Daan De Meyer [Tue, 11 Oct 2022 11:26:41 +0000 (13:26 +0200)]
logs-show: Always retrieve the boot ID from the entry
If _SOURCE_MONOTONIC_TIMESTAMP was set in the entry, we wouldn't
query the boot ID, leading to every kernel entry in the export mode
to have BOOT_ID=000000000000000. Let's fix this by always querying
the boot ID.
NEWS: make clear we talk about *system* credentials here
The new conditoins are placed inside of services, but they cannot be
used to test service creds, but only system creds. This deserves
explicit mention, since it might be confusing otherwise.
In particular, 'system/service credentials' are now described as simply
'credentials'. The selling point of credentials is that they are transparently
propagated from the system to services, so distinguishing between system and
service credentials is not important.
The description of ordering against initrd-switch-root.target is completely
rewritten. The old description was confused.
I think the description of systemd-measure should be reworked to clearly
describe what new functionality is provided and what policy changes are
built on top. But I don't qrok the details, so I left this part unchanged.
anarcat [Thu, 6 Oct 2022 14:20:39 +0000 (10:20 -0400)]
man/shutdown: document how to switch to single-user mode
Before Debian switched to systemd, `shutdown now` would reset the system into
single user mode, doing roughly the equivalent of `telinit 1`.
Now, systemd's `shutdown` command does not behave that way; it defaults to
`poweroff` which might be confusing for users (like me) used to the previous
method.
Because I don't use the command often, I keep being stumped by this behavior,
and every time I look at the `shutdown(1)` manpage, I don't understand why I
can't find what I am looking for. This patch should make sure that people like
me find their way back to some sort of reason.
Maybe the *proper* way to fix this would be to restore the more classic
behavior, but I'm definitely not going to climb that hill. Besides, I clearly
remember the time I found out about the `shutdown` command and was *really*
confused when it brought me back to a command-line prompt. That was really
counter-intuitive and I find that change to actually be a good thing. So I'm
not proposing to change this behavior, merely document it better.
I originally added this to the `-P` option but it was suggested adding a new
`COMPATIBILITY` section instead, where other such issues could be added.
The `COMPATIBILITY` section is not actually officially documented. `man(1)`
talks about a `CONFORMING TO` section, but `shutdown(1)` is not
POSIX (`shutdown(2)` is, of course), so there's no actual standard on how this
should work.
The other option I considered was to add a `BUGS` section, but that seemed to
inflammatory, and definitely counter-productive.
--convert writes the journal files read by journalctl to the given
location. The location should be specified as a full journal file
path (e.g. /a/b/c/converted.journal). The directory specifies where
the converted journal files will be stored. The filename specifies
the naming convention the converted journal files will follow.
Daan De Meyer [Fri, 21 Jan 2022 18:29:41 +0000 (18:29 +0000)]
journal: Store offsets to tail entry array objects in chain
Previously, we'd iterate an entry array from start to end every time
we added an entry offset to it. To speed up this operation, we cache
the last entry array in the chain and how many items it contains.
This allows the addition of an entry to the chain to be done in
constant time instead of linear time as we don't have to iterate
the entire chain anymore every time we add an entry.
journal_file_data_payload() retrieves the payload of a Data object,
optionally decompressing it and checking to see if matches a given
field. This function replaces all the decompression code in the sd-journal
codebase with a single function.
This commit should not introduce any changes in sd-journal behavior.
Daan De Meyer [Tue, 2 Nov 2021 20:50:39 +0000 (20:50 +0000)]
journal: Use 32-bit entry item object offsets in compact mode
To do this, we move EntryItem out of journal-def.h and turn it into
a host only struct in native endian mode so we can still use it to
ship the necessary info around.
Aside from that, the changes are pretty simple, we introduce some
extra functions to access the right field depending on the mode and
convert all the other code to use those functions instead of
accessing the raw fields.
We also drop the unused entry item hash field in compact mode. We
already stopped doing anything with this field a while ago, now we
actually drop it from the format in compact mode.
Daan De Meyer [Sat, 23 Oct 2021 21:43:00 +0000 (22:43 +0100)]
journal: Enable compact mode
We also add an environment variable $SYSTEMD_JOURNAL_COMPACT that
can be used to disable compact mode if needed (similar to
$SYSTEMD_JOURNAL_KEYED_HASH).
Daan De Meyer [Sat, 23 Oct 2021 21:24:56 +0000 (22:24 +0100)]
journal: Add compact mode
This adds a new flag in preparation for incompatible journal changes
which will be gated behind this flag. The max file size of journal
files in compact mode is limited to 4 GiB.
Yu Watanabe [Fri, 7 Oct 2022 05:17:13 +0000 (14:17 +0900)]
network: drop unnecessary call of ndisc_vacuum()
After the commit 773024685b37170395a11716f8e4ad99d3580455, DNS servers
or domains are dropped when their lifefime become zero. Hence, it is not
necessary to try to them when writing state file.
Of course, because of the accuracy of the timer event source or priority
of event sources, a possibility is introduced that a DNS server or domain
with zero lifetime is stored in the state file. However, such entry will
be dropped soon when the timer event source is triggered. Hence, that
should not cause any real issues.
Arnaud Ferraris [Tue, 4 Oct 2022 16:52:33 +0000 (18:52 +0200)]
repart: always honour `--discard=no`
Currently, even if `--discard=no` is passed to `systemd-repart`, the
`context_discard_gap_after()` function still runs normally, discarding
e.g. all blocks between the GPT and the start of the first partition.
This can lead to issues on some embedded devices, where this space
holds the bootloader and shouldn't be modified (creating a protective
partition there is not always possible due to the specifics of the boot
process of some ARM-based SoC's).
This commit ensures passing `--discard=no` would be enough to ensure
the bootloader isn't wiped in such cases.
libbpf: add compat helpers for libbpf down to 0.1.0
- new symbols are available from libbpf 0.6.0 so could be used with
libbpf.so.0, but we're sure the old symbols will be there and this
simplifies code
- detection at runtime should always work, regardless of whether systemd
has been compiled with older or newer libbpf and runs with older or newer
libbpf
Aleksey Vasenev [Wed, 5 Oct 2022 19:33:53 +0000 (22:33 +0300)]
ata_id: Fixed getting Response Code from SCSI Sense Data (#24921)
The Response Code is contained in the first byte of the SCSI Sense Data.
Bit number 7 is reserved or has a different meaning for some Response Codes
and is set to 1 for some drives.
However, without the cache the binaries will fall back to `/lib64/libc.so.6`
which breaks tests that use the minimal verity images (like TEST-29),
because we install only the first version (that's shown by `ldd` at
the time the images are created):
```
[ 91.595343] testsuite-29.sh[747]: + portablectl --profile=trusted attach --now --runtime /usr/share/minimal_0.raw minimal-app0
Starting systemd-portabled.service...
[ OK ] Started systemd-portabled.service.
Starting minimal-app0-foo.service...
Starting minimal-app0.service...
[ 104.432217] cat[858]: cat: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
[ 104.435080] cat[857]: cat: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
[FAILED] Failed to start minimal-app0.service.
See 'systemctl status minimal-app0.service' for details.
```
```
$ chroot /var/tmp/systemd-test.nMHPfc/minimal/
/bin/bash: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory
```
With the ldconfig's cache it seems to work as expected:
```
$ chroot /var/tmp/systemd-test.gVtYLg/minimal
bash-4.4# cat --version
cat (GNU coreutils) 8.30
...
```
mount: replace UNIT_DEPENDENCY_MOUNTINFO_OR_FILE with UNIT_DEPENDENCY_MOUNTINFO/UNIT_DEPENDENCY_MOUNT_FILE
UNIT_DEPENDENCY_MOUNTINFO_OR_FILE was a bit strange as unlike the other flags
we don't know where the dependency came from exactly. Indeed its origin could
have been from the mount unit file or from /proc/self/mountinfo.
Instead this patch replaces UNIT_DEPENDENCY_MOUNTINFO_OR_FILE with 2 new
dependency flags: UNIT_DEPENDENCY_MOUNT_FILE and UNIT_DEPENDENCY_MOUNTINFO. The
former indicates that the dep is created from the unit file but unlike
UNIT_DEPENDENCY_FILE, it will be replaced by a dep with the
UNIT_DEPENDENCY_MOUNTINFO flag as soon as the kernel will make the mount
available in /proc/self/mountinfo.
Franck Bui [Wed, 5 Oct 2022 08:26:59 +0000 (10:26 +0200)]
mount: always use UNIT_DEPENDENCY_FILE in mount_add_quota_dependencies()
The quota options have always been read from the unit file and ignored if only
present in /proc/self/mountinfo. IOW the quota services are not (automagically)
pulled in for mounts initiated by the user running mount(8).
Topi Miettinen [Mon, 3 Oct 2022 15:13:42 +0000 (18:13 +0300)]
tmpfiles: fix assert
Oct 03 17:33:20 systemd-tmpfiles[872]: Assertion 'IN_SET(i->type, CREATE_BLOCK_DEVICE|CREATE_CHAR_DEVICE)' failed at src/tmpfiles/tmpfiles.c:1837, function create_device(). Aborting.
I think this is caused by the line:
b! /dev/private/smartmontools-dev/sda 0660 root disk - 8:0
Yu Watanabe [Mon, 3 Oct 2022 02:54:20 +0000 (11:54 +0900)]
network: ndisc: drop addresses and friends when RA with zero lifetime is received
Routers may send options with zero lifetime if previously announced
information is outdated. Hence, if we receive such messages, then we
need to drop relevant addresses or friends.
See e.g. https://www.rfc-editor.org/rfc/rfc4861#section-12.
Yu Watanabe [Mon, 3 Oct 2022 03:42:40 +0000 (12:42 +0900)]
network: make sec_to_usec() map 0sec -> 0usec
Zero lifetime in RA is special, and we should not assign possibly very
short lifetime addresses or friends.
This should not change anything at least now, preparation for later
commits. Note, DHCPv4 and v6 code also uses it, but sd-dhcp-client and
sd-dhcp6-client already filtered messages with zero lifetime. Hence,
the change should not affect DHCP code.
projects / thirdparty / systemd.git / log
