summaryrefslogtreecommitdiff
path: root/src/core
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #27638 from YHNdnzj/upheldby-unit-fileMike Yuan2023-05-162-1/+6
|\ | | | | unit-file: support UpheldBy= in [Install] settings (adding Upholds= deps from .upholds/)
| * unit-file: support UpheldBy= in [Install] settings (adding Upholds= depsMike Yuan2023-05-152-1/+6
| | | | | | | | | | | | from .upholds/) Closes #26896
* | Merge pull request #27573 from poettering/sd-bus-descriptionLennart Poettering2023-05-161-2/+20
|\ \ | | | | | | sd-bus: pass bus description (and comm name) to per via socket address binding on AF_UNIX
| * | pid1: debug log client comm/description strings if available for incoming ↵Lennart Poettering2023-05-161-2/+20
| |/ | | | | | | | | | | connections Very useful for debugging, to see which clients actually connect.
* | pid1: port unit namespacing to new /run/systemd/mount-rootfs dirLennart Poettering2023-05-161-3/+4
|/
* Merge pull request #27605 from YHNdnzj/dbus-activation-followupLuca Boccassi2023-05-134-18/+31
|\ | | | | core: only refuse Type=dbus service enqueue if dbus has pending stop job
| * Revert "core/manager: export manager_dbus_is_running" and partially "core: ↵Mike Yuan2023-05-123-11/+7
| | | | | | | | | | | | | | | | | | | | refuse dbus activation if dbus is not running" This reverts commit e8863150653931ae2ffc91757623f179ce763628 and partially 53964fd26b4a01191609ffc064aa8ccccd28e377. Specifically, changes to signal_activation_request() is not desired.
| * core: only refuse Type=dbus service enqueuing if dbus has stop jobMike Yuan2023-05-121-7/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Follow-up for #27579 In #27579 we refused all StartUnit requests for Type=dbus units if dbus is not running, which means if dbus is manually stopped, user can't use systemctl to start Type=dbus units again, which is incorrect. The only culprit that leads to the cancellation of the whole transaction mentioned in #26799 is job type conflict on dbus. So let's relax the restriction and only refuse job enqueuing if dbus has a stop job. To summarize, the case we want to avoid is: 1. dbus has a stop job installed 2. StartUnit/ActivationRequest is received 3. Type=dbus service gets started, which has Requires=dbus.socket 4. dbus is pulled in again, resulting in job type conflict What we can support is: 1. dbus is already stopped 2. StartUnit is received (possibly through systemctl, i.e. on private bus) 3. Type=dbus service gets started, which will wait for dbus to start 4. dbus is started again, thus the job for Type=dbus service Replaces #27590 Fixes #27588
* | Merge pull request #27633 from DaanDeMeyer/repart-dropinLuca Boccassi2023-05-121-0/+1
|\ \ | | | | | | repart: Make sure we look up dropin files in the root directory
| * | conf-parser: Add root argument to config_parse_many()Daan De Meyer2023-05-121-0/+1
| |/
* | core: fix memory leak during deserializationFrantisek Sumsal2023-05-131-3/+5
|/ | | | | | when activation-details-unit-name is encountered multiple times. Resolves: #27623
* core: Try to initialize TERM from systemd.tty.term.console as wellDaan De Meyer2023-05-121-0/+6
| | | | | | We already have the systemd.tty.xxx kernel cmdline arguments for configuring tty's for services, let's make sure the term cmdline argument applies to pid1 as well.
* core: Check if any init exists before switching rootDaan De Meyer2023-05-121-0/+19
| | | | | | | | | | | | If we switch root and can't execute an init program afterwards, we're completely stuck as we can't go back to the initramfs to start emergency.service as it will have been completely removed by the switch root operation. To prevent leaving users with a completely undebuggable system, let's at least check before we switch root whether at least one of the init programs we might want to execute actually exist, and fail early if none of them exists.
* core: Make sure systemctl exit <X> works outside of a containerDaan De Meyer2023-05-122-7/+2
| | | | | | | When running in a VM, we now support propagating the exit status via a vsock notify socket, so drop the restrictions on propagating an exit status when not in a container to make sure this works properly.
* core/mount: escape invalid UTF8 char in dbus replyYu Watanabe2023-05-111-12/+55
| | | | | | When What= or Options= may contain invalid UTF8 chars. Replaces aaf7b0e41105d7b7cf30912cdac32820f011a219 (#27541).
* Revert "core/mount: replace invalid UTF-8 code points in "what" and "options""Yu Watanabe2023-05-111-29/+6
| | | | | | | This reverts commit aaf7b0e41105d7b7cf30912cdac32820f011a219. Not only /proc/mountinfo, .mount units not started yet may contain invalid UTF-8 chars.
* core: replace hashmap_get() with hashmap_contains() where appropriateYu Watanabe2023-05-101-4/+4
|
* core: drop unused argumentYu Watanabe2023-05-101-5/+3
|
* core: several cleanups for job_get_timeout()Yu Watanabe2023-05-102-4/+8
| | | | | | - add missing assertion, - rename the argument for storing result, - always initialize result on success.
* tree-wide: drop _pure_ attribute from non-pure functionsYu Watanabe2023-05-101-1/+1
| | | | | Prompted by #27595. Follow-ups for 6723c28f36ea566faf61d3610012cd89f95ee4a0.
* core/mount: replace invalid UTF-8 code points in "what" and "options"Michal Sekletar2023-05-101-6/+29
| | | | | | | | | | | Previously, these strings were copied w/o any modification. However, if mount table contained e.g. remote fs mount like NFS or CIFS that was mounted from server running with non UTF-8 locale then those strings might have contained some non UTF-8 characters. If then client asked about status of such mount unit we tried to forward these non UTF-8 strings over D-Bus. That is the violation of the protocol and we ended up kicked from the bus.
* Merge pull request #27534 from keszybz/deperlifyYu Watanabe2023-05-091-2/+0
|\ | | | | Rewrite udev-test.pl in Python
| * pid1: drop duplicate includeZbigniew Jędrzejewski-Szmek2023-05-091-2/+0
| |
* | Merge pull request #27579 from YHNdnzj/refuse-dbus-activationYu Watanabe2023-05-094-7/+18
|\ \ | | | | | | core: refuse dbus activation if dbus is not running
| * | core: refuse dbus activation if dbus is not runningMike Yuan2023-05-092-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | dbus-broker issues StartUnit directly for activation requests, so let's add a check on bus state in bus_unit_queue_job to refuse that if dbus is not running. Replaces #27570 Closes #26799
| * | core/manager: export manager_dbus_is_runningMike Yuan2023-05-092-4/+9
| |/
* | core/service: fix error cause in the logYu Watanabe2023-05-091-1/+1
|/ | | | | Fixes a bug caused by a5648b809457d120500b2acb18b31e2168a4817a. Fixes #27575.
* core/unit: check the validity of unit type with activation_details_vtableYu Watanabe2023-05-081-3/+5
| | | | Follow-up for 24e91e08f8958241195f97472353adef94884b33.
* parse-util: make parse_fd() return -EBADFYu Watanabe2023-05-081-3/+1
| | | | | | | | The previous error code -ERANGE is slightly ambiguous, and use more specific one. This also drops unnecessary error handlings. Follow-up for 754d8b9c330150fdb3767491e24975f7dfe2a203 and e652663a043cb80936bb12ad5c87766fc5150c24.
* core: check the unit type more thoroughly when deserializingFrantisek Sumsal2023-05-051-1/+3
| | | | Resolves: #27523
* core: use extract_first_word() instead of sscanf()Frantisek Sumsal2023-05-051-90/+150
|
* main: improve log messageDavid Tardon2023-05-051-1/+1
|
* tree-wide: use parse_fd()David Tardon2023-05-057-33/+31
|
* main: add missing returnDavid Tardon2023-05-051-1/+1
| | | | Follow-up-for: 2b5107e1625e0847179da0d35eb544192766886f
* execute: remove credentials dir again when emptyLennart Poettering2023-05-042-0/+6
| | | | | | | | | | | | | | | This is closely related to the previous commit: if the credentials dir is empty and nothing mounted on it, let's remove it again. This will in particular happen if we decided to not actually install the mount we prepared for the credentials because it is empty. In that case the mount point inode is already there, and with this we'll remove it. Primary effect, users will see ENOENT rather than EACCESS when trying to access it, which should be preferable, given we already handle that nicely in our credential consumption code. This should also be useful on systems where we lack any privs to create mounts, and thus operate on a regular dir anyway.
* execute: suppress credentials mount if emptyLennart Poettering2023-05-041-7/+25
| | | | | | | | | | | | | Let's avoid creating another mount in the system if it's empty anyway. This is mostl a cosmetic thing in one (pretty common) special case: if creds settings are used in a unit but no creds actually available to be passed. (While we are at it this also does one more minor optimization: it adjusts the MS_RDONLY/MS_NOSUID/… flags of the source mount we are about to MS_MOVE into the right place only if we actually really move it, and if we instead unmount it again we won't bother with the flags either)
* core: fix use of uninitialized valueYu Watanabe2023-05-041-1/+1
| | | | Fixes https://github.com/systemd/systemd/pull/27504#issuecomment-1533354787.
* Merge pull request #27450 from poettering/switch-root-modernizeLennart Poettering2023-05-031-1/+1
|\ | | | | pid1: modernize switch root logic a bit
| * switch-root: don't require /mnt/ when switching root into host OSLennart Poettering2023-05-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | So far, we invoked pivot_root() specifying /mnt/ as second argument, which then unmounted right-after. We'd create /mnt/ if needed. This sucks, because it means /mnt/ must strictly be pre-created on immutable images. Remove this limitation, by using pivot_root() with "." as source and target, which will result in two stacked mounts afterwards: the new one underneath, the old one ontop. We can then simply unmount the top one, and have what we want without needing any extra /mnt/ dir. Since we don't need /mnt/ anymore we can get rid of the extra unmount_old_root parameter and simply specify it as NULL if we don't want the old mount to stick around.
* | core: minor coding style modernization in mount.cLennart Poettering2023-05-031-4/+3
| |
* | manager: add debug logging about BARRIER=1 messagesLennart Poettering2023-05-031-1/+3
| |
* | manager: simplify manager_process_barrier_fd() a bitLennart Poettering2023-05-031-4/+3
|/
* Merge pull request #27504 from mrc0mmand/fuzz-manager-serializeYu Watanabe2023-05-033-0/+50
|\ | | | | test: add a simple fuzzer for manager serialization
| * core: fix NULL pointer dereference during deserializationFrantisek Sumsal2023-05-031-0/+5
| |
| * test: add a simple fuzzer for manager serializationFrantisek Sumsal2023-05-032-0/+45
| |
* | core: check for SERVICE_RELOAD_NOTIFY in manager_dbus_is_runningmsizanoen12023-05-031-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | This ensures that systemd won't erronously disconnect from the system bus in case a bus recheck is triggered immediately after the bus service emits `RELOADING=1`. This fixes an issue where systemd-logind sometimes randomly stops receiving `UnitRemoved` after a system update. This also handles SERVICE_RELOAD_SIGNAL just in case somebody ever creates a D-Bus broker implementation that uses `Type=notify-reload`.
* | generators: skip private tmpfs if /tmp does not existLuca Boccassi2023-05-021-3/+7
|/ | | | | | | | When spawning generators within a sandbox we want a private /tmp, but it might not exist, and on some systems we might be unable to create it because users want a BTRFS subvolume instead. Fixes https://github.com/systemd/systemd/issues/27436
* core/path: do not enqueue new job in .trigger_notify callbackYu Watanabe2023-04-292-5/+65
| | | | | | | | | | | | | | Otherwise, 1. X.path triggered X.service, and the service has waiting start job, 2. systemctl stop X.service 3. the waiting start job is cancelled to install new stop job, 4. path_trigger_notify() is called, and may reinstall new start job, 5. the stop job cannot be installed, and triggeres assertion. So, instead, let's add a defer event source, then enqueue the new start job after the stop (or any other type) job finished. Fixes https://github.com/systemd/systemd/issues/24577#issuecomment-1522628906.
* core/path: align tableYu Watanabe2023-04-291-2/+2
|
* pid1: unify implemenation of /run/ disk space safety check a bitLennart Poettering2023-04-281-16/+42
| | | | | | | | | | | | | | | | | reload/reexec currently used a separate implementation of the /run/ disk space check, different from the one used for switch-root, even though the code is mostly the same. The one difference is that the former checks are authoritative, the latter are just informational (that's because refusing a reload/reexec is relatively benign, but refusing a switch-root quite troublesome, since this code is entered when it's already "too late" to turn turn back, i.e. when the preparatory transaction to initiate the switch root are already fully executed. Let's share some code, and unify codepaths. (This is preparation for later addition of a "userspace reboot" concept) No change in behaviour, just refactoring.
View Lorry Controller Status