| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |/ / / |
|
| |\ \ \
| | | |
| | | | |
Firstboot followups
|
| | | | | |
|
| | | | | |
|
| | |/ / |
|
| |\ \ \
| | | |
| | | | |
pid1: introduce new SERVICE_{DEAD|FAILED}_BEFORE_AUTO_RESTART service…
|
| | | | | |
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a service deactivates and is then automatically restarted via
Restart= we currently quickly transition through
SERVICE_DEAD/SERVICE_FAILED. Which is weird given it's not the
normal ("permanent") dead/failed state, but a transitory one we
immediately leave from again. We do this so that software that looks for
failures/successes can take notice, even if we restart as a consequence
of the deactivation.
Let's clean this up a bit: let's introduce two new states:
SERVICE_DEAD_BEFORE_AUTO_RESTART and SERVICE_FAILED_BEFORE_AUTO_RESTART
that are used for the transitory states. Both the SERVICE_DEAD and
SERVICE_DEAD_BEFORE_AUTO_RESTART will map to the high-level
UNIT_INACTIVE state though. (and similar for the respective failed
states). This means the high-level state machine won't change by this,
only the low-level one.
This clearly seperates the substates, which makes the state engine
cleaner, and allows clients to follow precisely whether we are in a
transitory dead/failed state, or a permanent one, by looking at the
service substate. Moreover it allows us to remove the 'n_keep_fd_store'
which so far we used to ensure the fdstore was not released during this
transitory dead/failed state but only during the permanent one. Since we
can now distinguish these states properly we can just use that.
This has been bugging me for a while. Let's clean this up.
Note that the unit restart logic is already nicely covered in the
testsiute, hence this adds no new tests for that.
And yes, this could be considered a compat break, but sofar we took the
liberty to make changes to the low-level state machine (i.e. SERVICE_xyz
states, sometimes called "substates") without considering this a bad
breakage – the high-level state machine (i.e. UNIT_xyz states) should
be considered API that cannot be changed.
|
| |\ \ \
| |/ /
|/| | |
core: Introduce unit private exec runtime
|
| | | |
| | |
| | |
| | |
| | | |
This is just another piece of runtime data so let's store it in
ExecRuntime alongside the other runtime data.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently, exec runtimes can be shared between units (using
JoinsNamespaceOf=). Let's introduce a concept of a private exec
runtime that isn't shared with JoinsNamespaceOf=. The existing
ExecRuntime struct is renamed to ExecRuntimeShared and becomes a
private member of the new private ExecRuntime.
|
| | | |
| | |
| | |
| | |
| | | |
Let's mimick what we do for DynamicUser and have two separate functions
for unreffing and destroying a ExecSharedRuntime object.
|
| | | |
| | |
| | |
| | | |
Preparation for next commit
|
| |\ \ \
| | | |
| | | | |
firstboot: modernize path handling
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Let's open a file descriptor to the root directory and perform all
path operations using that file descriptor. On top of that, let's
make sure we pin the directory containing the file we want to work
on and use atomic copies and writes everywhere we can..
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
systemd-cryptenroll: adding integration test cases
|
| | | | | | |
|
| | |/ / /
|/| | |
| | | |
| | | |
| | | |
| | | | |
Make sure the ENOENT exception reintroduced by commit
9db7081d83d56cd2523b03f9eb9d67ef1c93c55f is not applied when the parser
is invoked by udevadm verify.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
LOG_SET_PREFIX() sets a logging prefix for the current block. The
prefix is prepended to every logging message in the block, followed
by ": ". If a logging prefix is already configured, it is overridden
for the duration of the block, after which it is restored.
A use case for this macro is when we're operating on an image or
directory (using --root or --image). We can use LOG_SET_PREFIX() to
prefix all logging messages with the directory or image that we're
operating on.
|
| |\ \ \ \
| | | | |
| | | | | |
Restore silent skipping of missing rules files by udev
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We shouldn't report that the file is empty if the stating fails. Let's do the
same as in other places, and just ignore the error and let the subsequent
operation fail.
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This reverts commit 42a467b55219384c7c3b137ab3cc8b6a309a8a14.
We need to skip -ENOENT when loading udev rules because new files with rules
may be added or removed at any time, and the loading of rules is triggered
asynchronously. Even though the window is fairly narrow, udev shouldn't throw
an error if a rules file is removed.
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
ukify: Add workarounds for older stubs
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Older stubs are either not stripped, causing their total size to be
unaligned because of an unaligned symbol table at the end, or stripped,
causing the raw data pointers and sizes to be unaligned because strip
does not follow the PE spec correctly when stripping. Let's add
workarounds for both issues, so that we can use ukify with older stubs
as well.
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
This reverts commit 23428bb19e49cf510c65e2896f1a7e4b12ca1dbc.
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Let's skip going through all locally available time zones if we're built
with slow tests disabled, as that's quite slow, but do at least one test
with the UTC zone.
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
bustctl: show property values in full
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
If people grep the output, it probably shouldn't be ellipsized.
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Also reduce the scope of variables.
|
| | | | | | | | |
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | | |
portable: introduce SYSEXT_ fields to identify sysexts, and include more metadata in log messages via LogExtraFields=
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
The wrong fields were being displayed, if at all.
ID and VERSION_ID in sysexts are used for matching, they
don't identify the sysext itself. Parse the newly defined
fields and display them separately from the compatibility
fields.
Before:
Image:
/home/bluca/git/systemd/base.raw
Portable Service:
n/a
Operating System:
Debian GNU/Linux 10 (buster)
Extension:
/home/bluca/git/systemd/app0.raw
Extension Scope:
n/a
Extension Compatibility Level:
n/a
Portable Service:
n/a
Portable Prefixes:
n/a
Operating System:
n/a (debian 10)
Extension:
/home/bluca/git/systemd/app1.raw
Extension Scope:
n/a
Extension Compatibility Level:
n/a
Portable Service:
n/a
Portable Prefixes:
n/a
Operating System:
n/a (debian 10)
Unit files:
app0.service
app1.service
After:
Image:
/home/bluca/git/systemd/base.raw
Portable Service:
n/a
Operating System:
Debian GNU/Linux 10 (buster)
Extension:
/home/bluca/git/systemd/app0.raw
Extension Scope:
n/a
Extension Compatibility Level:
n/a
Extension Compatibility OS:
debian
Extension Compatibility OS Version:
10
Portable Service:
n/a
Portable Prefixes:
n/a
Extension Image:
ID: app Version: 0
Extension:
/home/bluca/git/systemd/app1.raw
Extension Scope:
n/a
Extension Compatibility Level:
n/a
Extension Compatibility OS:
debian
Extension Compatibility OS Version:
10
Portable Service:
n/a
Portable Prefixes:
n/a
Extension Image:
ID: app Version: 1
Unit files:
app0.service
app1.service
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
This is useful to identify log messages with metadata from the images
they run on. Look for ID/VERSION_ID/IMAGE_ID/IMAGE_VERSION/BUILD_ID,
with a SYSEXT_ prefix if we are looking at an extension, and append via
LogExtraFields= as respectively PORTABLE_NAME_AND_VERSION= in case of a
single image. In case of extensions, append as PORTABLE_ROOT_NAME_AND_VERSION=
for the base and one PORTABLE_EXTENSION_AND_VERSION= for each extension.
Example with a base and two extensions, with the unit coming from the
first extension:
[Service]
RootImage=/home/bluca/git/systemd/base.raw
Environment=PORTABLE=app0.raw
BindReadOnlyPaths=/etc/os-release:/run/host/os-release
LogExtraFields=PORTABLE=app0.raw
Environment=PORTABLE_ROOT=base.raw
LogExtraFields=PORTABLE_ROOT=base.raw
LogExtraFields=PORTABLE_ROOT_NAME_AND_VERSION=debian_10
ExtensionImages=/home/bluca/git/systemd/app0.raw
LogExtraFields=PORTABLE_EXTENSION=app0.raw
LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_0
ExtensionImages=/home/bluca/git/systemd/app1.raw
LogExtraFields=PORTABLE_EXTENSION=app1.raw
LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_1
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
When a portable service uses extensions, we use the 'main' image name
(the one where the unit was found in) as PORTABLE=. It is useful to
also list all the images actually used at runtime, as they might
contain libraries and so on.
Use PORTABLE_ROOT= for the image/directory that is used as RootImage=
or RootDirectory=, and PORTABLE_EXTENSION= for the image/directory that
is used as ExtensionImages= or ExtensionDirectories=.
Note that these new fields are only added if extensions are used,
there's no change for single-DDI portables.
Example with a base and two extensions, with the unit coming from the
first extension:
[Service]
RootImage=/home/bluca/git/systemd/base.raw
Environment=PORTABLE=app0.raw
BindReadOnlyPaths=/etc/os-release:/run/host/os-release
LogExtraFields=PORTABLE=app0.raw
LogExtraFields=PORTABLE_ROOT=base.raw
ExtensionImages=/home/bluca/git/systemd/app0.raw
LogExtraFields=PORTABLE_EXTENSION=app0.raw
ExtensionImages=/home/bluca/git/systemd/app1.raw
LogExtraFields=PORTABLE_EXTENSION=app1.raw
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
take_fdopen_unlocked invalidates the FD in the PortableMetadata object,
so it cannot be used later. Use parse_env_file_fd instead which is non
destructive.
|
| | | | | | | | |
|
| | | |/ / / /
| |/| | | | |
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The reason why get_process_cmdline() is so complicated is that we
need to escape and quote arguments for building a single result
string.
That's necessary when we want to log or print the command line.
However, when we want to parse the command line, it is not necessary
that the result is a single string, but can be strv.
This will be used when we parse the command line.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
$ dd if=/dev/zero of=luks.img bs=1M count=64
$ echo 1231dfsd234d | cryptsetup luksFormat luks.img
$ build-san/systemd-cryptenroll luks.img
SLOT TYPE
0 password
=================================================================
==640364==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 64 byte(s) in 1 object(s) allocated from:
#0 0x7f43ffeb95b5 in __interceptor_realloc.part.0 (/lib64/libasan.so.8+0xb95b5)
#1 0x7f43ff0a4f2f in greedy_realloc ../src/basic/alloc-util.c:70
#2 0x404d9f in list_enrolled ../src/cryptenroll/cryptenroll-list.c:30
#3 0x40f149 in run ../src/cryptenroll/cryptenroll.c:673
#4 0x40f149 in main ../src/cryptenroll/cryptenroll.c:692
#5 0x7f43fd64a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
SUMMARY: AddressSanitizer: 64 byte(s) leaked in 1 allocation(s).
Aborted (core dumped)
Reported in https://github.com/systemd/systemd/pull/27007.
|
| |\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
yuwata/journal-remote-fix-relative-output-journal-file
journal-remote: support relative output journal file again
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
After f12b399dd6362a03379cb769954ebfb9972236ed, the output path is
also used to determine the directory to be vacuumed. And if a filename
only path is specified, `writer_new()` fails since the commit.
This makes the specified path is always made absolute. This should not
change any behavior before the offending commit, as `journal_open()` opens
the specified journal file with `AT_FDCWD`.
Fixes #27012.
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
journal_remote_get_writer()
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
After f12b399dd6362a03379cb769954ebfb9972236ed, writer_new() may fail
with non-OOM error. Let's return the error cause, and logs the failure
in the caller side.
This also drops logs in journal_remote_get_writer(), adds its caller
typically logs the failure.
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Let's add a dash of colour to separate our own status info from the the
status info supplied by the service.
(I wanted to make this italics, but apparently popular terminal
emulators don't support that, such as xterm)
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The fdstore might pin a non-trivial amount of resources. Let's hence
display for services that enable it how many entries there are and what
the size limit is.
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
When using an old systemctl on a new PID 1 the "startup" memory limit
props are not initialized and currently be shown in status output as
zero, even though there's code to suppress the output in that case. Alas
it doesn't work, because the relevant fields are not marked as
"unset"... Fix that.
Follow-up for: 53fda560dc2c66502da7ad68db7d79b515a3601a
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
test: explicitly pull in systemd-userdbd.service
|
