Registering a process as a machine means a caller can get machined to
send sigterm to it, and more. If an unpriv user is registering, ensure
the registered process has the same uid.
Follow-up for adaff8eb35
* 7d9cf5c9347 Update systemd to version 257.9 / rev 456 via SR 1303345
* 439d743e5d6 Update systemd to version 257.7 / rev 455 via SR 1297651
* 4f72c6a6279 Update systemd to version 257.7 / rev 454 via SR 1296831
* 3b0afa5c6d1 Update systemd to version 257.7 / rev 453 via SR 1294979
* d0eccd20f5a Update systemd to version 257.7 / rev 452 via SR 1292221
* f9d183f8c57 Update systemd to version 257.7 / rev 451 via SR 1291008
* cbd6908247d Update systemd to version 257.7 / rev 450 via SR 1289968
* 6e5c00f9f92 Update systemd to version 257.6 / rev 449 via SR 1286997
Signed-off-by: val4oss <github.widget541@passmail.net>
Registering a process as a machine means a caller can get machined
to send sigterm to it, and more. If an unpriv user is registering,
ensure the registered process is actually owned by the user.
Follow-up for adaff8eb35
Coverity gets confused because the names were swapped. The parameters
are all passed in the right position, so there's no functional issue,
but the naming is confusing and trips static analyzers, so fix it.
CID#1621624
Follow-up for 8a9ab3dbbc
If the test VM reboots and the test re-runs, creating the images
fails as they already exist:
[ 218.227766] TEST-50-DISSECT.sh[889]: + mksquashfs testkit/ testkit.raw
[ 218.238754] TEST-50-DISSECT.sh[2964]: FATAL ERROR: Could not read $HOME, use -recovery-path or -no-recovery options
[ 218.239284] TEST-50-DISSECT.sh[2964]: Found a valid exportable SQUASHFS superblock on testkit.raw.
[ 218.239554] TEST-50-DISSECT.sh[2964]: Compression used gzip
[ 218.240176] TEST-50-DISSECT.sh[2964]: Inodes are compressed
[ 218.240459] TEST-50-DISSECT.sh[2964]: Data is compressed
[ 218.241072] TEST-50-DISSECT.sh[2964]: Fragments are compressed
[ 218.241526] TEST-50-DISSECT.sh[2964]: Xattrs are compressed
[ 218.241953] TEST-50-DISSECT.sh[2964]: Fragments are present in the filesystem
[ 218.242411] TEST-50-DISSECT.sh[2964]: Always-use-fragments option is not specified
[ 218.242843] TEST-50-DISSECT.sh[2964]: Duplicates are removed
[ 218.243560] TEST-50-DISSECT.sh[2964]: Xattrs are stored
[ 218.243889] TEST-50-DISSECT.sh[2964]: Filesystem size 0.38 Kbytes (0.00 Mbytes)
[ 218.244563] TEST-50-DISSECT.sh[2964]: Block size 131072
[ 218.245051] TEST-50-DISSECT.sh[2964]: Number of fragments 1
[ 218.245512] TEST-50-DISSECT.sh[2964]: Number of inodes 6
[ 218.245851] TEST-50-DISSECT.sh[2964]: Number of ids 1
[ 218.246393] TEST-50-DISSECT.sh[2964]: Parallel mksquashfs: Using 2 processors
[ 218.246820] TEST-50-DISSECT.sh[2964]: Scanning existing filesystem...
[ 218.247286] TEST-50-DISSECT.sh[2964]: Read existing filesystem, 5 inodes scanned
[ 218.252974] TEST-50-DISSECT.sh[2964]: Appending to existing 4.0 filesystem on testkit.raw, block size 131072
[ 218.253593] TEST-50-DISSECT.sh[2964]: All -b, -noI, -noD, -noF, -noX, -noId, -no-duplicates, -no-fragments,
[ 218.253848] TEST-50-DISSECT.sh[2964]: -always-use-fragments, -exportable and -comp options ignored
[ 218.257196] TEST-50-DISSECT.sh[2964]: If appending is not wanted, please re-run with -noappend specified!
https://github.com/systemd/systemd/actions/runs/17674609143/job/50233691148?pr=38867
There is a botched arm64 linker transition going on, where a new feature
is enabled (GCS) and the linker fails the build unless all object files
being linked are built with the new specific feature. This was enabled
in the toolchain (GCC 15) _before_ all libraries were rebuilt, including
glibc, so everything fails. The toolchain maintainers declined to fix it
and instead say that this is a useless warning to have, and to just
disable it and ignore it.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110461
> systemd fails to build from source on arm64 if built with GCC-15, currently in
> experimental.
>
> GCC-15 includes support for an arm64 security feature called Guarded Control
> Stack (GCS). To help with GCS adoption, the linker warns about shared libraries
> built without GCS. For example:
>
> /usr/lib/gcc/aarch64-linux-gnu/15/../../../aarch64-linux-gnu/libncursesw.so.6:
> warning: GCS is required by -z gcs, but this shared library lacks the necessary property note.
> The dynamic loader might not enable GCS or refuse to load the program unless
> all the shared library dependencies have the GCS marking.
>
> The warning is harmless, and can be ignored. However, systemd is built with
> --fatal-warnings, and for this reason will fail to build on arm64 once GCC-15
> becomes the default compiler in Debian.
[585/3230] Linking target src/core/libsystemd-core-258.so
FAILED: src/core/libsystemd-core-258.so
gcc -o src/core/libsystemd-core-258.so -Wl,--as-needed -Wl,--no-undefined -shared -fPIC -Wl,-soname,libsystemd-core-258.so -Wl,--whole-archive -Wl,--start-group src/core/libsystemd-core-258.a -Wl,--no-whole-archive -fstack-protector -Wl,-z,relro -specs=/usr/share/debhelper/dh_package_notes/debian-package-notes.specs -g -O2 -Werror=implicit-function-declaration -ffile-prefix-map=/work/src=. -fstack-protector-strong -fstack-clash-protection -Wformat -Werror=format-security -mbranch-protection=standard -O0 -g -Og -Wdate-time '-Wl,-rpath,$ORIGIN/../shared' src/shared/libsystemd-shared-258.so -shared -Wl,--version-script=/work/src/src/shared/libshared.sym /usr/lib/aarch64-linux-gnu/libacl.so /usr/lib/aarch64-linux-gnu/libaudit.so /usr/lib/aarch64-linux-gnu/libblkid.so -ldl -lm /usr/lib/aarch64-linux-gnu/libmount.so -lrt /usr/lib/aarch64-linux-gnu/libseccomp.so /usr/lib/aarch64-linux-gnu/libselinux.so -Wl,--end-group -pthread -Wl,--fatal-warnings -Wl,-z,now -Wl,-z,relro -Wl,--gc-sections -Wl,--warn-common
src/shared/libsystemd-shared-258.so: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
/usr/lib/aarch64-linux-gnu/libacl.so: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
/usr/lib/aarch64-linux-gnu/libaudit.so: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
/usr/lib/aarch64-linux-gnu/libblkid.so: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
/lib/aarch64-linux-gnu/libm.so.6: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
/lib/aarch64-linux-gnu/libmvec.so.1: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
/usr/lib/aarch64-linux-gnu/libmount.so: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
/usr/lib/aarch64-linux-gnu/libseccomp.so: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
/usr/lib/aarch64-linux-gnu/libselinux.so: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
/lib/aarch64-linux-gnu/libc.so.6: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
/lib/ld-linux-aarch64.so.1: warning: GCS is required by -z gcs, but this shared library lacks the necessary property note. The dynamic loader might not enable GCS or refuse to load the program unless all the shared library dependencies have the GCS marking.
collect2: error: ld returned 1 exit status
The default is already to propagate the env vars, so this
was unnecessary and actually creates problem as it removes
custom PATHs
This reverts commit 994af53395.
After the update to systemd 257.7 in Fedora, there are reports that we fail to
create a symlink:
systemd-gpt-auto-generator[585]: Failed to create symlink /run/systemd/generator/local-fs.target.wants/systemd-fsck-root.service: File exists
(sd-exec-[574]: /usr/lib/systemd/system-generators/systemd-gpt-auto-generator failed with exit status 1.
I guess that some other generator created the symlink. We silently ignore
EEXIST in similar codepaths, so add that in one more place. (The target of the
symlink doesn't really matter. The name of the link matters. So something like
symlink_idempotent would not be better. For example, a different generator
might use a slightly different target path, and symlink_idempotent would be too
strict.)
Because it returns the result of the final sd_path_lookup() call rather than the return value of RET_GATHER,
it appears that it may return success even if an error occurs during processing.
With this patch, errors encountered during the loop will be properly tallied and returned, and failures will not be silently ignored.
Signed-off-by: anthisfan <gtpgx305@gmail.com>
When SYSTEMD_COLORS is invalid, parse_systemd_colors() logs about it.
Logging helpers then call into parse_systemd_colors() to pretty-print
the log message, which then fails, so it logs about the failure,
rinse and repeat until segfault.
Follow-up for c8210d98a4
Child processes are left hanging on abort() as these child procs
freeze(), so test suites hang as well when test-namespace fails,
and processes are leaked.
From the docs:
The parent-death signal setting is also cleared upon changes to any of
the following thread credentials: effective user ID, effective group ID,
filesystem user ID, or filesystem group ID.
Set the deathsig again after changing id.
Follow-up for 2ade821859
It is killed when the main test process exists, but still,
it will be left hanging while other test cases run, so it's
not very clean.
Follow-up for 8b5e3be88e
When the test VM is accidentally rebooted, there exists the previously
created volume, and the command fails with the following:
```
TEST-64-UDEV-STORAGE.sh[282]: + lvm pvcreate -y /dev/md/mdlvm
TEST-64-UDEV-STORAGE.sh[442]: Can't initialize physical volume "/dev/md127" of volume group "mdlvm_vg" without -ff
TEST-64-UDEV-STORAGE.sh[442]: /dev/md127: physical volume not initialized.
[FAILED] Failed to start TEST-64-UDEV-STORAGE-mdadm_lvm.service.
```
Let's ignore the existence of previous volume and forcibly create new one.
Workaround for issue #38240.
Otherwise the child processes will continue, return to the test
main function, and try to run other test cases themselves:
<...>
/* test_namespace_get_leader */
PID hierarchy: 553438 ← 553459 ← 553460
/* test_detach_mount_namespace_harder */
/* test_detach_mount_namespace_harder */
/* test_detach_mount_namespace_harder */
Follow-up for 0b8b13324e
Otherwise it remains there, and another test case accidentally
uses it on refresh, which then makes another later test fail,
as the hierarchy is already merged:
[ 203.969708] TEST-50-DISSECT.sh[890]: + systemd-sysext status
[ 203.981831] TEST-50-DISSECT.sh[2795]: HIERARCHY EXTENSIONS SINCE
[ 203.982196] TEST-50-DISSECT.sh[2795]: /opt app0 Mon 2025-09-08 11:49:11 UTC
[ 203.982551] TEST-50-DISSECT.sh[2795]: /usr app0 Mon 2025-09-08 11:49:11 UTC
[ 204.119772] TEST-50-DISSECT.sh[2799]: Hierarchy '/usr' is already merged.
Fixes https://github.com/systemd/systemd/issues/38282
