rpms
/
systemd
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update to v232

This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2016-11-03 19:00:42 -04:00
parent 14572d7192
commit 1478fab950
22 changed files with 26 additions and 1331 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
0001-systemctl-be-sure-to-be-quiet-with-systemctl-is-enab.patch
View File

@ -1,33 +0,0 @@
From 555c57de77d0a364c116b28809524a1067e2159f Mon Sep 17 00:00:00 2001
From: Christian Rebischke <Chris.Rebischke@posteo.de>
Date: Thu, 28 Jul 2016 04:40:20 +0200
Subject: [PATCH] systemctl: be sure to be quiet with 'systemctl is-enabled
--quiet' (#3819)
Fixes #3813.
(cherry picked from commit 689e4e6a94222b4d58a8b9cb3c51cc2f82268aa9)
---
src/systemctl/systemctl.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
index 6a0ed79a53..6e61eeadef 100644
--- a/src/systemctl/systemctl.c
+++ b/src/systemctl/systemctl.c
@@ -5566,10 +5566,12 @@ static int enable_sysv_units(const char *verb, char **args) {
if (!found_sysv)
continue;
- if (found_native)
- log_info("Synchronizing state of %s with SysV service script with %s.", name, argv[0]);
- else
- log_info("%s is not a native service, redirecting to systemd-sysv-install.", name);
+ if (!arg_quiet) {
+ if (found_native)
+ log_info("Synchronizing state of %s with SysV service script with %s.", name, argv[0]);
+ else
+ log_info("%s is not a native service, redirecting to systemd-sysv-install.", name);
+ }
if (!isempty(arg_root))
argv[c++] = q = strappend("--root=", arg_root);

26
0002-logind-0-and-100-should-be-valid-for-UserTasksMax-38.patch
View File

@ -1,26 +0,0 @@
From 821098286ee773662245254c11ada000ab32fa91 Mon Sep 17 00:00:00 2001
From: Tejun Heo <htejun@fb.com>
Date: Sun, 31 Jul 2016 21:38:47 -0400
Subject: [PATCH] logind: 0% and 100% should be valid for UserTasksMax (#3836)
config_parse_user_tasks_max() was incorrectly accepting percentage value
between 1 and 99. Update it to accept 0% and 100%. This brings it in line
with TasksMax handling in systemd.
(cherry picked from commit cb3e4417590196bd30e1b8097348dca6ba34bd15)
---
src/login/logind-user.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/login/logind-user.c b/src/login/logind-user.c
index 348e396292..63363035e7 100644
--- a/src/login/logind-user.c
+++ b/src/login/logind-user.c
@@ -893,7 +893,7 @@ int config_parse_user_tasks_max(
/* First, try to parse as percentage */
r = parse_percent(rvalue);
- if (r > 0 && r < 100)
+ if (r >= 0)
k = system_tasks_max_scale(r, 100U);
else {

40
0003-systemd-ask-password-make-sure-directory-watch-is-st.patch
View File

@ -1,40 +0,0 @@
From c877672ff6ec11efc8cd55d4c156211b16cf0975 Mon Sep 17 00:00:00 2001
From: tblume <Thomas.Blume@suse.com>
Date: Tue, 2 Aug 2016 14:55:25 +0200
Subject: [PATCH] systemd-ask-password: make sure directory watch is started
before cryptsetup (#3850)
The password directory watch should get ordered before cryptsetup to make sure
that the password for unlocking the crypt device gets prompted.
(cherry picked from commit 7633f8ef371a0992374956437fb7bb8189156b10)
---
units/systemd-ask-password-console.path | 2 +-
units/systemd-ask-password-wall.path | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/units/systemd-ask-password-console.path b/units/systemd-ask-password-console.path
index 2949635fea..7899ae788f 100644
--- a/units/systemd-ask-password-console.path
+++ b/units/systemd-ask-password-console.path
@@ -11,7 +11,7 @@ Documentation=man:systemd-ask-password-console.service(8)
DefaultDependencies=no
Conflicts=shutdown.target
After=plymouth-start.service
-Before=paths.target shutdown.target
+Before=paths.target shutdown.target cryptsetup.target
ConditionPathExists=!/run/plymouth/pid
[Path]
diff --git a/units/systemd-ask-password-wall.path b/units/systemd-ask-password-wall.path
index 95ec9bc8a0..a3ca617256 100644
--- a/units/systemd-ask-password-wall.path
+++ b/units/systemd-ask-password-wall.path
@@ -10,7 +10,7 @@ Description=Forward Password Requests to Wall Directory Watch
Documentation=man:systemd-ask-password-console.service(8)
DefaultDependencies=no
Conflicts=shutdown.target
-Before=paths.target shutdown.target
+Before=paths.target shutdown.target cryptsetup.target
[Path]
DirectoryNotEmpty=/run/systemd/ask-password

34
0004-Revert-logind-really-handle-KeyIgnoreInhibited-optio.patch
View File

@ -1,34 +0,0 @@
From 811a90e2de94c71bddf02cdab36c1a0560288695 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mantas=20Mikul=C4=97nas?= <grawity@gmail.com>
Date: Mon, 8 Aug 2016 11:07:38 +0300
Subject: [PATCH] Revert "logind: really handle *KeyIgnoreInhibited options in
logind.conf"
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This reverts commit 8121f4d209eca85dcb11830800483cdfafbef9b7.
The special 'key handling' inhibitors should always work regardless of
any *IgnoreInhibited settings otherwise they're nearly useless.
Reverts: #3470
Fixes: #3897
(cherry picked from commit 06a70b918d4d753769a727239f75af8896006467)
---
src/login/logind-action.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/login/logind-action.c b/src/login/logind-action.c
index 8ef48dbaa1..a950409254 100644
--- a/src/login/logind-action.c
+++ b/src/login/logind-action.c
@@ -85,7 +85,7 @@ int manager_handle_action(
}
/* If the key handling is inhibited, don't do anything */
- if (!ignore_inhibited && inhibit_key > 0) {
+ if (inhibit_key > 0) {
if (manager_is_inhibited(m, inhibit_key, INHIBIT_BLOCK, NULL, true, false, 0, NULL)) {
log_debug("Refusing operation, %s is inhibited.", inhibit_what_to_string(inhibit_key));
return 0;

109
0005-man-explain-that-KeyIgnoreInhibited-only-apply-to-a-.patch
View File

@ -1,109 +0,0 @@
From 9ecf9e414a97e861db403e043696fed6033508f0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sun, 14 Aug 2016 16:27:59 -0400
Subject: [PATCH] man: explain that *KeyIgnoreInhibited only apply to a subset
of locks
Follow-up for #3924.
(cherry picked from commit 05b2a8fd7a0533758d2f532df798cabc3c442683)
---
man/logind.conf.xml | 42 ++++++++++++++++++++++++++----------------
man/systemd-inhibit.xml | 2 +-
man/systemd-logind.service.xml | 2 +-
3 files changed, 28 insertions(+), 18 deletions(-)
diff --git a/man/logind.conf.xml b/man/logind.conf.xml
index adba5a4131..5931832996 100644
--- a/man/logind.conf.xml
+++ b/man/logind.conf.xml
@@ -211,7 +211,7 @@
<term><varname>HandleLidSwitch=</varname></term>
<term><varname>HandleLidSwitchDocked=</varname></term>
- <listitem><para>Controls whether logind shall handle the
+ <listitem><para>Controls how logind shall handle the
system power and sleep keys and the lid switch to trigger
actions such as system power-off or suspend. Can be one of
<literal>ignore</literal>,
@@ -240,7 +240,16 @@
docking station, or if more than one display is connected, the
action specified by <varname>HandleLidSwitchDocked=</varname>
occurs; otherwise the <varname>HandleLidSwitch=</varname>
- action occurs.</para></listitem>
+ action occurs.</para>
+
+ <para>A different application may disable logind's handling of system power and
+ sleep keys and the lid switch by taking a low-level inhibitor lock
+ ("handle-power-key", "handle-suspend-key", "handle-hibernate-key",
+ "handle-lid-switch"). This is most commonly used by graphical desktop environments
+ to take over suspend and hibernation handling, and to use their own configuration
+ mechanisms. If a low-level inhibitor lock is taken, logind will not take any
+ action when that key or switch is triggered and the <varname>Handle*=</varname>
+ settings are irrelevant.</para></listitem>
</varlistentry>
<varlistentry>
@@ -249,21 +258,22 @@
<term><varname>HibernateKeyIgnoreInhibited=</varname></term>
<term><varname>LidSwitchIgnoreInhibited=</varname></term>
- <listitem><para>Controls whether actions triggered by the
- power and sleep keys and the lid switch are subject to
- inhibitor locks. These settings take boolean arguments. If
- <literal>no</literal>, the inhibitor locks taken by
- applications in order to block the requested operation are
- respected. If <literal>yes</literal>, the requested operation
- is executed in any case.
+ <listitem><para>Controls whether actions that <command>systemd-logind</command>
+ takes when the power and sleep keys and the lid switch are triggered are subject
+ to high-level inhibitor locks ("shutdown", "sleep", "idle"). Low level inhibitor
+ locks ("handle-*-key"), are always honoured, irrespective of this setting.</para>
+
+ <para>These settings take boolean arguments. If <literal>no</literal>, the
+ inhibitor locks taken by applications are respected. If <literal>yes</literal>,
+ "shutdown", "sleep", and "idle" inhibitor locks are ignored.
<varname>PowerKeyIgnoreInhibited=</varname>,
- <varname>SuspendKeyIgnoreInhibited=</varname> and
- <varname>HibernateKeyIgnoreInhibited=</varname> default to
- <literal>no</literal>.
- <varname>LidSwitchIgnoreInhibited=</varname> defaults to
- <literal>yes</literal>. This means that the lid switch does
- not respect suspend blockers by default, but the power and
- sleep keys do. </para></listitem>
+ <varname>SuspendKeyIgnoreInhibited=</varname>, and
+ <varname>HibernateKeyIgnoreInhibited=</varname> default to <literal>no</literal>.
+ <varname>LidSwitchIgnoreInhibited=</varname> defaults to <literal>yes</literal>.
+ This means that when <command>systemd-logind</command> is handling events by
+ itself (no low level inhibitor locks are taken by another application), the lid
+ switch does not respect suspend blockers by default, but the power and sleep keys
+ do.</para></listitem>
</varlistentry>
<varlistentry>
diff --git a/man/systemd-inhibit.xml b/man/systemd-inhibit.xml
index 9d85908f97..ce169960d8 100644
--- a/man/systemd-inhibit.xml
+++ b/man/systemd-inhibit.xml
@@ -61,7 +61,7 @@
<title>Description</title>
<para><command>systemd-inhibit</command> may be used to execute a
- program with a shutdown, sleep or idle inhibitor lock taken. The
+ program with a shutdown, sleep, or idle inhibitor lock taken. The
lock will be acquired before the specified command line is
executed and released afterwards.</para>
diff --git a/man/systemd-logind.service.xml b/man/systemd-logind.service.xml
index 5733e42cd1..f0bdb1c756 100644
--- a/man/systemd-logind.service.xml
+++ b/man/systemd-logind.service.xml
@@ -84,7 +84,7 @@
management</para></listitem>
</itemizedlist>
- <para>User sessions are registered in logind via the
+ <para>User sessions are registered with logind via the
<citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
PAM module.</para>

25
0006-systemctl-fix-preset-all-with-missing-etc-systemd-sy.patch
View File

@ -1,25 +0,0 @@
From ee2b7cbcd0633aaddd4f758580e9157dea0e6a1c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 11 Aug 2016 21:53:32 -0400
Subject: [PATCH] systemctl: fix preset-all with missing /etc/systemd/system
If the directory is missing, we can assume that those pesky symlinks are gone too.
(cherry picked from commit 32d9493e593fed7fe5b4dd1e92fe4fd419042fe5)
---
src/shared/install.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/install.c b/src/shared/install.c
index 7b49e1ece9..2d9306058d 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -620,7 +620,7 @@ static int remove_marked_symlinks(
fd = open(config_path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW);
if (fd < 0)
- return -errno;
+ return errno == ENOENT ? 0 : -errno;
do {
int q, cfd;

74
0007-shared-install-remove-unused-paramater-and-add-more-.patch
View File

@ -1,74 +0,0 @@
From 6f3bf5e9e0ba04df7ffc85b6a21d296c2902edcb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Fri, 12 Aug 2016 23:50:58 -0400
Subject: [PATCH] shared/install: remove unused paramater and add more comments
(cherry picked from commit ff56349d5a83f2202ed331f232f5d73467db482c)
---
src/shared/install.c | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/src/shared/install.c b/src/shared/install.c
index 2d9306058d..5e0f9c5d0c 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -903,6 +903,10 @@ static int install_info_may_process(
return 0;
}
+/**
+ * Adds a new UnitFileInstallInfo entry under name in the InstallContext.will_process
+ * hashmap, or retrieves the existing one if already present.
+ */
static int install_info_add(
InstallContext *c,
const char *name,
@@ -1334,9 +1338,8 @@ static int install_info_follow(
}
/**
- * Search for the unit file. If the unit name is a symlink,
- * follow the symlink to the target, maybe more than once.
- * Propagate the instance name if present.
+ * Search for the unit file. If the unit name is a symlink, follow the symlink to the
+ * target, maybe more than once. Propagate the instance name if present.
*/
static int install_info_traverse(
UnitFileScope scope,
@@ -1421,6 +1424,10 @@ static int install_info_traverse(
return 0;
}
+/**
+ * Call install_info_add() with name_or_path as the path (if name_or_path starts with "/")
+ * or the name (otherwise). root_dir is prepended to the path.
+ */
static int install_info_add_auto(
InstallContext *c,
const LookupPaths *paths,
@@ -2685,7 +2692,6 @@ static int preset_prepare_one(
InstallContext *plus,
InstallContext *minus,
LookupPaths *paths,
- UnitFilePresetMode mode,
const char *name,
Presets presets,
UnitFileChange **changes,
@@ -2748,7 +2754,7 @@ int unit_file_preset(
return r;
STRV_FOREACH(i, files) {
- r = preset_prepare_one(scope, &plus, &minus, &paths, mode, *i, presets, changes, n_changes);
+ r = preset_prepare_one(scope, &plus, &minus, &paths, *i, presets, changes, n_changes);
if (r < 0)
return r;
}
@@ -2809,7 +2815,7 @@ int unit_file_preset_all(
continue;
/* we don't pass changes[] in, because we want to handle errors on our own */
- r = preset_prepare_one(scope, &plus, &minus, &paths, mode, de->d_name, presets, NULL, 0);
+ r = preset_prepare_one(scope, &plus, &minus, &paths, de->d_name, presets, NULL, 0);
if (r == -ERFKILL)
r = unit_file_changes_add(changes, n_changes,
UNIT_FILE_IS_MASKED, de->d_name, NULL);

83
0008-shared-install-ignore-unit-symlinks-when-doing-prese.patch
View File

@ -1,83 +0,0 @@
From 35b8a55c85aa69af9634af337085da777d438bea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sat, 13 Aug 2016 01:20:29 -0400
Subject: [PATCH] shared/install: ignore unit symlinks when doing preset-all
Before, when interating over unit files during preset-all, behaviour was the
following:
- if we hit the real unit name first, presets were queried for that name, and
that unit was enabled or disabled accordingly,
- if we hit an alias first (one of the symlinks chaining to the real unit), we
checked the presets using the symlink name, and then proceeded to enable or
disable the real unit.
E.g. for systemd-networkd.service we have the alias dbus-org.freedesktop.network1.service
(/usr/lib/systemd/system/dbus-org.freedesktop.network1.service), but the preset
is only for the systemd-networkd.service name. The service would be enabled or
disabled pseudorandomly depending on the order of iteration.
For "preset", behaviour was analogous: preset on the alias name disabled the
service (following the default disable policy), preset on the "real" name
applied the presets.
With the patch, for "preset" and "preset-all" we silently skip symlinks. This
gives mostly the right behaviour, with the limitation that presets on aliases
are ignored. I think that presets on aliases are not that common (at least my
preset files on Fedora don't exhibit any such usage), and should not be
necessary, since whoever installs the preset can just refer to the real unit
file. It would be possible to overcome this limitation by gathering a list of
names of a unit first, and then checking whether *any* of the names matches the
presets list. That would require a significant redesign of the code, and be
a lot slower (since we would have to fully read all unit directories to preset
one unit) to so I'm not doing that for now.
With this patch, two properties are satisfied:
- preset-all and preset are idempotent, and the second and subsequent invocations
do not produce any changes,
- preset-all and preset for a specific name produce the same state for that unit.
Fixes #3616.
(cherry picked from commit 11e11fd57a837ea1cb142009c3048882392f3ed3)
---
src/shared/install.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/src/shared/install.c b/src/shared/install.c
index 5e0f9c5d0c..ef5a56391c 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -1974,7 +1974,6 @@ int unit_file_revert(
unsigned *n_changes) {
_cleanup_set_free_free_ Set *remove_symlinks_to = NULL;
- /* _cleanup_(install_context_done) InstallContext c = {}; */
_cleanup_lookup_paths_free_ LookupPaths paths = {};
_cleanup_strv_free_ char **todo = NULL;
size_t n_todo = 0, n_allocated = 0;
@@ -2697,13 +2696,21 @@ static int preset_prepare_one(
UnitFileChange **changes,
unsigned *n_changes) {
+ _cleanup_(install_context_done) InstallContext tmp = {};
UnitFileInstallInfo *i;
int r;
- if (install_info_find(plus, name) ||
- install_info_find(minus, name))
+ if (install_info_find(plus, name) || install_info_find(minus, name))
return 0;
+ r = install_info_discover(scope, &tmp, paths, name, SEARCH_FOLLOW_CONFIG_SYMLINKS, &i);
+ if (r < 0)
+ return r;
+ if (!streq(name, i->name)) {
+ log_debug("Skipping %s because is an alias for %s", name, i->name);
+ return 0;
+ }
+
r = query_presets(name, presets);
if (r < 0)
return r;

94
0009-man-describe-what-symlinks-to-unit-do-and-specify-th.patch
View File

@ -1,94 +0,0 @@
From c9b3950580db43c576d3ec8f7bf14e49905a09cb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sat, 13 Aug 2016 09:38:12 -0400
Subject: [PATCH] man: describe what symlinks to unit do, and specify that
presets must use real names
The man pages didn't ever mention that symlinks to units can be created, and what
exactly this means. Fix that omission, and disallow presets on alias names.
(cherry picked from commit d923e42eed9a29137821760dafecb13798264c07)
---
man/systemctl.xml | 3 ++-
man/systemd.preset.xml | 4 ++++
man/systemd.unit.xml | 36 +++++++++++++++++++++++-------------
3 files changed, 29 insertions(+), 14 deletions(-)
diff --git a/man/systemctl.xml b/man/systemctl.xml
index e7880d24f7..8b73e91bdb 100644
--- a/man/systemctl.xml
+++ b/man/systemctl.xml
@@ -1088,7 +1088,8 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service
enabled and disabled, or only enabled, or only disabled.</para>
<para>If the unit carries no install information, it will be silently ignored
- by this command.</para>
+ by this command. <replaceable>NAME</replaceable> must be the real unit name,
+ any alias names are ignored silently.</para>
<para>For more information on the preset policy format, see
<citerefentry><refentrytitle>systemd.preset</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
diff --git a/man/systemd.preset.xml b/man/systemd.preset.xml
index b7164014f0..d09167baaf 100644
--- a/man/systemd.preset.xml
+++ b/man/systemd.preset.xml
@@ -98,6 +98,10 @@
Empty lines and lines whose first non-whitespace character is # or
; are ignored.</para>
+ <para>Presets must refer to the "real" unit file, and not to any aliases. See
+ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ for a description of unit aliasing.</para>
+
<para>Two different directives are understood:
<literal>enable</literal> may be used to enable units by default,
<literal>disable</literal> to disable units by default.</para>
diff --git a/man/systemd.unit.xml b/man/systemd.unit.xml
index 85a7b12d76..f818e772a9 100644
--- a/man/systemd.unit.xml
+++ b/man/systemd.unit.xml
@@ -144,21 +144,31 @@
<option>false</option> and <option>off</option> are
equivalent.</para>
- <para>Time span values encoded in unit files can be written in
- various formats. A stand-alone number specifies a time in seconds.
- If suffixed with a time unit, the unit is honored. A concatenation
- of multiple values with units is supported, in which case the
- values are added up. Example: "50" refers to 50 seconds; "2min
- 200ms" refers to 2 minutes plus 200 milliseconds, i.e. 120200ms.
- The following time units are understood: s, min, h, d, w, ms, us.
- For details see
+ <para>Time span values encoded in unit files can be written in various formats. A stand-alone number specifies a
+ time in seconds. If suffixed with a time unit, the unit is honored. A concatenation of multiple values with units
+ is supported, in which case the values are added up. Example: <literal>50</literal> refers to 50 seconds;
+ <literal>2min 200ms</literal> refers to 2 minutes and 200 milliseconds, i.e. 120200 ms. The following time units
+ are understood: <literal>s</literal>, <literal>min</literal>, <literal>h</literal>, <literal>d</literal>,
+ <literal>w</literal>, <literal>ms</literal>, <literal>us</literal>. For details see
<citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
- <para>Empty lines and lines starting with # or ; are
- ignored. This may be used for commenting. Lines ending
- in a backslash are concatenated with the following
- line while reading and the backslash is replaced by a
- space character. This may be used to wrap long lines.</para>
+ <para>Empty lines and lines starting with <literal>#</literal> or <literal>;</literal> are ignored. This may be
+ used for commenting. Lines ending in a backslash are concatenated with the following line while reading and the
+ backslash is replaced by a space character. This may be used to wrap long lines.</para>
+
+ <para>Units can be aliased (have an alternative name), by creating a symlink from the new name to the existing name
+ in one of the unit search paths. For example, <filename>systemd-networkd.service</filename> has the alias
+ <filename>dbus-org.freedesktop.network1.service</filename>, created during installation as the symlink
+ <filename>/usr/lib/systemd/system/dbus-org.freedesktop.network1.service</filename>. In addition, unit files may
+ specify aliases through the <varname>Alias=</varname> directive in the [Install] section; those aliases are only
+ effective when the unit is enabled. When the unit is enabled, symlinks will be created for those names, and removed
+ when the unit is disabled. For example, <filename>reboot.target</filename> specifies
+ <varname>Alias=ctrl-alt-del.target</varname>, so when enabled it will be invoked whenever CTRL+ALT+DEL is
+ pressed. Alias names may be used in commands like <command>enable</command>, <command>disable</command>,
+ <command>start</command>, <command>stop</command>, <command>status</command>, …, and in unit dependency directives
+ <varname>Wants=</varname>, <varname>Requires=</varname>, <varname>Before=</varname>, <varname>After=</varname>, …,
+ with the limitation that aliases specified through <varname>Alias=</varname> are only effective when the unit is
+ enabled. Aliases cannot be used with the <command>preset</command> command.</para>
<para>Along with a unit file <filename>foo.service</filename>, the
directory <filename>foo.service.wants/</filename> may exist. All

144
0010-shared-install-move-root-skipping-into-create_symlin.patch
View File

@ -1,144 +0,0 @@
From f0d72d47f05bbbb851d9ab64df877a3f0e769b4e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sat, 13 Aug 2016 01:21:57 -0400
Subject: [PATCH] shared/install: move root skipping into create_symlink()
No functional change intended.
(cherry picked from commit 60bec8e4031367869520280350fa1523625d682b)
---
src/shared/install.c | 33 +++++++++++++--------------------
1 file changed, 13 insertions(+), 20 deletions(-)
diff --git a/src/shared/install.c b/src/shared/install.c
index ef5a56391c..8c45725f5a 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -394,6 +394,7 @@ void unit_file_dump_changes(int r, const char *verb, const UnitFileChange *chang
}
static int create_symlink(
+ const LookupPaths *paths,
const char *old_path,
const char *new_path,
bool force,
@@ -401,11 +402,16 @@ static int create_symlink(
unsigned *n_changes) {
_cleanup_free_ char *dest = NULL;
+ const char *rp;
int r;
assert(old_path);
assert(new_path);
+ rp = skip_root(paths, old_path);
+ if (rp)
+ old_path = rp;
+
/* Actually create a symlink, and remember that we did. Is
* smart enough to check if there's already a valid symlink in
* place.
@@ -1486,7 +1492,6 @@ static int install_info_symlink_alias(
STRV_FOREACH(s, i->aliases) {
_cleanup_free_ char *alias_path = NULL, *dst = NULL;
- const char *rp;
q = install_full_printf(i, *s, &dst);
if (q < 0)
@@ -1496,9 +1501,7 @@ static int install_info_symlink_alias(
if (!alias_path)
return -ENOMEM;
- rp = skip_root(paths, i->path);
-
- q = create_symlink(rp ?: i->path, alias_path, force, changes, n_changes);
+ q = create_symlink(paths, i->path, alias_path, force, changes, n_changes);
if (r == 0)
r = q;
}
@@ -1542,7 +1545,6 @@ static int install_info_symlink_wants(
STRV_FOREACH(s, list) {
_cleanup_free_ char *path = NULL, *dst = NULL;
- const char *rp;
q = install_full_printf(i, *s, &dst);
if (q < 0)
@@ -1557,9 +1559,7 @@ static int install_info_symlink_wants(
if (!path)
return -ENOMEM;
- rp = skip_root(paths, i->path);
-
- q = create_symlink(rp ?: i->path, path, true, changes, n_changes);
+ q = create_symlink(paths, i->path, path, true, changes, n_changes);
if (r == 0)
r = q;
}
@@ -1576,7 +1576,6 @@ static int install_info_symlink_link(
unsigned *n_changes) {
_cleanup_free_ char *path = NULL;
- const char *rp;
int r;
assert(i);
@@ -1594,9 +1593,7 @@ static int install_info_symlink_link(
if (!path)
return -ENOMEM;
- rp = skip_root(paths, i->path);
-
- return create_symlink(rp ?: i->path, path, force, changes, n_changes);
+ return create_symlink(paths, i->path, path, force, changes, n_changes);
}
static int install_info_apply(
@@ -1772,7 +1769,7 @@ int unit_file_mask(
if (!path)
return -ENOMEM;
- q = create_symlink("/dev/null", path, force, changes, n_changes);
+ q = create_symlink(&paths, "/dev/null", path, force, changes, n_changes);
if (q < 0 && r >= 0)
r = q;
}
@@ -1932,14 +1929,12 @@ int unit_file_link(
r = 0;
STRV_FOREACH(i, todo) {
_cleanup_free_ char *new_path = NULL;
- const char *old_path;
- old_path = skip_root(&paths, *i);
new_path = path_make_absolute(basename(*i), config_path);
if (!new_path)
return -ENOMEM;
- q = create_symlink(old_path ?: *i, new_path, force, changes, n_changes);
+ q = create_symlink(&paths, *i, new_path, force, changes, n_changes);
if (q < 0 && r >= 0)
r = q;
}
@@ -2318,7 +2313,7 @@ int unit_file_set_default(
_cleanup_lookup_paths_free_ LookupPaths paths = {};
_cleanup_(install_context_done) InstallContext c = {};
UnitFileInstallInfo *i;
- const char *new_path, *old_path;
+ const char *new_path;
int r;
assert(scope >= 0);
@@ -2341,10 +2336,8 @@ int unit_file_set_default(
if (r < 0)
return r;
- old_path = skip_root(&paths, i->path);
new_path = strjoina(paths.persistent_config, "/" SPECIAL_DEFAULT_TARGET);
-
- return create_symlink(old_path ?: i->path, new_path, force, changes, n_changes);
+ return create_symlink(&paths, i->path, new_path, force, changes, n_changes);
}
int unit_file_get_default(

97
0011-shared-install-when-creating-symlinks-keep-existing-.patch
View File

@ -1,97 +0,0 @@
From bfcaa19428a32234356fde460ef556c23bf80f4a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sat, 13 Aug 2016 01:27:21 -0400
Subject: [PATCH] shared/install: when creating symlinks, keep existing
relative symlinks
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Running preset-all on a system installed from rpms or even created
using make install would remove and recreate a lot of symlinks, changing
relative to absolute symlinks. In general relative symlinks are nicer,
so there is no reason to change them, and those spurious changes were
obscuring more interesting stuff.
$ make install DESTDIR=/var/tmp/inst1
$ systemctl preset-all --root=/var/tmp/inst1
(before)
Removed /var/tmp/inst1/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service.
Created symlink /var/tmp/inst1/etc/systemd/system/ctrl-alt-del.target → /usr/lib/systemd/system/exit.target.
Removed /var/tmp/inst1/etc/systemd/system/multi-user.target.wants/remote-fs.target.
Created symlink /var/tmp/inst1/etc/systemd/system/multi-user.target.wants/remote-fs.target → /usr/lib/systemd/system/remote-fs.target.
Created symlink /var/tmp/inst1/etc/systemd/system/multi-user.target.wants/machines.target → /usr/lib/systemd/system/machines.target.
Created symlink /var/tmp/inst1/etc/systemd/system/sockets.target.wants/systemd-journal-remote.socket → /usr/lib/systemd/system/systemd-journal-remote.socket.
Removed /var/tmp/inst1/etc/systemd/system/sockets.target.wants/systemd-networkd.socket.
Created symlink /var/tmp/inst1/etc/systemd/system/sockets.target.wants/systemd-networkd.socket → /usr/lib/systemd/system/systemd-networkd.socket.
Removed /var/tmp/inst1/etc/systemd/system/getty.target.wants/getty@tty1.service.
Created symlink /var/tmp/inst1/etc/systemd/system/getty.target.wants/getty@tty1.service → /usr/lib/systemd/system/getty@.service.
Created symlink /var/tmp/inst1/etc/systemd/system/multi-user.target.wants/systemd-journal-upload.service → /usr/lib/systemd/system/systemd-journal-upload.service.
Removed /var/tmp/inst1/etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service.
Created symlink /var/tmp/inst1/etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service → /usr/lib/systemd/system/systemd-timesyncd.service.
Removed /var/tmp/inst1/etc/systemd/system/multi-user.target.wants/systemd-resolved.service.
Created symlink /var/tmp/inst1/etc/systemd/system/multi-user.target.wants/systemd-resolved.service → /usr/lib/systemd/system/systemd-resolved.service.
Removed /var/tmp/inst1/etc/systemd/system/multi-user.target.wants/systemd-networkd.service.
Created symlink /var/tmp/inst1/etc/systemd/system/multi-user.target.wants/systemd-networkd.service → /usr/lib/systemd/system/systemd-networkd.service.
(after)
Removed /var/tmp/inst1/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service.
Created symlink /var/tmp/inst1/etc/systemd/system/ctrl-alt-del.target → /usr/lib/systemd/system/exit.target.
Created symlink /var/tmp/inst1/etc/systemd/system/multi-user.target.wants/machines.target → /usr/lib/systemd/system/machines.target.
Created symlink /var/tmp/inst1/etc/systemd/system/sockets.target.wants/systemd-journal-remote.socket → /usr/lib/systemd/system/systemd-journal-remote.socket.
Created symlink /var/tmp/inst1/etc/systemd/system/multi-user.target.wants/systemd-journal-upload.service → /usr/lib/systemd/system/systemd-journal-upload.service.
(cherry picked from commit 25ea92778d5f4339e07c152a99d16223f43ad681)
---
src/shared/install.c | 23 +++++++++++++++++++++--
1 file changed, 21 insertions(+), 2 deletions(-)
diff --git a/src/shared/install.c b/src/shared/install.c
index 8c45725f5a..9ce8e4d390 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -393,6 +393,21 @@ void unit_file_dump_changes(int r, const char *verb, const UnitFileChange *chang
log_error_errno(r, "Failed to %s: %m.", verb);
}
+/**
+ * Checks if two paths or symlinks from wd are the same, when root is the root of the filesystem.
+ * wc should be the full path in the host file system.
+ */
+static bool chroot_symlinks_same(const char *root, const char *wd, const char *a, const char *b) {
+ assert(path_is_absolute(wd));
+
+ /* This will give incorrect results if the paths are relative and go outside
+ * of the chroot. False negatives are possible. */
+
+ a = strjoina(path_is_absolute(a) ? root : wd, "/", a);
+ b = strjoina(path_is_absolute(b) ? root : wd, "/", b);
+ return path_equal_or_files_same(a, b);
+}
+
static int create_symlink(
const LookupPaths *paths,
const char *old_path,
@@ -401,7 +416,7 @@ static int create_symlink(
UnitFileChange **changes,
unsigned *n_changes) {
- _cleanup_free_ char *dest = NULL;
+ _cleanup_free_ char *dest = NULL, *dirname = NULL;
const char *rp;
int r;
@@ -442,7 +457,11 @@ static int create_symlink(
return r;
}
- if (path_equal(dest, old_path))
+ dirname = dirname_malloc(new_path);
+ if (!dirname)
+ return -ENOMEM;
+
+ if (chroot_symlinks_same(paths->root_dir, dirname, dest, old_path))
return 1;
if (!force) {

75
0012-shared-install-properly-report-masked-units-listed-i.patch
View File

@ -1,75 +0,0 @@
From 3f5a187dcf8ad2f0690046876d30d37630c11014 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 17 Aug 2016 22:15:54 -0400
Subject: [PATCH] shared/install: properly report masked units listed in Also=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
A masked unit is listed in Also=:
$ systemctl cat test1 test2
→# /etc/systemd/system/test1.service
[Unit]
Description=test service 1
[Service]
Type=oneshot
ExecStart=/usr/bin/true
[Install]
WantedBy=multi-user.target
Also=test2.service
Alias=alias1.service
→# /dev/null
$ systemctl --root=/ enable test1
(before)
Created symlink /etc/systemd/system/alias1.service → /etc/systemd/system/test1.service.
Created symlink /etc/systemd/system/multi-user.target.wants/test1.service → /etc/systemd/system/test1.service.
The unit files have no installation config (WantedBy, RequiredBy, Also, Alias
settings in the [Install] section, and DefaultInstance for template units).
This means they are not meant to be enabled using systemctl.
Possible reasons for having this kind of units are:
1) A unit may be statically enabled by being symlinked from another unit's
.wants/ or .requires/ directory.
2) A unit's purpose may be to act as a helper for some other unit which has
a requirement dependency on it.
3) A unit may be started when needed via activation (socket, path, timer,
D-Bus, udev, scripted systemctl call, ...).
4) In case of template units, the unit is meant to be enabled with some
instance name specified.
(after)
Created symlink /etc/systemd/system/alias1.service → /etc/systemd/system/test1.service.
Created symlink /etc/systemd/system/multi-user.target.wants/test1.service → /etc/systemd/system/test1.service.
Unit /etc/systemd/system/test2.service is masked, ignoring.
(cherry picked from commit f16517151310b88591f3501a59e23ae2a79e7f02)
---
src/shared/install.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/src/shared/install.c b/src/shared/install.c
index 9ce8e4d390..9d9f4dff4f 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -1686,6 +1686,17 @@ static int install_context_apply(
if (r < 0)
return r;
+ /* We can attempt to process a masked unit when a different unit
+ * that we were processing specifies it in DefaultInstance= or Also=. */
+ if (i->type == UNIT_FILE_TYPE_MASKED) {
+ unit_file_changes_add(changes, n_changes, UNIT_FILE_IS_MASKED, i->path, NULL);
+ if (r >= 0)
+ /* Assume that some *could* have been enabled here, avoid
+ * "empty [Install] section" warning. */
+ r += 1;
+ continue;
+ }
+
if (i->type != UNIT_FILE_TYPE_REGULAR)
continue;

45
0013-Revert-pid1-reconnect-to-the-console-before-being-re.patch
View File

@ -1,45 +0,0 @@
From e59e123d9c0692b6104deea954e1a2db172e22e1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 18 Aug 2016 21:39:39 -0400
Subject: [PATCH] Revert "pid1: reconnect to the console before being
re-executed"
This reverts commit affd7ed1a923b0df8479cff1bd9eafb625fdaa66.
> So it looks like make_console_stdio() has bad side effect. More specifically it
> does a TIOCSCTTY ioctl (via acquire_terminal()) which sees to disturb the
> process which was using/owning the console.
Fixes #3842.
https://bugs.debian.org/834367
https://bugzilla.redhat.com/show_bug.cgi?id=1367766
(cherry picked from commit bd64d82c1c0e3fe2a5f9b3dd9132d62834f50b2d)
---
src/core/main.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/core/main.c b/src/core/main.c
index f2adca7d2b..f59a55f166 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -2016,9 +2016,6 @@ finish:
log_error_errno(r, "Failed to switch root, trying to continue: %m");
}
- /* Reopen the console */
- (void) make_console_stdio();
-
args_size = MAX(6, argc+1);
args = newa(const char*, args_size);
@@ -2066,6 +2063,9 @@ finish:
arg_serialization = safe_fclose(arg_serialization);
fds = fdset_free(fds);
+ /* Reopen the console */
+ (void) make_console_stdio();
+
for (j = 1, i = 1; j < (unsigned) argc; j++)
args[i++] = argv[j];
args[i++] = NULL;

62
0014-systemd-ignore-lack-of-tty-when-checking-whether-col.patch
View File

@ -1,62 +0,0 @@
From 0da0a63dba426aa351d733292df6ec41603b39b6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 18 Aug 2016 22:03:56 -0400
Subject: [PATCH] systemd: ignore lack of tty when checking whether colors
should be enabled
When started by the kernel, we are connected to the console, and we'll set TERM
properly to some value in fixup_environment(). We'll then enable or disable
colors based on the value of $SYSTEMD_COLORS and $TERM.
When reexecuting, TERM should be already set, so we can use this value.
Effectively, behaviour is the same as before affd7ed1a was reverted, but instead
of reopening the console before configuring color output, we just ignore what
stdout is connected to and decide based on the variables only.
(cherry picked from commit 158fbf7661912adf0f42c93155499119811dde82)
---
src/basic/terminal-util.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c
index df56d85317..47d31ad4d7 100644
--- a/src/basic/terminal-util.c
+++ b/src/basic/terminal-util.c
@@ -1191,12 +1191,9 @@ int open_terminal_in_namespace(pid_t pid, const char *name, int mode) {
return receive_one_fd(pair[0], 0);
}
-bool terminal_is_dumb(void) {
+static bool getenv_terminal_is_dumb(void) {
const char *e;
- if (!on_tty())
- return true;
-
e = getenv("TERM");
if (!e)
return true;
@@ -1204,6 +1201,13 @@ bool terminal_is_dumb(void) {
return streq(e, "dumb");
}
+bool terminal_is_dumb(void) {
+ if (!on_tty())
+ return true;
+
+ return getenv_terminal_is_dumb();
+}
+
bool colors_enabled(void) {
static int enabled = -1;
@@ -1213,6 +1217,9 @@ bool colors_enabled(void) {
colors = getenv("SYSTEMD_COLORS");
if (colors)
enabled = parse_boolean(colors) != 0;
+ else if (getpid() == 1)
+ /* PID1 outputs to the console without holding it open all the time */
+ enabled = !getenv_terminal_is_dumb();
else
enabled = !terminal_is_dumb();
}

127
0015-shared-install-do-not-enable-masked-instances-4005.patch
View File

@ -1,127 +0,0 @@
From 3cb3b0145ed8439eb604b43596e6456ed3292c46 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sun, 21 Aug 2016 09:10:51 -0400
Subject: [PATCH] shared/install: do not enable masked instances (#4005)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When told to enable a template unit, and the DefaultInstance specified in that
unit was masked, we would do this. Such a unit cannot be started or loaded, so
reporting successful enabling is misleading and unexpected.
$ systemctl mask getty@tty1
Created symlink /etc/systemd/system/getty@tty1.service → /dev/null.
$ systemctl --root=/ enable getty@tty1
(unchanged)
Failed to enable unit, unit /etc/systemd/system/getty@tty1.service is masked.
$ systemctl --root=/ enable getty@
(before)
Created symlink /etc/systemd/system/getty.target.wants/getty@tty1.service → /usr/lib/systemd/system/getty@.service.
(now)
Failed to enable unit, unit /etc/systemd/system/getty@tty1.service is masked.
The same error is emitted for enable and preset. And an error is emmited, not a
warning, so the failure to enable DefaultInstance is treated the same as if the
instance was specified on the command line. I think that this makes most sense,
for most template units.
Fixes #2513.
(cherry picked from commit 047d91f9c8cf1bcf5a30f428668babd619533944)
---
src/shared/install.c | 35 ++++++++++++++++++++++++++++-------
1 file changed, 28 insertions(+), 7 deletions(-)
diff --git a/src/shared/install.c b/src/shared/install.c
index 9d9f4dff4f..cb2a2e7e0d 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -912,8 +912,8 @@ static int install_info_may_process(
assert(i);
assert(paths);
- /* Checks whether the loaded unit file is one we should process, or is masked, transient or generated and thus
- * not subject to enable/disable operations. */
+ /* Checks whether the loaded unit file is one we should process, or is masked,
+ * transient or generated and thus not subject to enable/disable operations. */
if (i->type == UNIT_FILE_TYPE_MASKED) {
unit_file_changes_add(changes, n_changes, -ERFKILL, i->path, NULL);
@@ -1134,7 +1134,6 @@ static int unit_file_load(
struct stat st;
int r;
- assert(c);
assert(info);
assert(path);
@@ -1163,6 +1162,9 @@ static int unit_file_load(
return 0;
}
+ /* c is only needed if we actually load the file */
+ assert(c);
+
fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
if (fd < 0)
return -errno;
@@ -1275,7 +1277,6 @@ static int unit_file_search(
char **p;
int r;
- assert(c);
assert(info);
assert(paths);
@@ -1546,7 +1547,14 @@ static int install_info_symlink_wants(
assert(paths);
assert(config_path);
+ if (strv_isempty(list))
+ return 0;
+
if (unit_name_is_valid(i->name, UNIT_NAME_TEMPLATE)) {
+ UnitFileInstallInfo instance = {
+ .type = _UNIT_FILE_TYPE_INVALID,
+ };
+ _cleanup_free_ char *path = NULL;
/* Don't install any symlink if there's no default
* instance configured */
@@ -1558,6 +1566,19 @@ static int install_info_symlink_wants(
if (r < 0)
return r;
+ instance.name = buf;
+ r = unit_file_search(NULL, &instance, paths, SEARCH_FOLLOW_CONFIG_SYMLINKS);
+ if (r < 0)
+ return r;
+
+ path = instance.path;
+ instance.path = NULL;
+
+ if (instance.type == UNIT_FILE_TYPE_MASKED) {
+ unit_file_changes_add(changes, n_changes, -ERFKILL, path, NULL);
+ return -ERFKILL;
+ }
+
n = buf;
} else
n = i->name;
@@ -1687,12 +1708,12 @@ static int install_context_apply(
return r;
/* We can attempt to process a masked unit when a different unit
- * that we were processing specifies it in DefaultInstance= or Also=. */
+ * that we were processing specifies it in Also=. */
if (i->type == UNIT_FILE_TYPE_MASKED) {
unit_file_changes_add(changes, n_changes, UNIT_FILE_IS_MASKED, i->path, NULL);
if (r >= 0)
- /* Assume that some *could* have been enabled here, avoid
- * "empty [Install] section" warning. */
+ /* Assume that something *could* have been enabled here,
+ * avoid "empty [Install] section" warning. */
r += 1;
continue;
}

29
0016-If-the-notification-message-length-is-0-ignore-the-m.patch
View File

@ -1,29 +0,0 @@
From 2e9b525caa9e3126e54f0d9506d0c36d7d533997 Mon Sep 17 00:00:00 2001
From: Jorge Niedbalski <jorge.niedbalski@canonical.com>
Date: Wed, 28 Sep 2016 18:25:50 -0300
Subject: [PATCH] If the notification message length is 0, ignore the message
(#4237)
Fixes #4234.
Signed-off-by: Jorge Niedbalski <jnr@metaklass.org>
(cherry picked from commit 531ac2b2349da02acc9c382849758e07eb92b020)
---
src/core/manager.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/core/manager.c b/src/core/manager.c
index 4d84a0b37e..a085ed899a 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1648,6 +1648,10 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
return -errno;
}
+ if (n == 0) {
+ log_debug("Got zero-length notification message. Ignoring.");
+ return 0;
+ }
CMSG_FOREACH(cmsg, &msghdr) {
if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {

48
0017-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch
View File

@ -1,48 +0,0 @@
From 39e5e97e68a9c1bca3bcfa6c9316a83dad0b072d Mon Sep 17 00:00:00 2001
From: Franck Bui <fbui@suse.com>
Date: Thu, 29 Sep 2016 19:44:34 +0200
Subject: [PATCH] pid1: don't return any error in manager_dispatch_notify_fd()
(#4240)
If manager_dispatch_notify_fd() fails and returns an error then the handling of
service notifications will be disabled entirely leading to a compromised system.
For example pid1 won't be able to receive the WATCHDOG messages anymore and
will kill all services supposed to send such messages.
(cherry picked from commit 9987750e7a4c62e0eb8473603150596ba7c3a015)
---
src/core/manager.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index a085ed899a..36488b673a 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1643,10 +1643,14 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
if (n < 0) {
- if (errno == EAGAIN || errno == EINTR)
- return 0;
+ if (!IN_SET(errno, EAGAIN, EINTR))
+ log_error("Failed to receive notification message: %m");
- return -errno;
+ /* It's not an option to return an error here since it
+ * would disable the notification handler entirely. Services
+ * wouldn't be able to send the WATCHDOG message for
+ * example... */
+ return 0;
}
if (n == 0) {
log_debug("Got zero-length notification message. Ignoring.");
@@ -1673,7 +1677,8 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
r = fdset_new_array(&fds, fd_array, n_fds);
if (r < 0) {
close_many(fd_array, n_fds);
- return log_oom();
+ log_oom();
+ return 0;
}
}

77
0018-pid1-process-zero-length-notification-messages-again.patch
View File

@ -1,77 +0,0 @@
From 9d77c48a80e1cc2ad016eba1756a5ca293d51f86 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 29 Sep 2016 16:06:02 +0200
Subject: [PATCH] pid1: process zero-length notification messages again
This undoes 531ac2b234. I acked that patch without looking at the code
carefully enough. There are two problems:
- we want to process the fds anyway
- in principle empty notification messages are valid, and we should
process them as usual, including logging using log_unit_debug().
(cherry picked from commit 8523bf7dd514a3a2c6114b7b8fb8f308b4f09fc4)
---
src/core/manager.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/src/core/manager.c b/src/core/manager.c
index 36488b673a..85bf858992 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -1584,13 +1584,12 @@ static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, ui
return 0;
}
-static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, size_t n, FDSet *fds) {
+static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, FDSet *fds) {
_cleanup_strv_free_ char **tags = NULL;
assert(m);
assert(u);
assert(buf);
- assert(n > 0);
tags = strv_split(buf, "\n\r");
if (!tags) {
@@ -1652,10 +1651,6 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
* example... */
return 0;
}
- if (n == 0) {
- log_debug("Got zero-length notification message. Ignoring.");
- return 0;
- }
CMSG_FOREACH(cmsg, &msghdr) {
if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
@@ -1692,25 +1687,27 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
return 0;
}
+ /* The message should be a string. Here we make sure it's NUL-terminated,
+ * but only the part until first NUL will be used anyway. */
buf[n] = 0;
/* Notify every unit that might be interested, but try
* to avoid notifying the same one multiple times. */
u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
if (u1) {
- manager_invoke_notify_message(m, u1, ucred->pid, buf, n, fds);
+ manager_invoke_notify_message(m, u1, ucred->pid, buf, fds);
found = true;
}
u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(ucred->pid));
if (u2 && u2 != u1) {
- manager_invoke_notify_message(m, u2, ucred->pid, buf, n, fds);
+ manager_invoke_notify_message(m, u2, ucred->pid, buf, fds);
found = true;
}
u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(ucred->pid));
if (u3 && u3 != u2 && u3 != u1) {
- manager_invoke_notify_message(m, u3, ucred->pid, buf, n, fds);
+ manager_invoke_notify_message(m, u3, ucred->pid, buf, fds);
found = true;
}

30
0019-shared-install-fix-set-default-with-empty-root-4118.patch
View File

@ -1,30 +0,0 @@
From eadc5d94950a04f9fb64cb3906644af04de81970 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sat, 10 Sep 2016 12:07:51 +0100
Subject: [PATCH] shared/install: fix set-default with empty root (#4118)
https://bugzilla.redhat.com/show_bug.cgi?id=1374371
When root was empty or equal to "/", chroot_symlinks_same was called with
root==NULL, and strjoina returned "", so the code thought both paths are equal
even if they were not. Fix that by always providing a non-null first argument
to strjoina.
(cherry picked from commit ae9efab711e7478b4f035edd00824d518bcf0d3c)
---
src/shared/install.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/shared/install.c b/src/shared/install.c
index cb2a2e7e0d..cf1e8349d7 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -403,6 +403,9 @@ static bool chroot_symlinks_same(const char *root, const char *wd, const char *a
/* This will give incorrect results if the paths are relative and go outside
* of the chroot. False negatives are possible. */
+ if (!root)
+ root = "/";
+
a = strjoina(path_is_absolute(a) ? root : wd, "/", a);
b = strjoina(path_is_absolute(b) ? root : wd, "/", b);
return path_equal_or_files_same(a, b);

35
0020-virt-add-possibility-to-skip-the-check-for-chroot-43.patch
View File

@ -1,35 +0,0 @@
From 08a28eeca70eeefb55af61191b63e4c938daca73 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Nykr=C3=BDn?= <lnykryn@redhat.com>
Date: Sat, 15 Oct 2016 19:54:58 +0200
Subject: [PATCH] virt: add possibility to skip the check for chroot (#4374)
https://bugzilla.redhat.com/show_bug.cgi?id=1379852
---
src/basic/virt.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/basic/virt.c b/src/basic/virt.c
index 10a2043..41012d5 100644
--- a/src/basic/virt.c
+++ b/src/basic/virt.c
@@ -33,6 +33,7 @@
#include "string-table.h"
#include "string-util.h"
#include "virt.h"
+#include "env-util.h"
static int detect_vm_cpuid(void) {
@@ -487,6 +488,9 @@ int detect_virtualization(void) {
int running_in_chroot(void) {
int ret;
+ if (getenv_bool("SYSTEMD_IGNORE_CHROOT") > 0)
+ return 0;
+
ret = files_same("/proc/1/root", "/");
if (ret < 0)
return ret;
--
2.7.4

2
sources
View File

@ -1 +1 @@
e6fa7f4a9c06f0427ff0539a90c69390 systemd-231.tar.gz
3e3a0b14050eff62e68be72142181730 systemd-232.tar.gz

68
systemd.spec
View File

@ -11,11 +11,11 @@
Name: systemd
Url: http://www.freedesktop.org/wiki/Software/systemd
Version: 231
Release: 11%{?gitcommit:.git%{gitcommitshort}}%{?dist}
Version: 232
Release: 1%{?gitcommit:.git%{gitcommitshort}}%{?dist}
# For a breakdown of the licensing, see README
License: LGPLv2+ and MIT and GPLv2+
Summary: A System and Service Manager
Summary: System and Service Manager
# download tarballs with "spectool -g systemd.spec"
%if %{defined gitcommit}
@ -37,27 +37,6 @@ Source8: systemd-journal-gatewayd.xml
Source9: 20-yama-ptrace.conf
Source10: systemd-udev-trigger-no-reload.conf
Patch0001: 0001-systemctl-be-sure-to-be-quiet-with-systemctl-is-enab.patch
Patch0002: 0002-logind-0-and-100-should-be-valid-for-UserTasksMax-38.patch
Patch0003: 0003-systemd-ask-password-make-sure-directory-watch-is-st.patch
Patch0004: 0004-Revert-logind-really-handle-KeyIgnoreInhibited-optio.patch
Patch0005: 0005-man-explain-that-KeyIgnoreInhibited-only-apply-to-a-.patch
Patch0006: 0006-systemctl-fix-preset-all-with-missing-etc-systemd-sy.patch
Patch0007: 0007-shared-install-remove-unused-paramater-and-add-more-.patch
Patch0008: 0008-shared-install-ignore-unit-symlinks-when-doing-prese.patch
Patch0009: 0009-man-describe-what-symlinks-to-unit-do-and-specify-th.patch
Patch0010: 0010-shared-install-move-root-skipping-into-create_symlin.patch
Patch0011: 0011-shared-install-when-creating-symlinks-keep-existing-.patch
Patch0012: 0012-shared-install-properly-report-masked-units-listed-i.patch
Patch0013: 0013-Revert-pid1-reconnect-to-the-console-before-being-re.patch
Patch0014: 0014-systemd-ignore-lack-of-tty-when-checking-whether-col.patch
Patch0015: 0015-shared-install-do-not-enable-masked-instances-4005.patch
Patch0016: 0016-If-the-notification-message-length-is-0-ignore-the-m.patch
Patch0017: 0017-pid1-don-t-return-any-error-in-manager_dispatch_noti.patch
Patch0018: 0018-pid1-process-zero-length-notification-messages-again.patch
Patch0019: 0019-shared-install-fix-set-default-with-empty-root-4118.patch
Patch0020: 0020-virt-add-possibility-to-skip-the-check-for-chroot-43.patch
Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
# kernel-install patch for grubby, drop if grubby is obsolete
@ -537,6 +516,7 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd
%license LICENSE.GPL2 LICENSE.LGPL2.1
%dir %{_sysconfdir}/systemd
%dir %{_sysconfdir}/systemd/system
%{_sysconfdir}/systemd/system/ctrl-alt-del.target
%dir %{_sysconfdir}/systemd/user
%dir %{_sysconfdir}/systemd/network
%dir %{_sysconfdir}/tmpfiles.d
@ -608,34 +588,35 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd
%ghost %config(noreplace) %{_sysconfdir}/machine-info
%dir %{_sysconfdir}/X11/xorg.conf.d
%ghost %config(noreplace) %{_sysconfdir}/X11/xorg.conf.d/00-keyboard.conf
%{_bindir}/systemctl
%{_bindir}/systemd-notify
%{_bindir}/systemd-analyze
%{_bindir}/systemd-escape
%{_bindir}/systemd-ask-password
%{_bindir}/systemd-tty-ask-password-agent
%{_bindir}/systemd-machine-id-setup
%{_bindir}/loginctl
%{_bindir}/journalctl
%{_bindir}/busctl
%{_bindir}/networkctl
%{_bindir}/coredumpctl
%{_bindir}/systemd-tmpfiles
%{_bindir}/systemd-stdio-bridge
%{_bindir}/hostnamectl
%{_bindir}/journalctl
%{_bindir}/localectl
%{_bindir}/loginctl
%{_bindir}/networkctl
%{_bindir}/systemctl
%{_bindir}/systemd-analyze
%{_bindir}/systemd-ask-password
%{_bindir}/systemd-cat
%{_bindir}/systemd-cgls
%{_bindir}/systemd-cgtop
%{_bindir}/systemd-delta
%{_bindir}/systemd-run
%{_bindir}/systemd-detect-virt
%{_bindir}/systemd-escape
%{_bindir}/systemd-firstboot
%{_bindir}/systemd-inhibit
%{_bindir}/systemd-machine-id-setup
%{_bindir}/systemd-mount
%{_bindir}/systemd-notify
%{_bindir}/systemd-path
%{_bindir}/systemd-resolve
%{_bindir}/systemd-sysusers
%{_bindir}/systemd-firstboot
%{_bindir}/systemd-run
%{_bindir}/systemd-socket-activate
%{_bindir}/hostnamectl
%{_bindir}/localectl
%{_bindir}/systemd-stdio-bridge
%{_bindir}/systemd-sysusers
%{_bindir}/systemd-tmpfiles
%{_bindir}/systemd-tty-ask-password-agent
%{_bindir}/timedatectl
%{pkgdir}/systemd
%{pkgdir}/libsystemd-shared-%{version}.so
@ -647,7 +628,6 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd
%exclude %{system_unit_dir}/*hwdb*
%exclude %{system_unit_dir}/*/*hwdb*
%exclude %{system_unit_dir}/systemd-vconsole-setup.service
%exclude %{system_unit_dir}/*/systemd-vconsole-setup.service
%exclude %{system_unit_dir}/kmod-static-nodes.service
%exclude %{system_unit_dir}/*/kmod-static-nodes.service
%exclude %{system_unit_dir}/systemd-tmpfiles-setup-dev.service
@ -826,7 +806,6 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd
%{system_unit_dir}/*hwdb*
%{system_unit_dir}/*/*hwdb*
%{system_unit_dir}/systemd-vconsole-setup.service
%{system_unit_dir}/*/systemd-vconsole-setup.service
%{system_unit_dir}/kmod-static-nodes.service
%{system_unit_dir}/*/kmod-static-nodes.service
%{system_unit_dir}/systemd-tmpfiles-setup-dev.service
@ -949,6 +928,9 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd
%{_mandir}/man[1578]/systemd-nspawn.*
%changelog
* Thu Nov 3 2016 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 232-1
- Update to latest version
* Tue Oct 18 2016 Jan Synáček <jsynacek@redhat.com> - 231-11
- SPC - Cannot restart host operating from container (#1384523)