Yu Watanabe [Wed, 26 Oct 2022 05:00:47 +0000 (14:00 +0900)]
unit: also prioritize input devices when triggering devices
As in most cases, tty device without input devices is meaningless.
This also swaps the priority of tty and net:
- input devices are often connected under USB bus, hence may take
slightly much time to be initialized. As, described in the above,
in most cases it is allowed that tty devices are initialized just
before input devices,
- network configuration usually requires much time, e.g. DHCP or RA,
hence it is better that network interfaces initialized. Then,
network services can start DHCP client or friends earlier.
Arguably, CC0 is just fine for examples since they are not code. But it's
easier to be consistent and just use MIT-0 for all "documentation". Thus,
the license is changed similarly code examples under man/.
Based on 'git shortlog -ns network/*' and 'git log -p', the following folks
should ack this:
Zbigniew Jędrzejewski-Szmek
Lennart Poettering
Tom Gundersen
Yu Watanabe
Daan De Meyer
Marc-André Lureau
git blame shows Martin Pitt is the author of the code.
(I was considering whether we should instead drop this file, but it's still
useful for *distributions*. Eveen if we discourage people from using sysv
scripts, distributions will have to deal with them for a while yet.)
CC0 has been listed by Fedora as a 'good' license for code and content
(corresponding to allowed and allowed-content under the new system). We plan
to classify CC0 as allowed-content only, so that CC0 would no longer be
allowed for code.
Over a long period of time a consensus has been building in FOSS that
licenses that preclude any form of patent licensing or patent forbearance
cannot be considered FOSS. CC0 has a clause that says: "No trademark or
patent rights held by Affirmer are waived, abandoned, surrendered, licensed
or otherwise affected by this document." (The trademark side of that clause
is nonproblematic from a FOSS licensing norms standpoint.) The regular
Creative Commons licenses have similar clauses.
For the case of our documentation snippets, patent issues do not matter much.
But it is always nicer to have a license that is considerred acceptable without
any further considerations. So let's change the license to the (now recommended
replacement) MIT-0.
Yu Watanabe [Mon, 24 Oct 2022 17:58:39 +0000 (02:58 +0900)]
test: rewrite tests for renaming network interface
- use `udevadm wait` instead of `udevadm info --wait-initialized`,
- use `timeout` command instead of the fixed time sleep,
- add basic tests for #25106,
- add brief comment about #25115.
Report version string as in the Boot Loader Spec, fix boot loader upgrades
We generate a "version string" that is reported by various tools. This patch
changes this version string to use the characters specified for the version
string in the Boot Loader Specification. We start using the special characters
we have in the spec for this exact purpose and thus fix version comparisons.
We also stop using '+' which is not part of the allowed charset and is used for
boot attempt counting and should not be part of the version string.
The version string is (among other places) used in sd-boot and the comparison
result is used by 'bootctl update' to decide whether to install a new binary.
Before, because 'nn-rc1' compares higher than 'nn', we would refuse to upgrade
pre-release versions.
The boot loader is the primary motivation. I'm not aware of programatic version
comparisons in other places, but it makes sense to use the same versions string
everywhere.
(This patch effectively only matters for non-distro builds, because distro
builds presumably use -Dversion-tag to set something meaningful. Ideally, those
version strings are compatible with our version strings, but this is outside of
our control.)
Luca BRUNO [Mon, 24 Oct 2022 12:49:32 +0000 (12:49 +0000)]
test-string-util: remove several strdupa() calls
This performs the same semantic transformation as the Coccinelle
script 'strdupa.cocci'.
Somehow the existing semantic patch is not properly triggering on
this 'string_replace_char' test.
Yu Watanabe [Tue, 18 Oct 2022 08:18:55 +0000 (17:18 +0900)]
resolvconf-compat: first parse provided interface name as is
Then, try to drop multiple protocol specifiers at the end.
Strictly speaking, this breaks backward compatibility:
if eth0 and eth0.42 exists, then previously,
echo 'nameserver 192.168.0.1' | resolvconf -a eth0.42
adds the DNS server to eth0 instead of eth0.42, as we unconditionally
dropped the specifier after the last dot, and
echo 'nameserver 192.168.0.1' | resolvconf -a eth0.42.dhcp
adds the DNS server to eth0.42. However, with this commit, now
the both commands add the DNS server to eth0.42. But, hopefully,
this should be preferable behavior.
systemctl,manager: refuse linking unit files underneath the search paths
We treat symlinks to unit files outside of the search path differently from
symlinks to unit files *in* the search path. The former are "linked" unit
files, while the latter are enablement symlinks and such and will be removed
when disabling the unit.
The history of the check for in_search_path() is interesting: this condition
was added already in the first version of the code in 830964834f330836b9d33752e83de09d4f38da87. Since the beginning, matching
arguments would simply be ignored. I think this is dubious. The man page says:
> Link a unit file that is *not* in the unit file search paths
> into the unit file search path
But for backwards-compat, let's continue to silently do nothing for files
*in* the search path.
The case of symlinks to unit files underneath the search path, but in some
subdirectory, is less clear. We didn't check for this case, so it was
implicitly allowed. But that's just an oversight, we don't want to allow people
to create additional subhierarchies under our hierarchy. Let's check for this
case and refuse.
shared/install: check that install_changes_add() didn't fail on success
This adds a check for an allocation error for the calls to install_changes_add()
where we're plannig to return success from the call. In cases where we're
returning failure, it doesn't matter as much: the operation will fail anyway,
and if the allocation fails, we'll just get a less descriptive error message.
shared/install: add forgotten calls to install_changes_add()
The machinery to report a good error message only works if the
error was registered with install_changes_add() and a file name. Otherwise
we only get a generic "Op failed: %m" message.
In some places -EINVAL is replaced by -EUCLEAN, so that we get the proper
error message.
shared/install: make install_changes_add propagate passed-in errno value
The function was written to only return an error from internal allocation
failures, because when using it to create a bus message, we want to distinguish
a failed operation from an allocation error when sending the reply. But it
turns out that the only caller that makes this distinction checks that the
passed-in errno value ('type') is not negative beforehand. So we can make the
function pass 'type' value through, which makes most of the callers nicer.
clang-16 has made the choice to turn on -Werror=implicit-function-declaration,implicit-int.
(See Gentoo's tracker bug https://bugs.gentoo.org/870412).
Added in commit 132c73b57ad1d363e97e1f4720f0e920826f34e1, systemd now does a
check to see if libatomic is needed with some compile/link tests with e.g.
__atomic_exchange_1, but the tests don't provide a prototype for
__atomic_exchange_1 so with clang-16 the test fails, breaking the build.
Let's simplify things by linking to libatomic unconditionally if it is found
and seems to work. If actually unneeded, it might be dropped via --as-needed.
This seems to work with gcc and clang.
declare_dependency() is used instead of cc.find_library(), because the latter
picks up a symlink in gcc private directory (e.g.
/usr/lib/gcc/x86_64-redhat-linux/12/libatomic.so), and we don't want that.
Frantisek Sumsal [Thu, 20 Oct 2022 15:06:26 +0000 (17:06 +0200)]
ci: run the Scorecards action in PRs only on config update
Also, unify the string quotation a bit and drop one unnecessary
expression syntax (as everything in `if` statements is automatically
evaluated as an expression).
Luca Boccassi [Wed, 19 Oct 2022 22:52:58 +0000 (23:52 +0100)]
service: do fine-grained validation of CPUSchedulingPriority= at execution time
The precise bounds of the scheduling priority depend on the scheduling policy,
so depending on the order in which the two settings are specified the
validation might pass or fail.
When checking the setting only validate the outer range (valid values in general are 0 to 99),
and let the execution fail later if the priority does not match the
specified policy (1 to 99 for RR/FIFO, 0 for the rest).
Luca Boccassi [Wed, 19 Oct 2022 23:37:08 +0000 (00:37 +0100)]
core: allow-list char-rtc with ProtectClock=yes only if needed
Allow-listing a device implicitly blocks everything else, so this
has the opposite of the intended effect when PrivateDevices= is
not used.
Allow-list char-rtc only if there is a device policy set.
The test would fail when addresses were being removed in parallel. In general,
the check is only valid when the machine configuration is static, which in
general isn't true.
CentOS CI (Arch Linux) fails in TEST-02-UNITTESTS test-local-addresses:
10:38:05 (gdb) #0 0x00007f86260a164c in ?? () from /usr/lib/libc.so.6
10:38:05 No symbol table info available.
10:38:05 #1 0x00007f8626051958 in raise () from /usr/lib/libc.so.6
10:38:05 No symbol table info available.
10:38:05 #2 0x00007f862603b53d in abort () from /usr/lib/libc.so.6
10:38:05 No symbol table info available.
10:38:05 #3 0x00007f862639a755 in log_assert_failed (
10:38:05 text=text@entry=0x56180e56c03b "n == n_ipv4 + n_ipv6",
10:38:05 file=file@entry=0x56180e56c0d1 "src/test/test-local-addresses.c",
10:38:05 line=line@entry=45,
10:38:05 func=func@entry=0x56180e56c360 <__PRETTY_FUNCTION__.6> "test_local_addresses") at ../build/src/basic/log.c:853
10:38:05 No locals.
10:38:05 #4 0x000056180e56b77e in test_local_addresses ()
10:38:05 at ../build/src/test/test-local-addresses.c:45
10:38:05 a = 0x0
10:38:05 n = 234
10:38:05 n_ipv4 = 236
10:38:05 n_ipv6 = 7
10:38:05 __PRETTY_FUNCTION__ = "test_local_addresses"
10:38:05 __func__ = "test_local_addresses"
10:38:05 #5 0x000056180e56ba67 in run_test_table () at ../build/src/shared/tests.h:106
10:38:05 r = 0
10:38:05 t = 0x56180e56e010 <__unique_prefix_static_test_table_entry10>
10:38:05 __PRETTY_FUNCTION__ = <optimized out>
10:38:05 __func__ = "run_test_table"
10:38:05 #6 0x000056180e56bb2f in main (argc=1, argv=0x7ffc3a814808)
10:38:05 at ../build/src/test/test-local-addresses.c:81
10:38:05 _intro = 0x0
10:38:05 _outro = 0x0
10:38:05 _r = 0
10:38:05 _q = 0
10:38:05 (gdb)
The logs show that there's a huge number of private addresses, probably from
some other test running in parallel.
shell-completion/zsh: silence error when machinectl is not installed
This fixes a few unrelated issues:
- when ENABLE_MACHINED is false, machinectl is not installed, but _sd_machines
is still used in a few places that want to complete -M and such.
Also, bash completion calls machinectl in various places.
Make missing machinectl mean "no machines" in this case, so
that no error is generated in the callers.
- machinectl list --full would print multiple lines of output per machine,
breaking grep, issue introduced in e2268fa43742ece4a5cdc2e93f731b2bb2fcc883.
Using --max-addresses=1 would fix the issue, but let's use
--max-addresses=0 because we now can.
- the lists used in various places were slightly different for no good reason.
- don't use a subshell if not necessary.
The code for bash still uses the same combined list of images and running
machines for various commands. The zsh code uses images for start/clone, and
running machines for the rest. Maybe something to fix in the future.
projects / thirdparty / systemd.git / log
