It's highly interesting to see if tools such as systemd-sysupdate
consider a version valid, hence let's output that too (though
gracefully, not fatally)
string-util: move version_is_valid() into generic code
While we are at it, replace the sloppy use of filename_is_valid() by the
less sloppy filename_part_is_valid() (as added by the preceeding
commit), since we don#t want to be too restrictive here. (After all,
version strings invalid as standalone filenames might be valid as part
of filenames, and hence we should allow them).
Add a helper filename_part_is_valid() which does half of what
filename_is_valid() does: it checks for valid chars and length, but does
not filter out ".", ".." and "", as these are OK as parts of filenames,
just not alone.
hostnamectl: show age of firmware as time span, too
This converts the date into a relative timespan from the current time
on, and outputs it. It marks it yellow if older than two years, since
old firmware is probably a security risk. We don't make it red, since we
don't know though.
hostnamed: when parsing day/month of firmware date, force decimal parsing
safe_atou() by default determines the base from the prefix 0x, 0b, 0o
and for compat with just 0 for octal. This is not what we want here,
since the date components are padded with zeroes yet still decimal.
Hence force decimal parsing (and while we are at it, prohibit a couple
of unexpected decorations).
WIthout this we'd fail to parse any the 8th and 9th day of each months, as
well aus aug and september of every year, because these look like octal
numbers but cannot actually parsed as such.
Let's change the testcase to check for a date that exposes this
bheaviour.
rules: split out DMI related rules from udev-default.rules
The DMI rules where so far guarded by an ACTION=="add" rule, but that
doesn't really make sense for setting properties (only for setting
access modes/ownership of nodes).
Hence let's move this into its own file, that guards properly on
ACTION!="remove".
Before this change the hardware vendor/model info would be dropped
whenever the device was retriggered.
The file long ceased to be exclusively about configuration of the sleep
operation. It contains many many calls for other purposes, hence give it
a more generic name.
sleep-config: reduce scope of DMI object path a bit
We need this in a single function only, hence move it there, and make it
a static field so that it has local scope.
While we are at it, rename s/readsize to buf/bufsize, to make
relationship clear. In particular as the data read is actually binary
and "s" hence a misnomer, since it suggests it was a string.
Daan De Meyer [Tue, 28 Mar 2023 10:32:51 +0000 (12:32 +0200)]
btrfs-util: Add BTRFS_SNAPSHOT_LOCK_BSD
When making ephemeral snapshots of subvolumes whose cleanup depends on
whether they're locked or not, it's necessary to have the lock from the
very beginning, so let's support that with a new BTRFS_SNAPSHOT_LOCK_BSD
flag.
This has been badly named given the path doesn't refer to a device quite
likely, but to a path to a regular file. Hence let's be more precise
with naming.
(.device kinda suggests this was an sd_device object of sorts, but it
really isn't.)
sleep-config: don't use 'device_id' moniker for a dev_t entity
We usually call dev_t entities "devnum" or "devno". That's redundant
enough, let's not call this "device_id". In particular as that's
something else (in udev context).
sleep-config: replace useless fstat() by useful fd_verify_regular()
For some reason there was an fstat() call here whose results was
entirely ignored. Let's remove it. Let's add a call to
fd_verify_regular() instead, because this is a code path for swap files,
hence let's make sure we actually operate on a file, and nothing else.
This change is incorrect as we don't want to mark the PID as invalid but
only mark it as dead.
The change in question also breaks user level socket activation for
`podman.service` as the termination of the main `podman system service`
process is not properly handled, causing any application accessing the
socket to hang.
This is because the user-level `podman.service` unit also hosts two
non-main processes: `rootlessport` and `rootlessport-child` which causes
the `cgroup_good` check to still succeed.
The original submitter of this commit is recommended to find another
more correct way to fix the cgroupsv1 issue on CentOS 8.
man: place options in a some limited form of subsections
Let's visually separate the options associated with cpu, io, memory, …
in subsections
This patch tries to be minimal. It just adds the section titles, and
does minimal reordering to make sure the options on the same kind of
resource are placed close to each other.
Sam Morris [Mon, 19 Jun 2023 11:30:43 +0000 (12:30 +0100)]
Resource control manpage fixup (#28046)
The order of the description of each item should match the order that they are declared. Un-document effect of deprecated non-unified CGroup hierarchy on
DefaultCPUAccounting=. Mention that the default value for DefaultCPUAccouting= is
affected by the kernel version.
Gibeom Gwon [Wed, 19 Oct 2022 09:12:29 +0000 (18:12 +0900)]
homework: resize to maximum disk space if disk size is not specified
If the backing storage is LUKS2 on a block device, auto resize mode
is enabled, and disk size is not specified, resize the partition to
the maximum expandable size.
Daan De Meyer [Thu, 15 Jun 2023 15:31:23 +0000 (17:31 +0200)]
mkosi: Update to latest
We now run repart before starting systemd-nspawn to make sure that
the root partition is also generated when we boot the image in a
container instead of a VM.
To make sure we start from scratch for both the container boot and
the VM boot, we also enable Ephemeral to make sure all changes to
the image are ephemeral.
Luca Boccassi [Fri, 16 Jun 2023 21:31:04 +0000 (22:31 +0100)]
journal: avoid infinite recursion when closing bad journal FD
When trying to log, if we fail we try to close the journal FD. If
it is bad, safe_close() will fail and assert, which will try to log,
which will fail, which will try to close the journal FD...
Infinite recursion looks very pretty live in gdb, but let's avoid
that by immediately invalidating the journal FD before closing it.
Jan Janssen [Sun, 18 Jun 2023 08:54:20 +0000 (10:54 +0200)]
boot: Improve device_path_to_str_internal()
The UEFI spec has a generic `Path` node representation that can be used
for device path nodes that are unknown. So we can use that instead of
giving up when we see a node other than FilePath.
This also simplifies the FilePath case by just using xasprintf(). The
code is really just a fallback for silly firmware that does not
implement EFI_DEVICE_PATH_TO_TEXT_PROTOCOL (looking at you, Apple).
The correctness of this was tested by round-tripping it through
EFI_DEVICE_PATH_FROM_TEXT_PROTOCOL, which yielded an identical device
compared to our input path.
Frantisek Sumsal [Fri, 16 Jun 2023 17:05:57 +0000 (19:05 +0200)]
socket-activate: make a copy of the command name and arguments
When we call safe_fork() with the first argument set (process name), we
call rename_process() that zeroes out saved argv (that was saved by
save_argc_argv() in the main func defined by DEFINE_MAIN_FUNC()). In this
case this means that with --accept both the target executable name and
its arguments will be empty strings:
```
$ systemd-socket-activate --accept --listen 1111 cat &
Listening on [::]:1111 as 3.
$ curl localhost:1111
Communication attempt on fd 3.
Connection from 127.0.0.1:52948 to [::ffff:127.0.0.1]:1111
Spawned cat (cat) as PID 10576.
Execing ()
Failed to execp (): No such file or directory
Child 10576 died with code 1
curl: (56) Recv failure: Connection reset by peer
```
Let's make a copy of the necessary arguments beforehand and use it
instead to fix this.
Kiran Vemula [Fri, 16 Jun 2023 12:04:37 +0000 (17:34 +0530)]
resolved: Initialize until_valid while storing negative/NXDOMAIN response in the cache
Initialize until_valid is properly for negative response, the cached negative responses can be used to answer the queries before contacting upstream server.
Frantisek Sumsal [Fri, 16 Jun 2023 15:03:27 +0000 (17:03 +0200)]
journal-gatewayd: make MHD_OPTION_EXTERNAL_LOGGER the first option
To get rid of the warning on gatewayd startup:
microhttpd: MHD_OPTION_EXTERNAL_LOGGER is not the first option
specified for the daemon. Some messages may be printed by the
standard MHD logger.
Luca Boccassi [Thu, 15 Jun 2023 17:54:56 +0000 (18:54 +0100)]
portable: fix silly typo in D-Bus interface name
D'oh. Nobody noticed in 3 years, I guess nobody calls these directly
and instead the manager's methods are used. Still we'll have to keep
this around, so just hide it.
Kiran Vemula [Thu, 8 Jun 2023 13:12:11 +0000 (18:42 +0530)]
resolved: added serve stale feature implementation of RFC 8767
serve stale feature to keep the DNS resource records beyond TTL to return them as stale records in case of upstream server is not reachable or returns negative response.
SD_RESOLVED_NO_STALE flag has been added to disable serving stale records via dbus.
added serve stale test cases to TEST-75-RESOLVED Fixes: #21815
Yu Watanabe [Thu, 15 Jun 2023 20:55:58 +0000 (05:55 +0900)]
networkd-test.py: do not query IPv6 address
From changelog of dnsmasq v2.87:
====
Note in manpage the change in behaviour of -address. This behaviour
actually changed in v2.86, but was undocumented there. From 2.86 on,
(eg) --address=/example.com/1.2.3.4 ONLY applies to A queries. All other
types of query will be sent upstream. Pre 2.86, that would catch the
whole example.com domain and queries for other types would get
a local NODATA answer. The pre-2.86 behaviour is still available,
by configuring --address=/example.com/1.2.3.4 --local=/example.com/
====
licunlong [Wed, 24 May 2023 03:45:31 +0000 (11:45 +0800)]
core/unit: increase the NameOwnerChanged/GetNameOwner timeout to the unit's start timeout
When dbus is overloaded, these messages are easily timedout,
systemd may kill dbus-type service by mistake. This PR
mitigates this problem by increasing the timeout to the
unit's start timeout.
наб [Thu, 15 Jun 2023 13:04:32 +0000 (15:04 +0200)]
find-esp: fix XBOOTLDR stx_dev_major=0 and not btrfs fix
The original commit is fully correct in its analysis, description, and
mechanics, but the patch changes an identical condition around line 500
(find_esp_and_warn()), instead of line 800 (find_xbootldr_and_warn()).
The internal patch I distributed to testers was correct (L800), and
neither the reviewers, nor me, caught that I wrote the wrong line for
upstream submission. I've re-checked that this patch applied to
systemd 252.11-1 fixes the issue.
Keep the -ENOTTY condition for find_esp_and_warn(), since the conditions
are clearly supposed to be the same and similar semantics apply.
Fixes: commit ed89819f8fd7bfe99cd652082076e85e1417e4e9 ("find-esp: don't
silently error bootctl install if presumed XBOOTLDR part is
stx_dev_major=0 but not btrfs")
projects / thirdparty / systemd.git / log
