morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 08:25:20 +09:00
Code Issues Packages Projects Releases Wiki Activity
68,079 Commits 1 Branch 0 Tags
cf37171890bdaec1dc0cd56828047f4eb899fc3a
Commit Graph

68079 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Joerg Behrmann
cf37171890 credentials: document that their path is stable for system services 2023-10-20 11:44:46 +01:00
Yu Watanabe
af7417ac7b netif-naming-scheme: disable NAMING_BRIDGE_MULTIFUNCTION_SLOT 
This effectively reverts 66425daf2c.

The commit assumes that if the network interface has multifunctions,
then the function fields of the pci devices under the same PCI bridge
device are unique.
But it seems not, at least on some setups. See issue #28929.
Let's revert the change, and always refuse to set slot base naming if
a PCI bridge is detected.

Fixes #28929.
 2023-10-20 10:56:48 +01:00
Luca Boccassi
ed51ccf4b8 Merge pull request #29618 from bonktree/fchmodat2 
seccomp: get `fchmodat2(2)` covered by `RestrictSUIDSGID=`
 2023-10-20 10:49:46 +01:00
Lennart Poettering
612a91c11a man: document the order in which we talk to DNS servers 2023-10-20 10:12:51 +01:00
Luca Boccassi
856bed0abe executor: return instead of assert on invalid command line arguments 
Before the split, it made sense to assert, as checks were on setup.
But now these come from deserialization, and the fuzzer hits the
asserts, so simply return an error instead.
 2023-10-20 01:00:36 +01:00
Zbigniew Jędrzejewski-Szmek
974959e6f6 test-recurse-dir: work around nftw() ignoring symlinks() 
We have a test where we compare the results from nftw() and our own
resurce_dit_at(). nftw() skips a dangling symlink when running under mkosi and
the test fails. I don't understand why nftw() does that, but in our code we
don't need to test and care about the details of nftw(), which we don't use,
outside of the one test, so let's just skip symlinks in the test.

Closes #29603.
 2023-10-19 22:40:22 +01:00
Luca Boccassi
f5a7476677 Merge pull request #29628 from mrc0mmand/systemd-executor-test 
test: slightly improve sd-executor's coverage
 2023-10-19 19:39:39 +01:00
Lennart Poettering
9bb64f1b8d pidref: make PIDREF_NULL const 
That way compiler can put it in an immutable section
 2023-10-19 18:59:51 +01:00
Luca Boccassi
759cca0348 Merge pull request #29629 from bluca/mount_tunnel_pidref 
mount tunnel: use PidRef
 2023-10-19 18:59:22 +01:00
Luca Boccassi
6fbd1b0457 Merge pull request #29623 from YHNdnzj/core-followup 
Follow-ups for recent changes to core/
 2023-10-19 18:04:40 +01:00
Frantisek Sumsal
e98f7f9122 test: skip Protect{Home,System}= tests with coverage builds 
With coverage builds we disable Protect{Home,System}= via a service.d
dropin in /etc, which has, unfortunately, higher priority than our
transient systemd-run stuff. Let's just skip the affected tests in that
case instead of making the test setup even more complicated.
 2023-10-19 18:03:57 +01:00
Zbigniew Jędrzejewski-Szmek
af189d7b50 pid1,vconsole-setup: lock /dev/console instead of the tty device 
As requested in https://github.com/systemd/systemd/pull/27867#pullrequestreview-1567161854.
/dev/console, /dev/tty0, and /dev/ttyN are "different" device nodes
that may point to a single underlying device. We want to use a single
lock so that we don't get a race if different writers are using a different
device path, so let's just always lock around /dev/console.
This effectively makes the locking less granular.

Fixup for a0043bfa51.
Fixes https://github.com/systemd/systemd/issues/28721.
Maybe fixes https://github.com/systemd/systemd/issues/28778 and
https://github.com/systemd/systemd/issues/28634.
 2023-10-19 18:03:21 +01:00
Frantisek Sumsal
a2dd592002 test: unify checking for user xattrs support in cgroupfs 
Also, run the coredump forwarding test only if user xattrs are
supported.
 2023-10-19 18:01:07 +01:00
Zbigniew Jędrzejewski-Szmek
725e646854 meson: generate proper version tag when git fails on permission errors 
When building with mkosi I would get the following:

    [1/477] Generating version.h with a custom command
    fatal: detected dubious ownership in repository at '/work/src'
    To add an exception for this directory, call:

            git config --global --add safe.directory /work/src

and then the tag would be generated as 'v254-'. This is obviously some problem
with the setup, but we should handle this gracefully. Let's fall back to 'v254'
instead.

In the case where we have a repo but no tags, use --dirty=^ too, as in the case
with tags.

I tested four cases:
- normal checkout
- checkout with .git removed
- checkout with .git chowned to root
- checkout wiht all tags removed
 2023-10-19 17:52:44 +02:00
Luca Boccassi
8c08523736 Update TODO 2023-10-19 16:31:05 +01:00
Luca Boccassi
5f48198af8 mount tunnel: use PidRef 2023-10-19 16:31:05 +01:00
Frantisek Sumsal
d31330c1fa core: properly cleanup ExecParameter's prefix array 2023-10-19 16:59:43 +02:00
Frantisek Sumsal
4701425dd5 test: add coverage for #29610 
As reproducing it is actually pretty easy, with the benefit of hindsight:

~# systemd-run -P -p MountImages="/this/should/definitely/not/exist.img:/run/img2\:3:nosuid" false
Running as unit: run-u42.service
free(): double free detected in tcache 2
 2023-10-19 16:23:28 +02:00
Frantisek Sumsal
447894be41 test: add a real-world state to the corpus 
To give the fuzzer a nice head start.
 2023-10-19 16:12:45 +02:00
Mike Yuan
bca0805311 core/service: check error first and log about errno 
Follow-up for becdfcb9f1
 2023-10-19 21:37:39 +08:00
Mike Yuan
f65a40fb0b cgroup-util: use RET_GATHER more, return first error 2023-10-19 21:37:33 +08:00
Mike Yuan
dbc0342e61 core/exec-invoke: use correct exit status 
These calls can fail not only due to OOM.
 2023-10-19 21:37:33 +08:00
Mike Yuan
bbe92ea5cc core/namespace: merge if blocks 2023-10-19 21:37:33 +08:00
Luca Boccassi
9dc6a6af28 executor: fix double free of MountOptions 
This list is owned by ExecContext, which is cleaned up when sd-executor
fails, but it is also cleaned up when namespace setup exits, so we get
a double free.

Fixes https://github.com/systemd/systemd/issues/29610

Follow-up for bb5232b6a3
 2023-10-19 14:24:55 +01:00
Luca Boccassi
41204a6d74 Merge pull request #29617 from keszybz/efi-no-xmalloc0 
efi: drop duplicate initialization to 0
 2023-10-19 14:23:54 +01:00
Arseny Maslennikov
8b45281daa seccomp: also check the mode parameter of fchmodat2(2) 
If there is no libseccomp support, just ban the entire syscall instead
so wrappers will fall back to older, supported syscalls.
Also reflect all of this in `test-seccomp.c`.
 2023-10-19 15:53:58 +03:00
Arseny Maslennikov
6e10405aa2 seccomp: include fchmodat2 in @file-system 2023-10-19 15:53:45 +03:00
Yu Watanabe
be3b6b6fe5 cgroup-util: drop dead code block 
Follow-up for 4d1b2df199.

Fixes CID#1522888.
 2023-10-19 20:24:54 +08:00
Arseny Maslennikov
3677364cc3 basic/missing_syscall: generate defs for fchmodat2(2) 
We will need this to set seccomp filters on this system call regardless
of libseccomp or kernel support.
 2023-10-19 14:07:54 +03:00
Arseny Maslennikov
c83f838193 Update system call tables for Linux 6.6 
We are doing this to obtain the definition of fchmodat2.
 2023-10-19 14:07:54 +03:00
Arseny Maslennikov
a539314a87 seccomp: fix debug logging typo 
Fixes: da4dc9a674 ("seccomp: rework how the S[UG]ID filter is installed")
 2023-10-19 14:07:54 +03:00
Luca Boccassi
1ca8cc9fb6 Merge pull request #29595 from YHNdnzj/systemctl-failed-system 
systemctl: is-failed: check if system is degraded when no unit given
 2023-10-19 12:07:37 +01:00
Zbigniew Jędrzejewski-Szmek
6e98ddf825 efi: drop unused xmalloc0() 
Keeping this separate to make it easy to revert if it's ever needed again.
 2023-10-19 12:24:53 +02:00
Zbigniew Jędrzejewski-Szmek
586f19976a efi: do not memzero fields before initializing them 
In all three cases we immediately overwrite the whole field anyway,
so the call to memzero is not needed.
 2023-10-19 12:24:53 +02:00
Arthur Shau
1bd0b9c053 varlink: Add new varlink_collect method 
varlink_collect is meant to be used when the client is willing to wait for the reply from the varlink method, much like varlink_call.
However, unlike varlink_call, it allows the client to collect all "more" replies that may be sent by method before the "final" reply is enqueued.
It aggregates all of these replies into a json variant array that it returns to the client.
 2023-10-19 11:52:09 +02:00
Frantisek Sumsal
4820c9d417 fuzz: unify logging setup 
Make sure we don't log anything when running in "fuzzing" mode. Also,
when at it, unify the setup logic into a helper, pretty similar to
the test_setup_logging() one.

Addresses:
  - https://github.com/systemd/systemd/pull/29558#pullrequestreview-1676060607
  - https://github.com/systemd/systemd/pull/29558#discussion_r1358940663
 2023-10-19 10:05:20 +01:00
Luca Boccassi
47174dc054 Merge pull request #29611 from mrc0mmand/execute-serialize-fuzz 
test: add a fuzzer for exec_{serialize,deserialize}_invocation()
 2023-10-18 23:33:00 +01:00
Frantisek Sumsal
892eb4d795 core: don't assert when serializing malformed state 2023-10-18 22:44:16 +02:00
Frantisek Sumsal
81c4be64da test: add a fuzzer for exec_{serialize,deserialize}_invocation() 2023-10-18 22:44:16 +02:00
Mike Yuan
2ee346160c systemctl: is-failed: check if system is degraded when no unit given 
Closes #3335
 2023-10-19 00:12:28 +08:00
Mike Yuan
def1e20a18 systemctl: minor modernization 2023-10-19 00:12:27 +08:00
Lennart Poettering
81c1c387fe Merge pull request #29594 from poettering/cgroup-rename-ret-params 
more pidfdification
 2023-10-18 17:25:44 +02:00
Frantisek Sumsal
7e9c7d6f5b test: use Type=exec for the test unit 
Make sure everything we need is set up before continuing further with
the test. This should, hopefully, help with a race where we check
a dynamic user before it's created by NFTSet= stuff.

Before:
$ journalctl -o short-monotonic --grep '(test-nft|NFT|testsuite-75)' --no-hostname
...
[ 3657.929223] testsuite-75.sh[48]: + systemd-run -u test-nft.service -p DynamicUser=yes -p 'NFTSet=cgroup:inet:sd_test:c user:inet:sd_test:u group:inet:sd_test:g' sleep 10000
...
[ 3657.977372] systemd[1]: test-nft.service: Changed dead -> running
[ 3657.977388] systemd[1]: test-nft.service: Job 376 test-nft.service/start finished, result=done
[ 3657.977407] testsuite-75.sh[853]: Running as unit: test-nft.service; invocation ID: 8776af2ec7864a60a058cb5d403d1ca6
[ 3657.982437] testsuite-75.sh[856]:                 elements = { "system.slice/test-nft.service" }
[ 3657.984570] testsuite-75.sh[48]: + grep -qF test-nft.service /tmp/tmp.uqXKfyzcpJ
[ 3657.985400] testsuite-75.sh[859]: ++ getent passwd test-nft
[ 3657.986434] systemd[1]: varlink-12: New incoming message: {"method":"io.systemd.UserDatabase.GetUserRecord","parameters":{"userName":"test-nft","service":"io.systemd.DynamicUser"}}
[ 3657.986503] systemd[1]: varlink-12: Sending message: {"error":"io.systemd.UserDatabase.NoRecordFound","parameters":{}}
[ 3657.986643] systemd[1]: testsuite-75.service: Child 48 belongs to testsuite-75.service.
[ 3657.986660] systemd[1]: testsuite-75.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
[ 3657.986681] systemd[1]: testsuite-75.service: Failed with result 'exit-code'.
...
[ 3657.989885] systemd[1]: test-nft.service: User lookup succeeded: uid=64568 gid=64568
[ 3657.989936] systemd[1]: Added NFT set: family inet, table sd_test, set u, ID 64568
[ 3657.989965] systemd[1]: Added NFT set: family inet, table sd_test, set g, ID 64568

After:
$ journalctl -o short-monotonic --grep '(test-nft|NFT|testsuite-75)' --no-hostname
[ 1523.874408] testsuite-75.sh[49]: + systemd-run -u test-nft.service --service-type=exec -p DynamicUser=yes -p 'NFTSet=cgroup:inet:sd_test:c user:inet:sd_test:u group:inet:sd_test:g' sleep 10000
...
[ 1523.924091] systemd[1]: Starting test-nft.service...
[ 1523.928891] systemd[1]: test-nft.service: User lookup succeeded: uid=64568 gid=64568
[ 1523.929102] systemd[1]: Added NFT set: family inet, table sd_test, set u, ID 64568
[ 1523.929220] systemd[1]: Added NFT set: family inet, table sd_test, set g, ID 64568
...
[ 1523.933263] systemd[1]: Started test-nft.service.
[ 1523.933626] testsuite-75.sh[849]: Running as unit: test-nft.service; invocation ID: d1a5c3eacbc647a7a5fcbd46c7b2f863
[ 1523.940810] testsuite-75.sh[852]:                 elements = { "system.slice/test-nft.service" }
[ 1523.942880] testsuite-75.sh[49]: + grep -qF test-nft.service /tmp/tmp.gWka2x3mQq
[ 1523.944031] testsuite-75.sh[855]: ++ getent passwd test-nft
[ 1523.945496] systemd[1]: varlink-18: New incoming message: {"method":"io.systemd.UserDatabase.GetUserRecord","parameters":{"userName":"test-nft","service":"io.systemd.DynamicUser"}}
[ 1523.951593] systemd[1]: varlink-18: Sending message: {"parameters":{"record":{"userName":"test-nft","uid":64568,"gid":64568,"realName":"Dynamic User",...
 2023-10-18 16:08:44 +01:00
Lennart Poettering
06044356de manager: move idle_pipe allocation to manager.c and make it atomic 
Let's make sure it either fails or suceeds, but never fails half-way
leaving a half-initialized array around.
 2023-10-18 16:07:41 +01:00
Luca Boccassi
668d60627e Merge pull request #29583 from poettering/deserialize-fd-many 
add serialize_fd_many() + deserialize_fd_many() helpers
 2023-10-18 16:06:22 +01:00
Lennart Poettering
1158b06b47 update TODO 2023-10-18 14:49:40 +02:00
Lennart Poettering
d0547385d9 test-cgroup: make test case a bit more robust towards previous aborted runs 2023-10-18 14:49:40 +02:00
Lennart Poettering
2d79017564 killall: port killing spree loop over to PidRef 2023-10-18 14:49:40 +02:00
Lennart Poettering
957f84e950 test: port tests over to new /proc/ enumeration API 2023-10-18 14:49:40 +02:00
Lennart Poettering
eefb7d22ce process-util: add API for enumerating processes in /proc/ and pinning them via PidRef 2023-10-18 14:49:40 +02:00