condition: check for last not first ')' in firmware test expressions
I possess a machine with ')' in its BIOS version string, which will
cause the current parser to mistake it as the closing ')' of the
smbios-fields() expression.
Let's make sure we always fo for the last, not the first ')', hence.
getopt allows non-ambiguous abbreviations, so backwards-compat is maintained, and
people can use --kill-who (or even shorter abbreviations). English is flexible,
so in common speach people would use both forms, even if "whom" is technically
more correct. The advantage of using the longer form in the code is that we
effectively allow both forms, so we stop punishing people who DTGCT¹, but still
allow people to use the spoken form if they prefer.
journal: rename special journal field _SYSTEM_CONTEXT= → _RUNTIME_SCOPE=
Previously the field "_SYSTEM_CONTEXT" knew he values "initrd" + "main". Let's change
this to "_RUNTIME_SCOPE" and "initrd" + "system".
Why? The sysext logic has a very similar concept of "scopes", declaring
whether a sysext image is intended for the initrd or the main system.
Let's thus use the same naming for both.
sysext's extension-release files hence know SYSEXT_SCOPE=initrd|system,
and the journal messages know _RUNTIME_SCOPE=initrd|system, which makes
this reasonably systematic.
Yu Watanabe [Thu, 25 Aug 2022 15:16:17 +0000 (00:16 +0900)]
udev: certainly restart event for previously locked device
If udevd receives a uevent for a locked block device, then the event
is requeued. However, the queued event will be processed only when at
least one sd_event_source is processed. Hence, if udevd has no event
under processing, or receives no new uevent, etc., then the requeued
event will be never processed.
Devendra Tewari [Wed, 24 Aug 2022 10:13:04 +0000 (07:13 -0300)]
systemd-growfs: remove dependency on udev symlinks
systemd-growfs currently requires that udev ran first to work (because
/dev/block/ symlinks must exist) but that is not what happens when
we're not using initrd and systemd is PID1.
time-util: fix overflow condition in usec_sub_signed()
If the delta specified is INT64_MIN, and we negate that we'd end up at
INT64_MAX+1 which is outside of the int64_t type. Hence let's treat this
case specifically to avoid unintended overflows.
Franck Bui [Tue, 23 Aug 2022 15:07:23 +0000 (17:07 +0200)]
core: allow disabling system time correction if rtc returns time far in the future
There might be (embedded) systems that get never updated (things like
e.g. entertainment systems of trains, for example) and where the adjustment of
the system clock (introduced by b10abe4bba61aebe4c667c412741193f11886298) would
do the wrong thing even if the difference between the systemd build time and
the rtc is 15 years or more.
This patch allows disabling the adjustment by setting
'clock-valid-range-usec-max' meson option to 0 or to a negative value.
The check of u==UID_NOBODY is just a register comparison, but
synthesize_nobody() requires a system call, so let's invert the order in the
condition. Since most calls into this module are not for nobody, we should
save one syscall in the common case.
various: try to use DEFAULT_USER_SHELL for root too
/bin/sh as a shell is punishing. There is no good reason to make
the occasional root login unpleasant.
Since /bin/sh is usually /bin/bash in compat mode, i.e. if one is
available, the other will be too, /bin/bash is almost as good as a default.
But to avoid a regression in the situation where /bin/bash (or
DEFAULT_USER_SHELL) is not installed, we check with access() and fall back
to /bin/sh. This should make this change in behaviour less risky.
(FWIW, e.g. Fedora/RHEL use /bin/bash as default for root.)
This is a follow-up of sorts for 53350c7bbade8c5f357aa3d1029ef9b2208ea675,
which added the default-user-shell option, but most likely with the idea
of using /bin/bash less ;)
sysusers: do not warn about values that equivalent
We'd warn that "-" and "/sbin/nologin" are different, even even though
"/sbin/nologin" is the default we'd use. So let's stop warning in all cases
where the config would lead to the same file, also under different paths,
or when both shells are nologin shells.
The general idea is to avoid warnings when sysusers config is moved between
packages (and not exactly the same), or when it is generated from some template
and the details change in an unimportant way.
We try to chase symlinks. This means that on unmerged-usr systems we'll find
that e.g. /usr/bin/bash and /bin/bash are equivalent if the basic fs structure
is already in place (bash doesn't actually have to be installed, enough that
the /bin symlink exists). I think this is a good result: after all, /bin/bash
and /usr/bin/bash *may* be different things on an unmerged-usr system.
core: escape ExecStart command-line received over d-bus
When some transient unit setting is received over D-Bus, we write it it to a
transient unit file. We escape backslashes and specifiers. For most settings
this is enough, because most settings only do parsing and interpolation of
specifiers. When systemd-run is called (or something equivalent that gives us a
command strv), we write ExecStart=, but when reading it, we not only do parsing
and interpolation of specifiers, but also split on semicolons and do variable
substitution. This results in an ugly situation where the commandline is
interpolated twice, once on the caller side, and once in the manager.
I think we need to treat this as a bug: current behaviour seems to be an
accident of implementation and hard to explain in a reasonable way. If we
*were* doing specifier expansion, then it'd be somewhat reasonable so say that
"the commandline is handled the same as ExecStart=". But since we explicitly
prevent specifier expansion, we best we could say is "the commandline has some
subset of features of ExecStart=". I think this is not useful, and unexpected
by users. Since most people use use a shell to call systemd-run, one level of
variable expansion is already done on the caller side, and having to take into
account another level of expansion (with slightly different rules), creates a
big mental overhead when the commandline needs to include a dollar character or
such. Not doing any expansion is much cleaner and easier to explain or use.
Thus I think it's better to change behaviour here, even though in principle
some people could be relying on current behaviour. I think it's more likely
that nobody noticed, because people generally don't use systemd-run for
complicated commandlines.
Thus this commit adds an additional mode of escaping that prevents variable
explansion and other elements of ExecStart= syntax. I looked over all the
places where unit_escape_setting() is called, and I think that only two need to
be changed to use the new flag.
David Jaša [Tue, 23 Aug 2022 21:58:09 +0000 (23:58 +0200)]
check-os-release.py compatible with Python < 3.8
The ":=" operator was only added in Python 3.8 so splitting the line with it into two makes check-os-release.py actually fulfill its claim of working with any python version.
Luca Boccassi [Tue, 2 Aug 2022 19:07:35 +0000 (20:07 +0100)]
service: set TRIGGER_UNIT= and TRIGGER_PATH= on activation by path unit
When a service is triggered by a path unit, pass the
path unit name and the path that triggered it via env vars
to the spawned processes.
Note that this is best-effort, as there might be many triggers
at the same time, but we only get woken up by one.
Luca Boccassi [Tue, 2 Aug 2022 18:49:20 +0000 (19:49 +0100)]
core: add basic infrastructure to record unit activation information
Not wired in by any unit type yet, just the basic to allocate,
ref, deref and plug in to other unit types.
Includes recording the trigger unit name and passing it to the
triggered unit as TRIGGER_UNIT= env var.
See https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=25a0bc2dfc2ea732f40af2dae52426ead66ae76e
Effectively, "System" and "Unkown" are passed through, "Device" is rejected.
Interestingly, the return condition 'on_ac_power == found_online || !found_offline'
was there from the very beginning, and even Yu's latest change doesn't change this,
but only extends it to 'on_ac_power == found_online || !found_offline || !found_battery'.
This means that any system with no AC power supply will be unconditionally classified
as on_ac_power.
Let's change the logic: if we have an online AC supply, answer is "yes". If no
supplies, but we have a battery, answer is "no". Otherwise, assume "yes", based
on the assumption that presense of a battery would at least be always reported,
even if an AC power supply might not be.
Fixes #24407. It also shouldn't impact previous fixes: assume ac when
/sys/class/power_supply is missing, ignore USB-C ports in power source mode,
assume system is running on AC power when no battery found.
sd-device: add helper to read a unsigned int attribute
There are dozens of places where this could be used, but I don't
want to do the conversion now because it's quite a bit of work.
I think we could export this function later on, because reading
numerical attributes is so common. But for now, I'm just adding the
helper to use it one place.
Daan De Meyer [Mon, 22 Aug 2022 11:21:07 +0000 (13:21 +0200)]
mkosi: Ensure we build all features/components in mkosi
Explicitly enable all features/components in the mkosi build to
ensure they all get built and we get an error if they can't be built.
We also rework the packages sections of all mkosi configs to reduce
duplication and cover all the dependencies necessary to build/use all
systemd features.
Note that for the final image, since systemd is installed by default
in base images, we rely on that to install the base library dependencies
and we only list extra optional dependencies and tools that aren't already
installed by default into the base image.
We also drop the centos stream 8 mkosi build as dependencies on that
distro are too out-of-date to be able to build all systemd features.
Since centos stream 9 has been out for a while, let's focus on that
and leave it to downstream to keep systemd building on centos stream 8.
Finally, there's a few additions to the mkosi scripts to make sure
services don't start by default on boot.
Frantisek Sumsal [Mon, 22 Aug 2022 20:04:51 +0000 (22:04 +0200)]
test: install /etc/default/knot if available as well
The knot.service on Ubuntu Jammy loads an env file which we didn't
install, causing the service to fail:
```
knot.service: Will spawn child (service_enter_start_pre): /usr/sbin/knotc
knot.service: Failed to load environment files: No such file or directory
knot.service: Failed to run 'start-pre' task: No such file or directory
knot.service: Failed with result 'resources'.
knot.service: Service will not restart (restart setting)
```
Jan Janssen [Wed, 10 Aug 2022 07:47:42 +0000 (09:47 +0200)]
meson: Downgrade efi-ld warning
The warning isn't that serious and mostly there to inform the user that
lld/mold cannot build efi binaries. It is also better to build test with
fatal meson warnings.
The general idea is that users should be able to figure out if some option
that they see in a config file or on some internet page is something that
systemd knows about. Once users know that, yes, this was an option but has
been deprecated and removed from the documentation, it's much easier for them
to find any docs in old versions if they want to. Or to switch to something
different.
measure: add --current switch for "systemd-measure calculate"
This allows allows shortcutting measurements of the specified files and
use the information from /sys/ instead.
This is not too useful on its own given that "systemd-measure status"
already exists which displays the current, relevant PCR values. The main
difference is how "complete" the information is. "status" will detect if
the measurements make any sense, and show more than PCR 11. "calculate
--current" otoh only reads PCR 11 and uses that, and that's really it.
This is mainly preparation for later work to add PCR signing to the
tool, where usually it makes most sense to sign prepared kernel images,
but for testing it's really useful to shortcut signing to the current
PCR values instead
tree-wide: use path_join() instead of prefix_roota() in various cases
prefix_roota() is something we should stop using. It is bad for three
reasons:
1. As it names suggests it's supposed to be used when working relative
to some root directory, but given it doesn't follow symlinks (and
instead just stupidly joins paths) it is not a good choice for that.
2. More often than not it is currently used with inputs under control of
the user, and that is icky given it typically allocates memory on the
stack.
3. It's a redundant interface, where chase_symlinks() and path_join()
already exist as better, safer interfaces.
Hence, let's start moving things from prefix_roota() to path_join() for
the cases where that's appropriate.
projects / thirdparty / systemd.git / log
