Jan Janssen [Tue, 30 Aug 2022 07:28:56 +0000 (09:28 +0200)]
tree-wide: Fix format specifier warnings for %x
Unfortunately, hex output can only be produced with unsigned types. Some
cases can be fixed by producing the correct type, but a few simply have
to be cast. At least casting makes it explicit.
Topi Miettinen [Sat, 20 Aug 2022 17:52:48 +0000 (20:52 +0300)]
network: NetLabel integration
New directive `NetLabel=` provides a method for integrating static and dynamic
network configuration into Linux NetLabel subsystem rules, used by Linux
Security Modules (LSMs) for network access control. The label, with suitable
LSM rules, can be used to control connectivity of (for example) a service with
peers in the local network. At least with SELinux, only the ingress can be
controlled but not egress. The benefit of using this setting is that it may be
possible to apply interface independent part of NetLabel configuration at very
early stage of system boot sequence, at the time when the network interfaces
are not available yet, with netlabelctl(8), and the per-interface configuration
with systemd-networkd once the interfaces appear later. Currently this feature
is only implemented for SELinux.
The option expects a single NetLabel label. The label must conform to lexical
restrictions of LSM labels. When an interface is configured with IP addresses,
the addresses and subnetwork masks will be appended to the NetLabel Fallback
Peer Labeling rules. They will be removed when the interface is
deconfigured. Failures to manage the labels will be ignored.
With the above rules for interface `eth0`, when the interface is configured with
an IPv4 address of 10.0.0.123/8, `systemd-networkd` performs the equivalent of
`netlabelctl` operation
Wenchao Hao [Sun, 28 Aug 2022 08:44:56 +0000 (16:44 +0800)]
scsi_id: retry inquiry ioctl if host_byte is DID_TRANSPORT_DISRUPTED
The inquiry is issued to kernel via ioctl, kernelspace would set
this inquiry command's retry count to 0 which means the command
would not be retried in kernel space even if the LLDs returned
a status which need to be retried. So we should take the retry
in user space.
After `losetup --detach`, the kernel lazily removes the loop device.
But, systemd-dissect should gracefully handle that. If it does not, then
it is a bug in systemd-dissect.
Let's not hide the real issue in systemd-dissect.
Frantisek Sumsal [Fri, 26 Aug 2022 16:45:38 +0000 (18:45 +0200)]
test: fix delv trust anchors location on Ubuntu
delv on Ubuntu defaults to /etc/bind/bind.keys instead of /etc/bind.keys
when reading trust anchors, so let's create a symlink to make the test
work there as well.
Frantisek Sumsal [Fri, 26 Aug 2022 14:19:42 +0000 (16:19 +0200)]
test: set the default QEMU and nspawn timeouts to 30 minutes
Set both timeouts to some reasonable values instead of just `infinity`
to provide some form of a safe-net in case the test goes haywire and the
environment didn't set the timeouts itself (like our CIs do).
Frantisek Sumsal [Fri, 26 Aug 2022 14:17:11 +0000 (16:17 +0200)]
test: respect the global $QEMU_TIMEOUT
CIs set QEMU and nspawn timeouts by themselves which reflect their needs
and possibilities, so let's respect that value, instead of using one
pre-set value which might or might not work for all of them.
Both Ubuntu CI and CentOS CI set these values themselves.
Frantisek Sumsal [Fri, 26 Aug 2022 13:59:37 +0000 (15:59 +0200)]
test: use a unique machine name for each nspawn test
to avoid scope clashing in case some previous test crashed and/or didn't
clean up properly. Currently all test machines are called `root`, since
the name is automagically derived from the container path (in this case
`/var/tmp/systemd-test.XXXXXX/root`).
E.g. (from Ubuntu CI):
```
[23:10:12] --x-- Running TEST-71-HOSTNAME --x--
make: Entering directory '/tmp/autopkgtest.5LjnBV/build.0mE/systemd/test/TEST-71-HOSTNAME'
+ make -C TEST-71-HOSTNAME setup run
TEST-71-HOSTNAME SETUP: test hostnamed
Reusing existing cached image /tmp/autopkgtest.5LjnBV/build.0mE/systemd/test/TEST-71-HOSTNAME/../default.img → /tmp/autopkgtest.5LjnBV/build.0mE/systemd/test/default.img
'/var/tmp/systemd-test.1yy2SS/default.img' -> '/tmp/autopkgtest.5LjnBV/build.0mE/systemd/test/default.img'
I: Masking supporting services
'/var/tmp/systemd-test.1yy2SS/root/etc/systemd/system/systemd-hwdb-update.service' -> '/dev/null'
'/var/tmp/systemd-test.1yy2SS/root/etc/systemd/system/systemd-journal-catalog-update.service' -> '/dev/null'
'/var/tmp/systemd-test.1yy2SS/root/etc/systemd/system/systemd-networkd.service' -> '/dev/null'
'/var/tmp/systemd-test.1yy2SS/root/etc/systemd/system/systemd-networkd.socket' -> '/dev/null'
'/var/tmp/systemd-test.1yy2SS/root/etc/systemd/system/systemd-resolved.service' -> '/dev/null'
TEST-71-HOSTNAME RUN: test hostnamed
+ env --unset=UNIFIED_CGROUP_HIERARCHY --unset=SYSTEMD_NSPAWN_UNIFIED_HIERARCHY timeout --foreground 1200 /bin/systemd-nspawn --register=no --kill-signal=SIGKILL --directory=/var/tmp/systemd-test.1yy2SS/root --setenv=SYSTEMD_UNIT_PATH=/usr/lib/systemd/tests/testdata/testsuite-71.units:/usr/lib/systemd/tests/testdata/units: /lib/systemd/systemd systemd.unit=testsuite.target systemd.wants=testsuite-71.service systemd.wants=end.service
Spawning container root on /var/tmp/systemd-test.1yy2SS/root.
Press ^] three times within 1s to kill container.
Failed to allocate scope: Unit root.scope already exists.
E: nspawn failed with exit code 1
```
Nick Rosbrook [Wed, 20 Jul 2022 15:16:37 +0000 (11:16 -0400)]
oomd: fix off-by-one when dumping kill candidates
When we kill a cgroup that is towards the end of the sorted candidate
list (i.e. when we have to resort to killing a candidate with
ManagedOOMPreference=avoid), this cgroup is not logged in the candidate
list. This is due to an off-by-one error when assigning dump_until.
Nick Rosbrook [Tue, 19 Jul 2022 16:48:04 +0000 (12:48 -0400)]
oomd: add tests for oomd_fetch_cgroup_oom_preference
Add a new test function, test_oomd_fetch_cgroup_oom_preference, to test
the ManagedOOMPreference logic. For starters, cut the relevant tests out
of test_oomd_cgroup_context_acquire_and_insert, and add them to the new
function. Then, expand these tests to cover the new behavior.
Nick Rosbrook [Tue, 19 Jul 2022 15:49:06 +0000 (11:49 -0400)]
oomd: loosen the restriction on ManagedOOMPreference
The ManagedOOMPreference property is only honored on cgroups which are
owned by root. This precludes anyone from setting ManagedOOMPreference
on cgroups managed by user managers.
Loosen this restriction in the following way: when processing a
monitored cgroup for kill candidates, honor the ManagedOOMPreference
setting if the monitored cgroup and cgroup candidate are owned by the
same user. This allows unprivileged users to configure
ManagedOOMPreference on their cgroups without affecting the kill
priority of ancestor cgroups.
N.B. that since swap kill operates globally to kill the largest
candidate, it is not appropriate to apply this logic to the swap kill
scenario. Therefore, the existing restriction on ManagedOOMPreference
will remain when calculating candidates for swap kill.
Add a new function, oomd_fetch_cgroup_oom_preference, to assist with
this new logic. To simplify things, move the `user.oomd_{avoid,omit}`
xattr reads to this function so that the xattr reads and uid checks are
performed all at once.
Nick Rosbrook [Tue, 14 Jun 2022 19:25:50 +0000 (15:25 -0400)]
core/cgroup: allow setting oomd xattrs from user manager
The extended attributes 'user.oomd_avoid' and 'user.oomd_omit' are used
to store the setting of the ManagedOOMPrefernce property. Since these
are user extended attributes, the access permissions are defined by the
file permissions, and there is no need to guard this from user managers.
tmpfiles: move validation/normalization of path before we use it
We need to normalize/validate the path (i.e. first column) of
tmpfiles.d/ lines before we start using the path, otherwise we'll use it
before it's known to be good. This matters since for some line types the
path is mangled into the argument column (i.e. sevents column), and we
should only do that once we know it's in a good state.
tmpfiles: in C lines, make missing source graceful error
I don't see where it would ever be a good thing that file copies done
via tmpfiles.d/ C lines cause the tmpfiles operation to fail if their
source happens to be missing. It's a problem if we can't set up the
destination properly (which is the job of systemd-tmpfiles after all),
but if the source is simply missing (NB: setting up the source is the job of
of the rules writer) this shouldn't be a problem.
This is useful for copying stuff into place if it happens to exist. For
example, if systemd-stub passes additional data into the initrd's
/.extra/ directory, we can copy it into a better place (e.g. /run/) with
this, where it will survive the initrd→host transition.
This mirrors behaviour of the recently added "^" line modifier which may
be used source "w" lines from credentials – there two the behaviour is
to simply skip the line if the source is missing.
condition: check for last not first ')' in firmware test expressions
I possess a machine with ')' in its BIOS version string, which will
cause the current parser to mistake it as the closing ')' of the
smbios-fields() expression.
Let's make sure we always fo for the last, not the first ')', hence.
projects / thirdparty / systemd.git / log
