-existent event source shouldn't
need to be guarded by an if. I retained the wrapper so that that we don't
have to say SD_EVENT_OFF in the many places where this is called.
sd-event: allow sd_event_source_is_enabled() to return false for NULL
This is a natural use case, and instead of defining a wrapper to do this
for us, let's just make this part of the API. Calling with NULL was not
allowed, so this is not a breaking change to the interface.
(After sd_event_source_is_enabled was originally added, we introduced
sd_event_source_disable_unref() and other similar functions which accept
NULL. So not accepting NULL here is likely to confuse people. Let's just
make the API usable with minimal fuss.)
sd-netlink: allow sd_netlink_message_read() to be used for union types
Before, sd_netlink_message_read() expected to fill a buffer completely,
and would return -EIO if the attribute being read was shorter than the
buffer. This means that the function can be used to "peek" into attributes
(by specifying a short buffer to just read part of the attribute), but
cannot be used to read something into a union without knowing beforehand
which specific field in the union is being filled. That latter operation
seems more useful (messages are short, so we don't really need to do partial
reads), so let's allow reads that don't fill the output buffer completely.
In places the text was overly formal, e.g. "an 128-bit ID" was repeated, even
though it is clear from the context that we're talking about this type of ID.
OTOH, in other places the text was informal, e.g. "You can use …".
Also, "you may use f() to frob" → "f() frobs". The text without all the
flourishes is easier to read.
sd_id128_in_set_sentinel() was described only in passing when taking about
sd_id128_in_set(), now it gets is own brief paragraph.
sd-id128: rename and export sd_id128_string_equal()
We find this function useful in our code, so no reason not to export it.
I changed the order of last two words in the name to match the arguments.
(With "equal_string" I expected sd_id128_t first, string second, but in
actual use, the second argument is usually a long constant so it's nice
to keep this order of arguments.)
The usual: if we find that function useful, other users of the library
will too. In particular, the v-variants are necessary to build pass-thru
wrappers.
It had two symbols which were not actually exported because they were not
listed in libsystemd.sym. They were also entirely unused in our codebase.
I don't think it makes much sense to export just those two functions, and
it doesn't make to build a string processing library in systemd either.
History of the file shows that it was created in faaa5728d956b7f0d24f27f3341d0b9fff30af00 'utf8: export utf8 validation functions as part of sd-bus'
and hasn't gone even one non-trivial change since then ;)
It was added originally in 65f568bbeb9b8c70200e44c19a797df3a0bfd485. The API is
has stabilized pretty much, and generally follows the usual style for
libsystemd. We've held it as a public-but-private library for almost 10 years,
let's export it.
sd_netlink_sendv() and sd_nfnl_nft_*() are excluded.
Before we had the following scheme:
mempool_enabled() would check mempool_use_allowed, and
libsystemd-shared would be linked with a .c file that provides mempool_use_allowed=true,
while other things would linked with a different .c file with mempool_use_allowed=false.
In the new scheme, mempool_enabled() itself is a weak symbol. If it's
not found, we assume false. So it only needs to be provided for libsystemd-shared,
where it can return false or true.
test-set-disable-mempool is libshared, so it gets the symbol. But then we
actually disable the mempool via envvar. mempool_enable() is called to check
its return value directly.
The function `data_object_in_hash_table()` calls
`journal_file_move_to_object()` with `OBJECT_DATA`. Hence,
previously obtained pointer to a data object may be now invalid.
Piotr Drąg [Sun, 12 Jun 2022 12:48:04 +0000 (14:48 +0200)]
po: add a false positive to POTFILES.skip
Scripts used to detect files that should be in POTFILES.in, like
intltool-update -m used on https://l10n.gnome.org/module/systemd/,
falsely detect this file as containing translations. Avoid this
behavior by putting the file in POTFILES.skip.
Jan Janssen [Mon, 27 Jun 2022 09:04:57 +0000 (11:04 +0200)]
boot: Use stdbool
The way the UEFI spec defines BOOLEAN is fully compatible to stdbool, so
it is perfectly safe to switch to it. Although any other values than 0/1
are undefined by the spec, we could theoretically have cases where a
sloppy firmware hands us a bad BOOLEAN (since gnu-efi/edk2 declare it
as uint8_t). So any uses where we pass a pointer to BOOLEAN are left
untouched.
Jan Janssen [Fri, 24 Jun 2022 09:00:43 +0000 (11:00 +0200)]
boot: Remove use of EFI_ERROR
The macro is ugly and annoying to use and provides no real benefit. The
only reason to use it would be to allow warnings to go through. But any
EFI APIs we call do not return warning status codes or we do not check
the return value anyway. The only other case would be BS->StartImage,
where we already treat anything other than EFI_SUCCESS as an error
anyway.
This also helps the compiler and code analyzers to better reason about
the code. In particular, this can help reduce use of uninitialized
variable warnings.
Jan Janssen [Fri, 24 Jun 2022 08:45:52 +0000 (10:45 +0200)]
fundamental: Remove types-fundamental.h
This removes the fundamental typedefs in favor of just using standard C
types. These are all used internally anyway and also do not do anything
special to warrant any redefinition to EFI types.
Even for BOOLEAN we can safely use stdbool. The defition from the EFI
specification is fully compatible, including making any other values
than 0/1 as undefined.
The exception is sd_char as those need to be char16_t. The typedef is
moved to string-util-fundamental.h instead.
Frantisek Sumsal [Sun, 26 Jun 2022 18:57:31 +0000 (20:57 +0200)]
test: run TEST-21 in nspawn only if $TEST_PREFER_NSPAWN is set
so we can run it under nspawn in CIs which don't support nested KVM, but
avoid running it twice (both under nspawn and qemu) in CIs which support
both methods.
It should turn on the "restricted" mode by default regardless of
whether the global setting is on or not. New jobs in this action
should have to overwrite it explicitly to gain write access in any
way.
It should also make the action consistent with the other actions
writing various stuff like 'labeler' and 'codeql'.
Jan Macku [Fri, 10 Jun 2022 05:30:42 +0000 (07:30 +0200)]
github: Update issue templates to issue forms
Issue forms templates allow us to add automation in place.
This patch replaces old markdown issue templates with new issue forms.
It also adds workflow to automatically mark issues by component label
based on reported data.
This change could help with initial triaging of issues.
David Tardon [Fri, 10 Jun 2022 13:07:01 +0000 (15:07 +0200)]
logind-session-dbus: allow to set display name via dbus
Currently, the only way to set display name of a graphical session is to
pass it to CreateSession(). But modern display managers like gdm start
the display server as part of the user session, which means that the
display name isn't known yet when the session is being created. Hence,
let's make it possible to set it later.
The PR was merged without final approval, and has several issues:
- The NetLabel for static addresses are not assigned, as labels are
stored in the Address objects managed by Network, instead of Link.
- If NetLabel is specified for a static address, then the address
section will be invalid and the address will not be configured,
- It should be implemented with Request object,
- There is no test about the feature.
The PR was merged without final approval, and has several issues:
- OSS fuzz reported issues in the conf parser,
- It calls synchrnous netlink call, it should not be especially in PID1,
- The importance of NFTSet for CGroup and DynamicUser may be
questionable, at least, there was no justification PID1 should support
it.
- For networkd, it should be implemented with Request object,
- There is no test for the feature.
Maximum attempts to send mDNS requests is one except for probe requests, which should be attempted thrice.
Implemented fix to account for the difference between regular queries and probe requests, and prevent
even regular queries from being attempted thrice.
See RFC 6762 Section 8.1
Łukasz Stelmach [Tue, 21 Jun 2022 10:12:01 +0000 (12:12 +0200)]
core: Fix memory leaks
arg_early_core_pattern and arg_watchdog_device hold pointers to memory
allocated with strdup() (inside path_make_absolute_cwd). The memory needs
to be freed in reset_arguments() during reload rather than forgotten.
Alban Bedel [Wed, 15 Jun 2022 11:12:46 +0000 (13:12 +0200)]
units: remove the restart limit on the modprobe@.service
They are various cases where the same module might be repeatedly
loaded in a short time frame, for example if a service depending on a
module keep restarting, or if many instances of such service get
started at the same time. If this happend the modprobe@.service
instance will be marked as failed because it hit the restart limit.
Overall it doesn't seems to make much sense to have a restart limit on
the modprobe service so just disable it.
projects / thirdparty / systemd.git / log
