| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
This is a follow-up to a70f343cacf03ac51cdefb0d2e.
|
|\
| |
| | |
Namespace fixes
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
... when no mount options are passed.
Change the code, to avoid the following failure in the newly added tests:
exec-temporaryfilesystem-rw.service: Executing: /usr/bin/sh -x -c
'[ "$(stat -c %a /var)" == 755 ]'
++ stat -c %a /var
+ '[' 1777 == 755 ']'
Received SIGCHLD from PID 30364 (sh).
Child 30364 (sh) died (code=exited, status=1/FAILURE)
(And I spotted an opportunity to use TAKE_PTR() at the end).
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We can't remount the underlying superblocks, if we are inside a user
namespace and running Linux <= 4.17. We can only change the per-mount
flags (MS_REMOUNT | MS_BIND).
This type of mount() call can only change the per-mount flags, so we
don't have to worry about passing the right string options now.
Fixes #9914 ("Since 1beab8b was merged, systemd has been failing to start
systemd-resolved inside unprivileged containers" ... "Failed to re-mount
'/run/systemd/unit-root/dev' read-only: Operation not permitted").
> It's basically my fault :-). I pointed out we could remount read-only
> without MS_BIND when reviewing the PR that added TemporaryFilesystem=,
> and poettering suggested to change PrivateDevices= at the same time.
> I think it's safe to change back, and I don't expect anyone will notice
> a difference in behaviour.
>
> It just surprised me to realize that
> `TemporaryFilesystem=/tmp:size=10M,ro,nosuid` would not apply `ro` to the
> superblock (underlying filesystem), like mount -osize=10M,ro,nosuid does.
> Maybe a comment could note the kernel version (v4.18), that lets you
> remount without MS_BIND inside a user namespace.
This makes the code longer and I guess this function is still ugly, sorry.
One obstacle to cleaning it up is the interaction between
`PrivateDevices=yes` and `ReadOnlyPaths=/dev`. I've added a test for the
existing behaviour, which I think is now the correct behaviour.
|
|/
|
|
|
| |
This should make it much easier to catch regressions like
https://github.com/systemd/systemd/issues/9914 and
https://github.com/systemd/systemd/issues/8535.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A follow-up for commit 9d874aec451b591401d9b14cf8743b9d179159b2.
This patch makes "path" parameter mandatory in fd_set_*() helpers removing the
need to use fd_get_path() when NULL was passed. The caller is supposed to pass
the fd anyway so assuming that it also knows the path should be safe.
Actually, the only case where this was useful (or used) was when we were
walking through directory trees (in item_do()). But even in those cases the
paths could be constructed trivially, which is still better than relying on
fd_get_path() (which is an ugly API).
A very succinct test case is also added for 'z/Z' operators so the code dealing
with recursive operators is tested minimally.
|
| |
|
|
|
|
|
|
|
| |
This user/group doesn't apply to Fedora.
Let's use daemon:daemon instead like the other tests, as it actually
tends to exist everywhere.
|
| |
|
|
|
|
|
|
| |
The usage of an initrd made TEST-09-ISSUE-2691 more likely to fail with
a timeout, so increase the timeout by 90s and adjust TimeoutStopSec=
accordingly.
|
|\
| |
| | |
Fix DynamicUser=yes with static User= whose UID and GID are different
|
| |
| |
| |
| | |
different
|
|/ |
|
|
|
|
| |
Addresses part of #8983
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Not all distros support booting without an initrd. E.g. the Debian
kernel builds ext4 as a module and so relies on an initrd to
successfully start the QEMU-based images.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mount tmpfses over the networkd and resolved config and state
directories, and stop the services beforehand. This ensures that the
test does not mess with an existing networkd/resolved setup. At least
for ethernet setups, this does not sever existing links, so is good
enough for the CI cases we are interested in (QEMU and LXC).
Relax the skip check to only skip the test when trying to run this on
real iron, but start running it in virtual machines now.
This allows us to run the test on Ubuntu 18.04 LTS in CI, which uses
both services by default.
|
|
|
|
|
|
| |
Like s-networkd.service itself, it can happen that s-resolved.service
runs into restart limits. Don't enforce a successful call, as on
machines without resolved the unit might not be loaded.
|
|
|
|
| |
Otherwise, they will end up in /dev/null.
|
| |
|
|
|
|
|
|
|
|
| |
- Reset systemd-networkd.service before each test run, to avoid running
into restart limits.
- Our networkd-test-router.service unit needs to run as root and thus
can't use `User=`; but networkd still insists on the
`systemd-network` system user to exist, so create it.
|
|
|
|
| |
to make sure that there's enough room for unstripped binaries.
|
| |
|
|
|
|
|
|
|
|
| |
Fixes #9320.
for p in Shapovalov Chevalier Rozhkov Sievers Mack Herrmann Schmidt Rudenberg Sahani Landden Andersen Watanabe; do
git grep -e 'Copyright.*'$p -l|xargs perl -i -0pe 's|/([*][*])?[*]\s+([*#]\s+)?Copyright[^\n]*'$p'[^\n]*\s*[*]([*][*])?/\n*|\n|gms; s|\s+([*#]\s+)?Copyright[^\n]*'$p'[^\n]*\n*|\n|gms'
done
|
|
|
|
|
|
|
| |
perl -i -0pe 's/\s*Copyright © .... Zbigniew Jędrzejewski.*?\n/\n/gms' man/*xml
git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/(#\n)?# +Copyright © [0-9, -]+ Zbigniew Jędrzejewski.*?\n//gms'
git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/\s*\/\*\*\*\s+Copyright © [0-9, -]+ Zbigniew Jędrzejewski[^\n]*?\s*\*\*\*\/\s*/\n\n/gms'
git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/\s+Copyright © [0-9, -]+ Zbigniew Jędrzejewski[^\n]*//gms'
|
|
|
|
|
|
| |
Let's unify an beautify our remaining copyright statements, with a
unicode ©. This means our copyright statements are now always formatted
the same way. Yay.
|
|
|
|
|
|
| |
Let's use a proper unicode copyright symbol where we can, it's prettier.
This important patch is very important.
|
|\
| |
| | |
Fix invalid memory reference in ellipsize_mem()
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
oss-fuzz flags this as:
==1==WARNING: MemorySanitizer: use-of-uninitialized-value
0. 0x7fce77519ca5 in ascii_is_valid systemd/src/basic/utf8.c:252:9
1. 0x7fce774d203c in ellipsize_mem systemd/src/basic/string-util.c:544:13
2. 0x7fce7730a299 in print_multiline systemd/src/shared/logs-show.c:244:37
3. 0x7fce772ffdf3 in output_short systemd/src/shared/logs-show.c:495:25
4. 0x7fce772f5a27 in show_journal_entry systemd/src/shared/logs-show.c:1077:15
5. 0x7fce772f66ad in show_journal systemd/src/shared/logs-show.c:1164:29
6. 0x4a2fa0 in LLVMFuzzerTestOneInput systemd/src/fuzz/fuzz-journal-remote.c:64:21
...
I didn't reproduce the issue, but this looks like an obvious error: the length
is specified, so we shouldn't use the string with any functions for normal
C-strings.
|
| |
| |
| |
| | |
Apparently I haven't been very good at remembering to do this.
|
|/ |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The test is heavily dependent on timeouts, and if we are run in
potentially very slow QEMU instances there's a good chance we'll miss
some which we normally wouldn't miss. Hence, let's test this one in
nspawn only. Given that the test is purely in service management it
shouldn't matter whether it runs in nspawn or qemu, hence keep running
it in nspawn, but don't bother with qemu.
Similar, do this for TEST-03-JOBS, too, which operates with relatively
short sleep times internally.
Fixes: #9123
|
|
|
|
|
|
|
|
| |
As it turns out /usr/share/selinux/devel/ is now included in more RPMs
than just selinux-policy-devel (specifically container-selinux, which is
pulled in by various container related RPMs). Let's hence tighten the
dependency check a bit and look for systemd's .if file, which is what we
actually care about.
|
|\
| |
| | |
Ellipsization fixes based on unit-testing and fuzzing
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
First, ellipsize() and ellipsize_mem() should not read past the input
buffer. Those functions take an explicit length for the input data, so they
should not assume that the buffer is terminated by a nul.
Second, ellipsization was off in various cases where wide on multi-byte
characters were used.
We had some basic test for ellipsize(), but apparently it wasn't enough to
catch more serious cases.
Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8686.
|
|/ |
|
|
|
|
|
|
|
|
| |
entry
journalctl -o short would display those entries, but journalctl -o short-full
would refuse. If the entry is bad, just fall back to the receive-side realtime
timestamp like we would if it was completely missing.
|
|
|
|
|
|
|
|
|
|
|
|
| |
string operations
We'd look for a '=' separator using memchr, i.e. ignoring any nul bytes in the
string, but then do a strndup, which would terminate on any nul byte, and then
again do a memcmp, which would access memory past the chunk allocated by strndup.
Of course, we probably shouldn't allow keys with nul bytes in them. But we
currently do, so there might be journal files like that out there. So let's fix
the journal-reading code first.
|
|
|
|
|
|
|
|
|
|
|
| |
journal file
Something is wrong with the entry (probably a missing timestamp), so no point
in rotating. But suppress the error in process_source(), so that the processing
of the data stream continues.
Also, just return 0 from writer_write() on success, the only caller doesn't
care.
|
| |
|
|
|
|
|
|
|
| |
With operator '=', when in /etc/os-release:
ID_LIKE="opensuse suse" # Tumbleweed since at least 2018-04-24
or
ID_LIKE="suse opensuse" # Leap 15
|
|
|
|
|
|
|
|
|
|
|
| |
This corresponds nicely with the specifiers we already pass for
/var/lib, /var/cache, /run and so on.
This is particular useful to update the test-path service files to
operate without guessable files, thus allowing multiple parallel
test-path invocations to pass without issues (the idea is to set $TMPDIR
early on in the test to some private directory, and then only use the
new %T or %V specifier to refer to it).
|
|\
| |
| | |
core: allow to specify RestrictNamespaces= multiple times
|
| | |
|