| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
| |
[thaller@redhat.com: original patch by Yuri, extracted from [1]]
[1] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/565
|
|
|
|
|
|
|
|
|
|
|
|
| |
"less" doesn't properly reset its terminal on SIGTERM, it does so only
on SIGINT. Let's thus configure SIGINT instead of SIGTERM.
I think this is something less should fix too, and clean up things
correctly on SIGTERM, too. However, given that we explicitly enable
SIGINT behaviour by passing "K" to $LESS I figure it makes sense if we
also send SIGINT instead of SIGTERM to match it.
Fixes: #16084
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
userwork wants to update the title many times, and a strace is full of
attempts that fail the same way:
[pid 21765] prctl(PR_SET_NAME, "systemd-userwor"...) = 0
[pid 21765] geteuid() = 0
[pid 21765] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fedce329000
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_START, 0x7fedce329000, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_END, 0x7fedce32901d, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] munmap(0x7fedce329000, 4096) = 0
[pid 21765] accept4(3, NULL, NULL, SOCK_CLOEXEC|SOCK_NONBLOCK) = -1 EAGAIN (Resource temporarily unavailable)
[pid 21765] prctl(PR_SET_NAME, "systemd-userwor"...) = 0
[pid 21765] geteuid() = 0
[pid 21765] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fedce329000
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_START, 0x7fedce329000, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_END, 0x7fedce329020, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] munmap(0x7fedce329000, 4096) = 0
[pid 21765] prctl(PR_SET_NAME, "systemd-userwor"...) = 0
[pid 21765] geteuid() = 0
[pid 21765] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fedce329000
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_START, 0x7fedce329000, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_END, 0x7fedce32901d, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] munmap(0x7fedce329000, 4096) = 0
[pid 21765] accept4(3, NULL, NULL, SOCK_CLOEXEC|SOCK_NONBLOCK) = -1 EAGAIN (Resource temporarily unavailable)
[pid 21765] prctl(PR_SET_NAME, "systemd-userwor"...) = 0
[pid 21765] geteuid() = 0
[pid 21765] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fedce329000
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_START, 0x7fedce329000, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_END, 0x7fedce329020, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] munmap(0x7fedce329000, 4096) = 0
[pid 21765] prctl(PR_SET_NAME, "systemd-userwor"...) = 0
[pid 21765] geteuid() = 0
[pid 21765] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fedce329000
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_START, 0x7fedce329000, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_END, 0x7fedce32901d, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] munmap(0x7fedce329000, 4096) = 0
[pid 21765] accept4(3, NULL, NULL, SOCK_CLOEXEC|SOCK_NONBLOCK) = -1 EAGAIN (Resource temporarily unavailable)
[pid 21765] prctl(PR_SET_NAME, "systemd-userwor"...) = 0
[pid 21765] geteuid() = 0
[pid 21765] mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fedce329000
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_START, 0x7fedce329000, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] prctl(PR_SET_MM, PR_SET_MM_ARG_END, 0x7fedce329020, 0, 0) = -1 EPERM (Operation not permitted)
[pid 21765] munmap(0x7fedce329000, 4096) = 0
If we get a permission error, don't try again.
|
|
|
|
| |
No functional change.
|
|\
| |
| | |
pid1: by default make user units inherit their umask from the user ma…
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch changes the way user managers set the default umask for the units it
manages.
Indeed one can expect that if user manager's umask is redefined through PAM
(via /etc/login.defs or pam_umask), all its children including the units it
spawns have their umask set to the new value.
Hence make user units inherit their umask value from their parent instead of
the hard coded value 0022 but allow them to override this value via their unit
file.
Note that reexecuting managers with 'systemctl daemon-reexec' after changing
UMask= has no effect. To take effect managers need to be restarted with
'systemct restart' instead. This behavior was already present before this
patch.
Fixes #6077.
|
| | |
|
|/
|
|
|
|
|
|
|
| |
This ensures we will recieve SIGTSTP if the user presses Ctrl-Z.
We continue blocking SIGCHLD to ensure the child is processed by
wait_for_terminate_and_check.
Fixes: https://github.com/systemd/systemd/issues/9806
|
|
|
|
|
|
| |
Instead, push to the closest possible Nice priority setting.
Replaces: #11397
|
|
|
|
| |
CID 1408478.
|
|\
| |
| | |
Assorted smaller stuff split out from homed PR
|
| |
| |
| |
| |
| |
| |
| | |
This adds a new safe_fork() flag. If set the child process' fd 1 becomes
fd 2 of the caller. This is useful for invoking tools (such as various
mkfs/fsck implementations) that output status messages to stdout, but
which we invoke and don't want to pollute stdout with their output.
|
|/
|
|
| |
It returns the pid_t a pidfd refers to.
|
| |
|
|
|
|
| |
Let's bypass /proc if we can.
|
|
|
|
| |
Let's bypass /proc if we can.
|
| |
|
| |
|
| |
|
|\
| |
| | |
Rework cpu affinity parsing
|
| |
| |
| |
| |
| | |
It just seems to fit better there and it's always better to have things
in shared/ rather than basic/.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This restores show_pid_array() output in legacy locales on the console.
Only one call to get_process_cmdline() is changed, all others retain
utf8-only mode. This affects systemd-cgls, systemctl status, etc, when
working locally.
Calls to get_process_cmdline() that cross a process boundary always use
utf8. It's the callers responsibility to convert this to some encoding that
they use. This means that we always pass utf8 over the bus.
|
| |
| |
| |
| | |
In preparation for the next commit…
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It turns out that the kernel allows comm names higher than our expected limit
of 16.
$ wc -c /proc/*/comm|sort -g|tail -n3
35 /proc/1292317/comm
35 /proc/1293610/comm
36 /proc/1287112/comm
$ cat /proc/1287112/comm
kworker/u9:3-kcryptd/253:0
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The functions to retrieve and print process cmdlines were based on the
assumption that they contain printable ASCII, and everything else
should be filtered out. That assumption doesn't hold in today's world,
where people are free to use unicode everywhere.
This replaces the custom cmdline reading code with a more generic approach
using utf8_escape_non_printable_full().
For kernel threads, truncation is done on the parenthesized name, so we'll
get "[worker]", "[worker…]", …, "[w…]", "[…", "…" as we reduce the number of
available columns.
This implementation is most likely slower for very long cmdlines, but I don't
think this is very important. The common case is to have short commandlines,
and should print those properly. Absurdly long cmdlines are the exception,
which needs to be handled correctly and safely, but speed is not too important.
Fixes #12532.
v2:
- use size_t for the number of columns. This change propagates into various
other functions that call get_process_cmdline(), increasing the size of the
patch, but the changes are rather trivial.
|
| |
| |
| |
| | |
Just a cast and an assert.
|
|/ |
|
|
|
|
|
|
|
|
| |
This is partially a refactoring, but also makes many more places use
unlocked operations implicitly, i.e. all users of fopen_temporary().
AFAICT, the uses are always for short-lived files which are not shared
externally, and are just used within the same context. Locking is not
necessary.
|
| |
|
|\
| |
| | |
add ConditionCPUs= + ConditionMemory=
|
| |
| |
| |
| |
| | |
Let's add a new helper for determining how many CPUs are configured for
us
|
|/
|
|
| |
No functional changes.
|
|
|
|
| |
In activate, it is important that we close the fds. In other cases, meh.
|
|
|
|
| |
Just some source rearranging.
|
|
|
|
| |
Just some minor reorganiztion.
|
|
|
|
|
|
|
|
| |
Allocate new string as a return value and free our "scratch pad"
buffer that is potentially much larger than needed (up to
_SC_ARG_MAX).
Fixes #11502
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This affects systemd-journald and systemd-coredump.
Example entry:
$ journalctl -o export -n1 'MESSAGE=Something logged'
__CURSOR=s=976542d120c649f494471be317829ef9;i=34e;b=4871e4c474574ce4a462dfe3f1c37f06;m=c7d0c37dd2;t=57c4ac58f3b98;x=67598e942bd23dc0
__REALTIME_TIMESTAMP=1544035467475864
__MONOTONIC_TIMESTAMP=858200964562
_BOOT_ID=4871e4c474574ce4a462dfe3f1c37f06
PRIORITY=6
_UID=1000
_GID=1000
_CAP_EFFECTIVE=0
_SELINUX_CONTEXT=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
_AUDIT_SESSION=1
_AUDIT_LOGINUID=1000
_SYSTEMD_OWNER_UID=1000
_SYSTEMD_UNIT=user@1000.service
_SYSTEMD_SLICE=user-1000.slice
_SYSTEMD_USER_SLICE=-.slice
_SYSTEMD_INVOCATION_ID=1c4a469986d448719cb0f9141a10810e
_MACHINE_ID=08a5690a2eed47cf92ac0a5d2e3cf6b0
_HOSTNAME=krowka
_TRANSPORT=syslog
SYSLOG_FACILITY=17
SYSLOG_IDENTIFIER=syslog-caller
MESSAGE=Something logged
_COMM=poc
_EXE=/home/zbyszek/src/systemd-work3/poc
_SYSTEMD_CGROUP=/user.slice/user-1000.slice/user@1000.service/gnome-terminal-server.service
_SYSTEMD_USER_UNIT=gnome-terminal-server.service
SYSLOG_PID=4108
SYSLOG_TIMESTAMP=Dec 5 19:44:27
_PID=4108
_CMDLINE=./poc AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA>
_SOURCE_REALTIME_TIMESTAMP=1544035467475848
$ journalctl -o export -n1 'MESSAGE=Something logged' --output-fields=_CMDLINE|wc
6 2053 2097410
2MB might be hard for some clients to use meaningfully, but OTOH, it is
important to log the full commandline sometimes. For example, when the program
is crashing, the exact argument list is useful.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Continuation of a3ebe5eb620e49f0d24082876cafc7579261e64f:
in other places we sometimes use assert_se(), and sometimes normal error
handling. sigfillset and sigaddset can only fail if mask is NULL (which cannot
happen if we are passing in a reference), or if the signal number is invalid
(which really shouldn't happen when we are using a constant like SIGCHLD. If
SIGCHLD is invalid, we have a bigger problem). So let's simplify things and
always use assert_se() in those cases.
In sigset_add_many() we could conceivably pass an invalid signal, so let's keep
normal error handling here. The caller can do assert_se() around the
sigprocmask_many() call if appropriate.
'>= 0' is used for consistency with the rest of the codebase.
|
| |
|
|
|
|
| |
Let's add a size limit, and let's use safe_fgetc().
|
|\
| |
| |
| | |
Merged by hand to resolve a trivial conflict in TODO.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Whenever we invoke external, foreign code from code that has
RLIMIT_NOFILE's soft limit bumped to high values, revert it to 1024
first. This is a safety precaution for compatibility with programs using
select() which cannot operate with fds > 1024.
This commit adds the call to rlimit_nofile_safe() to all invocations of
exec{v,ve,l}() and friends that either are in code that we know runs
with RLIMIT_NOFILE bumped up (which is PID 1 and all journal code for
starters) or that is part of shared code that might end up there.
The calls are placed as early as we can in processes invoking a flavour
of execve(), but after the last time we do fd manipulations, so that we
can still take benefit of the high fd limits for that.
|
| |
| |
| |
| |
| | |
The new flag simply means rlimit_nofile_safe() is called in the child
after all fds are rearranged.
|
|/
|
|
| |
We have these macros already, hence use them.
|
|
|
|
|
|
|
|
|
|
|
| |
Ideally, coccinelle would strip unnecessary braces too. But I do not see any
option in coccinelle for this, so instead, I edited the patch text using
search&replace to remove the braces. Unfortunately this is not fully automatic,
in particular it didn't deal well with if-else-if-else blocks and ifdefs, so
there is an increased likelikehood be some bugs in such spots.
I also removed part of the patch that coccinelle generated for udev, where we
returns -1 for failure. This should be fixed independently.
|
|
|
| |
Code was not doing a wait() after kill() due to checking for a return value > 0, and was leaving zombie processes. This affected things like sd-bus unixexec connections.
|
|\
| |
| | |
Add mode in journalctl where ^C is handled by the pager
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
All users of the macro (except for one, in serialize.c), use the macro in
connection with read_line(), so they must include fileio.h. Let's not play
libc games and require multiple header file to be included for the most common
use of a function.
The removal of def.h includes is not exact. I mostly went over the commits that
switch over to use read_line() and add def.h at the same time and reverted the
addition of def.h in those files.
|
|/
|
|
|
|
|
|
|
| |
forks again
This helper is useful to ensure pidns/userns joining is properly
executed (as that requires a fork after the setns()). This is
particularly important when it comes to /proc/self/ access or
SCM_CREDENTIALS, but is generally the safer mode of operation.
|