| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
unit-file: support UpheldBy= in [Install] settings (adding Upholds= deps from .upholds/)
|
| |
| |
| |
| |
| |
| | |
from .upholds/)
Closes #26896
|
|\ \
| | |
| | | |
sd-bus: pass bus description (and comm name) to per via socket address binding on AF_UNIX
|
| |/
| |
| |
| |
| |
| | |
connections
Very useful for debugging, to see which clients actually connect.
|
|/ |
|
|\
| |
| | |
core: only refuse Type=dbus service enqueue if dbus has pending stop job
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
refuse dbus activation if dbus is not running"
This reverts commit e8863150653931ae2ffc91757623f179ce763628
and partially 53964fd26b4a01191609ffc064aa8ccccd28e377.
Specifically, changes to signal_activation_request()
is not desired.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Follow-up for #27579
In #27579 we refused all StartUnit requests for Type=dbus units
if dbus is not running, which means if dbus is manually stopped,
user can't use systemctl to start Type=dbus units again, which
is incorrect.
The only culprit that leads to the cancellation of the whole
transaction mentioned in #26799 is job type conflict on dbus.
So let's relax the restriction and only refuse job enqueuing
if dbus has a stop job.
To summarize, the case we want to avoid is:
1. dbus has a stop job installed
2. StartUnit/ActivationRequest is received
3. Type=dbus service gets started, which has Requires=dbus.socket
4. dbus is pulled in again, resulting in job type conflict
What we can support is:
1. dbus is already stopped
2. StartUnit is received (possibly through systemctl, i.e. on private bus)
3. Type=dbus service gets started, which will wait for dbus to start
4. dbus is started again, thus the job for Type=dbus service
Replaces #27590
Fixes #27588
|
|\ \
| | |
| | | |
repart: Make sure we look up dropin files in the root directory
|
| |/ |
|
|/
|
|
|
|
| |
when activation-details-unit-name is encountered multiple times.
Resolves: #27623
|
|
|
|
|
|
| |
We already have the systemd.tty.xxx kernel cmdline arguments for
configuring tty's for services, let's make sure the term cmdline
argument applies to pid1 as well.
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we switch root and can't execute an init program afterwards, we're
completely stuck as we can't go back to the initramfs to start
emergency.service as it will have been completely removed by the switch
root operation.
To prevent leaving users with a completely undebuggable system, let's
at least check before we switch root whether at least one of the init
programs we might want to execute actually exist, and fail early if
none of them exists.
|
|
|
|
|
|
|
| |
When running in a VM, we now support propagating the exit status
via a vsock notify socket, so drop the restrictions on propagating
an exit status when not in a container to make sure this works
properly.
|
|
|
|
|
|
| |
When What= or Options= may contain invalid UTF8 chars.
Replaces aaf7b0e41105d7b7cf30912cdac32820f011a219 (#27541).
|
|
|
|
|
|
|
| |
This reverts commit aaf7b0e41105d7b7cf30912cdac32820f011a219.
Not only /proc/mountinfo, .mount units not started yet may contain
invalid UTF-8 chars.
|
| |
|
| |
|
|
|
|
|
|
| |
- add missing assertion,
- rename the argument for storing result,
- always initialize result on success.
|
|
|
|
|
| |
Prompted by #27595.
Follow-ups for 6723c28f36ea566faf61d3610012cd89f95ee4a0.
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, these strings were copied w/o any modification. However, if
mount table contained e.g. remote fs mount like NFS or CIFS that was
mounted from server running with non UTF-8 locale then those strings
might have contained some non UTF-8 characters.
If then client asked about status of such mount unit we tried to forward
these non UTF-8 strings over D-Bus. That is the violation of the
protocol and we ended up kicked from the bus.
|
|\
| |
| | |
Rewrite udev-test.pl in Python
|
| | |
|
|\ \
| | |
| | | |
core: refuse dbus activation if dbus is not running
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
dbus-broker issues StartUnit directly for activation requests,
so let's add a check on bus state in bus_unit_queue_job to refuse
that if dbus is not running.
Replaces #27570
Closes #26799
|
| |/ |
|
|/
|
|
|
| |
Fixes a bug caused by a5648b809457d120500b2acb18b31e2168a4817a.
Fixes #27575.
|
|
|
|
| |
Follow-up for 24e91e08f8958241195f97472353adef94884b33.
|
|
|
|
|
|
|
|
| |
The previous error code -ERANGE is slightly ambiguous, and use more
specific one. This also drops unnecessary error handlings.
Follow-up for 754d8b9c330150fdb3767491e24975f7dfe2a203 and
e652663a043cb80936bb12ad5c87766fc5150c24.
|
|
|
|
| |
Resolves: #27523
|
| |
|
| |
|
| |
|
|
|
|
| |
Follow-up-for: 2b5107e1625e0847179da0d35eb544192766886f
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is closely related to the previous commit: if the credentials dir
is empty and nothing mounted on it, let's remove it again.
This will in particular happen if we decided to not actually install the
mount we prepared for the credentials because it is empty. In that case
the mount point inode is already there, and with this we'll remove it.
Primary effect, users will see ENOENT rather than EACCESS when trying to
access it, which should be preferable, given we already handle that
nicely in our credential consumption code.
This should also be useful on systems where we lack any privs to create
mounts, and thus operate on a regular dir anyway.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's avoid creating another mount in the system if it's empty anyway.
This is mostl a cosmetic thing in one (pretty common) special case: if
creds settings are used in a unit but no creds actually available to be
passed.
(While we are at it this also does one more minor optimization: it
adjusts the MS_RDONLY/MS_NOSUID/… flags of the source mount we are about
to MS_MOVE into the right place only if we actually really move it, and
if we instead unmount it again we won't bother with the flags either)
|
|
|
|
| |
Fixes https://github.com/systemd/systemd/pull/27504#issuecomment-1533354787.
|
|\
| |
| | |
pid1: modernize switch root logic a bit
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
So far, we invoked pivot_root() specifying /mnt/ as second argument,
which then unmounted right-after. We'd create /mnt/ if needed. This
sucks, because it means /mnt/ must strictly be pre-created on immutable
images.
Remove this limitation, by using pivot_root() with "." as source and
target, which will result in two stacked mounts afterwards: the new one
underneath, the old one ontop. We can then simply unmount the top one,
and have what we want without needing any extra /mnt/ dir.
Since we don't need /mnt/ anymore we can get rid of the extra
unmount_old_root parameter and simply specify it as NULL if we don't
want the old mount to stick around.
|
| | |
|
| | |
|
|/ |
|
|\
| |
| | |
test: add a simple fuzzer for manager serialization
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This ensures that systemd won't erronously disconnect from the system
bus in case a bus recheck is triggered immediately after the bus service
emits `RELOADING=1`.
This fixes an issue where systemd-logind sometimes randomly stops
receiving `UnitRemoved` after a system update.
This also handles SERVICE_RELOAD_SIGNAL just in case somebody ever
creates a D-Bus broker implementation that uses `Type=notify-reload`.
|
|/
|
|
|
|
|
|
| |
When spawning generators within a sandbox we want a private /tmp, but it
might not exist, and on some systems we might be unable to create it
because users want a BTRFS subvolume instead.
Fixes https://github.com/systemd/systemd/issues/27436
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise,
1. X.path triggered X.service, and the service has waiting start job,
2. systemctl stop X.service
3. the waiting start job is cancelled to install new stop job,
4. path_trigger_notify() is called, and may reinstall new start job,
5. the stop job cannot be installed, and triggeres assertion.
So, instead, let's add a defer event source, then enqueue the new start
job after the stop (or any other type) job finished.
Fixes https://github.com/systemd/systemd/issues/24577#issuecomment-1522628906.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
reload/reexec currently used a separate implementation of the /run/ disk
space check, different from the one used for switch-root, even though
the code is mostly the same. The one difference is that the former
checks are authoritative, the latter are just informational (that's
because refusing a reload/reexec is relatively benign, but refusing a
switch-root quite troublesome, since this code is entered when it's
already "too late" to turn turn back, i.e. when the preparatory
transaction to initiate the switch root are already fully executed.
Let's share some code, and unify codepaths.
(This is preparation for later addition of a "userspace reboot" concept)
No change in behaviour, just refactoring.
|