Backport a bunch of patches from v234..v235+
This commit is contained in:
parent
ac49c72d1e
commit
44a72b9a54
|
@ -1,4 +1,4 @@
|
|||
From e48936b0be085f15a2e2ac88b2e50a91a66782ac Mon Sep 17 00:00:00 2001
|
||||
From ce0609bc26d33e47b23fbbe1aa7465283a10fb10 Mon Sep 17 00:00:00 2001
|
||||
From: Daniel Berrange <berrange@redhat.com>
|
||||
Date: Wed, 19 Jul 2017 10:06:07 +0100
|
||||
Subject: [PATCH] virt: enable detecting QEMU (TCG) via CPUID (#6399)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
From 8864ff594b43a34e5a593da42336f28e2f30b9f5 Mon Sep 17 00:00:00 2001
|
||||
From 6e4a6549267f3e932b3478abfe9f863b55259538 Mon Sep 17 00:00:00 2001
|
||||
From: Felipe Sateler <fsateler@users.noreply.github.com>
|
||||
Date: Wed, 19 Jul 2017 20:48:23 -0400
|
||||
Subject: [PATCH] test-condition: don't assume that all non-root users are
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
From 29d9cfc097586ac79911a5f5035c45b1971a5b1f Mon Sep 17 00:00:00 2001
|
||||
From 5b499dab86989eb61d7b82053a3b1a2e5e054a2e Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sat, 22 Jul 2017 08:39:49 -0400
|
||||
Subject: [PATCH] Revert "core: don't load dropin data multiple times for the
|
|
@ -1,4 +1,4 @@
|
|||
From f6441eaf050267c05ef8df8d5614bb598528942f Mon Sep 17 00:00:00 2001
|
||||
From 4c02374f27cd8bbd4cc101cf350b1219c05e8911 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Thu, 27 Jul 2017 20:22:54 +0900
|
||||
Subject: [PATCH] bash-completion: use the first argument instead of the global
|
|
@ -1,4 +1,4 @@
|
|||
From 9c27ced1fac191139a131d179a25801ce9ca3357 Mon Sep 17 00:00:00 2001
|
||||
From e3568f4365b867b6d2e80dc86c8e348f660c5f82 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Wed, 26 Jul 2017 14:11:15 -0400
|
||||
Subject: [PATCH] meson: -D remote and -D importd should be "combo" options
|
|
@ -1,4 +1,4 @@
|
|||
From c64c6a8b259abfbff5ce202d5d5982b120cf928f Mon Sep 17 00:00:00 2001
|
||||
From 6ef8e216e15fba045e8f8a13b7b57f56db767840 Mon Sep 17 00:00:00 2001
|
||||
From: Andrew Soutar <andrew@andrewsoutar.com>
|
||||
Date: Mon, 31 Jul 2017 02:19:16 -0400
|
||||
Subject: [PATCH] cryptsetup: fix infinite timeout (#6486)
|
|
@ -0,0 +1,162 @@
|
|||
From ca0cebc3f106d89973e0b02dbfc325c37d4c78b3 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Wed, 27 Sep 2017 17:30:50 +0200
|
||||
Subject: [PATCH] unit: when JobTimeoutSec= is turned off, implicitly turn off
|
||||
JobRunningTimeoutSec= too
|
||||
|
||||
We added JobRunningTimeoutSec= late, and Dracut configured only
|
||||
JobTimeoutSec= to turn of root device timeouts before. With this change
|
||||
we'll propagate a reset of JobTimeoutSec= into JobRunningTimeoutSec=,
|
||||
but only if the latter wasn't set explicitly.
|
||||
|
||||
This should restore compatibility with older systemd versions.
|
||||
|
||||
Fixes: #6402
|
||||
(cherry picked from commit eae51da36e8800f6d466580a817eb5877220376d)
|
||||
---
|
||||
src/basic/time-util.c | 4 ++
|
||||
src/core/load-fragment-gperf.gperf.m4 | 4 +-
|
||||
src/core/load-fragment.c | 72 +++++++++++++++++++++++++++++++++++
|
||||
src/core/load-fragment.h | 2 +
|
||||
src/core/unit.h | 1 +
|
||||
5 files changed, 81 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/basic/time-util.c b/src/basic/time-util.c
|
||||
index 68ba86f6a5..9199b6490d 100644
|
||||
--- a/src/basic/time-util.c
|
||||
+++ b/src/basic/time-util.c
|
||||
@@ -1010,7 +1010,11 @@ int parse_sec(const char *t, usec_t *usec) {
|
||||
}
|
||||
|
||||
int parse_sec_fix_0(const char *t, usec_t *usec) {
|
||||
+ assert(t);
|
||||
+ assert(usec);
|
||||
+
|
||||
t += strspn(t, WHITESPACE);
|
||||
+
|
||||
if (streq(t, "0")) {
|
||||
*usec = USEC_INFINITY;
|
||||
return 0;
|
||||
diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
|
||||
index 7fb39cf948..a32385931e 100644
|
||||
--- a/src/core/load-fragment-gperf.gperf.m4
|
||||
+++ b/src/core/load-fragment-gperf.gperf.m4
|
||||
@@ -193,8 +193,8 @@ Unit.OnFailureJobMode, config_parse_job_mode, 0,
|
||||
Unit.OnFailureIsolate, config_parse_job_mode_isolate, 0, offsetof(Unit, on_failure_job_mode)
|
||||
Unit.IgnoreOnIsolate, config_parse_bool, 0, offsetof(Unit, ignore_on_isolate)
|
||||
Unit.IgnoreOnSnapshot, config_parse_warn_compat, DISABLED_LEGACY, 0
|
||||
-Unit.JobTimeoutSec, config_parse_sec_fix_0, 0, offsetof(Unit, job_timeout)
|
||||
-Unit.JobRunningTimeoutSec, config_parse_sec_fix_0, 0, offsetof(Unit, job_running_timeout)
|
||||
+Unit.JobTimeoutSec, config_parse_job_timeout_sec, 0, 0
|
||||
+Unit.JobRunningTimeoutSec, config_parse_job_running_timeout_sec, 0, 0
|
||||
Unit.JobTimeoutAction, config_parse_emergency_action, 0, offsetof(Unit, job_timeout_action)
|
||||
Unit.JobTimeoutRebootArgument, config_parse_unit_string_printf, 0, offsetof(Unit, job_timeout_reboot_arg)
|
||||
Unit.StartLimitIntervalSec, config_parse_sec, 0, offsetof(Unit, start_limit.interval)
|
||||
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
|
||||
index 9d5c39b3dd..23bca0094c 100644
|
||||
--- a/src/core/load-fragment.c
|
||||
+++ b/src/core/load-fragment.c
|
||||
@@ -4178,6 +4178,78 @@ int config_parse_protect_system(
|
||||
return 0;
|
||||
}
|
||||
|
||||
+int config_parse_job_timeout_sec(
|
||||
+ const char* unit,
|
||||
+ const char *filename,
|
||||
+ unsigned line,
|
||||
+ const char *section,
|
||||
+ unsigned section_line,
|
||||
+ const char *lvalue,
|
||||
+ int ltype,
|
||||
+ const char *rvalue,
|
||||
+ void *data,
|
||||
+ void *userdata) {
|
||||
+
|
||||
+ Unit *u = data;
|
||||
+ usec_t usec;
|
||||
+ int r;
|
||||
+
|
||||
+ assert(filename);
|
||||
+ assert(lvalue);
|
||||
+ assert(rvalue);
|
||||
+ assert(u);
|
||||
+
|
||||
+ r = parse_sec_fix_0(rvalue, &usec);
|
||||
+ if (r < 0) {
|
||||
+ log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobTimeoutSec= parameter, ignoring: %s", rvalue);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ /* If the user explicitly changed JobTimeoutSec= also change JobRunningTimeoutSec=, for compatibility with old
|
||||
+ * versions. If JobRunningTimeoutSec= was explicitly set, avoid this however as whatever the usec picked should
|
||||
+ * count. */
|
||||
+
|
||||
+ if (!u->job_running_timeout_set)
|
||||
+ u->job_running_timeout = usec;
|
||||
+
|
||||
+ u->job_timeout = usec;
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+int config_parse_job_running_timeout_sec(
|
||||
+ const char* unit,
|
||||
+ const char *filename,
|
||||
+ unsigned line,
|
||||
+ const char *section,
|
||||
+ unsigned section_line,
|
||||
+ const char *lvalue,
|
||||
+ int ltype,
|
||||
+ const char *rvalue,
|
||||
+ void *data,
|
||||
+ void *userdata) {
|
||||
+
|
||||
+ Unit *u = data;
|
||||
+ usec_t usec;
|
||||
+ int r;
|
||||
+
|
||||
+ assert(filename);
|
||||
+ assert(lvalue);
|
||||
+ assert(rvalue);
|
||||
+ assert(u);
|
||||
+
|
||||
+ r = parse_sec_fix_0(rvalue, &usec);
|
||||
+ if (r < 0) {
|
||||
+ log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse JobRunningTimeoutSec= parameter, ignoring: %s", rvalue);
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ u->job_running_timeout = usec;
|
||||
+ u->job_running_timeout_set = true;
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
#define FOLLOW_MAX 8
|
||||
|
||||
static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {
|
||||
diff --git a/src/core/load-fragment.h b/src/core/load-fragment.h
|
||||
index fc27a07955..5079d4c00c 100644
|
||||
--- a/src/core/load-fragment.h
|
||||
+++ b/src/core/load-fragment.h
|
||||
@@ -118,6 +118,8 @@ int config_parse_user_group(const char *unit, const char *filename, unsigned lin
|
||||
int config_parse_user_group_strv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
int config_parse_restrict_namespaces(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
int config_parse_bind_paths(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
+int config_parse_job_timeout_sec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
+int config_parse_job_running_timeout_sec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
|
||||
|
||||
/* gperf prototypes */
|
||||
const struct ConfigPerfItem* load_fragment_gperf_lookup(const char *key, GPERF_LEN_TYPE length);
|
||||
diff --git a/src/core/unit.h b/src/core/unit.h
|
||||
index cf21b37e22..d70fc970b5 100644
|
||||
--- a/src/core/unit.h
|
||||
+++ b/src/core/unit.h
|
||||
@@ -115,6 +115,7 @@ struct Unit {
|
||||
/* Job timeout and action to take */
|
||||
usec_t job_timeout;
|
||||
usec_t job_running_timeout;
|
||||
+ bool job_running_timeout_set:1;
|
||||
EmergencyAction job_timeout_action;
|
||||
char *job_timeout_reboot_arg;
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
From eca55fbc51056b2a4fa3242917b6fc2f0c02e981 Mon Sep 17 00:00:00 2001
|
||||
From 95f02a94777902e9a46ac18e2bd3d54ab440c361 Mon Sep 17 00:00:00 2001
|
||||
From: Harald Hoyer <harald@hoyer.xyz>
|
||||
Date: Thu, 20 Jul 2017 19:13:09 +0200
|
||||
Subject: [PATCH] call chase_symlinks without the /sysroot prefix (#6411)
|
|
@ -1,4 +1,4 @@
|
|||
From 0e50428d3699e3ad25861f458540d24038cfaa4e Mon Sep 17 00:00:00 2001
|
||||
From 1d84ae053f1ffb95913f6f8407ef267a9c38cb4d Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Thu, 20 Jul 2017 20:46:58 +0200
|
||||
Subject: [PATCH] nspawn: downgrade warning when we get sd_notify() message
|
|
@ -1,4 +1,4 @@
|
|||
From ea0ff5cd4efb1d67820572fb0d7d1d8da0fc1dc1 Mon Sep 17 00:00:00 2001
|
||||
From 2fa3d5f243b8e0bb6ef51b5a4a66c538b2941812 Mon Sep 17 00:00:00 2001
|
||||
From: Harald Hoyer <harald@hoyer.xyz>
|
||||
Date: Fri, 28 Jul 2017 09:46:05 +0200
|
||||
Subject: [PATCH] boot/efi: don't hard fail on error for tpm measure (#6473)
|
|
@ -1,4 +1,4 @@
|
|||
From cb81159ce49380d39c80f803353784633b8f306c Mon Sep 17 00:00:00 2001
|
||||
From cd8a9ccb7c06394a64bfe0cd2a88fad7be8e3f9f Mon Sep 17 00:00:00 2001
|
||||
From: "S. Fan" <sfanxiang@gmail.com>
|
||||
Date: Mon, 31 Jul 2017 05:10:10 -0500
|
||||
Subject: [PATCH] rfkill: fix erroneous behavior when polling the udev monitor
|
|
@ -1,4 +1,4 @@
|
|||
From b56c4c19c8d0adca67eb34e1924d881e7d61b97f Mon Sep 17 00:00:00 2001
|
||||
From ed10d8afb4f327536a1fb4c2873c95d3ba457efa Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Abd=C3=B3=20Roig-Maranges?= <abdo.roig@gmail.com>
|
||||
Date: Mon, 31 Jul 2017 12:32:09 +0200
|
||||
Subject: [PATCH] core: Do not fail perpetual mount units without fragment
|
|
@ -0,0 +1,63 @@
|
|||
From 4caa10a6bedf7a18b42e011bdbdb4b9c425c0d6d Mon Sep 17 00:00:00 2001
|
||||
From: Jouke Witteveen <j.witteveen@gmail.com>
|
||||
Date: Wed, 2 Aug 2017 17:08:31 +0200
|
||||
Subject: [PATCH] process-util: update the end pointer of the process name on
|
||||
rename (#6492)
|
||||
|
||||
We only updated the end pointer when allocating new memory, i.e. on the first
|
||||
call to rename_process.
|
||||
|
||||
(cherry picked from commit 01f989c66253ea923679ffddf266ea13339c295b)
|
||||
---
|
||||
src/basic/process-util.c | 26 +++++++++++++++-----------
|
||||
1 file changed, 15 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/src/basic/process-util.c b/src/basic/process-util.c
|
||||
index b80cacaa42..99b75c65f1 100644
|
||||
--- a/src/basic/process-util.c
|
||||
+++ b/src/basic/process-util.c
|
||||
@@ -312,19 +312,18 @@ int rename_process(const char name[]) {
|
||||
/* Third step, completely replace the argv[] array the kernel maintains for us. This requires privileges, but
|
||||
* has the advantage that the argv[] array is exactly what we want it to be, and not filled up with zeros at
|
||||
* the end. This is the best option for changing /proc/self/cmdline. */
|
||||
- if (mm_size < l+1) {
|
||||
+
|
||||
+ /* Let's not bother with this if we don't have euid == 0. Strictly speaking we should check for the
|
||||
+ * CAP_SYS_RESOURCE capability which is independent of the euid. In our own code the capability generally is
|
||||
+ * present only for euid == 0, hence let's use this as quick bypass check, to avoid calling mmap() if
|
||||
+ * PR_SET_MM_ARG_{START,END} fails with EPERM later on anyway. After all geteuid() is dead cheap to call, but
|
||||
+ * mmap() is not. */
|
||||
+ if (geteuid() != 0)
|
||||
+ log_debug("Skipping PR_SET_MM, as we don't have privileges.");
|
||||
+ else if (mm_size < l+1) {
|
||||
size_t nn_size;
|
||||
char *nn;
|
||||
|
||||
- /* Let's not bother with this if we don't have euid == 0. Strictly speaking if people do weird stuff
|
||||
- * with capabilities this could work even for euid != 0, but our own code generally doesn't do that,
|
||||
- * hence let's use this as quick bypass check, to avoid calling mmap() if PR_SET_MM_ARG_START fails
|
||||
- * with EPERM later on anyway. After all geteuid() is dead cheap to call, but mmap() is not. */
|
||||
- if (geteuid() != 0) {
|
||||
- log_debug("Skipping PR_SET_MM_ARG_START, as we don't have privileges.");
|
||||
- goto use_saved_argv;
|
||||
- }
|
||||
-
|
||||
nn_size = PAGE_ALIGN(l+1);
|
||||
nn = mmap(NULL, nn_size, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
|
||||
if (nn == MAP_FAILED) {
|
||||
@@ -351,9 +350,14 @@ int rename_process(const char name[]) {
|
||||
|
||||
mm = nn;
|
||||
mm_size = nn_size;
|
||||
- } else
|
||||
+ } else {
|
||||
strncpy(mm, name, mm_size);
|
||||
|
||||
+ /* Update the end pointer, continuing regardless of any failure. */
|
||||
+ if (prctl(PR_SET_MM, PR_SET_MM_ARG_END, (unsigned long) mm + l + 1, 0, 0) < 0)
|
||||
+ log_debug_errno(errno, "PR_SET_MM_ARG_END failed, proceeding without: %m");
|
||||
+ }
|
||||
+
|
||||
use_saved_argv:
|
||||
/* Fourth step: in all cases we'll also update the original argv[], so that our own code gets it right too if
|
||||
* it still looks here */
|
|
@ -0,0 +1,98 @@
|
|||
From 672eb11bf702aa194e1c9e40f9b2acc6434540d4 Mon Sep 17 00:00:00 2001
|
||||
From: bengal <bengal@users.noreply.github.com>
|
||||
Date: Tue, 8 Aug 2017 18:55:31 +0200
|
||||
Subject: [PATCH] dhcp-network: adjust sockaddr length for addresses longer
|
||||
than 8 bytes (#6527)
|
||||
|
||||
An infiniband hardware address is 20 bytes, but sockaddr_ll.sll_addr is only 8
|
||||
bytes. Explicitly ensure that sockaddr_union has enough space for infiniband
|
||||
addresses, even if they run over sockaddr_ll and add a macro to compute the
|
||||
proper size to pass to kernel.
|
||||
|
||||
(cherry picked from commit b1f24b75af135fe8efba9c7264447985e2843511)
|
||||
---
|
||||
src/basic/socket-util.h | 20 ++++++++++++++++++++
|
||||
src/libsystemd-network/dhcp-network.c | 16 +++++++++-------
|
||||
2 files changed, 29 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/src/basic/socket-util.h b/src/basic/socket-util.h
|
||||
index 73c3a339fc..43edc05c63 100644
|
||||
--- a/src/basic/socket-util.h
|
||||
+++ b/src/basic/socket-util.h
|
||||
@@ -27,6 +27,7 @@
|
||||
#include <sys/types.h>
|
||||
#include <sys/un.h>
|
||||
#include <linux/netlink.h>
|
||||
+#include <linux/if_infiniband.h>
|
||||
#include <linux/if_packet.h>
|
||||
|
||||
#include "macro.h"
|
||||
@@ -42,6 +43,8 @@ union sockaddr_union {
|
||||
struct sockaddr_storage storage;
|
||||
struct sockaddr_ll ll;
|
||||
struct sockaddr_vm vm;
|
||||
+ /* Ensure there is enough space to store Infiniband addresses */
|
||||
+ uint8_t ll_buffer[offsetof(struct sockaddr_ll, sll_addr) + CONST_MAX(ETH_ALEN, INFINIBAND_ALEN)];
|
||||
};
|
||||
|
||||
typedef struct SocketAddress {
|
||||
@@ -147,6 +150,23 @@ int flush_accept(int fd);
|
||||
|
||||
struct cmsghdr* cmsg_find(struct msghdr *mh, int level, int type, socklen_t length);
|
||||
|
||||
+/*
|
||||
+ * Certain hardware address types (e.g Infiniband) do not fit into sll_addr
|
||||
+ * (8 bytes) and run over the structure. This macro returns the correct size that
|
||||
+ * must be passed to kernel.
|
||||
+ */
|
||||
+#define SOCKADDR_LL_LEN(sa) \
|
||||
+ ({ \
|
||||
+ const struct sockaddr_ll *_sa = &(sa); \
|
||||
+ size_t _mac_len = sizeof(_sa->sll_addr); \
|
||||
+ assert(_sa->sll_family == AF_PACKET); \
|
||||
+ if (be16toh(_sa->sll_hatype) == ARPHRD_ETHER) \
|
||||
+ _mac_len = MAX(_mac_len, (size_t) ETH_ALEN); \
|
||||
+ if (be16toh(_sa->sll_hatype) == ARPHRD_INFINIBAND) \
|
||||
+ _mac_len = MAX(_mac_len, (size_t) INFINIBAND_ALEN); \
|
||||
+ offsetof(struct sockaddr_ll, sll_addr) + _mac_len; \
|
||||
+ })
|
||||
+
|
||||
/* Covers only file system and abstract AF_UNIX socket addresses, but not unnamed socket addresses. */
|
||||
#define SOCKADDR_UN_LEN(sa) \
|
||||
({ \
|
||||
diff --git a/src/libsystemd-network/dhcp-network.c b/src/libsystemd-network/dhcp-network.c
|
||||
index 65405dcce0..a440a20f96 100644
|
||||
--- a/src/libsystemd-network/dhcp-network.c
|
||||
+++ b/src/libsystemd-network/dhcp-network.c
|
||||
@@ -108,14 +108,16 @@ static int _bind_raw_socket(int ifindex, union sockaddr_union *link,
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
|
||||
- link->ll.sll_family = AF_PACKET;
|
||||
- link->ll.sll_protocol = htobe16(ETH_P_IP);
|
||||
- link->ll.sll_ifindex = ifindex;
|
||||
- link->ll.sll_hatype = htobe16(arp_type);
|
||||
- link->ll.sll_halen = mac_addr_len;
|
||||
+ link->ll = (struct sockaddr_ll) {
|
||||
+ .sll_family = AF_PACKET,
|
||||
+ .sll_protocol = htobe16(ETH_P_IP),
|
||||
+ .sll_ifindex = ifindex,
|
||||
+ .sll_hatype = htobe16(arp_type),
|
||||
+ .sll_halen = mac_addr_len,
|
||||
+ };
|
||||
memcpy(link->ll.sll_addr, bcast_addr, mac_addr_len);
|
||||
|
||||
- r = bind(s, &link->sa, sizeof(link->ll));
|
||||
+ r = bind(s, &link->sa, SOCKADDR_LL_LEN(link->ll));
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
|
||||
@@ -221,7 +223,7 @@ int dhcp_network_send_raw_socket(int s, const union sockaddr_union *link,
|
||||
assert(packet);
|
||||
assert(len);
|
||||
|
||||
- r = sendto(s, packet, len, 0, &link->sa, sizeof(link->ll));
|
||||
+ r = sendto(s, packet, len, 0, &link->sa, SOCKADDR_LL_LEN(link->ll));
|
||||
if (r < 0)
|
||||
return -errno;
|
||||
|
|
@ -0,0 +1,79 @@
|
|||
From 950410cf37fd2ab5f7362f8d64fdc280dcce8810 Mon Sep 17 00:00:00 2001
|
||||
From: Michal Sekletar <msekletar@users.noreply.github.com>
|
||||
Date: Fri, 25 Aug 2017 15:36:10 +0200
|
||||
Subject: [PATCH] service: attempt to execute next main command only for
|
||||
oneshot services (#6619)
|
||||
|
||||
This commit fixes crash described in
|
||||
https://github.com/systemd/systemd/issues/6533
|
||||
|
||||
Multiple ExecStart lines are allowed only for oneshot services
|
||||
anyway so it doesn't make sense to call service_run_next_main() with
|
||||
services of type other than SERVICE_ONESHOT.
|
||||
|
||||
Referring back to reproducer from the issue, previously we didn't observe
|
||||
this problem because s->main_command was reset after daemon-reload hence
|
||||
we never reached the assert statement in service_run_next_main().
|
||||
|
||||
Fixes #6533
|
||||
|
||||
(cherry picked from commit b58aeb70dbd1cab5908b003ef5187da1fc241839)
|
||||
---
|
||||
src/core/service.c | 1 +
|
||||
test/test-exec-deserialization.py | 31 +++++++++++++++++++++++++++++++
|
||||
2 files changed, 32 insertions(+)
|
||||
|
||||
diff --git a/src/core/service.c b/src/core/service.c
|
||||
index 4c577db8d7..499f964322 100644
|
||||
--- a/src/core/service.c
|
||||
+++ b/src/core/service.c
|
||||
@@ -2884,6 +2884,7 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) {
|
||||
|
||||
if (s->main_command &&
|
||||
s->main_command->command_next &&
|
||||
+ s->type == SERVICE_ONESHOT &&
|
||||
f == SERVICE_SUCCESS) {
|
||||
|
||||
/* There is another command to *
|
||||
diff --git a/test/test-exec-deserialization.py b/test/test-exec-deserialization.py
|
||||
index 39a9e62e15..c3fe0824c7 100755
|
||||
--- a/test/test-exec-deserialization.py
|
||||
+++ b/test/test-exec-deserialization.py
|
||||
@@ -178,6 +178,37 @@ class ExecutionResumeTest(unittest.TestCase):
|
||||
|
||||
self.assertTrue(not os.path.exists(self.output_file))
|
||||
|
||||
+ def test_issue_6533(self):
|
||||
+ unit = "test-issue-6533.service"
|
||||
+ unitfile_path = "/run/systemd/system/{}".format(unit)
|
||||
+
|
||||
+ content = '''
|
||||
+ [Service]
|
||||
+ ExecStart=/bin/sleep 5
|
||||
+ '''
|
||||
+
|
||||
+ with open(unitfile_path, 'w') as f:
|
||||
+ f.write(content)
|
||||
+
|
||||
+ self.reload()
|
||||
+
|
||||
+ subprocess.check_call(['systemctl', '--job-mode=replace', '--no-block', 'start', unit])
|
||||
+ time.sleep(2)
|
||||
+
|
||||
+ content = '''
|
||||
+ [Service]
|
||||
+ ExecStart=/bin/sleep 5
|
||||
+ ExecStart=/bin/true
|
||||
+ '''
|
||||
+
|
||||
+ with open(unitfile_path, 'w') as f:
|
||||
+ f.write(content)
|
||||
+
|
||||
+ self.reload()
|
||||
+ time.sleep(5)
|
||||
+
|
||||
+ self.assertTrue(subprocess.call("journalctl -b _PID=1 | grep -q 'Freezing execution'", shell=True) != 0)
|
||||
+
|
||||
def tearDown(self):
|
||||
for f in [self.output_file, self.unitfile_path]:
|
||||
try:
|
|
@ -0,0 +1,31 @@
|
|||
From 65f6532eea53d862f7ad51d81f1f7b7c0fb3ac3a Mon Sep 17 00:00:00 2001
|
||||
From: Topi Miettinen <topimiettinen@users.noreply.github.com>
|
||||
Date: Tue, 29 Aug 2017 15:31:24 +0000
|
||||
Subject: [PATCH] namespace: avoid assertion failure (#6649)
|
||||
|
||||
If the root image is not decrypted, it must not be relinquished.
|
||||
|
||||
(cherry picked from commit 07ce74074da29d8577ccbc98001d57253afd88d2)
|
||||
---
|
||||
src/core/namespace.c | 8 +++++---
|
||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/core/namespace.c b/src/core/namespace.c
|
||||
index 05175e9552..3e0d786ca5 100644
|
||||
--- a/src/core/namespace.c
|
||||
+++ b/src/core/namespace.c
|
||||
@@ -1062,9 +1062,11 @@ int setup_namespace(
|
||||
if (r < 0)
|
||||
goto finish;
|
||||
|
||||
- r = decrypted_image_relinquish(decrypted_image);
|
||||
- if (r < 0)
|
||||
- goto finish;
|
||||
+ if (decrypted_image) {
|
||||
+ r = decrypted_image_relinquish(decrypted_image);
|
||||
+ if (r < 0)
|
||||
+ goto finish;
|
||||
+ }
|
||||
|
||||
loop_device_relinquish(loop_device);
|
||||
|
|
@ -0,0 +1,60 @@
|
|||
From ca9cb19a170921a17fa175ed68b8eb36f05ec4ed Mon Sep 17 00:00:00 2001
|
||||
From: g0tar <gotar@polanet.pl>
|
||||
Date: Wed, 30 Aug 2017 10:00:44 +0200
|
||||
Subject: [PATCH] terminal reset should honour default_utf8 kernel setting
|
||||
(#6606)
|
||||
|
||||
terminal reset should honour default_utf8 kernel setting
|
||||
|
||||
(cherry picked from commit 73e669e0fde6b9aabec48327d95c875a70555d34)
|
||||
---
|
||||
src/basic/terminal-util.c | 10 ++++++++--
|
||||
src/login/logind-session.c | 6 +++---
|
||||
2 files changed, 11 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c
|
||||
index 9a8ef825c5..2b6aa6400a 100644
|
||||
--- a/src/basic/terminal-util.c
|
||||
+++ b/src/basic/terminal-util.c
|
||||
@@ -244,6 +244,8 @@ int ask_string(char **ret, const char *text, ...) {
|
||||
|
||||
int reset_terminal_fd(int fd, bool switch_to_text) {
|
||||
struct termios termios;
|
||||
+ _cleanup_free_ char *utf8 = NULL;
|
||||
+ int kb;
|
||||
int r = 0;
|
||||
|
||||
/* Set terminal to some sane defaults */
|
||||
@@ -261,8 +263,12 @@ int reset_terminal_fd(int fd, bool switch_to_text) {
|
||||
if (switch_to_text)
|
||||
(void) ioctl(fd, KDSETMODE, KD_TEXT);
|
||||
|
||||
- /* Enable console unicode mode */
|
||||
- (void) ioctl(fd, KDSKBMODE, K_UNICODE);
|
||||
+ /* Set default keyboard mode */
|
||||
+ if (read_one_line_file("/sys/module/vt/parameters/default_utf8", &utf8) >= 0 && parse_boolean(utf8) == 0)
|
||||
+ kb = K_XLATE;
|
||||
+ else
|
||||
+ kb = K_UNICODE;
|
||||
+ (void) ioctl(fd, KDSKBMODE, kb);
|
||||
|
||||
if (tcgetattr(fd, &termios) < 0) {
|
||||
r = -errno;
|
||||
diff --git a/src/login/logind-session.c b/src/login/logind-session.c
|
||||
index 42dfecaffb..66c27d4fb4 100644
|
||||
--- a/src/login/logind-session.c
|
||||
+++ b/src/login/logind-session.c
|
||||
@@ -1155,10 +1155,10 @@ void session_restore_vt(Session *s) {
|
||||
|
||||
(void) ioctl(vt, KDSETMODE, KD_TEXT);
|
||||
|
||||
- if (read_one_line_file("/sys/module/vt/parameters/default_utf8", &utf8) >= 0 && *utf8 == '1')
|
||||
- kb = K_UNICODE;
|
||||
- else
|
||||
+ if (read_one_line_file("/sys/module/vt/parameters/default_utf8", &utf8) >= 0 && parse_boolean(utf8) == 0)
|
||||
kb = K_XLATE;
|
||||
+ else
|
||||
+ kb = K_UNICODE;
|
||||
|
||||
(void) ioctl(vt, KDSKBMODE, kb);
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
From 60b0ab5c4f7f15454e91902b5ecd3e629a930b32 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Wed, 23 Aug 2017 12:36:36 +0900
|
||||
Subject: [PATCH] networkd: do not fail manager_connect_bus() if dbus is not
|
||||
active yet
|
||||
|
||||
Fixes #6618.
|
||||
|
||||
(cherry picked from commit fb72b1d99f661ea62fd534e4bc1174c6337611c8)
|
||||
---
|
||||
src/network/networkd-manager.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c
|
||||
index 5f10b4f993..718c8bb03f 100644
|
||||
--- a/src/network/networkd-manager.c
|
||||
+++ b/src/network/networkd-manager.c
|
||||
@@ -136,7 +136,7 @@ int manager_connect_bus(Manager *m) {
|
||||
assert(m);
|
||||
|
||||
r = sd_bus_default_system(&m->bus);
|
||||
- if (r == -ENOENT) {
|
||||
+ if (r < 0) {
|
||||
/* We failed to connect? Yuck, we must be in early
|
||||
* boot. Let's try in 5s again. As soon as we have
|
||||
* kdbus we can stop doing this... */
|
|
@ -0,0 +1,35 @@
|
|||
From 6bd2824d07a7cdb622df9a7876185142ad1f48e1 Mon Sep 17 00:00:00 2001
|
||||
From: Tom Gundersen <teg@jklm.no>
|
||||
Date: Wed, 30 Aug 2017 13:09:03 +0200
|
||||
Subject: [PATCH] sd-bus: socket - only transmit auxillary FDs once (#6603)
|
||||
|
||||
If a message is too large to fit into the output buffer, it will be
|
||||
transmitted to the kernel in several chunks. However, the FDs must
|
||||
only ever be transmitted once or they will bereceived by the remote
|
||||
end repeatedly.
|
||||
|
||||
The D-Bus specification disallows several sets of FDs attached to
|
||||
one message, however, the reference implementation of D-Bus will
|
||||
not reject such a message, rather it will reassign the duplicate
|
||||
FDs to subsequent FD-carrying messages.
|
||||
|
||||
This attaches the FD array only to the first byte of the message.
|
||||
|
||||
(cherry picked from commit f29eef2e9072eac6f6570ff7975680bc9caeda2f)
|
||||
---
|
||||
src/libsystemd/sd-bus/bus-socket.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c
|
||||
index 8b25002f01..ab70a0c6e1 100644
|
||||
--- a/src/libsystemd/sd-bus/bus-socket.c
|
||||
+++ b/src/libsystemd/sd-bus/bus-socket.c
|
||||
@@ -800,7 +800,7 @@ int bus_socket_write_message(sd_bus *bus, sd_bus_message *m, size_t *idx) {
|
||||
.msg_iovlen = m->n_iovec,
|
||||
};
|
||||
|
||||
- if (m->n_fds > 0) {
|
||||
+ if (m->n_fds > 0 && *idx == 0) {
|
||||
struct cmsghdr *control;
|
||||
|
||||
mh.msg_control = control = alloca(CMSG_SPACE(sizeof(int) * m->n_fds));
|
|
@ -1,4 +1,4 @@
|
|||
From 6d0fe8a5809ef5ccc8e92bdf2eea031178b87083 Mon Sep 17 00:00:00 2001
|
||||
From 75c8530d909c088c4c3dc63d2cbbc078db9b70c0 Mon Sep 17 00:00:00 2001
|
||||
From: Franck Bui <fbui@suse.com>
|
||||
Date: Wed, 30 Aug 2017 17:16:16 +0200
|
||||
Subject: [PATCH] device: make sure to remove all device units sharing the same
|
||||
|
@ -18,7 +18,7 @@ LIST_FOREACH_SAFE must be use instead.
|
|||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/core/device.c b/src/core/device.c
|
||||
index 77601c552..87186f135 100644
|
||||
index 77601c5520..87186f135b 100644
|
||||
--- a/src/core/device.c
|
||||
+++ b/src/core/device.c
|
||||
@@ -514,7 +514,7 @@ static void device_update_found_one(Device *d, bool add, DeviceFound found, bool
|
||||
|
@ -39,6 +39,3 @@ index 77601c552..87186f135 100644
|
|||
device_update_found_one(d, add, found, now);
|
||||
|
||||
return 0;
|
||||
--
|
||||
2.13.5
|
||||
|
|
@ -0,0 +1,81 @@
|
|||
From a7c3c58bd9fac86d5f8e626ec402daa2a93d7bb3 Mon Sep 17 00:00:00 2001
|
||||
From: NeilBrown <neil@brown.name>
|
||||
Date: Thu, 31 Aug 2017 02:48:25 +1000
|
||||
Subject: [PATCH] shutdown: don't remount,ro network filesystems. (#6588)
|
||||
|
||||
systemd-shutdown is run after the network is stopped,
|
||||
so remounting a network filesystem read-only can hang.
|
||||
A simple umount is the most useful thing that can
|
||||
be done for a network filesystem once the network is down.
|
||||
|
||||
(cherry picked from commit 9cbc4547702aac28466c497f720038b9e2dc510c)
|
||||
---
|
||||
src/core/umount.c | 18 +++++++++++++-----
|
||||
1 file changed, 13 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/core/umount.c b/src/core/umount.c
|
||||
index 591dac71f0..b83f631141 100644
|
||||
--- a/src/core/umount.c
|
||||
+++ b/src/core/umount.c
|
||||
@@ -37,12 +37,14 @@
|
||||
#include "string-util.h"
|
||||
#include "udev-util.h"
|
||||
#include "umount.h"
|
||||
+#include "mount-util.h"
|
||||
#include "util.h"
|
||||
#include "virt.h"
|
||||
|
||||
typedef struct MountPoint {
|
||||
char *path;
|
||||
char *options;
|
||||
+ char *type;
|
||||
dev_t devnum;
|
||||
LIST_FIELDS(struct MountPoint, mount_point);
|
||||
} MountPoint;
|
||||
@@ -76,7 +78,7 @@ static int mount_points_list_get(MountPoint **head) {
|
||||
return -errno;
|
||||
|
||||
for (i = 1;; i++) {
|
||||
- _cleanup_free_ char *path = NULL, *options = NULL;
|
||||
+ _cleanup_free_ char *path = NULL, *options = NULL, *type = NULL;
|
||||
char *p = NULL;
|
||||
MountPoint *m;
|
||||
int k;
|
||||
@@ -90,11 +92,11 @@ static int mount_points_list_get(MountPoint **head) {
|
||||
"%*s" /* (6) mount flags */
|
||||
"%*[^-]" /* (7) optional fields */
|
||||
"- " /* (8) separator */
|
||||
- "%*s " /* (9) file system type */
|
||||
+ "%ms " /* (9) file system type */
|
||||
"%*s" /* (10) mount source */
|
||||
"%ms" /* (11) mount options */
|
||||
"%*[^\n]", /* some rubbish at the end */
|
||||
- &path, &options);
|
||||
+ &path, &type, &options);
|
||||
if (k != 2) {
|
||||
if (k == EOF)
|
||||
break;
|
||||
@@ -132,6 +134,8 @@ static int mount_points_list_get(MountPoint **head) {
|
||||
m->path = p;
|
||||
m->options = options;
|
||||
options = NULL;
|
||||
+ m->type = type;
|
||||
+ type = NULL;
|
||||
|
||||
LIST_PREPEND(mount_point, *head, m);
|
||||
}
|
||||
@@ -388,8 +392,12 @@ static int mount_points_list_umount(MountPoint **head, bool *changed, bool log_e
|
||||
/* If we are in a container, don't attempt to
|
||||
read-only mount anything as that brings no real
|
||||
benefits, but might confuse the host, as we remount
|
||||
- the superblock here, not the bind mount. */
|
||||
- if (detect_container() <= 0) {
|
||||
+ the superblock here, not the bind mount.
|
||||
+ If the filesystem is a network fs, also skip the
|
||||
+ remount. It brings no value (we cannot leave
|
||||
+ a "dirty fs") and could hang if the network is down. */
|
||||
+ if (detect_container() <= 0 &&
|
||||
+ !fstype_is_network(m->type)) {
|
||||
_cleanup_free_ char *options = NULL;
|
||||
/* MS_REMOUNT requires that the data parameter
|
||||
* should be the same from the original mount
|
|
@ -0,0 +1,29 @@
|
|||
From f5f367d4a9872453888da79bdff3a50f78a9758a Mon Sep 17 00:00:00 2001
|
||||
From: Ivan Shapovalov <intelfx@intelfx.name>
|
||||
Date: Wed, 30 Aug 2017 19:49:07 +0300
|
||||
Subject: [PATCH] cryptsetup-generator: do not bind to the decrypted device
|
||||
unit (#6538)
|
||||
|
||||
This breaks things when the decrypted device is not immediately
|
||||
`SYSTEMD_READY=1` (e. g. when a multi-device btrfs system is placed on
|
||||
multiple cryptsetup devices).
|
||||
|
||||
Fixes #6537.
|
||||
|
||||
(cherry picked from commit e9ea4526a3a3b41eced29b8d742498cc36750424)
|
||||
---
|
||||
src/cryptsetup/cryptsetup-generator.c | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
|
||||
index b58b6db7c9..f737f82b55 100644
|
||||
--- a/src/cryptsetup/cryptsetup-generator.c
|
||||
+++ b/src/cryptsetup/cryptsetup-generator.c
|
||||
@@ -109,7 +109,6 @@ static int create_disk(
|
||||
"SourcePath=/etc/crypttab\n"
|
||||
"DefaultDependencies=no\n"
|
||||
"Conflicts=umount.target\n"
|
||||
- "BindsTo=dev-mapper-%i.device\n"
|
||||
"IgnoreOnIsolate=true\n"
|
||||
"After=cryptsetup-pre.target\n",
|
||||
f);
|
|
@ -0,0 +1,33 @@
|
|||
From 342c2fdaf94f195f6273a88f9fe430c189e7168f Mon Sep 17 00:00:00 2001
|
||||
From: Topi Miettinen <topimiettinen@users.noreply.github.com>
|
||||
Date: Thu, 31 Aug 2017 08:37:32 +0000
|
||||
Subject: [PATCH] log: reopen log for failed assertions (#6703)
|
||||
|
||||
Reopen log so that failed and aborting assertions can be written to log.
|
||||
|
||||
Closes: #6658
|
||||
(cherry picked from commit ea89a119cda917a17bd186b3c13197acfd655b12)
|
||||
---
|
||||
src/basic/log.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/basic/log.c b/src/basic/log.c
|
||||
index 3fd53800a0..ad99773cbb 100644
|
||||
--- a/src/basic/log.c
|
||||
+++ b/src/basic/log.c
|
||||
@@ -804,6 +804,7 @@ noreturn void log_assert_failed_realm(
|
||||
const char *file,
|
||||
int line,
|
||||
const char *func) {
|
||||
+ log_open();
|
||||
log_assert(LOG_REALM_PLUS_LEVEL(realm, LOG_CRIT), text, file, line, func,
|
||||
"Assertion '%s' failed at %s:%u, function %s(). Aborting.");
|
||||
abort();
|
||||
@@ -815,6 +816,7 @@ noreturn void log_assert_failed_unreachable_realm(
|
||||
const char *file,
|
||||
int line,
|
||||
const char *func) {
|
||||
+ log_open();
|
||||
log_assert(LOG_REALM_PLUS_LEVEL(realm, LOG_CRIT), text, file, line, func,
|
||||
"Code should not be reached '%s' at %s:%u, function %s(). Aborting.");
|
||||
abort();
|
|
@ -0,0 +1,38 @@
|
|||
From 7943496d000c91b917a6f61dd42749c490ba3b2d Mon Sep 17 00:00:00 2001
|
||||
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||
Date: Thu, 31 Aug 2017 11:38:30 +0300
|
||||
Subject: [PATCH] sd-bus: use -- when passing arguments to ssh (#6706)
|
||||
|
||||
This prevents `systemctl` from runnning /bin/touch when the following
|
||||
command is used:
|
||||
```
|
||||
systemctl -H '-oProxyCommand=/bin/touch i-shouldnt-be-here' show-environment
|
||||
```
|
||||
|
||||
(cherry picked from commit 58c6e4a2c00c47d0941cb978ec025b13e1798bf3)
|
||||
---
|
||||
src/libsystemd/sd-bus/sd-bus.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
|
||||
index 2f065c2657..fc01191e4e 100644
|
||||
--- a/src/libsystemd/sd-bus/sd-bus.c
|
||||
+++ b/src/libsystemd/sd-bus/sd-bus.c
|
||||
@@ -1344,7 +1344,7 @@ int bus_set_address_system_remote(sd_bus *b, const char *host) {
|
||||
if (!e)
|
||||
return -ENOMEM;
|
||||
|
||||
- c = strjoina(",argv4=--machine=", m);
|
||||
+ c = strjoina(",argv5=--machine=", m);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1354,7 +1354,7 @@ int bus_set_address_system_remote(sd_bus *b, const char *host) {
|
||||
return -ENOMEM;
|
||||
}
|
||||
|
||||
- b->address = strjoin("unixexec:path=ssh,argv1=-xT,argv2=", e, ",argv3=systemd-stdio-bridge", c);
|
||||
+ b->address = strjoin("unixexec:path=ssh,argv1=-xT,argv2=--,argv3=", e, ",argv4=systemd-stdio-bridge", c);
|
||||
if (!b->address)
|
||||
return -ENOMEM;
|
||||
|
|
@ -0,0 +1,38 @@
|
|||
From 642b62dfb642a2695c091d11db727ef920715250 Mon Sep 17 00:00:00 2001
|
||||
From: Andrew Jeddeloh <andrewjeddeloh@gmail.com>
|
||||
Date: Thu, 31 Aug 2017 01:58:39 -0700
|
||||
Subject: [PATCH] networkd: dont crash when mtu changes (#6594)
|
||||
|
||||
Prevent networkd from crashing when UseMTU is used. Many drivers will
|
||||
bring the link down and then back up to configure a new MTU. Networkd
|
||||
will also asynchonously send rtnl messages to configure the link and may
|
||||
receive responses after the link has gone down and come back up (which
|
||||
networkd will handle and set the lease and network to NULL.
|
||||
|
||||
This changes the behavior to instead return if this is the case instead
|
||||
of crashing via assert.
|
||||
|
||||
(cherry picked from commit 0c9b15a38a558d8f84257455ee24174221069e9e)
|
||||
---
|
||||
src/network/networkd-dhcp4.c | 8 ++++++--
|
||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c
|
||||
index 9229b5753c..77771688e1 100644
|
||||
--- a/src/network/networkd-dhcp4.c
|
||||
+++ b/src/network/networkd-dhcp4.c
|
||||
@@ -71,8 +71,12 @@ static int link_set_dhcp_routes(Link *link) {
|
||||
int r, n, i;
|
||||
|
||||
assert(link);
|
||||
- assert(link->dhcp_lease);
|
||||
- assert(link->network);
|
||||
+
|
||||
+ if (!link->dhcp_lease) /* link went down while we configured the IP addresses? */
|
||||
+ return 0;
|
||||
+
|
||||
+ if (!link->network) /* link went down while we configured the IP addresses? */
|
||||
+ return 0;
|
||||
|
||||
if (!link->network->dhcp_use_routes)
|
||||
return 0;
|
|
@ -0,0 +1,22 @@
|
|||
From af9f32c663c244f9f5f8bf5e0a7ae40b07bda4c7 Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Wed, 23 Aug 2017 15:58:03 +0100
|
||||
Subject: [PATCH] logind: remember to remove '/run/systemd/shutdown/scheduled'
|
||||
|
||||
(cherry picked from commit cbc373502f1d6e2df01e43538006e31975f555ec)
|
||||
---
|
||||
src/login/logind-dbus.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
|
||||
index c9b7d99818..242ad4fb2b 100644
|
||||
--- a/src/login/logind-dbus.c
|
||||
+++ b/src/login/logind-dbus.c
|
||||
@@ -1496,6 +1496,7 @@ static void reset_scheduled_shutdown(Manager *m) {
|
||||
(void) unlink("/run/nologin");
|
||||
m->unlink_nologin = false;
|
||||
}
|
||||
+ (void) unlink("/run/systemd/shutdown/scheduled");
|
||||
}
|
||||
|
||||
static int execute_shutdown_or_sleep(
|
|
@ -0,0 +1,34 @@
|
|||
From 2a0c34eea8f68811f6eee2ad32652f20182d322e Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Tue, 22 Aug 2017 13:54:21 +0100
|
||||
Subject: [PATCH] logind: method_schedule_shutdown() already rejects empty
|
||||
`type`
|
||||
|
||||
Don't test for an empty `type` afterwards. This is not how you cancel
|
||||
scheduled shutdowns - there's a separate method for that.
|
||||
|
||||
(cherry picked from commit f8169e62dfc9ea903bc880064a5d384cdc68db3e)
|
||||
---
|
||||
src/login/logind-dbus.c | 9 +++------
|
||||
1 file changed, 3 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
|
||||
index 242ad4fb2b..f0943e56e0 100644
|
||||
--- a/src/login/logind-dbus.c
|
||||
+++ b/src/login/logind-dbus.c
|
||||
@@ -2051,12 +2051,9 @@ static int method_schedule_shutdown(sd_bus_message *message, void *userdata, sd_
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
- if (!isempty(type)) {
|
||||
- r = update_schedule_file(m);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
- } else
|
||||
- (void) unlink("/run/systemd/shutdown/scheduled");
|
||||
+ r = update_schedule_file(m);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
|
||||
return sd_bus_reply_method_return(message, NULL);
|
||||
}
|
|
@ -0,0 +1,55 @@
|
|||
From d0968b783128667b1db0e97d6774a0a1f15fa152 Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Mon, 21 Aug 2017 11:49:25 +0100
|
||||
Subject: [PATCH] logind: add missing check for conflicting operation v.s.
|
||||
scheduled shutdown
|
||||
|
||||
> We don't want to shutdown while a suspend is running, and vice versa.
|
||||
> This would be confusing and could lead to data loss in the worst case.
|
||||
|
||||
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1441253/comments/4
|
||||
|
||||
According to the above comment, if the conflicting operation is hung,
|
||||
we don't want to force things when the admin has not passed a force option.
|
||||
|
||||
Similarly if you're not an admin, you probably shouldn't get to sneak
|
||||
around this check by using a scheduled shutdown instead of an unscheduled
|
||||
one. (And no-one so far thought it necessary to add such a permission in
|
||||
PolKit).
|
||||
|
||||
Note that if the conflicting operation was _not_ hung, and we lost the
|
||||
race with suspend, the system might not have shut down at the scheduled
|
||||
time anyway. Which is no good if you were scheduling a power outage.
|
||||
And scheduling a shutdown for an arbitrary time when the system is resumed,
|
||||
does not seem a very useful semantic. More likely, scheduled shutdowns are
|
||||
useful on systems which do not use suspend, such as multi-user servers.
|
||||
(In which case even PolKit defaults likely don't let the users trigger
|
||||
suspend).
|
||||
|
||||
(cherry picked from commit b498d6ea9f72520c579035928d16c527d992bca8)
|
||||
---
|
||||
src/login/logind-dbus.c | 10 ++++++++--
|
||||
1 file changed, 8 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
|
||||
index f0943e56e0..3f05c86f5c 100644
|
||||
--- a/src/login/logind-dbus.c
|
||||
+++ b/src/login/logind-dbus.c
|
||||
@@ -1946,9 +1946,15 @@ static int manager_scheduled_shutdown_handler(
|
||||
else
|
||||
target = SPECIAL_REBOOT_TARGET;
|
||||
|
||||
- r = execute_shutdown_or_sleep(m, 0, target, &error);
|
||||
+ /* Don't allow multiple jobs being executed at the same time */
|
||||
+ if (m->action_what) {
|
||||
+ log_error("Scheduled shutdown to %s failed: shutdown or sleep operation already in progress", target);
|
||||
+ return -EALREADY;
|
||||
+ }
|
||||
+
|
||||
+ r = execute_shutdown_or_sleep(m, INHIBIT_SHUTDOWN, target, &error);
|
||||
if (r < 0)
|
||||
- return log_error_errno(r, "Unable to execute transition to %s: %m", target);
|
||||
+ return log_error_errno(r, "Scheduled shutdown to %s failed: %m", target);
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,179 @@
|
|||
From 7d9e4212490f7c42d419de4befb438e173380da7 Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Mon, 21 Aug 2017 17:28:35 +0100
|
||||
Subject: [PATCH] logind: respect "delay" inhibitors in scheduled shutdowns
|
||||
|
||||
There is no justification not to wait an extra (default) 5 seconds, for
|
||||
a more graceful shutdown of user programs. Again, you don't get to ignore
|
||||
delay inhibitors for unscheduled shutdowns, short of
|
||||
`systemctl poweroff -f`.
|
||||
|
||||
It is simplest if we move the test for `m->shutdown_dry_run` into
|
||||
manager_scheduled_shutdown_handler().
|
||||
|
||||
However we need to not add such delays during a "dry run". Otherwise, we
|
||||
would still have to be considered "in progress" for some seconds after our
|
||||
admin has seen the final wall message. If they go to `poweroff`, we would
|
||||
have blocked them with a misleading error message. Note this `poweroff`
|
||||
will still process delay inhibitors as needed. If the admin planned to
|
||||
use a more forceful method... eh. It's their responsibility to assess
|
||||
whether that's safe.
|
||||
|
||||
There is an argument that the alternative behaviour could be used (racily!)
|
||||
to kludge around them not being able to shutdown to "single user mode". If
|
||||
we cared about that case, we would have easily preserved non-racy support
|
||||
for it in `shutdown`.
|
||||
|
||||
Additionally, though I think this code does read more easily by reducing
|
||||
inconsistencies, we didn't come up with any use case for delay inhibitors
|
||||
v.s. shutdown.[1] The SIGTERM v.s. SIGKILL delay is more general, and we
|
||||
allow a whole 90 seconds for it, not just 5. So I don't think keeping this
|
||||
approach bears a risk of significant damage.
|
||||
|
||||
[1] https://www.freedesktop.org/wiki/Software/systemd/inhibit/
|
||||
|
||||
(cherry picked from commit df75a1a8aa5420335a56093077fa8cfcbfffac78)
|
||||
---
|
||||
src/login/logind-dbus.c | 91 ++++++++++++++++++++++++++-----------------------
|
||||
1 file changed, 48 insertions(+), 43 deletions(-)
|
||||
|
||||
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
|
||||
index 3f05c86f5c..1fd64d32b7 100644
|
||||
--- a/src/login/logind-dbus.c
|
||||
+++ b/src/login/logind-dbus.c
|
||||
@@ -1399,7 +1399,6 @@ static int have_multiple_sessions(
|
||||
|
||||
static int bus_manager_log_shutdown(
|
||||
Manager *m,
|
||||
- InhibitWhat w,
|
||||
const char *unit_name) {
|
||||
|
||||
const char *p, *q;
|
||||
@@ -1407,9 +1406,6 @@ static int bus_manager_log_shutdown(
|
||||
assert(m);
|
||||
assert(unit_name);
|
||||
|
||||
- if (w != INHIBIT_SHUTDOWN)
|
||||
- return 0;
|
||||
-
|
||||
if (streq(unit_name, SPECIAL_POWEROFF_TARGET)) {
|
||||
p = "MESSAGE=System is powering down";
|
||||
q = "SHUTDOWN=power-off";
|
||||
@@ -1484,21 +1480,6 @@ int manager_set_lid_switch_ignore(Manager *m, usec_t until) {
|
||||
return r;
|
||||
}
|
||||
|
||||
-static void reset_scheduled_shutdown(Manager *m) {
|
||||
- m->scheduled_shutdown_timeout_source = sd_event_source_unref(m->scheduled_shutdown_timeout_source);
|
||||
- m->wall_message_timeout_source = sd_event_source_unref(m->wall_message_timeout_source);
|
||||
- m->nologin_timeout_source = sd_event_source_unref(m->nologin_timeout_source);
|
||||
- m->scheduled_shutdown_type = mfree(m->scheduled_shutdown_type);
|
||||
- m->scheduled_shutdown_timeout = 0;
|
||||
- m->shutdown_dry_run = false;
|
||||
-
|
||||
- if (m->unlink_nologin) {
|
||||
- (void) unlink("/run/nologin");
|
||||
- m->unlink_nologin = false;
|
||||
- }
|
||||
- (void) unlink("/run/systemd/shutdown/scheduled");
|
||||
-}
|
||||
-
|
||||
static int execute_shutdown_or_sleep(
|
||||
Manager *m,
|
||||
InhibitWhat w,
|
||||
@@ -1515,32 +1496,28 @@ static int execute_shutdown_or_sleep(
|
||||
assert(w < _INHIBIT_WHAT_MAX);
|
||||
assert(unit_name);
|
||||
|
||||
- bus_manager_log_shutdown(m, w, unit_name);
|
||||
+ if (w == INHIBIT_SHUTDOWN)
|
||||
+ bus_manager_log_shutdown(m, unit_name);
|
||||
|
||||
- if (m->shutdown_dry_run) {
|
||||
- log_info("Running in dry run, suppressing action.");
|
||||
- reset_scheduled_shutdown(m);
|
||||
- } else {
|
||||
- r = sd_bus_call_method(
|
||||
- m->bus,
|
||||
- "org.freedesktop.systemd1",
|
||||
- "/org/freedesktop/systemd1",
|
||||
- "org.freedesktop.systemd1.Manager",
|
||||
- "StartUnit",
|
||||
- error,
|
||||
- &reply,
|
||||
- "ss", unit_name, "replace-irreversibly");
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
+ r = sd_bus_call_method(
|
||||
+ m->bus,
|
||||
+ "org.freedesktop.systemd1",
|
||||
+ "/org/freedesktop/systemd1",
|
||||
+ "org.freedesktop.systemd1.Manager",
|
||||
+ "StartUnit",
|
||||
+ error,
|
||||
+ &reply,
|
||||
+ "ss", unit_name, "replace-irreversibly");
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
|
||||
- r = sd_bus_message_read(reply, "o", &p);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
+ r = sd_bus_message_read(reply, "o", &p);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
|
||||
- c = strdup(p);
|
||||
- if (!c)
|
||||
- return -ENOMEM;
|
||||
- }
|
||||
+ c = strdup(p);
|
||||
+ if (!c)
|
||||
+ return -ENOMEM;
|
||||
|
||||
m->action_unit = unit_name;
|
||||
free(m->action_job);
|
||||
@@ -1924,6 +1901,21 @@ fail:
|
||||
return log_error_errno(r, "Failed to write information about scheduled shutdowns: %m");
|
||||
}
|
||||
|
||||
+static void reset_scheduled_shutdown(Manager *m) {
|
||||
+ m->scheduled_shutdown_timeout_source = sd_event_source_unref(m->scheduled_shutdown_timeout_source);
|
||||
+ m->wall_message_timeout_source = sd_event_source_unref(m->wall_message_timeout_source);
|
||||
+ m->nologin_timeout_source = sd_event_source_unref(m->nologin_timeout_source);
|
||||
+ m->scheduled_shutdown_type = mfree(m->scheduled_shutdown_type);
|
||||
+ m->scheduled_shutdown_timeout = 0;
|
||||
+ m->shutdown_dry_run = false;
|
||||
+
|
||||
+ if (m->unlink_nologin) {
|
||||
+ (void) unlink("/run/nologin");
|
||||
+ m->unlink_nologin = false;
|
||||
+ }
|
||||
+ (void) unlink("/run/systemd/shutdown/scheduled");
|
||||
+}
|
||||
+
|
||||
static int manager_scheduled_shutdown_handler(
|
||||
sd_event_source *s,
|
||||
uint64_t usec,
|
||||
@@ -1952,7 +1944,20 @@ static int manager_scheduled_shutdown_handler(
|
||||
return -EALREADY;
|
||||
}
|
||||
|
||||
- r = execute_shutdown_or_sleep(m, INHIBIT_SHUTDOWN, target, &error);
|
||||
+ if (m->shutdown_dry_run) {
|
||||
+ /* We do not process delay inhibitors here. Otherwise, we
|
||||
+ * would have to be considered "in progress" (like the check
|
||||
+ * above) for some seconds after our admin has seen the final
|
||||
+ * wall message. */
|
||||
+
|
||||
+ bus_manager_log_shutdown(m, target);
|
||||
+ log_info("Running in dry run, suppressing action.");
|
||||
+ reset_scheduled_shutdown(m);
|
||||
+
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ r = bus_manager_shutdown_or_sleep_now_or_later(m, target, INHIBIT_SHUTDOWN, &error);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Scheduled shutdown to %s failed: %m", target);
|
||||
|
|
@ -0,0 +1,166 @@
|
|||
From 1e3b4e30a2d030e9f81584a61b32b6541754fe02 Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Thu, 24 Aug 2017 10:33:24 +0100
|
||||
Subject: [PATCH] logind: add missing resume signal when we fail to initiate
|
||||
sleep/shutdown
|
||||
|
||||
This fixed https://bugzilla.redhat.com/show_bug.cgi?id=1476313
|
||||
as much as I was able to reproduce it in a VM, at least.
|
||||
|
||||
E.g. this signal might wake the screen back up, providing a more visible
|
||||
indicator of suspend failure. In my VM testing, it was also required in
|
||||
order to unblock keyboard input in gnome-shell after the failed suspend.
|
||||
|
||||
At the same time, fix the error handling for scheduled shutdowns. This now
|
||||
mirrors the behaviour of when you use `shutdown -k` - it sends all the
|
||||
scary messages about shutting down, "but you'll have to do it [shut down
|
||||
the system] yourself". It also avoids the risk of locking out the admin
|
||||
(nologin file), in case they logged out for some reason (and they use
|
||||
`sudo` instead of root).
|
||||
|
||||
Not that I have any idea why you'd want to use `shutdown -k`, but the code
|
||||
is easier to analyze if it rolls back on error (in the absence of any code
|
||||
comment as to why that's not wanted).
|
||||
|
||||
(cherry picked from commit 6d7f7fd49f8a094fc36e750de1e80afea80c8228)
|
||||
---
|
||||
src/login/logind-dbus.c | 76 ++++++++++++++++++++++++++++++-------------------
|
||||
1 file changed, 46 insertions(+), 30 deletions(-)
|
||||
|
||||
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
|
||||
index 1fd64d32b7..e868a48f8c 100644
|
||||
--- a/src/login/logind-dbus.c
|
||||
+++ b/src/login/logind-dbus.c
|
||||
@@ -1480,6 +1480,28 @@ int manager_set_lid_switch_ignore(Manager *m, usec_t until) {
|
||||
return r;
|
||||
}
|
||||
|
||||
+static int send_prepare_for(Manager *m, InhibitWhat w, bool _active) {
|
||||
+
|
||||
+ static const char * const signal_name[_INHIBIT_WHAT_MAX] = {
|
||||
+ [INHIBIT_SHUTDOWN] = "PrepareForShutdown",
|
||||
+ [INHIBIT_SLEEP] = "PrepareForSleep"
|
||||
+ };
|
||||
+
|
||||
+ int active = _active;
|
||||
+
|
||||
+ assert(m);
|
||||
+ assert(w >= 0);
|
||||
+ assert(w < _INHIBIT_WHAT_MAX);
|
||||
+ assert(signal_name[w]);
|
||||
+
|
||||
+ return sd_bus_emit_signal(m->bus,
|
||||
+ "/org/freedesktop/login1",
|
||||
+ "org.freedesktop.login1.Manager",
|
||||
+ signal_name[w],
|
||||
+ "b",
|
||||
+ active);
|
||||
+}
|
||||
+
|
||||
static int execute_shutdown_or_sleep(
|
||||
Manager *m,
|
||||
InhibitWhat w,
|
||||
@@ -1509,15 +1531,17 @@ static int execute_shutdown_or_sleep(
|
||||
&reply,
|
||||
"ss", unit_name, "replace-irreversibly");
|
||||
if (r < 0)
|
||||
- return r;
|
||||
+ goto error;
|
||||
|
||||
r = sd_bus_message_read(reply, "o", &p);
|
||||
if (r < 0)
|
||||
- return r;
|
||||
+ goto error;
|
||||
|
||||
c = strdup(p);
|
||||
- if (!c)
|
||||
- return -ENOMEM;
|
||||
+ if (!c) {
|
||||
+ r = -ENOMEM;
|
||||
+ goto error;
|
||||
+ }
|
||||
|
||||
m->action_unit = unit_name;
|
||||
free(m->action_job);
|
||||
@@ -1528,6 +1552,12 @@ static int execute_shutdown_or_sleep(
|
||||
manager_set_lid_switch_ignore(m, now(CLOCK_MONOTONIC) + m->holdoff_timeout_usec);
|
||||
|
||||
return 0;
|
||||
+
|
||||
+error:
|
||||
+ /* Tell people that they now may take a lock again */
|
||||
+ send_prepare_for(m, m->action_what, false);
|
||||
+
|
||||
+ return r;
|
||||
}
|
||||
|
||||
int manager_dispatch_delayed(Manager *manager, bool timeout) {
|
||||
@@ -1558,7 +1588,8 @@ int manager_dispatch_delayed(Manager *manager, bool timeout) {
|
||||
/* Actually do the operation */
|
||||
r = execute_shutdown_or_sleep(manager, manager->action_what, manager->action_unit, &error);
|
||||
if (r < 0) {
|
||||
- log_warning("Failed to send delayed message: %s", bus_error_message(&error, r));
|
||||
+ log_warning("Error during inhibitor-delayed operation (already returned success to client): %s",
|
||||
+ bus_error_message(&error, r));
|
||||
|
||||
manager->action_unit = NULL;
|
||||
manager->action_what = 0;
|
||||
@@ -1619,28 +1650,6 @@ static int delay_shutdown_or_sleep(
|
||||
return 0;
|
||||
}
|
||||
|
||||
-static int send_prepare_for(Manager *m, InhibitWhat w, bool _active) {
|
||||
-
|
||||
- static const char * const signal_name[_INHIBIT_WHAT_MAX] = {
|
||||
- [INHIBIT_SHUTDOWN] = "PrepareForShutdown",
|
||||
- [INHIBIT_SLEEP] = "PrepareForSleep"
|
||||
- };
|
||||
-
|
||||
- int active = _active;
|
||||
-
|
||||
- assert(m);
|
||||
- assert(w >= 0);
|
||||
- assert(w < _INHIBIT_WHAT_MAX);
|
||||
- assert(signal_name[w]);
|
||||
-
|
||||
- return sd_bus_emit_signal(m->bus,
|
||||
- "/org/freedesktop/login1",
|
||||
- "org.freedesktop.login1.Manager",
|
||||
- signal_name[w],
|
||||
- "b",
|
||||
- active);
|
||||
-}
|
||||
-
|
||||
int bus_manager_shutdown_or_sleep_now_or_later(
|
||||
Manager *m,
|
||||
const char *unit_name,
|
||||
@@ -1940,8 +1949,9 @@ static int manager_scheduled_shutdown_handler(
|
||||
|
||||
/* Don't allow multiple jobs being executed at the same time */
|
||||
if (m->action_what) {
|
||||
+ r = -EALREADY;
|
||||
log_error("Scheduled shutdown to %s failed: shutdown or sleep operation already in progress", target);
|
||||
- return -EALREADY;
|
||||
+ goto error;
|
||||
}
|
||||
|
||||
if (m->shutdown_dry_run) {
|
||||
@@ -1958,10 +1968,16 @@ static int manager_scheduled_shutdown_handler(
|
||||
}
|
||||
|
||||
r = bus_manager_shutdown_or_sleep_now_or_later(m, target, INHIBIT_SHUTDOWN, &error);
|
||||
- if (r < 0)
|
||||
- return log_error_errno(r, "Scheduled shutdown to %s failed: %m", target);
|
||||
+ if (r < 0) {
|
||||
+ log_error_errno(r, "Scheduled shutdown to %s failed: %m", target);
|
||||
+ goto error;
|
||||
+ }
|
||||
|
||||
return 0;
|
||||
+
|
||||
+error:
|
||||
+ reset_scheduled_shutdown(m);
|
||||
+ return r;
|
||||
}
|
||||
|
||||
static int method_schedule_shutdown(sd_bus_message *message, void *userdata, sd_bus_error *error) {
|
|
@ -0,0 +1,37 @@
|
|||
From ee4cb7618ab6232c78865357a153d99a4023ad13 Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Thu, 24 Aug 2017 15:21:21 +0100
|
||||
Subject: [PATCH] logind: tighten assertion in execute_shutdown_or_sleep()
|
||||
|
||||
Following commit b498d6ea, I belated realized we should tighten the
|
||||
assertions as well, to make sure that we're setting `m->action_what` to
|
||||
represent an action in progress. (The check for an action in progress is
|
||||
to compare `m->action_what` to zero)
|
||||
|
||||
(cherry picked from commit b61fa4e00166b2bf593e0f6edbb277543f03915f)
|
||||
---
|
||||
src/login/logind-dbus.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
|
||||
index e868a48f8c..ba5cb19c6b 100644
|
||||
--- a/src/login/logind-dbus.c
|
||||
+++ b/src/login/logind-dbus.c
|
||||
@@ -1514,7 +1514,7 @@ static int execute_shutdown_or_sleep(
|
||||
int r;
|
||||
|
||||
assert(m);
|
||||
- assert(w >= 0);
|
||||
+ assert(w > 0);
|
||||
assert(w < _INHIBIT_WHAT_MAX);
|
||||
assert(unit_name);
|
||||
|
||||
@@ -1661,7 +1661,7 @@ int bus_manager_shutdown_or_sleep_now_or_later(
|
||||
|
||||
assert(m);
|
||||
assert(unit_name);
|
||||
- assert(w >= 0);
|
||||
+ assert(w > 0);
|
||||
assert(w <= _INHIBIT_WHAT_MAX);
|
||||
assert(!m->action_job);
|
||||
|
|
@ -0,0 +1,60 @@
|
|||
From 9ad12be34d5f12c91b26e859fb8aac184f50cea5 Mon Sep 17 00:00:00 2001
|
||||
From: Michal Sekletar <msekletar@users.noreply.github.com>
|
||||
Date: Thu, 31 Aug 2017 12:45:25 +0200
|
||||
Subject: [PATCH] tmpfiles: with "e" don't attempt to set permissions when file
|
||||
doesn't exist (#6682)
|
||||
|
||||
tmpfiles.d option "e" when run through systemd-tmpfiles --create should
|
||||
apply configured permissions (uid,gid) only to already existing
|
||||
files. When file doesn't exist we bail out with error. Instead we should
|
||||
silently ignore non-existing files.
|
||||
|
||||
$ useradd test
|
||||
$ cat /etc/tmpfiles.d/foobar.conf
|
||||
e /tmp/test - test test 1d
|
||||
$ ls -l /tmp/test
|
||||
ls: cannot access '/tmp/test': No such file or directory
|
||||
|
||||
Before:
|
||||
$ systemd-tmpfiles --create /etc/tmpfiles.d/foobar.conf
|
||||
Adjusting owner and mode for /tmp/test failed: No such file or directory
|
||||
$ echo $?
|
||||
1
|
||||
|
||||
After:
|
||||
$ systemd-tmpfiles --create /etc/tmpfiles.d/foobar.conf
|
||||
$ echo $?
|
||||
0
|
||||
|
||||
(cherry picked from commit 780e2ee187e373565f9ded2859f8c6c7760b814a)
|
||||
---
|
||||
src/tmpfiles/tmpfiles.c | 16 ++++++++++++++--
|
||||
1 file changed, 14 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
|
||||
index 9419c99e28..0ee606fc30 100644
|
||||
--- a/src/tmpfiles/tmpfiles.c
|
||||
+++ b/src/tmpfiles/tmpfiles.c
|
||||
@@ -617,8 +617,20 @@ static int path_set_perms(Item *i, const char *path) {
|
||||
* O_PATH. */
|
||||
|
||||
fd = open(path, O_NOFOLLOW|O_CLOEXEC|O_PATH);
|
||||
- if (fd < 0)
|
||||
- return log_error_errno(errno, "Adjusting owner and mode for %s failed: %m", path);
|
||||
+ if (fd < 0) {
|
||||
+ int level = LOG_ERR, r = -errno;
|
||||
+
|
||||
+ /* Option "e" operates only on existing objects. Do not
|
||||
+ * print errors about non-existent files or directories */
|
||||
+ if (i->type == EMPTY_DIRECTORY && errno == ENOENT) {
|
||||
+ level = LOG_DEBUG;
|
||||
+ r = 0;
|
||||
+ }
|
||||
+
|
||||
+ log_full_errno(level, errno, "Adjusting owner and mode for %s failed: %m", path);
|
||||
+
|
||||
+ return r;
|
||||
+ }
|
||||
|
||||
if (fstatat(fd, "", &st, AT_EMPTY_PATH) < 0)
|
||||
return log_error_errno(errno, "Failed to fstat() file %s: %m", path);
|
|
@ -0,0 +1,23 @@
|
|||
From 000caa49a4ca3c18f38ac8dbb3d8bde39bc7cbbe Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Thu, 31 Aug 2017 18:31:08 +0900
|
||||
Subject: [PATCH] man: fix path for storing random seed
|
||||
|
||||
(cherry picked from commit 621a2c804ce91763221799cde9d412423fcf8b51)
|
||||
---
|
||||
man/systemd-random-seed.service.xml | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/man/systemd-random-seed.service.xml b/man/systemd-random-seed.service.xml
|
||||
index f3b5a947da..9ec01b6c34 100644
|
||||
--- a/man/systemd-random-seed.service.xml
|
||||
+++ b/man/systemd-random-seed.service.xml
|
||||
@@ -48,7 +48,7 @@
|
||||
|
||||
<refsynopsisdiv>
|
||||
<para><filename>systemd-random-seed.service</filename></para>
|
||||
- <para><filename>/usr/lib/systemd/systemd-random-seed</filename></para>
|
||||
+ <para><filename>/usr/lib/systemd/random-seed</filename></para>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
|
@ -0,0 +1,91 @@
|
|||
From 59e70293dbf06106c2f4a152f234581e284fae5f Mon Sep 17 00:00:00 2001
|
||||
From: Harald Hoyer <harald@hoyer.xyz>
|
||||
Date: Thu, 31 Aug 2017 15:33:33 +0200
|
||||
Subject: [PATCH] Load virtio_rng early in the game (#6710)
|
||||
|
||||
If true randomness is needed before udev is triggered, which would load
|
||||
virtio_rng, reading /dev/random takes forever and the boot stalls for a
|
||||
long time.
|
||||
|
||||
(cherry picked from commit 6c1f72f626355615daee0e5a7ef7044759251a23)
|
||||
---
|
||||
src/core/kmod-setup.c | 41 +++++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 41 insertions(+)
|
||||
|
||||
diff --git a/src/core/kmod-setup.c b/src/core/kmod-setup.c
|
||||
index fd1021f706..9f69a6d925 100644
|
||||
--- a/src/core/kmod-setup.c
|
||||
+++ b/src/core/kmod-setup.c
|
||||
@@ -17,6 +17,7 @@
|
||||
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
||||
***/
|
||||
|
||||
+#include <ftw.h>
|
||||
#include <string.h>
|
||||
#include <unistd.h>
|
||||
|
||||
@@ -24,10 +25,13 @@
|
||||
#include <libkmod.h>
|
||||
#endif
|
||||
|
||||
+#include "alloc-util.h"
|
||||
#include "bus-util.h"
|
||||
#include "capability-util.h"
|
||||
+#include "fileio.h"
|
||||
#include "kmod-setup.h"
|
||||
#include "macro.h"
|
||||
+#include "string-util.h"
|
||||
|
||||
#ifdef HAVE_KMOD
|
||||
static void systemd_kmod_log(
|
||||
@@ -45,6 +49,41 @@ static void systemd_kmod_log(
|
||||
}
|
||||
#endif
|
||||
|
||||
+static int has_virtio_rng_nftw_cb(
|
||||
+ const char *fpath,
|
||||
+ const struct stat *sb,
|
||||
+ int tflag,
|
||||
+ struct FTW *ftwbuf) {
|
||||
+
|
||||
+ _cleanup_free_ char *alias = NULL;
|
||||
+ int r;
|
||||
+
|
||||
+ if ((FTW_D == tflag) && (ftwbuf->level > 2))
|
||||
+ return FTW_SKIP_SUBTREE;
|
||||
+
|
||||
+ if (FTW_F != tflag)
|
||||
+ return FTW_CONTINUE;
|
||||
+
|
||||
+ if (!endswith(fpath, "/modalias"))
|
||||
+ return FTW_CONTINUE;
|
||||
+
|
||||
+ r = read_one_line_file(fpath, &alias);
|
||||
+ if (r < 0)
|
||||
+ return FTW_SKIP_SIBLINGS;
|
||||
+
|
||||
+ if (startswith(alias, "pci:v00001AF4d00001005"))
|
||||
+ return FTW_STOP;
|
||||
+
|
||||
+ if (startswith(alias, "pci:v00001AF4d00001044"))
|
||||
+ return FTW_STOP;
|
||||
+
|
||||
+ return FTW_SKIP_SIBLINGS;
|
||||
+}
|
||||
+
|
||||
+static bool has_virtio_rng(void) {
|
||||
+ return (nftw("/sys/devices/pci0000:00", has_virtio_rng_nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL) == FTW_STOP);
|
||||
+}
|
||||
+
|
||||
int kmod_setup(void) {
|
||||
#ifdef HAVE_KMOD
|
||||
|
||||
@@ -68,6 +107,8 @@ int kmod_setup(void) {
|
||||
/* netfilter is needed by networkd, nspawn among others, and cannot be autoloaded */
|
||||
{ "ip_tables", "/proc/net/ip_tables_names", false, false, NULL },
|
||||
#endif
|
||||
+ /* virtio_rng would be loaded by udev later, but real entropy might be needed very early */
|
||||
+ { "virtio_rng", NULL, false, false, has_virtio_rng },
|
||||
};
|
||||
struct kmod_ctx *ctx = NULL;
|
||||
unsigned int i;
|
|
@ -0,0 +1,76 @@
|
|||
From 2c655092f8cd7c20c4146254cb549ff9ba795fda Mon Sep 17 00:00:00 2001
|
||||
From: NeilBrown <neil@brown.name>
|
||||
Date: Mon, 4 Sep 2017 23:35:07 +1000
|
||||
Subject: [PATCH] tmpfiles: silently ignore any path that passes through autofs
|
||||
(#6506)
|
||||
|
||||
If a path passes though an autofs filesystem, then accessing
|
||||
the path might trigger and automount. As systemd-tmpfiles is run before
|
||||
the network is up, and as automounts are often used for networked
|
||||
filesystems, this can cause a deadlock.
|
||||
|
||||
So chase_symlinks is enhance to accept a new flag which tells it
|
||||
to check for autofs, and return -EREMOTE if autofs is found.
|
||||
|
||||
tmpfiles is changed to check just before acting on a path so that it
|
||||
can avoid autofs even if a symlink was created earlier by tmpfiles
|
||||
that would send this path through an autofs.
|
||||
|
||||
This fixes a deadlock that happens when /home is listed in /etc/fstab as
|
||||
x-systemd.automount for an NFS directory.
|
||||
|
||||
(cherry picked from commit 655f2da0790d0f8670f7a4c7da1833786ce0137e)
|
||||
---
|
||||
src/basic/fs-util.c | 4 ++++
|
||||
src/basic/fs-util.h | 1 +
|
||||
src/tmpfiles/tmpfiles.c | 3 +++
|
||||
3 files changed, 8 insertions(+)
|
||||
|
||||
diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c
|
||||
index 8fe19ee4e4..5b3bd0c45d 100644
|
||||
--- a/src/basic/fs-util.c
|
||||
+++ b/src/basic/fs-util.c
|
||||
@@ -23,6 +23,7 @@
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
#include <sys/stat.h>
|
||||
+#include <linux/magic.h>
|
||||
#include <time.h>
|
||||
#include <unistd.h>
|
||||
|
||||
@@ -721,6 +722,9 @@ int chase_symlinks(const char *path, const char *original_root, unsigned flags,
|
||||
|
||||
if (fstat(child, &st) < 0)
|
||||
return -errno;
|
||||
+ if ((flags & CHASE_NO_AUTOFS) &&
|
||||
+ fd_check_fstype(child, AUTOFS_SUPER_MAGIC) > 0)
|
||||
+ return -EREMOTE;
|
||||
|
||||
if (S_ISLNK(st.st_mode)) {
|
||||
char *joined;
|
||||
diff --git a/src/basic/fs-util.h b/src/basic/fs-util.h
|
||||
index 094acf1799..d3342d5cda 100644
|
||||
--- a/src/basic/fs-util.h
|
||||
+++ b/src/basic/fs-util.h
|
||||
@@ -81,6 +81,7 @@ int inotify_add_watch_fd(int fd, int what, uint32_t mask);
|
||||
enum {
|
||||
CHASE_PREFIX_ROOT = 1, /* If set, the specified path will be prefixed by the specified root before beginning the iteration */
|
||||
CHASE_NONEXISTENT = 2, /* If set, it's OK if the path doesn't actually exist. */
|
||||
+ CHASE_NO_AUTOFS = 4, /* If set, return -EREMOTE if autofs mount point found */
|
||||
};
|
||||
|
||||
int chase_symlinks(const char *path_with_prefix, const char *root, unsigned flags, char **ret);
|
||||
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
|
||||
index 0ee606fc30..be52398f5f 100644
|
||||
--- a/src/tmpfiles/tmpfiles.c
|
||||
+++ b/src/tmpfiles/tmpfiles.c
|
||||
@@ -1655,6 +1655,9 @@ static int process_item(Item *i) {
|
||||
}
|
||||
}
|
||||
|
||||
+ if (chase_symlinks(i->path, NULL, CHASE_NO_AUTOFS, NULL) == -EREMOTE)
|
||||
+ return t;
|
||||
+
|
||||
r = arg_create ? create_item(i) : 0;
|
||||
q = arg_remove ? remove_item(i) : 0;
|
||||
p = arg_clean ? clean_item(i) : 0;
|
|
@ -0,0 +1,36 @@
|
|||
From adc820ae57baf6d60884a5280cbb2f4842454131 Mon Sep 17 00:00:00 2001
|
||||
From: ettavolt <ettavolt@gmail.com>
|
||||
Date: Mon, 4 Sep 2017 16:36:52 +0300
|
||||
Subject: [PATCH] 6647 - use path_startswith("/dev") in cryptsetup (#6732)
|
||||
|
||||
For both key and partition paths.
|
||||
|
||||
(cherry picked from commit 048dd629c4590eefb2ebd6a316c7350ed3a6ff19)
|
||||
|
||||
This fixes https://github.com/systemd/systemd/issues/6647.
|
||||
---
|
||||
src/cryptsetup/cryptsetup-generator.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
|
||||
index f737f82b55..afc5d7cf49 100644
|
||||
--- a/src/cryptsetup/cryptsetup-generator.c
|
||||
+++ b/src/cryptsetup/cryptsetup-generator.c
|
||||
@@ -129,7 +129,7 @@ static int create_disk(
|
||||
|
||||
if (!path_equal(uu, "/dev/null")) {
|
||||
|
||||
- if (is_device_path(uu)) {
|
||||
+ if (path_startswith(uu, "/dev/")) {
|
||||
_cleanup_free_ char *dd = NULL;
|
||||
|
||||
r = unit_name_from_path(uu, ".device", &dd);
|
||||
@@ -143,7 +143,7 @@ static int create_disk(
|
||||
}
|
||||
}
|
||||
|
||||
- if (is_device_path(u)) {
|
||||
+ if (path_startswith(u, "/dev/")) {
|
||||
fprintf(f,
|
||||
"BindsTo=%s\n"
|
||||
"After=%s\n"
|
|
@ -0,0 +1,26 @@
|
|||
From 7fa052cef9680e30e07a74423c440a2b79e81916 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Fri, 1 Sep 2017 17:03:01 +0900
|
||||
Subject: [PATCH] systemd-mount: fix that wrong argument is used for
|
||||
arg_mount_what
|
||||
|
||||
(cherry picked from commit 4185da7c4daf32bd9b5809fd6de99e52cb903bba)
|
||||
---
|
||||
src/mount/mount-tool.c | 3 +--
|
||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/mount/mount-tool.c b/src/mount/mount-tool.c
|
||||
index ed6578d540..10bb5dda63 100644
|
||||
--- a/src/mount/mount-tool.c
|
||||
+++ b/src/mount/mount-tool.c
|
||||
@@ -344,9 +344,8 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
arg_mount_what = canonicalize_file_name(p);
|
||||
if (!arg_mount_what)
|
||||
return log_error_errno(errno, "Failed to canonicalize path: %m");
|
||||
-
|
||||
} else {
|
||||
- arg_mount_what = strdup(argv[optind+1]);
|
||||
+ arg_mount_what = strdup(argv[optind]);
|
||||
if (!arg_mount_what)
|
||||
return log_oom();
|
||||
|
|
@ -0,0 +1,90 @@
|
|||
From 3e8acdaf07d4f32b9df199d47b08f1ce67d27435 Mon Sep 17 00:00:00 2001
|
||||
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||
Date: Mon, 4 Sep 2017 10:55:51 +0900
|
||||
Subject: [PATCH] systemd-mount: allow to specify an arbitrary string for
|
||||
arg_mount_what when vfs is used
|
||||
|
||||
Fixes #6591.
|
||||
|
||||
(cherry picked from commit e2be442e791fa1150aa835c684acc6d7189de3e1)
|
||||
---
|
||||
src/basic/mount-util.c | 26 ++++++++++++++++++++++++++
|
||||
src/basic/mount-util.h | 1 +
|
||||
src/mount/mount-tool.c | 8 +++++++-
|
||||
3 files changed, 34 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/basic/mount-util.c b/src/basic/mount-util.c
|
||||
index 7b9400b47c..cff44116c8 100644
|
||||
--- a/src/basic/mount-util.c
|
||||
+++ b/src/basic/mount-util.c
|
||||
@@ -552,6 +552,32 @@ bool fstype_is_network(const char *fstype) {
|
||||
return nulstr_contains(table, fstype);
|
||||
}
|
||||
|
||||
+bool fstype_is_api_vfs(const char *fstype) {
|
||||
+ static const char table[] =
|
||||
+ "autofs\0"
|
||||
+ "bpf\0"
|
||||
+ "cgroup\0"
|
||||
+ "cgroup2\0"
|
||||
+ "configfs\0"
|
||||
+ "cpuset\0"
|
||||
+ "debugfs\0"
|
||||
+ "devpts\0"
|
||||
+ "devtmpfs\0"
|
||||
+ "efivarfs\0"
|
||||
+ "hugetlbfs\0"
|
||||
+ "mqueue\0"
|
||||
+ "proc\0"
|
||||
+ "pstore\0"
|
||||
+ "ramfs\0"
|
||||
+ "securityfs\0"
|
||||
+ "sysfs\0"
|
||||
+ "tmpfs\0"
|
||||
+ "tracefs\0"
|
||||
+ ;
|
||||
+
|
||||
+ return nulstr_contains(table, fstype);
|
||||
+}
|
||||
+
|
||||
int repeat_unmount(const char *path, int flags) {
|
||||
bool done = false;
|
||||
|
||||
diff --git a/src/basic/mount-util.h b/src/basic/mount-util.h
|
||||
index 2e24a184c5..70af11c2ff 100644
|
||||
--- a/src/basic/mount-util.h
|
||||
+++ b/src/basic/mount-util.h
|
||||
@@ -44,6 +44,7 @@ DEFINE_TRIVIAL_CLEANUP_FUNC(FILE*, endmntent);
|
||||
#define _cleanup_endmntent_ _cleanup_(endmntentp)
|
||||
|
||||
bool fstype_is_network(const char *fstype);
|
||||
+bool fstype_is_api_vfs(const char *fstype);
|
||||
|
||||
union file_handle_union {
|
||||
struct file_handle handle;
|
||||
diff --git a/src/mount/mount-tool.c b/src/mount/mount-tool.c
|
||||
index 10bb5dda63..3c974addda 100644
|
||||
--- a/src/mount/mount-tool.c
|
||||
+++ b/src/mount/mount-tool.c
|
||||
@@ -30,6 +30,7 @@
|
||||
#include "fd-util.h"
|
||||
#include "fileio.h"
|
||||
#include "fstab-util.h"
|
||||
+#include "mount-util.h"
|
||||
#include "pager.h"
|
||||
#include "parse-util.h"
|
||||
#include "path-util.h"
|
||||
@@ -330,7 +331,12 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
- if (arg_transport == BUS_TRANSPORT_LOCAL) {
|
||||
+ if (arg_mount_type && (fstype_is_api_vfs(arg_mount_type) || fstype_is_network(arg_mount_type))) {
|
||||
+ arg_mount_what = strdup(argv[optind]);
|
||||
+ if (!arg_mount_what)
|
||||
+ return log_oom();
|
||||
+
|
||||
+ } else if (arg_transport == BUS_TRANSPORT_LOCAL) {
|
||||
_cleanup_free_ char *u = NULL, *p = NULL;
|
||||
|
||||
u = fstab_node_to_udev_node(argv[optind]);
|
|
@ -0,0 +1,83 @@
|
|||
From 55a2b3a6031502c97cb467f1bfd5ddc86f7ac408 Mon Sep 17 00:00:00 2001
|
||||
From: Benjamin Berg <bberg@redhat.com>
|
||||
Date: Thu, 31 Aug 2017 17:34:08 +0200
|
||||
Subject: [PATCH] rfkill: Lookup device in determine_state_file
|
||||
|
||||
None of the callers actually need the device itself. So it makes sense
|
||||
to do the lookup inside determine_state_file instead.
|
||||
|
||||
(cherry picked from commit 8e707663135d28176163c9363c558ecac17c9ddb)
|
||||
---
|
||||
src/rfkill/rfkill.c | 21 +++++++--------------
|
||||
1 file changed, 7 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/src/rfkill/rfkill.c b/src/rfkill/rfkill.c
|
||||
index 470853d1d2..3adbd20d8b 100644
|
||||
--- a/src/rfkill/rfkill.c
|
||||
+++ b/src/rfkill/rfkill.c
|
||||
@@ -162,18 +162,21 @@ static int wait_for_initialized(
|
||||
static int determine_state_file(
|
||||
struct udev *udev,
|
||||
const struct rfkill_event *event,
|
||||
- struct udev_device *d,
|
||||
char **ret) {
|
||||
|
||||
+ _cleanup_udev_device_unref_ struct udev_device *d = NULL;
|
||||
_cleanup_udev_device_unref_ struct udev_device *device = NULL;
|
||||
const char *path_id, *type;
|
||||
char *state_file;
|
||||
int r;
|
||||
|
||||
assert(event);
|
||||
- assert(d);
|
||||
assert(ret);
|
||||
|
||||
+ r = find_device(udev, event, &d);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
r = wait_for_initialized(udev, d, &device);
|
||||
if (r < 0)
|
||||
return r;
|
||||
@@ -204,7 +207,6 @@ static int load_state(
|
||||
struct udev *udev,
|
||||
const struct rfkill_event *event) {
|
||||
|
||||
- _cleanup_udev_device_unref_ struct udev_device *device = NULL;
|
||||
_cleanup_free_ char *state_file = NULL, *value = NULL;
|
||||
struct rfkill_event we;
|
||||
ssize_t l;
|
||||
@@ -217,11 +219,7 @@ static int load_state(
|
||||
if (shall_restore_state() == 0)
|
||||
return 0;
|
||||
|
||||
- r = find_device(udev, event, &device);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
-
|
||||
- r = determine_state_file(udev, event, device, &state_file);
|
||||
+ r = determine_state_file(udev, event, &state_file);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
@@ -266,7 +264,6 @@ static int save_state(
|
||||
struct udev *udev,
|
||||
const struct rfkill_event *event) {
|
||||
|
||||
- _cleanup_udev_device_unref_ struct udev_device *device = NULL;
|
||||
_cleanup_free_ char *state_file = NULL;
|
||||
int r;
|
||||
|
||||
@@ -274,11 +271,7 @@ static int save_state(
|
||||
assert(udev);
|
||||
assert(event);
|
||||
|
||||
- r = find_device(udev, event, &device);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
-
|
||||
- r = determine_state_file(udev, event, device, &state_file);
|
||||
+ r = determine_state_file(udev, event, &state_file);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
|
@ -0,0 +1,191 @@
|
|||
From a43c13e3cafe4f4499f81014cbbf6bd8a4d4712b Mon Sep 17 00:00:00 2001
|
||||
From: Benjamin Berg <bberg@redhat.com>
|
||||
Date: Thu, 31 Aug 2017 17:36:37 +0200
|
||||
Subject: [PATCH] rfkill: Delay writes until exit (#5768)
|
||||
|
||||
On thinkpads there are two rfkill devices for bluetooth. The first is an
|
||||
ACPI switch which powers down the USB dongle and the second one is the
|
||||
USB dongle itself. So when userspace decides to enable rfkill on all
|
||||
devices systemd would randomly save the soft block state of the USB
|
||||
dongle. This later causes issue when re-enabling the devie as
|
||||
systemd-rfkill would put the USB dongle into soft block state right
|
||||
after the ACPI rfkill switch is unblocked by userspace.
|
||||
|
||||
The simple way to avoid this is to not store rfkill changes for devices
|
||||
that disappear shortly after. That way only the "main" ACPI switch will
|
||||
get stored and systemd-rfkill will not end up blocking the device right
|
||||
after it is being added back again.
|
||||
|
||||
(cherry picked from commit 202cb8c396deb90f841359054ca19f1c47fc8604)
|
||||
---
|
||||
src/rfkill/rfkill.c | 104 +++++++++++++++++++++++++++++++++++++++++++++++++---
|
||||
1 file changed, 99 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/rfkill/rfkill.c b/src/rfkill/rfkill.c
|
||||
index 3adbd20d8b..c934b70156 100644
|
||||
--- a/src/rfkill/rfkill.c
|
||||
+++ b/src/rfkill/rfkill.c
|
||||
@@ -35,9 +35,27 @@
|
||||
#include "string-util.h"
|
||||
#include "udev-util.h"
|
||||
#include "util.h"
|
||||
+#include "list.h"
|
||||
|
||||
+/* Note that any write is delayed until exit and the rfkill state will not be
|
||||
+ * stored for rfkill indices that disappear after a change. */
|
||||
#define EXIT_USEC (5 * USEC_PER_SEC)
|
||||
|
||||
+typedef struct write_queue_item {
|
||||
+ LIST_FIELDS(struct write_queue_item, queue);
|
||||
+ int rfkill_idx;
|
||||
+ char *file;
|
||||
+ int state;
|
||||
+} write_queue_item;
|
||||
+
|
||||
+static void write_queue_item_free(struct write_queue_item *item)
|
||||
+{
|
||||
+ assert(item);
|
||||
+
|
||||
+ free(item->file);
|
||||
+ free(item);
|
||||
+}
|
||||
+
|
||||
static const char* const rfkill_type_table[NUM_RFKILL_TYPES] = {
|
||||
[RFKILL_TYPE_ALL] = "all",
|
||||
[RFKILL_TYPE_WLAN] = "wlan",
|
||||
@@ -259,12 +277,30 @@ static int load_state(
|
||||
return 0;
|
||||
}
|
||||
|
||||
-static int save_state(
|
||||
+static void save_state_queue_remove(
|
||||
+ struct write_queue_item **write_queue,
|
||||
+ int idx,
|
||||
+ char *state_file) {
|
||||
+
|
||||
+ struct write_queue_item *item, *tmp;
|
||||
+
|
||||
+ LIST_FOREACH_SAFE(queue, item, tmp, *write_queue) {
|
||||
+ if ((state_file && streq(item->file, state_file)) || idx == item->rfkill_idx) {
|
||||
+ log_debug("Canceled previous save state of '%s' to %s.", one_zero(item->state), item->file);
|
||||
+ LIST_REMOVE(queue, *write_queue, item);
|
||||
+ write_queue_item_free(item);
|
||||
+ }
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+static int save_state_queue(
|
||||
+ struct write_queue_item **write_queue,
|
||||
int rfkill_fd,
|
||||
struct udev *udev,
|
||||
const struct rfkill_event *event) {
|
||||
|
||||
_cleanup_free_ char *state_file = NULL;
|
||||
+ struct write_queue_item *item;
|
||||
int r;
|
||||
|
||||
assert(rfkill_fd >= 0);
|
||||
@@ -274,16 +310,69 @@ static int save_state(
|
||||
r = determine_state_file(udev, event, &state_file);
|
||||
if (r < 0)
|
||||
return r;
|
||||
+ save_state_queue_remove(write_queue, event->idx, state_file);
|
||||
+
|
||||
+ item = new0(struct write_queue_item, 1);
|
||||
+ if (!item)
|
||||
+ return -ENOMEM;
|
||||
|
||||
- r = write_string_file(state_file, one_zero(event->soft), WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC);
|
||||
+ item->file = state_file;
|
||||
+ item->rfkill_idx = event->idx;
|
||||
+ item->state = event->soft;
|
||||
+ state_file = NULL;
|
||||
+
|
||||
+ LIST_APPEND(queue, *write_queue, item);
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static int save_state_cancel(
|
||||
+ struct write_queue_item **write_queue,
|
||||
+ int rfkill_fd,
|
||||
+ struct udev *udev,
|
||||
+ const struct rfkill_event *event) {
|
||||
+
|
||||
+ _cleanup_free_ char *state_file = NULL;
|
||||
+ int r;
|
||||
+
|
||||
+ assert(rfkill_fd >= 0);
|
||||
+ assert(udev);
|
||||
+ assert(event);
|
||||
+
|
||||
+ r = determine_state_file(udev, event, &state_file);
|
||||
+ save_state_queue_remove(write_queue, event->idx, state_file);
|
||||
if (r < 0)
|
||||
- return log_error_errno(r, "Failed to write state file %s: %m", state_file);
|
||||
+ return r;
|
||||
|
||||
- log_debug("Saved state '%s' to %s.", one_zero(event->soft), state_file);
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static int save_state_write(struct write_queue_item **write_queue) {
|
||||
+ struct write_queue_item *item, *tmp;
|
||||
+ int result = 0;
|
||||
+ bool error_logged = false;
|
||||
+ int r;
|
||||
+
|
||||
+ LIST_FOREACH_SAFE(queue, item, tmp, *write_queue) {
|
||||
+ r = write_string_file(item->file, one_zero(item->state), WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC);
|
||||
+ if (r < 0) {
|
||||
+ result = r;
|
||||
+ if (!error_logged) {
|
||||
+ log_error_errno(r, "Failed to write state file %s: %m", item->file);
|
||||
+ error_logged = true;
|
||||
+ } else
|
||||
+ log_warning_errno(r, "Failed to write state file %s: %m", item->file);
|
||||
+ } else
|
||||
+ log_debug("Saved state '%s' to %s.", one_zero(item->state), item->file);
|
||||
+
|
||||
+ LIST_REMOVE(queue, *write_queue, item);
|
||||
+ write_queue_item_free(item);
|
||||
+ }
|
||||
+ return result;
|
||||
+}
|
||||
+
|
||||
int main(int argc, char *argv[]) {
|
||||
+ LIST_HEAD(write_queue_item, write_queue);
|
||||
_cleanup_udev_unref_ struct udev *udev = NULL;
|
||||
_cleanup_close_ int rfkill_fd = -1;
|
||||
bool ready = false;
|
||||
@@ -294,6 +383,8 @@ int main(int argc, char *argv[]) {
|
||||
return EXIT_FAILURE;
|
||||
}
|
||||
|
||||
+ LIST_HEAD_INIT(write_queue);
|
||||
+
|
||||
log_set_target(LOG_TARGET_AUTO);
|
||||
log_parse_environment();
|
||||
log_open();
|
||||
@@ -403,11 +494,12 @@ int main(int argc, char *argv[]) {
|
||||
|
||||
case RFKILL_OP_DEL:
|
||||
log_debug("An rfkill device has been removed with index %i and type %s", event.idx, type);
|
||||
+ (void) save_state_cancel(&write_queue, rfkill_fd, udev, &event);
|
||||
break;
|
||||
|
||||
case RFKILL_OP_CHANGE:
|
||||
log_debug("An rfkill device has changed state with index %i and type %s", event.idx, type);
|
||||
- (void) save_state(rfkill_fd, udev, &event);
|
||||
+ (void) save_state_queue(&write_queue, rfkill_fd, udev, &event);
|
||||
break;
|
||||
|
||||
default:
|
||||
@@ -419,5 +511,7 @@ int main(int argc, char *argv[]) {
|
||||
r = 0;
|
||||
|
||||
finish:
|
||||
+ (void) save_state_write(&write_queue);
|
||||
+
|
||||
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
|
||||
}
|
|
@ -0,0 +1,36 @@
|
|||
From 6aaee522ca978f2982e630508d7e14dc28d74907 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sat, 2 Sep 2017 17:37:08 +0300
|
||||
Subject: [PATCH] systemctl: check existence of all units, not just the first
|
||||
one
|
||||
|
||||
(cherry picked from commit f8d6cb48a363ddae6fab50636ccc433b5f4dd604)
|
||||
---
|
||||
src/systemctl/systemctl.c | 14 +++++++++-----
|
||||
1 file changed, 9 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
|
||||
index 83ed9ef9f7..a1b956111b 100644
|
||||
--- a/src/systemctl/systemctl.c
|
||||
+++ b/src/systemctl/systemctl.c
|
||||
@@ -6201,11 +6201,15 @@ static int enable_unit(int argc, char *argv[], void *userdata) {
|
||||
sd_bus *bus;
|
||||
|
||||
if (STR_IN_SET(verb, "mask", "unmask")) {
|
||||
- r = unit_exists(*names);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
- if (r == 0)
|
||||
- log_notice("Unit %s does not exist, proceeding anyway.", *names);
|
||||
+ char **name;
|
||||
+
|
||||
+ STRV_FOREACH(name, names) {
|
||||
+ r = unit_exists(*name);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+ if (r == 0)
|
||||
+ log_notice("Unit %s does not exist, proceeding anyway.", *names);
|
||||
+ }
|
||||
}
|
||||
|
||||
r = acquire_bus(BUS_MANAGER, &bus);
|
|
@ -0,0 +1,151 @@
|
|||
From 332a9f7e0105d223aed58e9b6504ec78bd22328c Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sun, 3 Sep 2017 17:45:54 +0300
|
||||
Subject: [PATCH] systemctl: fix masking of template units
|
||||
|
||||
systemctl would try to load the properties of the unit, which is impossible
|
||||
for template names, and the whole operation would fail. It seems that this
|
||||
regression was introduced in 00c83b430020914499bebf22be6b258f518ae291.
|
||||
|
||||
Export the part of unit_find_paths() responsible for locating instance unit
|
||||
fragments and reuse it from unit_exists() to fix the handling of template
|
||||
units.
|
||||
|
||||
Fixes #6412.
|
||||
|
||||
(cherry picked from commit 173471b771a52baa7f705019600956e875b0cb9a)
|
||||
---
|
||||
src/systemctl/systemctl.c | 68 ++++++++++++++++++++++++++++++++++-------------
|
||||
1 file changed, 49 insertions(+), 19 deletions(-)
|
||||
|
||||
diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c
|
||||
index a1b956111b..a5f248e865 100644
|
||||
--- a/src/systemctl/systemctl.c
|
||||
+++ b/src/systemctl/systemctl.c
|
||||
@@ -2480,7 +2480,6 @@ static int unit_file_find_path(LookupPaths *lp, const char *unit_name, char **un
|
||||
|
||||
assert(lp);
|
||||
assert(unit_name);
|
||||
- assert(unit_path);
|
||||
|
||||
STRV_FOREACH(p, lp->search_path) {
|
||||
_cleanup_free_ char *path = NULL, *lpath = NULL;
|
||||
@@ -2498,14 +2497,48 @@ static int unit_file_find_path(LookupPaths *lp, const char *unit_name, char **un
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to access path '%s': %m", path);
|
||||
|
||||
- *unit_path = lpath;
|
||||
- lpath = NULL;
|
||||
+ if (unit_path) {
|
||||
+ *unit_path = lpath;
|
||||
+ lpath = NULL;
|
||||
+ }
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static int unit_find_template_path(
|
||||
+ const char *unit_name,
|
||||
+ LookupPaths *lp,
|
||||
+ char **fragment_path,
|
||||
+ char **template) {
|
||||
+
|
||||
+ _cleanup_free_ char *_template = NULL;
|
||||
+ int r;
|
||||
+
|
||||
+ /* Returns 1 if a fragment was found, 0 if not found, negative on error. */
|
||||
+
|
||||
+ r = unit_file_find_path(lp, unit_name, fragment_path);
|
||||
+ if (r != 0)
|
||||
+ return r; /* error or found a real unit */
|
||||
+
|
||||
+ r = unit_name_template(unit_name, &_template);
|
||||
+ if (r == -EINVAL)
|
||||
+ return 0; /* not a template, does not exist */
|
||||
+ if (r < 0)
|
||||
+ return log_error_errno(r, "Failed to determine template name: %m");
|
||||
+
|
||||
+ r = unit_file_find_path(lp, _template, fragment_path);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
+ if (template) {
|
||||
+ *template = _template;
|
||||
+ _template = NULL;
|
||||
+ }
|
||||
+ return r;
|
||||
+}
|
||||
+
|
||||
static int unit_find_paths(
|
||||
sd_bus *bus,
|
||||
const char *unit_name,
|
||||
@@ -2561,29 +2594,18 @@ static int unit_find_paths(
|
||||
return log_error_errno(r, "Failed to get DropInPaths: %s", bus_error_message(&error, r));
|
||||
}
|
||||
} else {
|
||||
- _cleanup_set_free_ Set *names;
|
||||
+ _cleanup_set_free_ Set *names = NULL;
|
||||
_cleanup_free_ char *template = NULL;
|
||||
|
||||
names = set_new(NULL);
|
||||
if (!names)
|
||||
return log_oom();
|
||||
|
||||
- r = unit_file_find_path(lp, unit_name, &path);
|
||||
+ r = unit_find_template_path(unit_name, lp, &path, &template);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
- if (r == 0) {
|
||||
- r = unit_name_template(unit_name, &template);
|
||||
- if (r < 0 && r != -EINVAL)
|
||||
- return log_error_errno(r, "Failed to determine template name: %m");
|
||||
- if (r >= 0) {
|
||||
- r = unit_file_find_path(lp, template, &path);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- if (path)
|
||||
+ if (r > 0)
|
||||
/* We found the unit file. If we followed symlinks, this name might be
|
||||
* different then the unit_name with started with. Look for dropins matching
|
||||
* that "final" name. */
|
||||
@@ -6084,7 +6106,7 @@ static int normalize_names(char **names, bool warn_if_path) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
-static int unit_exists(const char *unit) {
|
||||
+static int unit_exists(LookupPaths *lp, const char *unit) {
|
||||
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
|
||||
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
|
||||
_cleanup_free_ char *path = NULL;
|
||||
@@ -6097,6 +6119,9 @@ static int unit_exists(const char *unit) {
|
||||
sd_bus *bus;
|
||||
int r;
|
||||
|
||||
+ if (unit_name_is_valid(unit, UNIT_NAME_TEMPLATE))
|
||||
+ return unit_find_template_path(unit, lp, NULL, NULL);
|
||||
+
|
||||
path = unit_dbus_path_from_name(unit);
|
||||
if (!path)
|
||||
return log_oom();
|
||||
@@ -6202,9 +6227,14 @@ static int enable_unit(int argc, char *argv[], void *userdata) {
|
||||
|
||||
if (STR_IN_SET(verb, "mask", "unmask")) {
|
||||
char **name;
|
||||
+ _cleanup_lookup_paths_free_ LookupPaths lp = {};
|
||||
+
|
||||
+ r = lookup_paths_init(&lp, arg_scope, 0, arg_root);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
|
||||
STRV_FOREACH(name, names) {
|
||||
- r = unit_exists(*name);
|
||||
+ r = unit_exists(&lp, *name);
|
||||
if (r < 0)
|
||||
return r;
|
||||
if (r == 0)
|
|
@ -0,0 +1,30 @@
|
|||
From 18647aa3d8f3ef8033cba55384d297d7ef8f3d9c Mon Sep 17 00:00:00 2001
|
||||
From: juga0 <juga@riseup.net>
|
||||
Date: Tue, 5 Sep 2017 10:26:32 +0000
|
||||
Subject: [PATCH] networkd: send dhcp option NTP when UseNTP is true (#6726)
|
||||
|
||||
(cherry picked from commit ead36ce651955999e7cf1f6167aa0065f8cd5f3f)
|
||||
---
|
||||
src/network/networkd-dhcp4.c | 9 +++++----
|
||||
1 file changed, 5 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c
|
||||
index 77771688e1..84a25b1a03 100644
|
||||
--- a/src/network/networkd-dhcp4.c
|
||||
+++ b/src/network/networkd-dhcp4.c
|
||||
@@ -635,10 +635,11 @@ int dhcp4_configure(Link *link) {
|
||||
return r;
|
||||
}
|
||||
|
||||
- /* Always acquire the timezone and NTP */
|
||||
- r = sd_dhcp_client_set_request_option(link->dhcp_client, SD_DHCP_OPTION_NTP_SERVER);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
+ if (link->network->dhcp_use_ntp) {
|
||||
+ r = sd_dhcp_client_set_request_option(link->dhcp_client, SD_DHCP_OPTION_NTP_SERVER);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+ }
|
||||
|
||||
r = sd_dhcp_client_set_request_option(link->dhcp_client, SD_DHCP_OPTION_NEW_TZDB_TIMEZONE);
|
||||
if (r < 0)
|
|
@ -0,0 +1,30 @@
|
|||
From 63f2647249e5d55e6ae62c484d70690aedd41a41 Mon Sep 17 00:00:00 2001
|
||||
From: juga0 <juga@riseup.net>
|
||||
Date: Wed, 6 Sep 2017 08:10:50 +0000
|
||||
Subject: [PATCH] networkd: send dhcp timezone option when UseTimezone is true
|
||||
(#6725)
|
||||
|
||||
(cherry picked from commit 89573b3728fc14033b99fc69f3f6181be9c8c6be)
|
||||
---
|
||||
src/network/networkd-dhcp4.c | 8 +++++---
|
||||
1 file changed, 5 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/network/networkd-dhcp4.c b/src/network/networkd-dhcp4.c
|
||||
index 84a25b1a03..546c90b6bb 100644
|
||||
--- a/src/network/networkd-dhcp4.c
|
||||
+++ b/src/network/networkd-dhcp4.c
|
||||
@@ -641,9 +641,11 @@ int dhcp4_configure(Link *link) {
|
||||
return r;
|
||||
}
|
||||
|
||||
- r = sd_dhcp_client_set_request_option(link->dhcp_client, SD_DHCP_OPTION_NEW_TZDB_TIMEZONE);
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
+ if (link->network->dhcp_use_timezone) {
|
||||
+ r = sd_dhcp_client_set_request_option(link->dhcp_client, SD_DHCP_OPTION_NEW_TZDB_TIMEZONE);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+ }
|
||||
|
||||
r = dhcp4_set_hostname(link);
|
||||
if (r < 0)
|
|
@ -0,0 +1,28 @@
|
|||
From b2403e6ea4cd04e3624d4ae4f7f2d7dde98f23dd Mon Sep 17 00:00:00 2001
|
||||
From: Kai-Heng Feng <kaihengfeng@gmail.com>
|
||||
Date: Fri, 8 Sep 2017 20:25:44 +0800
|
||||
Subject: [PATCH] journalctl: honor --quiet when vacuuming (#6771)
|
||||
|
||||
'journalctl --vacuum-*' does not suppress output message with --quiet.
|
||||
|
||||
Let journal_directory_vacuum honors --quiet to fix the problem.
|
||||
|
||||
BugLink: https://bugs.launchpad.net/bugs/1692188
|
||||
(cherry picked from commit e3695e499a54071aa5fa3b79bdbff0be2c528204)
|
||||
---
|
||||
src/journal/journalctl.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
|
||||
index 2313c8c678..1bb4d89159 100644
|
||||
--- a/src/journal/journalctl.c
|
||||
+++ b/src/journal/journalctl.c
|
||||
@@ -2170,7 +2170,7 @@ int main(int argc, char *argv[]) {
|
||||
if (d->is_root)
|
||||
continue;
|
||||
|
||||
- q = journal_directory_vacuum(d->path, arg_vacuum_size, arg_vacuum_n_files, arg_vacuum_time, NULL, true);
|
||||
+ q = journal_directory_vacuum(d->path, arg_vacuum_size, arg_vacuum_n_files, arg_vacuum_time, NULL, !arg_quiet);
|
||||
if (q < 0) {
|
||||
log_error_errno(q, "Failed to vacuum %s: %m", d->path);
|
||||
r = q;
|
|
@ -0,0 +1,45 @@
|
|||
From 21879b710e669f9965650bcafa8d504e617fd7ee Mon Sep 17 00:00:00 2001
|
||||
From: Michal Sekletar <msekletar@users.noreply.github.com>
|
||||
Date: Fri, 8 Sep 2017 15:41:44 +0200
|
||||
Subject: [PATCH] manager: when reexecuting try to connect to bus only when
|
||||
dbus.service is around (#6773)
|
||||
|
||||
Trying to connect otherwise is pointless, because if socket isn't around
|
||||
we won't connect. However, when dbus.socket is present we attempt to
|
||||
connect. That attempt can't succeed because we are then supposed
|
||||
to activate dbus.service as a response to connection from
|
||||
us. This results in deadlock.
|
||||
|
||||
Fixes #6303
|
||||
|
||||
(cherry picked from commit 5463fa0a88f95d2002858592578f9bf4e0d2660a)
|
||||
---
|
||||
src/core/manager.c | 8 ++++++--
|
||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/core/manager.c b/src/core/manager.c
|
||||
index 283720750f..482eab0f19 100644
|
||||
--- a/src/core/manager.c
|
||||
+++ b/src/core/manager.c
|
||||
@@ -880,15 +880,19 @@ static int manager_setup_user_lookup_fd(Manager *m) {
|
||||
|
||||
static int manager_connect_bus(Manager *m, bool reexecuting) {
|
||||
bool try_bus_connect;
|
||||
+ Unit *u = NULL;
|
||||
|
||||
assert(m);
|
||||
|
||||
if (m->test_run)
|
||||
return 0;
|
||||
|
||||
+ u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
|
||||
+
|
||||
try_bus_connect =
|
||||
- reexecuting ||
|
||||
- (MANAGER_IS_USER(m) && getenv("DBUS_SESSION_BUS_ADDRESS"));
|
||||
+ (u && UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) &&
|
||||
+ (reexecuting ||
|
||||
+ (MANAGER_IS_USER(m) && getenv("DBUS_SESSION_BUS_ADDRESS")));
|
||||
|
||||
/* Try to connect to the buses, if possible. */
|
||||
return bus_init(m, try_bus_connect);
|
|
@ -0,0 +1,28 @@
|
|||
From ab76f797e85ba755f02db58f18b455c46dfed12a Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 8 Sep 2017 17:34:11 +0200
|
||||
Subject: [PATCH] efivars: don't crash when somebody wants to remove an efi
|
||||
variable
|
||||
|
||||
This corrects b3c908b4a230c5cca0dcdd7e94d02ec54a298abf by allowing a
|
||||
NULL value again for variable deletion.
|
||||
|
||||
Fixes: #6753
|
||||
(cherry picked from commit e1e26566ec60aa66a3c21682322ebc376df609b2)
|
||||
---
|
||||
src/shared/efivars.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/shared/efivars.c b/src/shared/efivars.c
|
||||
index 8229e6b183..2503346610 100644
|
||||
--- a/src/shared/efivars.c
|
||||
+++ b/src/shared/efivars.c
|
||||
@@ -269,7 +269,7 @@ int efi_set_variable(
|
||||
_cleanup_close_ int fd = -1;
|
||||
|
||||
assert(name);
|
||||
- assert(value);
|
||||
+ assert(value || size == 0);
|
||||
|
||||
if (asprintf(&p,
|
||||
"/sys/firmware/efi/efivars/%s-%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
|
|
@ -0,0 +1,310 @@
|
|||
From cd7bcbfad5c1319f8c7a9f74c2649ace096f6e2a Mon Sep 17 00:00:00 2001
|
||||
From: Franck Bui <fbui@suse.com>
|
||||
Date: Wed, 13 Sep 2017 11:47:15 +0200
|
||||
Subject: [PATCH] util: make get_block_device() available
|
||||
|
||||
(cherry picked from commit c43b2b9c71e6e5f9af90ca178674d248acb0b9fc)
|
||||
---
|
||||
src/basic/util.c | 131 ++++++++++++++++++++++++++++
|
||||
src/basic/util.h | 3 +
|
||||
src/gpt-auto-generator/gpt-auto-generator.c | 130 ---------------------------
|
||||
3 files changed, 134 insertions(+), 130 deletions(-)
|
||||
|
||||
diff --git a/src/basic/util.c b/src/basic/util.c
|
||||
index b52a5db31b..6cbb58bdea 100644
|
||||
--- a/src/basic/util.c
|
||||
+++ b/src/basic/util.c
|
||||
@@ -34,6 +34,7 @@
|
||||
#include <unistd.h>
|
||||
|
||||
#include "alloc-util.h"
|
||||
+#include "btrfs-util.h"
|
||||
#include "build.h"
|
||||
#include "cgroup-util.h"
|
||||
#include "def.h"
|
||||
@@ -719,3 +720,133 @@ int version(void) {
|
||||
SYSTEMD_FEATURES);
|
||||
return 0;
|
||||
}
|
||||
+
|
||||
+int get_block_device(const char *path, dev_t *dev) {
|
||||
+ struct stat st;
|
||||
+ struct statfs sfs;
|
||||
+
|
||||
+ assert(path);
|
||||
+ assert(dev);
|
||||
+
|
||||
+ /* Get's the block device directly backing a file system. If
|
||||
+ * the block device is encrypted, returns the device mapper
|
||||
+ * block device. */
|
||||
+
|
||||
+ if (lstat(path, &st))
|
||||
+ return -errno;
|
||||
+
|
||||
+ if (major(st.st_dev) != 0) {
|
||||
+ *dev = st.st_dev;
|
||||
+ return 1;
|
||||
+ }
|
||||
+
|
||||
+ if (statfs(path, &sfs) < 0)
|
||||
+ return -errno;
|
||||
+
|
||||
+ if (F_TYPE_EQUAL(sfs.f_type, BTRFS_SUPER_MAGIC))
|
||||
+ return btrfs_get_block_device(path, dev);
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+int get_block_device_harder(const char *path, dev_t *dev) {
|
||||
+ _cleanup_closedir_ DIR *d = NULL;
|
||||
+ _cleanup_free_ char *p = NULL, *t = NULL;
|
||||
+ struct dirent *de, *found = NULL;
|
||||
+ const char *q;
|
||||
+ unsigned maj, min;
|
||||
+ dev_t dt;
|
||||
+ int r;
|
||||
+
|
||||
+ assert(path);
|
||||
+ assert(dev);
|
||||
+
|
||||
+ /* Gets the backing block device for a file system, and
|
||||
+ * handles LUKS encrypted file systems, looking for its
|
||||
+ * immediate parent, if there is one. */
|
||||
+
|
||||
+ r = get_block_device(path, &dt);
|
||||
+ if (r <= 0)
|
||||
+ return r;
|
||||
+
|
||||
+ if (asprintf(&p, "/sys/dev/block/%u:%u/slaves", major(dt), minor(dt)) < 0)
|
||||
+ return -ENOMEM;
|
||||
+
|
||||
+ d = opendir(p);
|
||||
+ if (!d) {
|
||||
+ if (errno == ENOENT)
|
||||
+ goto fallback;
|
||||
+
|
||||
+ return -errno;
|
||||
+ }
|
||||
+
|
||||
+ FOREACH_DIRENT_ALL(de, d, return -errno) {
|
||||
+
|
||||
+ if (dot_or_dot_dot(de->d_name))
|
||||
+ continue;
|
||||
+
|
||||
+ if (!IN_SET(de->d_type, DT_LNK, DT_UNKNOWN))
|
||||
+ continue;
|
||||
+
|
||||
+ if (found) {
|
||||
+ _cleanup_free_ char *u = NULL, *v = NULL, *a = NULL, *b = NULL;
|
||||
+
|
||||
+ /* We found a device backed by multiple other devices. We don't really support automatic
|
||||
+ * discovery on such setups, with the exception of dm-verity partitions. In this case there are
|
||||
+ * two backing devices: the data partition and the hash partition. We are fine with such
|
||||
+ * setups, however, only if both partitions are on the same physical device. Hence, let's
|
||||
+ * verify this. */
|
||||
+
|
||||
+ u = strjoin(p, "/", de->d_name, "/../dev");
|
||||
+ if (!u)
|
||||
+ return -ENOMEM;
|
||||
+
|
||||
+ v = strjoin(p, "/", found->d_name, "/../dev");
|
||||
+ if (!v)
|
||||
+ return -ENOMEM;
|
||||
+
|
||||
+ r = read_one_line_file(u, &a);
|
||||
+ if (r < 0) {
|
||||
+ log_debug_errno(r, "Failed to read %s: %m", u);
|
||||
+ goto fallback;
|
||||
+ }
|
||||
+
|
||||
+ r = read_one_line_file(v, &b);
|
||||
+ if (r < 0) {
|
||||
+ log_debug_errno(r, "Failed to read %s: %m", v);
|
||||
+ goto fallback;
|
||||
+ }
|
||||
+
|
||||
+ /* Check if the parent device is the same. If not, then the two backing devices are on
|
||||
+ * different physical devices, and we don't support that. */
|
||||
+ if (!streq(a, b))
|
||||
+ goto fallback;
|
||||
+ }
|
||||
+
|
||||
+ found = de;
|
||||
+ }
|
||||
+
|
||||
+ if (!found)
|
||||
+ goto fallback;
|
||||
+
|
||||
+ q = strjoina(p, "/", found->d_name, "/dev");
|
||||
+
|
||||
+ r = read_one_line_file(q, &t);
|
||||
+ if (r == -ENOENT)
|
||||
+ goto fallback;
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
+ if (sscanf(t, "%u:%u", &maj, &min) != 2)
|
||||
+ return -EINVAL;
|
||||
+
|
||||
+ if (maj == 0)
|
||||
+ goto fallback;
|
||||
+
|
||||
+ *dev = makedev(maj, min);
|
||||
+ return 1;
|
||||
+
|
||||
+fallback:
|
||||
+ *dev = dt;
|
||||
+ return 1;
|
||||
+}
|
||||
diff --git a/src/basic/util.h b/src/basic/util.h
|
||||
index c7da6c39bf..b31dfd1c92 100644
|
||||
--- a/src/basic/util.h
|
||||
+++ b/src/basic/util.h
|
||||
@@ -192,3 +192,6 @@ uint64_t system_tasks_max_scale(uint64_t v, uint64_t max);
|
||||
int update_reboot_parameter_and_warn(const char *param);
|
||||
|
||||
int version(void);
|
||||
+
|
||||
+int get_block_device(const char *path, dev_t *dev);
|
||||
+int get_block_device_harder(const char *path, dev_t *dev);
|
||||
diff --git a/src/gpt-auto-generator/gpt-auto-generator.c b/src/gpt-auto-generator/gpt-auto-generator.c
|
||||
index a072242430..dc307ff585 100644
|
||||
--- a/src/gpt-auto-generator/gpt-auto-generator.c
|
||||
+++ b/src/gpt-auto-generator/gpt-auto-generator.c
|
||||
@@ -609,136 +609,6 @@ static int enumerate_partitions(dev_t devnum) {
|
||||
return r;
|
||||
}
|
||||
|
||||
-static int get_block_device(const char *path, dev_t *dev) {
|
||||
- struct stat st;
|
||||
- struct statfs sfs;
|
||||
-
|
||||
- assert(path);
|
||||
- assert(dev);
|
||||
-
|
||||
- /* Get's the block device directly backing a file system. If
|
||||
- * the block device is encrypted, returns the device mapper
|
||||
- * block device. */
|
||||
-
|
||||
- if (lstat(path, &st))
|
||||
- return -errno;
|
||||
-
|
||||
- if (major(st.st_dev) != 0) {
|
||||
- *dev = st.st_dev;
|
||||
- return 1;
|
||||
- }
|
||||
-
|
||||
- if (statfs(path, &sfs) < 0)
|
||||
- return -errno;
|
||||
-
|
||||
- if (F_TYPE_EQUAL(sfs.f_type, BTRFS_SUPER_MAGIC))
|
||||
- return btrfs_get_block_device(path, dev);
|
||||
-
|
||||
- return 0;
|
||||
-}
|
||||
-
|
||||
-static int get_block_device_harder(const char *path, dev_t *dev) {
|
||||
- _cleanup_closedir_ DIR *d = NULL;
|
||||
- _cleanup_free_ char *p = NULL, *t = NULL;
|
||||
- struct dirent *de, *found = NULL;
|
||||
- const char *q;
|
||||
- unsigned maj, min;
|
||||
- dev_t dt;
|
||||
- int r;
|
||||
-
|
||||
- assert(path);
|
||||
- assert(dev);
|
||||
-
|
||||
- /* Gets the backing block device for a file system, and
|
||||
- * handles LUKS encrypted file systems, looking for its
|
||||
- * immediate parent, if there is one. */
|
||||
-
|
||||
- r = get_block_device(path, &dt);
|
||||
- if (r <= 0)
|
||||
- return r;
|
||||
-
|
||||
- if (asprintf(&p, "/sys/dev/block/%u:%u/slaves", major(dt), minor(dt)) < 0)
|
||||
- return -ENOMEM;
|
||||
-
|
||||
- d = opendir(p);
|
||||
- if (!d) {
|
||||
- if (errno == ENOENT)
|
||||
- goto fallback;
|
||||
-
|
||||
- return -errno;
|
||||
- }
|
||||
-
|
||||
- FOREACH_DIRENT_ALL(de, d, return -errno) {
|
||||
-
|
||||
- if (dot_or_dot_dot(de->d_name))
|
||||
- continue;
|
||||
-
|
||||
- if (!IN_SET(de->d_type, DT_LNK, DT_UNKNOWN))
|
||||
- continue;
|
||||
-
|
||||
- if (found) {
|
||||
- _cleanup_free_ char *u = NULL, *v = NULL, *a = NULL, *b = NULL;
|
||||
-
|
||||
- /* We found a device backed by multiple other devices. We don't really support automatic
|
||||
- * discovery on such setups, with the exception of dm-verity partitions. In this case there are
|
||||
- * two backing devices: the data partition and the hash partition. We are fine with such
|
||||
- * setups, however, only if both partitions are on the same physical device. Hence, let's
|
||||
- * verify this. */
|
||||
-
|
||||
- u = strjoin(p, "/", de->d_name, "/../dev");
|
||||
- if (!u)
|
||||
- return -ENOMEM;
|
||||
-
|
||||
- v = strjoin(p, "/", found->d_name, "/../dev");
|
||||
- if (!v)
|
||||
- return -ENOMEM;
|
||||
-
|
||||
- r = read_one_line_file(u, &a);
|
||||
- if (r < 0) {
|
||||
- log_debug_errno(r, "Failed to read %s: %m", u);
|
||||
- goto fallback;
|
||||
- }
|
||||
-
|
||||
- r = read_one_line_file(v, &b);
|
||||
- if (r < 0) {
|
||||
- log_debug_errno(r, "Failed to read %s: %m", v);
|
||||
- goto fallback;
|
||||
- }
|
||||
-
|
||||
- /* Check if the parent device is the same. If not, then the two backing devices are on
|
||||
- * different physical devices, and we don't support that. */
|
||||
- if (!streq(a, b))
|
||||
- goto fallback;
|
||||
- }
|
||||
-
|
||||
- found = de;
|
||||
- }
|
||||
-
|
||||
- if (!found)
|
||||
- goto fallback;
|
||||
-
|
||||
- q = strjoina(p, "/", found->d_name, "/dev");
|
||||
-
|
||||
- r = read_one_line_file(q, &t);
|
||||
- if (r == -ENOENT)
|
||||
- goto fallback;
|
||||
- if (r < 0)
|
||||
- return r;
|
||||
-
|
||||
- if (sscanf(t, "%u:%u", &maj, &min) != 2)
|
||||
- return -EINVAL;
|
||||
-
|
||||
- if (maj == 0)
|
||||
- goto fallback;
|
||||
-
|
||||
- *dev = makedev(maj, min);
|
||||
- return 1;
|
||||
-
|
||||
-fallback:
|
||||
- *dev = dt;
|
||||
- return 1;
|
||||
-}
|
||||
-
|
||||
static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
|
||||
int r;
|
||||
|
|
@ -0,0 +1,51 @@
|
|||
From c86784ebf6a8dc572a52ac1322ae558c39e61d92 Mon Sep 17 00:00:00 2001
|
||||
From: Franck Bui <fbui@suse.com>
|
||||
Date: Wed, 13 Sep 2017 11:04:17 +0200
|
||||
Subject: [PATCH] shutdown: don't be fooled when detaching DM devices with
|
||||
BTRFS
|
||||
|
||||
Otherwise we would try to detach the DM device hosting the rootfs with BTRFS
|
||||
which is doomed to fail.
|
||||
|
||||
(cherry picked from commit 33e8d8af1482fd94edf8a41462012468ba852687)
|
||||
---
|
||||
src/core/umount.c | 20 ++++++++++----------
|
||||
1 file changed, 10 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/src/core/umount.c b/src/core/umount.c
|
||||
index b83f631141..87c5aa9029 100644
|
||||
--- a/src/core/umount.c
|
||||
+++ b/src/core/umount.c
|
||||
@@ -517,22 +517,22 @@ static int loopback_points_list_detach(MountPoint **head, bool *changed) {
|
||||
|
||||
static int dm_points_list_detach(MountPoint **head, bool *changed) {
|
||||
MountPoint *m, *n;
|
||||
- int n_failed = 0, k;
|
||||
- struct stat root_st;
|
||||
+ int n_failed = 0, r;
|
||||
+ dev_t rootdev;
|
||||
|
||||
assert(head);
|
||||
|
||||
- k = lstat("/", &root_st);
|
||||
+ r = get_block_device("/", &rootdev);
|
||||
+ if (r <= 0)
|
||||
+ rootdev = 0;
|
||||
|
||||
LIST_FOREACH_SAFE(mount_point, m, n, *head) {
|
||||
- int r;
|
||||
|
||||
- if (k >= 0 &&
|
||||
- major(root_st.st_dev) != 0 &&
|
||||
- root_st.st_dev == m->devnum) {
|
||||
- n_failed++;
|
||||
- continue;
|
||||
- }
|
||||
+ if (major(rootdev) != 0)
|
||||
+ if (rootdev == m->devnum) {
|
||||
+ n_failed ++;
|
||||
+ continue;
|
||||
+ }
|
||||
|
||||
log_info("Detaching DM %u:%u.", major(m->devnum), minor(m->devnum));
|
||||
r = delete_dm(m->devnum);
|
|
@ -0,0 +1,62 @@
|
|||
From 7f4b159f88d8d3b932e24646b50e4bdcac885581 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Wed, 13 Sep 2017 19:08:26 +0200
|
||||
Subject: [PATCH] sd-bus: extend D-Bus authentication timeout considerably
|
||||
(#6813)
|
||||
|
||||
As it turns out the authentication phase times out too often than is
|
||||
good, mostly due to PRNG pools not being populated during boot. Hence,
|
||||
let's increase the authentication timeout from 25s to 90s, to cover for
|
||||
that.
|
||||
|
||||
(Note that we leave the D-Bus method call timeout at 25s, matching the
|
||||
reference implementation's value. And if the auth phase managed to
|
||||
complete then the pools should be populated enough and mehtod calls
|
||||
shouldn't take needlessly long anymore).
|
||||
|
||||
Fixes: #6418
|
||||
(cherry picked from commit 036d61b32e7e684a532904ec26a6ebaa1b850ab9)
|
||||
---
|
||||
src/libsystemd/sd-bus/bus-internal.h | 6 ++++++
|
||||
src/libsystemd/sd-bus/bus-socket.c | 2 +-
|
||||
2 files changed, 7 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
|
||||
index 3575ea8cde..473f486c3d 100644
|
||||
--- a/src/libsystemd/sd-bus/bus-internal.h
|
||||
+++ b/src/libsystemd/sd-bus/bus-internal.h
|
||||
@@ -27,6 +27,7 @@
|
||||
#include "bus-error.h"
|
||||
#include "bus-kernel.h"
|
||||
#include "bus-match.h"
|
||||
+#include "def.h"
|
||||
#include "hashmap.h"
|
||||
#include "kdbus.h"
|
||||
#include "list.h"
|
||||
@@ -327,8 +328,13 @@ struct sd_bus {
|
||||
LIST_HEAD(sd_bus_track, tracks);
|
||||
};
|
||||
|
||||
+/* For method calls we time-out at 25s, like in the D-Bus reference implementation */
|
||||
#define BUS_DEFAULT_TIMEOUT ((usec_t) (25 * USEC_PER_SEC))
|
||||
|
||||
+/* For the authentication phase we grant 90s, to provide extra room during boot, when RNGs and such are not filled up
|
||||
+ * with enough entropy yet and might delay the boot */
|
||||
+#define BUS_AUTH_TIMEOUT ((usec_t) DEFAULT_TIMEOUT_USEC)
|
||||
+
|
||||
#define BUS_WQUEUE_MAX (192*1024)
|
||||
#define BUS_RQUEUE_MAX (192*1024)
|
||||
|
||||
diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c
|
||||
index ab70a0c6e1..fa7dcbb888 100644
|
||||
--- a/src/libsystemd/sd-bus/bus-socket.c
|
||||
+++ b/src/libsystemd/sd-bus/bus-socket.c
|
||||
@@ -661,7 +661,7 @@ int bus_socket_start_auth(sd_bus *b) {
|
||||
bus_get_peercred(b);
|
||||
|
||||
b->state = BUS_AUTHENTICATING;
|
||||
- b->auth_timeout = now(CLOCK_MONOTONIC) + BUS_DEFAULT_TIMEOUT;
|
||||
+ b->auth_timeout = now(CLOCK_MONOTONIC) + BUS_AUTH_TIMEOUT;
|
||||
|
||||
if (sd_is_socket(b->input_fd, AF_UNIX, 0, 0) <= 0)
|
||||
b->hello_flags &= ~KDBUS_HELLO_ACCEPT_FD;
|
|
@ -0,0 +1,48 @@
|
|||
From eb877dacc9f98f646ff9509d6df5c71bd4a33a17 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Thu, 14 Sep 2017 18:26:10 +0200
|
||||
Subject: [PATCH] timer: don't use persietent file timestamps from the future
|
||||
(#6823)
|
||||
|
||||
Also, use the mtime rather than the atime of the timestamp file. While
|
||||
the atime is not completely wrong, the mtime appears more appropriate
|
||||
as that's what we actually explicitly change, and is not effected by
|
||||
mere reading.
|
||||
|
||||
Fixes: #6821
|
||||
(cherry picked from commit 77542a7905520f1d637912bf47bddb4855506e41)
|
||||
---
|
||||
src/core/timer.c | 20 +++++++++++++++++---
|
||||
1 file changed, 17 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/core/timer.c b/src/core/timer.c
|
||||
index 701949fd60..3032a237b1 100644
|
||||
--- a/src/core/timer.c
|
||||
+++ b/src/core/timer.c
|
||||
@@ -614,9 +614,23 @@ static int timer_start(Unit *u) {
|
||||
if (t->stamp_path) {
|
||||
struct stat st;
|
||||
|
||||
- if (stat(t->stamp_path, &st) >= 0)
|
||||
- t->last_trigger.realtime = timespec_load(&st.st_atim);
|
||||
- else if (errno == ENOENT)
|
||||
+ if (stat(t->stamp_path, &st) >= 0) {
|
||||
+ usec_t ft;
|
||||
+
|
||||
+ /* Load the file timestamp, but only if it is actually in the past. If it is in the future,
|
||||
+ * something is wrong with the system clock. */
|
||||
+
|
||||
+ ft = timespec_load(&st.st_mtim);
|
||||
+ if (ft < now(CLOCK_REALTIME))
|
||||
+ t->last_trigger.realtime = ft;
|
||||
+ else {
|
||||
+ char z[FORMAT_TIMESTAMP_MAX];
|
||||
+
|
||||
+ log_unit_warning(u, "Not using persistent file timestamp %s as it is in the future.",
|
||||
+ format_timestamp(z, sizeof(z), ft));
|
||||
+ }
|
||||
+
|
||||
+ } else if (errno == ENOENT)
|
||||
/* The timer has never run before,
|
||||
* make sure a stamp file exists.
|
||||
*/
|
|
@ -0,0 +1,46 @@
|
|||
From 760a486ff45797b65093c5f0550cc42bfd5d70aa Mon Sep 17 00:00:00 2001
|
||||
From: Felipe Sateler <fsateler@users.noreply.github.com>
|
||||
Date: Thu, 14 Sep 2017 14:51:20 -0300
|
||||
Subject: [PATCH] shared: end string with % if one was found at the end of a
|
||||
expandible string (#6828)
|
||||
|
||||
Current behavior is that %X where X is an unidentified specifier, then the result is
|
||||
the same %X string. This was not the case when the string ended with a stray %, where
|
||||
the character would have not been output. Lets add that missing character.
|
||||
|
||||
Fixes: #6374
|
||||
(cherry picked from commit 038492aed3e0293fd9cf4998fd891addb597b954)
|
||||
---
|
||||
src/shared/specifier.c | 4 ++++
|
||||
src/test/test-unit-name.c | 3 ++-
|
||||
2 files changed, 6 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/shared/specifier.c b/src/shared/specifier.c
|
||||
index 1c17eb5251..81379041cc 100644
|
||||
--- a/src/shared/specifier.c
|
||||
+++ b/src/shared/specifier.c
|
||||
@@ -107,6 +107,10 @@ int specifier_printf(const char *text, const Specifier table[], void *userdata,
|
||||
*(t++) = *f;
|
||||
}
|
||||
|
||||
+ /* if string ended with a stray %, also end with % */
|
||||
+ if (percent)
|
||||
+ *(t++) = '%';
|
||||
+
|
||||
*t = 0;
|
||||
*_ret = ret;
|
||||
return 0;
|
||||
diff --git a/src/test/test-unit-name.c b/src/test/test-unit-name.c
|
||||
index 2fd83f321c..2af90c69ee 100644
|
||||
--- a/src/test/test-unit-name.c
|
||||
+++ b/src/test/test-unit-name.c
|
||||
@@ -237,7 +237,8 @@ static int test_unit_printf(void) {
|
||||
/* general tests */
|
||||
expect(u, "%%", "%");
|
||||
expect(u, "%%s", "%s");
|
||||
- expect(u, "%", ""); // REALLY?
|
||||
+ expect(u, "%,", "%,");
|
||||
+ expect(u, "%", "%");
|
||||
|
||||
/* normal unit */
|
||||
expect(u, "%n", "blah.service");
|
|
@ -1,16 +1,18 @@
|
|||
From f2618d3474090751ae364ca326f3563797cce54a Mon Sep 17 00:00:00 2001
|
||||
From bd69342ded37a30850de4c85cbc709aaecfee396 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Mon, 18 Sep 2017 17:09:52 +0200
|
||||
Subject: [PATCH] build-sys: bump xslt maxdepth limit
|
||||
Date: Tue, 19 Sep 2017 08:04:02 +0200
|
||||
Subject: [PATCH] build-sys: bump xslt maxdepth limit (#6863)
|
||||
|
||||
With libxslt-1.30, builds were failing on some recursion depth limit
|
||||
with systemd.index.xml. Bumping the limit fixes the issue.
|
||||
|
||||
(cherry picked from commit f2adcd22d5d5498f1a00fdc303f71e7198b238ab)
|
||||
---
|
||||
man/meson.build | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/man/meson.build b/man/meson.build
|
||||
index 8ddbd5557c..5b6a21fb9f 100644
|
||||
index 4f2ddad31a..c9fa91589a 100644
|
||||
--- a/man/meson.build
|
||||
+++ b/man/meson.build
|
||||
@@ -11,6 +11,7 @@ want_html = want_html != 'false' and xsltproc.found()
|
||||
|
@ -21,6 +23,3 @@ index 8ddbd5557c..5b6a21fb9f 100644
|
|||
'--stringparam', 'man.output.quietly', '1',
|
||||
'--stringparam', 'funcsynopsis.style', 'ansi',
|
||||
'--stringparam', 'man.authors.section.enabled', '0',
|
||||
--
|
||||
2.13.5
|
||||
|
|
@ -0,0 +1,175 @@
|
|||
From 7c4392650657a5ef264c4b1e2c55d5051b60fb30 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 22 Sep 2017 17:55:53 +0200
|
||||
Subject: [PATCH] fileio: add new helper call read_line() as bounded getline()
|
||||
replacement
|
||||
|
||||
read_line() is much like getline(), and returns a line read from a
|
||||
FILE*, of arbitrary sizes. In contrast to gets() it will grow the buffer
|
||||
dynamically, and in contrast to getline() it will place a user-specified
|
||||
boundary on the line.
|
||||
|
||||
(cherry picked from commit 4f9a66a32dda1d9a28f9bb3fa31c2148524bc46a)
|
||||
---
|
||||
src/basic/fileio.c | 77 ++++++++++++++++++++++++++++++++++++++++++++++++++
|
||||
src/basic/fileio.h | 2 ++
|
||||
src/test/test-fileio.c | 44 +++++++++++++++++++++++++++++
|
||||
3 files changed, 123 insertions(+)
|
||||
|
||||
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
|
||||
index 9a185e3e60..db5897c360 100644
|
||||
--- a/src/basic/fileio.c
|
||||
+++ b/src/basic/fileio.c
|
||||
@@ -1497,3 +1497,80 @@ int mkdtemp_malloc(const char *template, char **ret) {
|
||||
*ret = p;
|
||||
return 0;
|
||||
}
|
||||
+
|
||||
+int read_line(FILE *f, size_t limit, char **ret) {
|
||||
+ _cleanup_free_ char *buffer = NULL;
|
||||
+ size_t n = 0, allocated = 0, count = 0;
|
||||
+ int r;
|
||||
+
|
||||
+ assert(f);
|
||||
+
|
||||
+ /* Something like a bounded version of getline().
|
||||
+ *
|
||||
+ * Considers EOF, \n and \0 end of line delimiters, and does not include these delimiters in the string
|
||||
+ * returned.
|
||||
+ *
|
||||
+ * Returns the number of bytes read from the files (i.e. including delimiters — this hence usually differs from
|
||||
+ * the number of characters in the returned string). When EOF is hit, 0 is returned.
|
||||
+ *
|
||||
+ * The input parameter limit is the maximum numbers of characters in the returned string, i.e. excluding
|
||||
+ * delimiters. If the limit is hit we fail and return -ENOBUFS.
|
||||
+ *
|
||||
+ * If a line shall be skipped ret may be initialized as NULL. */
|
||||
+
|
||||
+ if (ret) {
|
||||
+ if (!GREEDY_REALLOC(buffer, allocated, 1))
|
||||
+ return -ENOMEM;
|
||||
+ }
|
||||
+
|
||||
+ flockfile(f);
|
||||
+
|
||||
+ for (;;) {
|
||||
+ int c;
|
||||
+
|
||||
+ if (n >= limit) {
|
||||
+ funlockfile(f);
|
||||
+ return -ENOBUFS;
|
||||
+ }
|
||||
+
|
||||
+ errno = 0;
|
||||
+ c = fgetc_unlocked(f);
|
||||
+ if (c == EOF) {
|
||||
+ /* if we read an error, and have no data to return, then propagate the error */
|
||||
+ if (ferror_unlocked(f) && n == 0) {
|
||||
+ r = errno > 0 ? -errno : -EIO;
|
||||
+ funlockfile(f);
|
||||
+ return r;
|
||||
+ }
|
||||
+
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ count++;
|
||||
+
|
||||
+ if (IN_SET(c, '\n', 0)) /* Reached a delimiter */
|
||||
+ break;
|
||||
+
|
||||
+ if (ret) {
|
||||
+ if (!GREEDY_REALLOC(buffer, allocated, n + 2)) {
|
||||
+ funlockfile(f);
|
||||
+ return -ENOMEM;
|
||||
+ }
|
||||
+
|
||||
+ buffer[n] = (char) c;
|
||||
+ }
|
||||
+
|
||||
+ n++;
|
||||
+ }
|
||||
+
|
||||
+ funlockfile(f);
|
||||
+
|
||||
+ if (ret) {
|
||||
+ buffer[n] = 0;
|
||||
+
|
||||
+ *ret = buffer;
|
||||
+ buffer = NULL;
|
||||
+ }
|
||||
+
|
||||
+ return (int) count;
|
||||
+}
|
||||
diff --git a/src/basic/fileio.h b/src/basic/fileio.h
|
||||
index 6098562265..2674148efe 100644
|
||||
--- a/src/basic/fileio.h
|
||||
+++ b/src/basic/fileio.h
|
||||
@@ -99,3 +99,5 @@ int link_tmpfile(int fd, const char *path, const char *target);
|
||||
int read_nul_string(FILE *f, char **ret);
|
||||
|
||||
int mkdtemp_malloc(const char *template, char **ret);
|
||||
+
|
||||
+int read_line(FILE *f, size_t limit, char **ret);
|
||||
diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c
|
||||
index b1d688c89e..375b7a8910 100644
|
||||
--- a/src/test/test-fileio.c
|
||||
+++ b/src/test/test-fileio.c
|
||||
@@ -663,6 +663,49 @@ static void test_tempfn(void) {
|
||||
free(ret);
|
||||
}
|
||||
|
||||
+static void test_read_line(void) {
|
||||
+ _cleanup_fclose_ FILE *f = NULL;
|
||||
+ _cleanup_free_ char *line = NULL;
|
||||
+
|
||||
+ char buffer[] =
|
||||
+ "Some test data\n"
|
||||
+ "With newlines, and a NUL byte\0"
|
||||
+ "\n"
|
||||
+ "an empty line\n"
|
||||
+ "an ignored line\n"
|
||||
+ "and a very long line that is supposed to be truncated, because it is so long\n";
|
||||
+
|
||||
+ f = fmemopen(buffer, sizeof(buffer), "re");
|
||||
+ assert_se(f);
|
||||
+
|
||||
+ assert_se(read_line(f, (size_t) -1, &line) == 15 && streq(line, "Some test data"));
|
||||
+ line = mfree(line);
|
||||
+
|
||||
+ assert_se(read_line(f, 1024, &line) == 30 && streq(line, "With newlines, and a NUL byte"));
|
||||
+ line = mfree(line);
|
||||
+
|
||||
+ assert_se(read_line(f, 1024, &line) == 1 && streq(line, ""));
|
||||
+ line = mfree(line);
|
||||
+
|
||||
+ assert_se(read_line(f, 1024, &line) == 14 && streq(line, "an empty line"));
|
||||
+ line = mfree(line);
|
||||
+
|
||||
+ assert_se(read_line(f, (size_t) -1, NULL) == 16);
|
||||
+
|
||||
+ assert_se(read_line(f, 16, &line) == -ENOBUFS);
|
||||
+ line = mfree(line);
|
||||
+
|
||||
+ /* read_line() stopped when it hit the limit, that means when we continue reading we'll read at the first
|
||||
+ * character after the previous limit. Let's make use of tha to continue our test. */
|
||||
+ assert_se(read_line(f, 1024, &line) == 61 && streq(line, "line that is supposed to be truncated, because it is so long"));
|
||||
+ line = mfree(line);
|
||||
+
|
||||
+ assert_se(read_line(f, 1024, &line) == 1 && streq(line, ""));
|
||||
+ line = mfree(line);
|
||||
+
|
||||
+ assert_se(read_line(f, 1024, &line) == 0 && streq(line, ""));
|
||||
+}
|
||||
+
|
||||
int main(int argc, char *argv[]) {
|
||||
log_set_max_level(LOG_DEBUG);
|
||||
log_parse_environment();
|
||||
@@ -684,6 +727,7 @@ int main(int argc, char *argv[]) {
|
||||
test_search_and_fopen_nulstr();
|
||||
test_writing_tmpfile();
|
||||
test_tempfn();
|
||||
+ test_read_line();
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,26 @@
|
|||
From 8eda468cb9445e5a9e2505d47fc5b15eae453a0a Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 22 Sep 2017 20:23:58 +0200
|
||||
Subject: [PATCH] def: add new constant LONG_LINE_MAX
|
||||
|
||||
LONG_LINE_MAX is much like LINE_MAX, but longer.
|
||||
|
||||
As it turns out LINE_MAX at 4096 is too short for many usecases. Since
|
||||
the general concept of having a common maximum line length limit makes
|
||||
sense let's add our own, and make it larger (1MB for now).
|
||||
|
||||
(cherry picked from commit 189912440f6545404e84b3cd1d6ca54f1057e3e6)
|
||||
---
|
||||
src/basic/def.h | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/src/basic/def.h b/src/basic/def.h
|
||||
index b1a3bc190b..e2d91519ba 100644
|
||||
--- a/src/basic/def.h
|
||||
+++ b/src/basic/def.h
|
||||
@@ -86,3 +86,5 @@
|
||||
"/usr/local/lib/" n "\0" \
|
||||
"/usr/lib/" n "\0" \
|
||||
_CONF_PATHS_SPLIT_USR(n)
|
||||
+
|
||||
+#define LONG_LINE_MAX (1U*1024U*1024U)
|
|
@ -0,0 +1,53 @@
|
|||
From 773fe149cec50517ff1ed113c802c4e1a047a3e4 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 22 Sep 2017 18:01:32 +0200
|
||||
Subject: [PATCH] fileio: rework read_one_line_file() on top of read_line()
|
||||
|
||||
(cherry picked from commit f4b51a2d092685c9a080e84130fec2d74c834f5c)
|
||||
---
|
||||
src/basic/fileio.c | 18 ++----------------
|
||||
1 file changed, 2 insertions(+), 16 deletions(-)
|
||||
|
||||
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
|
||||
index db5897c360..c66b7b814e 100644
|
||||
--- a/src/basic/fileio.c
|
||||
+++ b/src/basic/fileio.c
|
||||
@@ -30,6 +30,7 @@
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "ctype.h"
|
||||
+#include "def.h"
|
||||
#include "env-util.h"
|
||||
#include "escape.h"
|
||||
#include "fd-util.h"
|
||||
@@ -163,7 +164,6 @@ fail:
|
||||
|
||||
int read_one_line_file(const char *fn, char **line) {
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
- char t[LINE_MAX], *c;
|
||||
|
||||
assert(fn);
|
||||
assert(line);
|
||||
@@ -172,21 +172,7 @@ int read_one_line_file(const char *fn, char **line) {
|
||||
if (!f)
|
||||
return -errno;
|
||||
|
||||
- if (!fgets(t, sizeof(t), f)) {
|
||||
-
|
||||
- if (ferror(f))
|
||||
- return errno > 0 ? -errno : -EIO;
|
||||
-
|
||||
- t[0] = 0;
|
||||
- }
|
||||
-
|
||||
- c = strdup(t);
|
||||
- if (!c)
|
||||
- return -ENOMEM;
|
||||
- truncate_nl(c);
|
||||
-
|
||||
- *line = c;
|
||||
- return 0;
|
||||
+ return read_line(f, LONG_LINE_MAX, line);
|
||||
}
|
||||
|
||||
int verify_file(const char *fn, const char *blob, bool accept_extra_nl) {
|
|
@ -0,0 +1,31 @@
|
|||
From f4037dc520045b4779cf8589bd75ced2d343c215 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 22 Sep 2017 18:25:45 +0200
|
||||
Subject: [PATCH] cgroup-util: replace one use of fgets() by read_line()
|
||||
|
||||
(cherry picked from commit 2351e44d3ed57b7a48b9e544a59c3b797ac4d216)
|
||||
---
|
||||
src/basic/cgroup-util.c | 3 +--
|
||||
1 file changed, 1 insertion(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/basic/cgroup-util.c b/src/basic/cgroup-util.c
|
||||
index 6344372610..9148a7b1ab 100644
|
||||
--- a/src/basic/cgroup-util.c
|
||||
+++ b/src/basic/cgroup-util.c
|
||||
@@ -2326,7 +2326,6 @@ int cg_mask_supported(CGroupMask *ret) {
|
||||
|
||||
int cg_kernel_controllers(Set *controllers) {
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
- char buf[LINE_MAX];
|
||||
int r;
|
||||
|
||||
assert(controllers);
|
||||
@@ -2344,7 +2343,7 @@ int cg_kernel_controllers(Set *controllers) {
|
||||
}
|
||||
|
||||
/* Ignore the header line */
|
||||
- (void) fgets(buf, sizeof(buf), f);
|
||||
+ (void) read_line(f, (size_t) -1, NULL);
|
||||
|
||||
for (;;) {
|
||||
char *controller;
|
|
@ -0,0 +1,128 @@
|
|||
From 663be46f39f6c6e51b035683b304671eaffdafe8 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 21 Sep 2017 14:24:01 +0200
|
||||
Subject: [PATCH] test-conf-parser: add some basic tests for config_parse()
|
||||
|
||||
This function is pretty important, but we weren't calling it directly
|
||||
even once in tests.
|
||||
|
||||
v2: add a few tests for escaping and line continuations
|
||||
(cherry picked from commit e3f46367f577f8bd4b3a62ea0149bdcb112da573)
|
||||
---
|
||||
src/test/test-conf-parser.c | 89 +++++++++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 89 insertions(+)
|
||||
|
||||
diff --git a/src/test/test-conf-parser.c b/src/test/test-conf-parser.c
|
||||
index 77fcbc0dd3..81db9d1bd7 100644
|
||||
--- a/src/test/test-conf-parser.c
|
||||
+++ b/src/test/test-conf-parser.c
|
||||
@@ -18,6 +18,8 @@
|
||||
***/
|
||||
|
||||
#include "conf-parser.h"
|
||||
+#include "fd-util.h"
|
||||
+#include "fileio.h"
|
||||
#include "log.h"
|
||||
#include "macro.h"
|
||||
#include "string-util.h"
|
||||
@@ -227,7 +229,91 @@ static void test_config_parse_iec_uint64(void) {
|
||||
assert_se(config_parse_iec_uint64(NULL, "/this/file", 11, "Section", 22, "Size", 0, "4.5M", &offset, NULL) == 0);
|
||||
}
|
||||
|
||||
+static const char* const config_file[] = {
|
||||
+ "[Section]\n"
|
||||
+ "setting1=1\n",
|
||||
+
|
||||
+ "[Section]\n"
|
||||
+ "setting1=1", /* no terminating newline */
|
||||
+
|
||||
+ "\n\n\n\n[Section]\n\n\n"
|
||||
+ "setting1=1", /* some whitespace, no terminating newline */
|
||||
+
|
||||
+ "[Section]\n"
|
||||
+ "[Section]\n"
|
||||
+ "setting1=1\n"
|
||||
+ "setting1=2\n"
|
||||
+ "setting1=1\n", /* repeated settings */
|
||||
+
|
||||
+ "[Section]\n"
|
||||
+ "setting1=1\\\n" /* normal continuation */
|
||||
+ "2\\\n"
|
||||
+ "3\n",
|
||||
+
|
||||
+ "[Section]\n"
|
||||
+ "setting1=1\\\\\\\n" /* continuation with trailing escape symbols */
|
||||
+ "\\\\2\n", /* note that C requires one level of escaping, so the
|
||||
+ * parser gets "…1 BS BS BS NL BS BS 2 NL", which
|
||||
+ * it translates into "…1 BS BS SP BS BS 2" */
|
||||
+};
|
||||
+
|
||||
+static void test_config_parse(unsigned i, const char *s) {
|
||||
+ char name[] = "/tmp/test-conf-parser.XXXXXX";
|
||||
+ int fd, r;
|
||||
+ _cleanup_fclose_ FILE *f = NULL;
|
||||
+ _cleanup_free_ char *setting1 = NULL;
|
||||
+
|
||||
+ const ConfigTableItem items[] = {
|
||||
+ { "Section", "setting1", config_parse_string, 0, &setting1},
|
||||
+ {}
|
||||
+ };
|
||||
+
|
||||
+ log_info("== %s[%i] ==", __func__, i);
|
||||
+
|
||||
+ fd = mkostemp_safe(name);
|
||||
+ assert_se(fd >= 0);
|
||||
+ assert_se((size_t) write(fd, s, strlen(s)) == strlen(s));
|
||||
+
|
||||
+ assert_se(lseek(fd, 0, SEEK_SET) == 0);
|
||||
+ assert_se(f = fdopen(fd, "r"));
|
||||
+
|
||||
+ /*
|
||||
+ int config_parse(const char *unit,
|
||||
+ const char *filename,
|
||||
+ FILE *f,
|
||||
+ const char *sections,
|
||||
+ ConfigItemLookup lookup,
|
||||
+ const void *table,
|
||||
+ bool relaxed,
|
||||
+ bool allow_include,
|
||||
+ bool warn,
|
||||
+ void *userdata)
|
||||
+ */
|
||||
+
|
||||
+ r = config_parse(NULL, name, f,
|
||||
+ "Section\0",
|
||||
+ config_item_table_lookup, items,
|
||||
+ false, false, true, NULL);
|
||||
+ assert_se(r == 0);
|
||||
+
|
||||
+ switch (i) {
|
||||
+ case 0 ... 3:
|
||||
+ assert_se(streq(setting1, "1"));
|
||||
+ break;
|
||||
+
|
||||
+ case 4:
|
||||
+ assert_se(streq(setting1, "1 2 3"));
|
||||
+ break;
|
||||
+
|
||||
+ case 5:
|
||||
+ assert_se(streq(setting1, "1\\\\ \\\\2"));
|
||||
+ break;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
int main(int argc, char **argv) {
|
||||
+ unsigned i;
|
||||
+
|
||||
log_parse_environment();
|
||||
log_open();
|
||||
|
||||
@@ -244,5 +330,8 @@ int main(int argc, char **argv) {
|
||||
test_config_parse_nsec();
|
||||
test_config_parse_iec_uint64();
|
||||
|
||||
+ for (i = 0; i < ELEMENTSOF(config_file); i++)
|
||||
+ test_config_parse(i, config_file[i]);
|
||||
+
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,93 @@
|
|||
From 032ba8cf22cc58b801d747c4063fcfe2364772de Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 22 Sep 2017 18:26:35 +0200
|
||||
Subject: [PATCH] conf-parse: remove 4K line length limit
|
||||
|
||||
Let's use read_line() to solve our long line limitation.
|
||||
|
||||
Fixes #3302.
|
||||
|
||||
(cherry picked from commit e6dde451a51dc5aaa7f4d98d39b8fe735f73d2af)
|
||||
---
|
||||
src/shared/conf-parser.c | 43 ++++++++++++++++++++++++++++++++-----------
|
||||
1 file changed, 32 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/src/shared/conf-parser.c b/src/shared/conf-parser.c
|
||||
index e08402e3d2..57bc8e3036 100644
|
||||
--- a/src/shared/conf-parser.c
|
||||
+++ b/src/shared/conf-parser.c
|
||||
@@ -28,8 +28,10 @@
|
||||
#include "alloc-util.h"
|
||||
#include "conf-files.h"
|
||||
#include "conf-parser.h"
|
||||
+#include "def.h"
|
||||
#include "extract-word.h"
|
||||
#include "fd-util.h"
|
||||
+#include "fileio.h"
|
||||
#include "fs-util.h"
|
||||
#include "log.h"
|
||||
#include "macro.h"
|
||||
@@ -316,24 +318,44 @@ int config_parse(const char *unit,
|
||||
fd_warn_permissions(filename, fileno(f));
|
||||
|
||||
for (;;) {
|
||||
- char buf[LINE_MAX], *l, *p, *c = NULL, *e;
|
||||
+ _cleanup_free_ char *buf = NULL;
|
||||
+ char *l, *p, *c = NULL, *e;
|
||||
bool escaped = false;
|
||||
|
||||
- if (!fgets(buf, sizeof buf, f)) {
|
||||
- if (feof(f))
|
||||
- break;
|
||||
+ r = read_line(f, LONG_LINE_MAX, &buf);
|
||||
+ if (r == 0)
|
||||
+ break;
|
||||
+ if (r == -ENOBUFS) {
|
||||
+ if (warn)
|
||||
+ log_error_errno(r, "%s:%u: Line too long", filename, line);
|
||||
|
||||
- return log_error_errno(errno, "Failed to read configuration file '%s': %m", filename);
|
||||
+ return r;
|
||||
+ }
|
||||
+ if (r < 0) {
|
||||
+ if (warn)
|
||||
+ log_error_errno(r, "%s:%u: Error while reading configuration file: %m", filename, line);
|
||||
+
|
||||
+ return r;
|
||||
}
|
||||
|
||||
l = buf;
|
||||
- if (allow_bom && startswith(l, UTF8_BYTE_ORDER_MARK))
|
||||
- l += strlen(UTF8_BYTE_ORDER_MARK);
|
||||
- allow_bom = false;
|
||||
+ if (allow_bom) {
|
||||
+ char *q;
|
||||
|
||||
- truncate_nl(l);
|
||||
+ q = startswith(buf, UTF8_BYTE_ORDER_MARK);
|
||||
+ if (q) {
|
||||
+ l = q;
|
||||
+ allow_bom = false;
|
||||
+ }
|
||||
+ }
|
||||
|
||||
if (continuation) {
|
||||
+ if (strlen(continuation) + strlen(l) > LONG_LINE_MAX) {
|
||||
+ if (warn)
|
||||
+ log_error("%s:%u: Continuation line too long", filename, line);
|
||||
+ return -ENOBUFS;
|
||||
+ }
|
||||
+
|
||||
c = strappend(continuation, l);
|
||||
if (!c) {
|
||||
if (warn)
|
||||
@@ -387,8 +409,7 @@ int config_parse(const char *unit,
|
||||
|
||||
if (r < 0) {
|
||||
if (warn)
|
||||
- log_warning_errno(r, "Failed to parse file '%s': %m",
|
||||
- filename);
|
||||
+ log_warning_errno(r, "%s:%u: Failed to parse file: %m", filename, line);
|
||||
return r;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,101 @@
|
|||
From 2269f63e3bee44993cf57843d83369b03bec1d6a Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sat, 23 Sep 2017 10:48:09 +0200
|
||||
Subject: [PATCH] fileio: use _cleanup_ for FILE unlocking
|
||||
|
||||
(cherry picked from commit f858e5148e4f36335555dfaac812197ebd3ef036)
|
||||
---
|
||||
src/basic/fileio.c | 57 ++++++++++++++++++++++++++----------------------------
|
||||
1 file changed, 27 insertions(+), 30 deletions(-)
|
||||
|
||||
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
|
||||
index c66b7b814e..36cb0edaf4 100644
|
||||
--- a/src/basic/fileio.c
|
||||
+++ b/src/basic/fileio.c
|
||||
@@ -1484,10 +1484,13 @@ int mkdtemp_malloc(const char *template, char **ret) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
+static inline void funlockfilep(FILE **f) {
|
||||
+ funlockfile(*f);
|
||||
+}
|
||||
+
|
||||
int read_line(FILE *f, size_t limit, char **ret) {
|
||||
_cleanup_free_ char *buffer = NULL;
|
||||
size_t n = 0, allocated = 0, count = 0;
|
||||
- int r;
|
||||
|
||||
assert(f);
|
||||
|
||||
@@ -1509,48 +1512,42 @@ int read_line(FILE *f, size_t limit, char **ret) {
|
||||
return -ENOMEM;
|
||||
}
|
||||
|
||||
- flockfile(f);
|
||||
+ {
|
||||
+ _cleanup_(funlockfilep) FILE *flocked = f;
|
||||
+ flockfile(f);
|
||||
|
||||
- for (;;) {
|
||||
- int c;
|
||||
+ for (;;) {
|
||||
+ int c;
|
||||
|
||||
- if (n >= limit) {
|
||||
- funlockfile(f);
|
||||
- return -ENOBUFS;
|
||||
- }
|
||||
+ if (n >= limit)
|
||||
+ return -ENOBUFS;
|
||||
+
|
||||
+ errno = 0;
|
||||
+ c = fgetc_unlocked(f);
|
||||
+ if (c == EOF) {
|
||||
+ /* if we read an error, and have no data to return, then propagate the error */
|
||||
+ if (ferror_unlocked(f) && n == 0)
|
||||
+ return errno > 0 ? -errno : -EIO;
|
||||
|
||||
- errno = 0;
|
||||
- c = fgetc_unlocked(f);
|
||||
- if (c == EOF) {
|
||||
- /* if we read an error, and have no data to return, then propagate the error */
|
||||
- if (ferror_unlocked(f) && n == 0) {
|
||||
- r = errno > 0 ? -errno : -EIO;
|
||||
- funlockfile(f);
|
||||
- return r;
|
||||
+ break;
|
||||
}
|
||||
|
||||
- break;
|
||||
- }
|
||||
+ count++;
|
||||
|
||||
- count++;
|
||||
+ if (IN_SET(c, '\n', 0)) /* Reached a delimiter */
|
||||
+ break;
|
||||
|
||||
- if (IN_SET(c, '\n', 0)) /* Reached a delimiter */
|
||||
- break;
|
||||
+ if (ret) {
|
||||
+ if (!GREEDY_REALLOC(buffer, allocated, n + 2))
|
||||
+ return -ENOMEM;
|
||||
|
||||
- if (ret) {
|
||||
- if (!GREEDY_REALLOC(buffer, allocated, n + 2)) {
|
||||
- funlockfile(f);
|
||||
- return -ENOMEM;
|
||||
+ buffer[n] = (char) c;
|
||||
}
|
||||
|
||||
- buffer[n] = (char) c;
|
||||
+ n++;
|
||||
}
|
||||
-
|
||||
- n++;
|
||||
}
|
||||
|
||||
- funlockfile(f);
|
||||
-
|
||||
if (ret) {
|
||||
buffer[n] = 0;
|
||||
|
|
@ -0,0 +1,42 @@
|
|||
From f365f6b194f4335e77f6c0f54b88b831c99a0f6f Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 21 Sep 2017 12:02:49 +0200
|
||||
Subject: [PATCH] test-conf-parser: use _cleanup_
|
||||
|
||||
(cherry picked from commit a12807aaeaf20ff9507cf2c1e338d5c16d528a1e)
|
||||
---
|
||||
src/test/test-conf-parser.c | 8 ++------
|
||||
1 file changed, 2 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/src/test/test-conf-parser.c b/src/test/test-conf-parser.c
|
||||
index 81db9d1bd7..cd538f0d40 100644
|
||||
--- a/src/test/test-conf-parser.c
|
||||
+++ b/src/test/test-conf-parser.c
|
||||
@@ -27,12 +27,10 @@
|
||||
#include "util.h"
|
||||
|
||||
static void test_config_parse_path_one(const char *rvalue, const char *expected) {
|
||||
- char *path = NULL;
|
||||
+ _cleanup_free_ char *path = NULL;
|
||||
|
||||
assert_se(config_parse_path("unit", "filename", 1, "section", 1, "lvalue", 0, rvalue, &path, NULL) >= 0);
|
||||
assert_se(streq_ptr(expected, path));
|
||||
-
|
||||
- free(path);
|
||||
}
|
||||
|
||||
static void test_config_parse_log_level_one(const char *rvalue, int expected) {
|
||||
@@ -78,12 +76,10 @@ static void test_config_parse_unsigned_one(const char *rvalue, unsigned expected
|
||||
}
|
||||
|
||||
static void test_config_parse_strv_one(const char *rvalue, char **expected) {
|
||||
- char **strv = 0;
|
||||
+ _cleanup_strv_free_ char **strv = NULL;
|
||||
|
||||
assert_se(config_parse_strv("unit", "filename", 1, "section", 1, "lvalue", 0, rvalue, &strv, NULL) >= 0);
|
||||
assert_se(strv_equal(expected, strv));
|
||||
-
|
||||
- strv_free(strv);
|
||||
}
|
||||
|
||||
static void test_config_parse_mode_one(const char *rvalue, mode_t expected) {
|
|
@ -0,0 +1,90 @@
|
|||
From fd59e9d550fd944b4b629342c080c92703e7ef0d Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 21 Sep 2017 14:36:12 +0200
|
||||
Subject: [PATCH] test-conf-parser: add tests for the new long lines, including
|
||||
overflow handling
|
||||
|
||||
(cherry picked from commit 8f313f4febb4df13279aaae86c846bbb142a5a39)
|
||||
---
|
||||
src/test/test-conf-parser.c | 41 ++++++++++++++++++++++++++++++++++++++++-
|
||||
1 file changed, 40 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/test/test-conf-parser.c b/src/test/test-conf-parser.c
|
||||
index cd538f0d40..7a7de98bec 100644
|
||||
--- a/src/test/test-conf-parser.c
|
||||
+++ b/src/test/test-conf-parser.c
|
||||
@@ -225,6 +225,10 @@ static void test_config_parse_iec_uint64(void) {
|
||||
assert_se(config_parse_iec_uint64(NULL, "/this/file", 11, "Section", 22, "Size", 0, "4.5M", &offset, NULL) == 0);
|
||||
}
|
||||
|
||||
+#define x10(x) x x x x x x x x x x
|
||||
+#define x100(x) x10(x10(x))
|
||||
+#define x1000(x) x10(x100(x))
|
||||
+
|
||||
static const char* const config_file[] = {
|
||||
"[Section]\n"
|
||||
"setting1=1\n",
|
||||
@@ -251,6 +255,24 @@ static const char* const config_file[] = {
|
||||
"\\\\2\n", /* note that C requires one level of escaping, so the
|
||||
* parser gets "…1 BS BS BS NL BS BS 2 NL", which
|
||||
* it translates into "…1 BS BS SP BS BS 2" */
|
||||
+
|
||||
+ "\n[Section]\n\n"
|
||||
+ "setting1=" /* a line above LINE_MAX length */
|
||||
+ x1000("ABCD")
|
||||
+ "\n",
|
||||
+
|
||||
+ "[Section]\n"
|
||||
+ "setting1=" /* a line above LINE_MAX length, with continuation */
|
||||
+ x1000("ABCD") "\\\n"
|
||||
+ "foobar",
|
||||
+
|
||||
+ "[Section]\n"
|
||||
+ "setting1=" /* a line above the allowed limit: 9 + 1050000 + 1 */
|
||||
+ x1000(x1000("x") x10("abcde")) "\n",
|
||||
+
|
||||
+ "[Section]\n"
|
||||
+ "setting1=" /* many continuation lines, together above the limit */
|
||||
+ x1000(x1000("x") x10("abcde") "\\\n") "xxx",
|
||||
};
|
||||
|
||||
static void test_config_parse(unsigned i, const char *s) {
|
||||
@@ -290,20 +312,37 @@ static void test_config_parse(unsigned i, const char *s) {
|
||||
"Section\0",
|
||||
config_item_table_lookup, items,
|
||||
false, false, true, NULL);
|
||||
- assert_se(r == 0);
|
||||
|
||||
switch (i) {
|
||||
case 0 ... 3:
|
||||
+ assert_se(r == 0);
|
||||
assert_se(streq(setting1, "1"));
|
||||
break;
|
||||
|
||||
case 4:
|
||||
+ assert_se(r == 0);
|
||||
assert_se(streq(setting1, "1 2 3"));
|
||||
break;
|
||||
|
||||
case 5:
|
||||
+ assert_se(r == 0);
|
||||
assert_se(streq(setting1, "1\\\\ \\\\2"));
|
||||
break;
|
||||
+
|
||||
+ case 6:
|
||||
+ assert_se(r == 0);
|
||||
+ assert_se(streq(setting1, x1000("ABCD")));
|
||||
+ break;
|
||||
+
|
||||
+ case 7:
|
||||
+ assert_se(r == 0);
|
||||
+ assert_se(streq(setting1, x1000("ABCD") " foobar"));
|
||||
+ break;
|
||||
+
|
||||
+ case 8 ... 9:
|
||||
+ assert_se(r == -ENOBUFS);
|
||||
+ assert_se(setting1 == NULL);
|
||||
+ break;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
From 8873d22603623b4d611b178dfd597ed16081375a Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sun, 24 Sep 2017 08:59:49 +0200
|
||||
Subject: [PATCH] test-fileio: close two leaked file handles
|
||||
|
||||
(cherry picked from commit 9707d55213959bb171ea810d56e9226f5ffa5466)
|
||||
---
|
||||
src/test/test-fileio.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c
|
||||
index 375b7a8910..eebaa2c155 100644
|
||||
--- a/src/test/test-fileio.c
|
||||
+++ b/src/test/test-fileio.c
|
||||
@@ -209,7 +209,7 @@ static void test_parse_multiline_env_file(void) {
|
||||
static void test_merge_env_file(void) {
|
||||
char t[] = "/tmp/test-fileio-XXXXXX";
|
||||
int fd, r;
|
||||
- FILE *f;
|
||||
+ _cleanup_fclose_ FILE *f = NULL;
|
||||
_cleanup_strv_free_ char **a = NULL;
|
||||
char **i;
|
||||
|
||||
@@ -278,7 +278,7 @@ static void test_merge_env_file(void) {
|
||||
static void test_merge_env_file_invalid(void) {
|
||||
char t[] = "/tmp/test-fileio-XXXXXX";
|
||||
int fd, r;
|
||||
- FILE *f;
|
||||
+ _cleanup_fclose_ FILE *f = NULL;
|
||||
_cleanup_strv_free_ char **a = NULL;
|
||||
char **i;
|
||||
|
|
@ -0,0 +1,104 @@
|
|||
From 0e1ae5aba8476602b3e69ac470e20a2efa0380a2 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sun, 24 Sep 2017 09:10:48 +0200
|
||||
Subject: [PATCH] test-fileio: also test read_line() with actual files
|
||||
|
||||
Just in case the real FILE and the one from fmemopen weren't exactly
|
||||
the same.
|
||||
|
||||
(cherry picked from commit 2c9de13912350f5887ccccdae9e1707512208053)
|
||||
---
|
||||
src/test/test-fileio.c | 64 ++++++++++++++++++++++++++++++++++++++++----------
|
||||
1 file changed, 51 insertions(+), 13 deletions(-)
|
||||
|
||||
diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c
|
||||
index eebaa2c155..7f22973157 100644
|
||||
--- a/src/test/test-fileio.c
|
||||
+++ b/src/test/test-fileio.c
|
||||
@@ -663,21 +663,17 @@ static void test_tempfn(void) {
|
||||
free(ret);
|
||||
}
|
||||
|
||||
-static void test_read_line(void) {
|
||||
- _cleanup_fclose_ FILE *f = NULL;
|
||||
+static const char buffer[] =
|
||||
+ "Some test data\n"
|
||||
+ "With newlines, and a NUL byte\0"
|
||||
+ "\n"
|
||||
+ "an empty line\n"
|
||||
+ "an ignored line\n"
|
||||
+ "and a very long line that is supposed to be truncated, because it is so long\n";
|
||||
+
|
||||
+static void test_read_line_one_file(FILE *f) {
|
||||
_cleanup_free_ char *line = NULL;
|
||||
|
||||
- char buffer[] =
|
||||
- "Some test data\n"
|
||||
- "With newlines, and a NUL byte\0"
|
||||
- "\n"
|
||||
- "an empty line\n"
|
||||
- "an ignored line\n"
|
||||
- "and a very long line that is supposed to be truncated, because it is so long\n";
|
||||
-
|
||||
- f = fmemopen(buffer, sizeof(buffer), "re");
|
||||
- assert_se(f);
|
||||
-
|
||||
assert_se(read_line(f, (size_t) -1, &line) == 15 && streq(line, "Some test data"));
|
||||
line = mfree(line);
|
||||
|
||||
@@ -706,6 +702,46 @@ static void test_read_line(void) {
|
||||
assert_se(read_line(f, 1024, &line) == 0 && streq(line, ""));
|
||||
}
|
||||
|
||||
+static void test_read_line(void) {
|
||||
+ _cleanup_fclose_ FILE *f = NULL;
|
||||
+ _cleanup_free_ char *line = NULL;
|
||||
+
|
||||
+ f = fmemopen((void*) buffer, sizeof(buffer), "re");
|
||||
+ assert_se(f);
|
||||
+
|
||||
+ test_read_line_one_file(f);
|
||||
+}
|
||||
+
|
||||
+static void test_read_line2(void) {
|
||||
+ char name[] = "/tmp/test-fileio.XXXXXX";
|
||||
+ int fd;
|
||||
+ _cleanup_fclose_ FILE *f = NULL;
|
||||
+
|
||||
+ fd = mkostemp_safe(name);
|
||||
+ assert_se(fd >= 0);
|
||||
+ assert_se((size_t) write(fd, buffer, sizeof(buffer)) == sizeof(buffer));
|
||||
+
|
||||
+ assert_se(lseek(fd, 0, SEEK_SET) == 0);
|
||||
+ assert_se(f = fdopen(fd, "r"));
|
||||
+
|
||||
+ test_read_line_one_file(f);
|
||||
+}
|
||||
+
|
||||
+static void test_read_line3(void) {
|
||||
+ _cleanup_fclose_ FILE *f = NULL;
|
||||
+ _cleanup_free_ char *line = NULL;
|
||||
+ int r;
|
||||
+
|
||||
+ f = fopen("/proc/cmdline", "re");
|
||||
+ if (!f && IN_SET(errno, ENOENT, EPERM))
|
||||
+ return;
|
||||
+ assert_se(f);
|
||||
+
|
||||
+ r = read_line(f, LINE_MAX, &line);
|
||||
+ assert_se((size_t) r == strlen(line) + 1);
|
||||
+ assert_se(read_line(f, LINE_MAX, NULL) == 0);
|
||||
+}
|
||||
+
|
||||
int main(int argc, char *argv[]) {
|
||||
log_set_max_level(LOG_DEBUG);
|
||||
log_parse_environment();
|
||||
@@ -728,6 +764,8 @@ int main(int argc, char *argv[]) {
|
||||
test_writing_tmpfile();
|
||||
test_tempfn();
|
||||
test_read_line();
|
||||
+ test_read_line2();
|
||||
+ test_read_line3();
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,34 @@
|
|||
From 32c49980110767e0ff013c0235e5e9a6bc2f3c31 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sun, 24 Sep 2017 14:27:21 +0200
|
||||
Subject: [PATCH] fileio: return 0 from read_one_line_file on success
|
||||
|
||||
Fixup for f4b51a2d09. Suggested by Evgeny Vereshchagin.
|
||||
|
||||
(cherry picked from commit 2e33df93dee35af986683d1226f93e0f9659de5d)
|
||||
---
|
||||
src/basic/fileio.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
|
||||
index 36cb0edaf4..9d56b7ccbc 100644
|
||||
--- a/src/basic/fileio.c
|
||||
+++ b/src/basic/fileio.c
|
||||
@@ -164,6 +164,7 @@ fail:
|
||||
|
||||
int read_one_line_file(const char *fn, char **line) {
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
+ int r;
|
||||
|
||||
assert(fn);
|
||||
assert(line);
|
||||
@@ -172,7 +173,8 @@ int read_one_line_file(const char *fn, char **line) {
|
||||
if (!f)
|
||||
return -errno;
|
||||
|
||||
- return read_line(f, LONG_LINE_MAX, line);
|
||||
+ r = read_line(f, LONG_LINE_MAX, line);
|
||||
+ return r < 0 ? r : 0;
|
||||
}
|
||||
|
||||
int verify_file(const char *fn, const char *blob, bool accept_extra_nl) {
|
|
@ -0,0 +1,25 @@
|
|||
From 3c2e58887a5d9282670b3e41b6e584367a2bda18 Mon Sep 17 00:00:00 2001
|
||||
From: Jonathan Lebon <jlebon@users.noreply.github.com>
|
||||
Date: Mon, 25 Sep 2017 15:56:57 -0400
|
||||
Subject: [PATCH] string-util: use size_t for strjoina macro (#6914)
|
||||
|
||||
`strlen` returns a `size_t` and `alloca` expects a `size_t`.
|
||||
|
||||
(cherry picked from commit 35207e259ef44f62faf71acc4bbc7d43311a4583)
|
||||
---
|
||||
src/basic/string-util.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/basic/string-util.h b/src/basic/string-util.h
|
||||
index be44dedff4..f8dde61549 100644
|
||||
--- a/src/basic/string-util.h
|
||||
+++ b/src/basic/string-util.h
|
||||
@@ -120,7 +120,7 @@ char *strjoin_real(const char *x, ...) _sentinel_;
|
||||
({ \
|
||||
const char *_appendees_[] = { a, __VA_ARGS__ }; \
|
||||
char *_d_, *_p_; \
|
||||
- int _len_ = 0; \
|
||||
+ size_t _len_ = 0; \
|
||||
unsigned _i_; \
|
||||
for (_i_ = 0; _i_ < ELEMENTSOF(_appendees_) && _appendees_[_i_]; _i_++) \
|
||||
_len_ += strlen(_appendees_[_i_]); \
|
|
@ -0,0 +1,22 @@
|
|||
From 63fe668593009a59cc2670d78974fccacb245c61 Mon Sep 17 00:00:00 2001
|
||||
From: Lennart Poettering <lennart@poettering.net>
|
||||
Date: Fri, 29 Sep 2017 14:36:06 +0200
|
||||
Subject: [PATCH] mount-util: add fusectl to list of API VFS
|
||||
|
||||
(cherry picked from commit 7941e2189bf0a2118d4ad1fcf5ff2da534c3b67d)
|
||||
---
|
||||
src/basic/mount-util.c | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/basic/mount-util.c b/src/basic/mount-util.c
|
||||
index cff44116c8..a13f12096c 100644
|
||||
--- a/src/basic/mount-util.c
|
||||
+++ b/src/basic/mount-util.c
|
||||
@@ -564,6 +564,7 @@ bool fstype_is_api_vfs(const char *fstype) {
|
||||
"devpts\0"
|
||||
"devtmpfs\0"
|
||||
"efivarfs\0"
|
||||
+ "fusectl\0"
|
||||
"hugetlbfs\0"
|
||||
"mqueue\0"
|
||||
"proc\0"
|
|
@ -0,0 +1,47 @@
|
|||
From a1bf52c278196d4bc8d419afeb6507c48e5fd461 Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Mon, 25 Sep 2017 11:38:08 +0100
|
||||
Subject: [PATCH] units: do not kill rescue shell when machines.target is
|
||||
started
|
||||
|
||||
The original aim of this commit is that starting machines.target from the
|
||||
rescue shell would not kill the rescue shell and lock you out of the
|
||||
system.
|
||||
|
||||
This is similar to commit 6579a622, for the conflict between
|
||||
sysinit.target and the _emergency_ shell. That particular commit
|
||||
introduced an ordering cycle and will need to be reverted and/or
|
||||
fixed. This one does not, because it does not need to introduce any new
|
||||
dependencies.
|
||||
|
||||
The reason why this commit is allowable also has it's own merit:
|
||||
|
||||
machines.target was not marked as AllowIsolate. Also, the point of
|
||||
containers is to not escape them... I don't think we want to promote
|
||||
machines.target as a default target or similar; you would generally want
|
||||
some system service to allow you to shut down the machine, for example. I
|
||||
don't see this approach used in CoreOS, nor in Fedora Atomic Host; we are
|
||||
missing any positive examples of its utility.
|
||||
|
||||
Requires=basic.target / After=basic.target can be removed for the same
|
||||
reason.
|
||||
|
||||
(cherry picked from commit a3b22cc5962efef2f4cd57d49f59a67e0617e9e0)
|
||||
---
|
||||
units/machines.target | 3 ---
|
||||
1 file changed, 3 deletions(-)
|
||||
|
||||
diff --git a/units/machines.target b/units/machines.target
|
||||
index 99618a19f7..e07b0bb6ae 100644
|
||||
--- a/units/machines.target
|
||||
+++ b/units/machines.target
|
||||
@@ -8,9 +8,6 @@
|
||||
[Unit]
|
||||
Description=Containers
|
||||
Documentation=man:systemd.special(7)
|
||||
-Requires=basic.target
|
||||
-Conflicts=rescue.service rescue.target
|
||||
-After=basic.target rescue.service rescue.target
|
||||
Before=multi-user.target
|
||||
|
||||
[Install]
|
|
@ -0,0 +1,62 @@
|
|||
From cbe2db129832eb71c03857a0029c1ff8dea27a45 Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Fri, 29 Sep 2017 17:20:31 +0100
|
||||
Subject: [PATCH] units: express Conflict in syslog.socket instead of
|
||||
emergency.service
|
||||
|
||||
Note this commit only changes how the code is expressed; it does not change
|
||||
the existence of any dependency.
|
||||
|
||||
The `Conflicts=` was added in 3136ec90, "Stop syslog.socket when entering
|
||||
emergency mode". The discussion in the issue #266 raised concerns that
|
||||
this might be needed for other units, but failed to point out why
|
||||
syslog.socket is special. The reason is that syslog.socket has
|
||||
DefaultDepedencies=no, so it does not get Requires=sysinit.target like
|
||||
other socket units do. But syslog.service does require sysinit.target,
|
||||
among other things.
|
||||
|
||||
We don't have many socket, path, or timer units with
|
||||
DefaultDependencies=no, and I don't think any of the triggered services
|
||||
have such additional hard dependencies as syslog.service does.
|
||||
|
||||
It is much less confusing if we keep this `Conflicts=` in the same file as
|
||||
the `DefaultDependencies=no` which made it necessary.
|
||||
|
||||
(cherry picked from commit 950d8fcdd9aa7e71ad32ea224e7d6fbe0f9f53de)
|
||||
---
|
||||
units/emergency.service.in | 1 -
|
||||
units/syslog.socket | 6 +++++-
|
||||
2 files changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/units/emergency.service.in b/units/emergency.service.in
|
||||
index e9eb238b98..8768fe137e 100644
|
||||
--- a/units/emergency.service.in
|
||||
+++ b/units/emergency.service.in
|
||||
@@ -11,7 +11,6 @@ Documentation=man:sulogin(8)
|
||||
DefaultDependencies=no
|
||||
Conflicts=shutdown.target
|
||||
Conflicts=rescue.service
|
||||
-Conflicts=syslog.socket
|
||||
Before=shutdown.target
|
||||
|
||||
[Service]
|
||||
diff --git a/units/syslog.socket b/units/syslog.socket
|
||||
index d3987cb9a8..372e8fcd45 100644
|
||||
--- a/units/syslog.socket
|
||||
+++ b/units/syslog.socket
|
||||
@@ -10,10 +10,14 @@ Description=Syslog Socket
|
||||
Documentation=man:systemd.special(7)
|
||||
Documentation=https://www.freedesktop.org/wiki/Software/systemd/syslog
|
||||
DefaultDependencies=no
|
||||
-Before=sockets.target shutdown.target
|
||||
+Before=sockets.target
|
||||
|
||||
# Don't allow logging until the very end
|
||||
Conflicts=shutdown.target
|
||||
+Before=shutdown.target
|
||||
+
|
||||
+# Don't try to activate syslog.service if sysinit.target has failed.
|
||||
+Conflicts=emergency.service
|
||||
|
||||
[Socket]
|
||||
ListenDatagram=/run/systemd/journal/syslog
|
|
@ -0,0 +1,45 @@
|
|||
From 7533ad492b3c7e9fd3901ab948eb6a030761ce2f Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Mon, 25 Sep 2017 11:45:03 +0100
|
||||
Subject: [PATCH] units: add missing ordering deps for Conflicts= of
|
||||
emergency.service
|
||||
|
||||
1. If we exited emergency mode immediately, we don't want to have an
|
||||
irreversible stop job still running for syslog.socket. I _suspect_ that
|
||||
can't happen, but let's not waste effort working out exactly why it's
|
||||
impossible and not just very improbable.
|
||||
|
||||
2. Similarly, it seems undesirable to have rescue.service and
|
||||
emergency.service both running with an open FD of /dev/console, for
|
||||
however short a period.
|
||||
|
||||
(cherry picked from commit 6f6d1a8a6abae490e14e6a448895e36c6cefdefc)
|
||||
---
|
||||
units/emergency.service.in | 1 +
|
||||
units/syslog.socket | 1 +
|
||||
2 files changed, 2 insertions(+)
|
||||
|
||||
diff --git a/units/emergency.service.in b/units/emergency.service.in
|
||||
index 8768fe137e..27c9a1c23e 100644
|
||||
--- a/units/emergency.service.in
|
||||
+++ b/units/emergency.service.in
|
||||
@@ -12,6 +12,7 @@ DefaultDependencies=no
|
||||
Conflicts=shutdown.target
|
||||
Conflicts=rescue.service
|
||||
Before=shutdown.target
|
||||
+Before=rescue.service
|
||||
|
||||
[Service]
|
||||
Environment=HOME=/root
|
||||
diff --git a/units/syslog.socket b/units/syslog.socket
|
||||
index 372e8fcd45..43981904ea 100644
|
||||
--- a/units/syslog.socket
|
||||
+++ b/units/syslog.socket
|
||||
@@ -18,6 +18,7 @@ Before=shutdown.target
|
||||
|
||||
# Don't try to activate syslog.service if sysinit.target has failed.
|
||||
Conflicts=emergency.service
|
||||
+Before=emergency.service
|
||||
|
||||
[Socket]
|
||||
ListenDatagram=/run/systemd/journal/syslog
|
|
@ -0,0 +1,55 @@
|
|||
From ae3540d2387f24f3620ac1cd03dc952df654264b Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Mon, 25 Sep 2017 12:10:38 +0100
|
||||
Subject: [PATCH] units: add missing Before=shutdown.target for units which it
|
||||
Conflicts
|
||||
|
||||
There's a few services missing this ordering.
|
||||
|
||||
Also remove a duplicate Conflicts=shutdown.target from
|
||||
systemd-volatile-root.service.
|
||||
|
||||
(cherry picked from commit 0b9ad5bf2ec09e963f706fdba498d99f29f97a54)
|
||||
---
|
||||
units/system-update-cleanup.service.in | 1 +
|
||||
units/systemd-networkd-wait-online.service.in | 2 +-
|
||||
units/systemd-volatile-root.service.in | 1 -
|
||||
3 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/units/system-update-cleanup.service.in b/units/system-update-cleanup.service.in
|
||||
index 116be8bc2d..dc524da7a3 100644
|
||||
--- a/units/system-update-cleanup.service.in
|
||||
+++ b/units/system-update-cleanup.service.in
|
||||
@@ -11,6 +11,7 @@ Documentation=man:systemd.special(5) man:systemd.offline-updates(7)
|
||||
After=system-update.target
|
||||
DefaultDependencies=no
|
||||
Conflicts=shutdown.target
|
||||
+Before=shutdown.target
|
||||
|
||||
# system-update-generator uses laccess("/system-update"), while a plain
|
||||
# ConditionPathExists=/system-update uses access("/system-update"), so
|
||||
diff --git a/units/systemd-networkd-wait-online.service.in b/units/systemd-networkd-wait-online.service.in
|
||||
index a84e91906d..89ca865b55 100644
|
||||
--- a/units/systemd-networkd-wait-online.service.in
|
||||
+++ b/units/systemd-networkd-wait-online.service.in
|
||||
@@ -12,7 +12,7 @@ DefaultDependencies=no
|
||||
Conflicts=shutdown.target
|
||||
Requires=systemd-networkd.service
|
||||
After=systemd-networkd.service
|
||||
-Before=network-online.target
|
||||
+Before=network-online.target shutdown.target
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
diff --git a/units/systemd-volatile-root.service.in b/units/systemd-volatile-root.service.in
|
||||
index cc4e604e4c..c5a4ca3c27 100644
|
||||
--- a/units/systemd-volatile-root.service.in
|
||||
+++ b/units/systemd-volatile-root.service.in
|
||||
@@ -12,7 +12,6 @@ DefaultDependencies=no
|
||||
Conflicts=shutdown.target
|
||||
After=sysroot.mount
|
||||
Before=initrd-root-fs.target shutdown.target
|
||||
-Conflicts=shutdown.target
|
||||
AssertPathExists=/etc/initrd-release
|
||||
|
||||
[Service]
|
|
@ -0,0 +1,26 @@
|
|||
From 0854289230b44c44e2c312f50be24c2c286dc90f Mon Sep 17 00:00:00 2001
|
||||
From: Alan Jenkins <alan.christopher.jenkins@gmail.com>
|
||||
Date: Mon, 25 Sep 2017 12:46:32 +0100
|
||||
Subject: [PATCH] units: DefaultDependencies already implies conflict with
|
||||
shutdown.target
|
||||
|
||||
(and system-update.target does not have DefaultDependencies=no)
|
||||
|
||||
(cherry picked from commit 2d4b910383c6c14b3720e26cca11c223ad868d9d)
|
||||
---
|
||||
units/system-update.target | 2 --
|
||||
1 file changed, 2 deletions(-)
|
||||
|
||||
diff --git a/units/system-update.target b/units/system-update.target
|
||||
index 3542879706..b95639a876 100644
|
||||
--- a/units/system-update.target
|
||||
+++ b/units/system-update.target
|
||||
@@ -10,8 +10,6 @@ Description=Offline System Update
|
||||
Documentation=man:systemd.offline-updates(7)
|
||||
Documentation=man:systemd.special(7) man:systemd-system-update-generator(8)
|
||||
Requires=sysinit.target
|
||||
-Conflicts=shutdown.target
|
||||
After=sysinit.target
|
||||
-Before=shutdown.target
|
||||
AllowIsolate=yes
|
||||
Wants=system-update-cleanup.service
|
|
@ -0,0 +1,26 @@
|
|||
From 2dcc7e34ae37e1a8f3af9ed91329b9cb9afd3e65 Mon Sep 17 00:00:00 2001
|
||||
From: John Lin <johnlinp@gmail.com>
|
||||
Date: Thu, 12 Oct 2017 02:22:51 +0800
|
||||
Subject: [PATCH] systemctl: supress enable/disable messages when -q is given
|
||||
(#7067)
|
||||
|
||||
Fixes: #7036
|
||||
(cherry picked from commit 35d379b2e8b92388a73f245e5cfcaa7e7371e8a7)
|
||||
(cherry picked from commit 6c5ff1d86e7e54f460599e92abbb4a5327e6a6db)
|
||||
---
|
||||
src/shared/bus-unit-util.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
|
||||
index 5cbe663fa8..1e6cd05054 100644
|
||||
--- a/src/shared/bus-unit-util.c
|
||||
+++ b/src/shared/bus-unit-util.c
|
||||
@@ -1071,7 +1071,7 @@ int bus_deserialize_and_dump_unit_file_changes(sd_bus_message *m, bool quiet, Un
|
||||
if (r < 0)
|
||||
return bus_log_parse_error(r);
|
||||
|
||||
- unit_file_dump_changes(0, NULL, *changes, *n_changes, false);
|
||||
+ unit_file_dump_changes(0, NULL, *changes, *n_changes, quiet);
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -0,0 +1,64 @@
|
|||
From 91545520e9e0313302b1c1391a691e567f7b41dd Mon Sep 17 00:00:00 2001
|
||||
From: Lubomir Rintel <lkundrak@v3.sk>
|
||||
Date: Wed, 11 Oct 2017 09:29:30 +0200
|
||||
Subject: [PATCH] basic/env-util: drop the validation when deserializing
|
||||
environment
|
||||
|
||||
The environment variables we've serialized can quite possibly contain
|
||||
characters outside the set allowed by env_assignment_is_valid(). In
|
||||
fact, my environment seems to contain a couple of these:
|
||||
|
||||
* TERMCAP set by screen contains a '\x7f' character
|
||||
* BASH_FUNC_module%% variable has a '%' character in name
|
||||
|
||||
Strict check of environment variables name and value certainly makes sense for
|
||||
unit files, but not so much for deserialization of values we already had
|
||||
in our environment.
|
||||
|
||||
(cherry picked from commit ea43bdd1d7c14e3695a4cc081e4ef4f964160dc1)
|
||||
(cherry picked from commit cdc2ef6ba88210264f00997e7c99b7f3339c629e)
|
||||
---
|
||||
src/basic/env-util.c | 5 -----
|
||||
src/test/test-env-util.c | 5 +++--
|
||||
2 files changed, 3 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/src/basic/env-util.c b/src/basic/env-util.c
|
||||
index 56e7b6fd8c..7c271973a3 100644
|
||||
--- a/src/basic/env-util.c
|
||||
+++ b/src/basic/env-util.c
|
||||
@@ -799,10 +799,5 @@ int deserialize_environment(char ***environment, const char *line) {
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
- if (!env_assignment_is_valid(uce)) {
|
||||
- free(uce);
|
||||
- return -EINVAL;
|
||||
- }
|
||||
-
|
||||
return strv_env_replace(environment, uce);
|
||||
}
|
||||
diff --git a/src/test/test-env-util.c b/src/test/test-env-util.c
|
||||
index 3a2492dc6f..b14d62760f 100644
|
||||
--- a/src/test/test-env-util.c
|
||||
+++ b/src/test/test-env-util.c
|
||||
@@ -319,10 +319,10 @@ static void test_env_assignment_is_valid(void) {
|
||||
static void test_deserialize_environment(void) {
|
||||
_cleanup_strv_free_ char **env = strv_new("A=1", NULL);
|
||||
|
||||
- assert_se(deserialize_environment(&env, "env=test") < 0);
|
||||
assert_se(deserialize_environment(&env, "env=B=2") >= 0);
|
||||
+ assert_se(deserialize_environment(&env, "env=FOO%%=a\\177b\\nc\\td e") >= 0);
|
||||
|
||||
- assert_se(strv_equal(env, STRV_MAKE("A=1", "B=2")));
|
||||
+ assert_se(strv_equal(env, STRV_MAKE("A=1", "B=2", "FOO%%=a\177b\nc\td e")));
|
||||
}
|
||||
|
||||
static void test_serialize_environment(void) {
|
||||
@@ -334,6 +334,7 @@ static void test_serialize_environment(void) {
|
||||
"B=2",
|
||||
"C=ąęółń",
|
||||
"D=D=a\\x0Ab",
|
||||
+ "FOO%%=a\177b\nc\td e",
|
||||
NULL);
|
||||
_cleanup_strv_free_ char **env2 = NULL;
|
||||
|
|
@ -0,0 +1,42 @@
|
|||
From 24ee53d5b566b12c8c5be026b55bb8e48c1ca19f Mon Sep 17 00:00:00 2001
|
||||
From: Lubomir Rintel <lkundrak@v3.sk>
|
||||
Date: Wed, 11 Oct 2017 15:05:38 +0200
|
||||
Subject: [PATCH] basic/env-util: don't relax unesaping of serialized
|
||||
environment strings
|
||||
|
||||
We wrote them ourselves -- they shouldn't contain invalid sequences.
|
||||
|
||||
(cherry picked from commit c7d797bbdfaccd950988698823e17103f418a3c5)
|
||||
(cherry picked from commit 1ff2852a188de9235a293a347683c4c012708fe8)
|
||||
---
|
||||
src/basic/env-util.c | 2 +-
|
||||
src/test/test-env-util.c | 3 +++
|
||||
2 files changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/basic/env-util.c b/src/basic/env-util.c
|
||||
index 7c271973a3..f629a1fc37 100644
|
||||
--- a/src/basic/env-util.c
|
||||
+++ b/src/basic/env-util.c
|
||||
@@ -795,7 +795,7 @@ int deserialize_environment(char ***environment, const char *line) {
|
||||
assert(environment);
|
||||
|
||||
assert(startswith(line, "env="));
|
||||
- r = cunescape(line + 4, UNESCAPE_RELAX, &uce);
|
||||
+ r = cunescape(line + 4, 0, &uce);
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
diff --git a/src/test/test-env-util.c b/src/test/test-env-util.c
|
||||
index b14d62760f..a76f691b79 100644
|
||||
--- a/src/test/test-env-util.c
|
||||
+++ b/src/test/test-env-util.c
|
||||
@@ -323,6 +323,9 @@ static void test_deserialize_environment(void) {
|
||||
assert_se(deserialize_environment(&env, "env=FOO%%=a\\177b\\nc\\td e") >= 0);
|
||||
|
||||
assert_se(strv_equal(env, STRV_MAKE("A=1", "B=2", "FOO%%=a\177b\nc\td e")));
|
||||
+
|
||||
+ assert_se(deserialize_environment(&env, "env=foo\\") < 0);
|
||||
+ assert_se(deserialize_environment(&env, "env=bar\\_baz") < 0);
|
||||
}
|
||||
|
||||
static void test_serialize_environment(void) {
|
|
@ -0,0 +1,34 @@
|
|||
From ee8f87bc3433035652b053211b44c485eb81d72b Mon Sep 17 00:00:00 2001
|
||||
From: Susant Sahani <145210+ssahani@users.noreply.github.com>
|
||||
Date: Wed, 18 Oct 2017 14:42:59 +0530
|
||||
Subject: [PATCH] networkd: Consider linkLocalAddressing state while
|
||||
configuring ndisc. (#7012)
|
||||
|
||||
If linkLocalAddressing is disabled in for the interface still then
|
||||
we look for ndisc configured or not in link_check_ready.
|
||||
|
||||
Link local is used automatic address configuration and neighbor discovery protocol.
|
||||
If link local is disabled we should not configure ndisc.
|
||||
|
||||
Fixes #2713, #6441, #5841.
|
||||
|
||||
(cherry picked from commit 702c979fefc6d3e69c5982b8469ec8a47792d62f)
|
||||
(cherry picked from commit 610f5ddb3c4ae3b08ddb1334bbdcbcf7799f091f)
|
||||
---
|
||||
src/network/networkd-link.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
|
||||
index 4c57fa1793..d8b13be381 100644
|
||||
--- a/src/network/networkd-link.c
|
||||
+++ b/src/network/networkd-link.c
|
||||
@@ -225,6 +225,9 @@ static bool link_ipv6_accept_ra_enabled(Link *link) {
|
||||
if (!link->network)
|
||||
return false;
|
||||
|
||||
+ if (!link_ipv6ll_enabled(link))
|
||||
+ return false;
|
||||
+
|
||||
/* If unset use system default (enabled if local forwarding is disabled.
|
||||
* disabled if local forwarding is enabled).
|
||||
* If set, ignore or enforce RA independent of local forwarding state.
|
|
@ -0,0 +1,38 @@
|
|||
From ace9b102d1977c7776cb185f29aa6b6814897939 Mon Sep 17 00:00:00 2001
|
||||
From: Susant Sahani <145210+ssahani@users.noreply.github.com>
|
||||
Date: Wed, 18 Oct 2017 16:08:56 +0530
|
||||
Subject: [PATCH] networkd: don't stop the dhcp server if it's not configured.
|
||||
(#7083)
|
||||
|
||||
we call sd_dhcp_server_stop even if it's not configured when link is
|
||||
down resulting unwanted logs.
|
||||
```
|
||||
Oct 10 13:41:07 nena systemd-networkd[126]: eth0: Lost carrier
|
||||
Oct 10 13:41:07 nena systemd-networkd[126]: DHCP CLIENT (0x560f2dc5): STOPPED
|
||||
Oct 10 13:41:07 nena systemd-networkd[126]: eth0: DHCP lease lost
|
||||
Oct 10 13:41:07 nena systemd-networkd[126]: NDISC: Stopping IPv6 Router Solicitation client
|
||||
Oct 10 13:41:07 nena systemd-networkd[126]: Assertion 'server' failed at ../src/libsystemd-network/sd-dhcp-server.c:256, function sd_dhcp_server_stop(). Ignoring.
|
||||
```
|
||||
|
||||
fixes #7047
|
||||
|
||||
(cherry picked from commit 28464ae0e21e7b9dfea7b733f9470091b2480a9a)
|
||||
(cherry picked from commit 14d3f593b115fb46361e5dab4de0bead8451ca27)
|
||||
---
|
||||
src/network/networkd-link.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
|
||||
index d8b13be381..fd6106c13d 100644
|
||||
--- a/src/network/networkd-link.c
|
||||
+++ b/src/network/networkd-link.c
|
||||
@@ -3063,7 +3063,8 @@ static int link_carrier_lost(Link *link) {
|
||||
return r;
|
||||
}
|
||||
|
||||
- (void) sd_dhcp_server_stop(link->dhcp_server);
|
||||
+ if (link_dhcp4_server_enabled(link))
|
||||
+ (void) sd_dhcp_server_stop(link->dhcp_server);
|
||||
|
||||
r = link_drop_config(link);
|
||||
if (r < 0)
|
|
@ -0,0 +1,32 @@
|
|||
From 02b8ffe180bc10370a172e8272499648f396fed7 Mon Sep 17 00:00:00 2001
|
||||
From: myrkr <torsten.hilbrich@gmx.net>
|
||||
Date: Tue, 24 Oct 2017 09:56:40 +0200
|
||||
Subject: [PATCH] nspawn: Fix calculation of capabilities for configuration
|
||||
file (#7087)
|
||||
|
||||
The current code shifting an integer 1 failed for capabilities like
|
||||
CAP_MAC_ADMIN (numerical value 33). This caused issues when specifying
|
||||
them in the nspawn configuration file. Using an uint64_t 1 instead.
|
||||
|
||||
The similar code for processing the --capability command line option
|
||||
was already correctly working.
|
||||
|
||||
(cherry picked from commit 1898e5f9a37d1a50f8c0bd1147abe11c3d38a16b)
|
||||
(cherry picked from commit b4c63693634d3a56a1afe22dd59c63a7e8fe99f8)
|
||||
---
|
||||
src/nspawn/nspawn-settings.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/nspawn/nspawn-settings.c b/src/nspawn/nspawn-settings.c
|
||||
index 5217d10665..19bc8ba4b8 100644
|
||||
--- a/src/nspawn/nspawn-settings.c
|
||||
+++ b/src/nspawn/nspawn-settings.c
|
||||
@@ -200,7 +200,7 @@ int config_parse_capability(
|
||||
continue;
|
||||
}
|
||||
|
||||
- u |= 1 << ((uint64_t) cap);
|
||||
+ u |= UINT64_C(1) << cap;
|
||||
}
|
||||
|
||||
if (u == 0)
|
|
@ -0,0 +1,120 @@
|
|||
From f720fbe4564bb322847a34a930e124bab2aac8b3 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Wed, 18 Oct 2017 16:15:09 +0200
|
||||
Subject: [PATCH] timedatectl: stop using xstrftime
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
When using strftime in arbitrary locales, we cannot really say how big the
|
||||
buffer should be. Let's make the buffer "large", which will work fine pretty
|
||||
much always, and just print n/a if the timestamp does not fit. strftime returns
|
||||
0 if the buffer is too small and a NUL-terminated string otherwise, so we
|
||||
can drop the size specifications in string formatting.
|
||||
|
||||
$ export LANG=fa_IR.UTF-8
|
||||
$ date
|
||||
چهارشنبه ۱۸ اكتبر ۱۷، ساعت ۱۰:۵۴:۲۴ (+0330)
|
||||
$ timedatectl
|
||||
Assertion 'xstrftime: a[] must be big enough' failed at ../src/timedate/timedatectl.c:105, function print_status_info(). Aborting.
|
||||
|
||||
now:
|
||||
|
||||
$ timedatectl
|
||||
Local time: چهارشنبه 2017-10-18 16:29:40 CEST
|
||||
Universal time: چهارشنبه 2017-10-18 14:29:40 UTC
|
||||
RTC time: چهارشنبه 2017-10-18 14:29:40
|
||||
…
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1503452
|
||||
(cherry picked from commit 14ce0c25c28ba58e80084e28b4f23884199900e4)
|
||||
(cherry picked from commit b3e823e43c45b6233405d62e5f095c11130e638f)
|
||||
---
|
||||
src/basic/time-util.h | 4 ----
|
||||
src/timedate/timedatectl.c | 27 ++++++++++++++-------------
|
||||
2 files changed, 14 insertions(+), 17 deletions(-)
|
||||
|
||||
diff --git a/src/basic/time-util.h b/src/basic/time-util.h
|
||||
index 3b7f0e99c0..73f7e40066 100644
|
||||
--- a/src/basic/time-util.h
|
||||
+++ b/src/basic/time-util.h
|
||||
@@ -148,10 +148,6 @@ clockid_t clock_boottime_or_monotonic(void);
|
||||
|
||||
usec_t usec_shift_clock(usec_t, clockid_t from, clockid_t to);
|
||||
|
||||
-#define xstrftime(buf, fmt, tm) \
|
||||
- assert_message_se(strftime(buf, ELEMENTSOF(buf), fmt, tm) > 0, \
|
||||
- "xstrftime: " #buf "[] must be big enough")
|
||||
-
|
||||
int get_timezone(char **timezone);
|
||||
|
||||
time_t mktime_or_timegm(struct tm *tm, bool utc);
|
||||
diff --git a/src/timedate/timedatectl.c b/src/timedate/timedatectl.c
|
||||
index 281b1534a3..2a011208ce 100644
|
||||
--- a/src/timedate/timedatectl.c
|
||||
+++ b/src/timedate/timedatectl.c
|
||||
@@ -72,12 +72,13 @@ static void status_info_clear(StatusInfo *info) {
|
||||
}
|
||||
|
||||
static void print_status_info(const StatusInfo *i) {
|
||||
- char a[FORMAT_TIMESTAMP_MAX];
|
||||
+ char a[LINE_MAX];
|
||||
struct tm tm;
|
||||
time_t sec;
|
||||
bool have_time = false;
|
||||
const char *old_tz = NULL, *tz;
|
||||
int r;
|
||||
+ size_t n;
|
||||
|
||||
assert(i);
|
||||
|
||||
@@ -102,11 +103,11 @@ static void print_status_info(const StatusInfo *i) {
|
||||
log_warning("Could not get time from timedated and not operating locally, ignoring.");
|
||||
|
||||
if (have_time) {
|
||||
- xstrftime(a, "%a %Y-%m-%d %H:%M:%S %Z", localtime_r(&sec, &tm));
|
||||
- printf(" Local time: %.*s\n", (int) sizeof(a), a);
|
||||
+ n = strftime(a, sizeof a, "%a %Y-%m-%d %H:%M:%S %Z", localtime_r(&sec, &tm));
|
||||
+ printf(" Local time: %s\n", n > 0 ? a : "n/a");
|
||||
|
||||
- xstrftime(a, "%a %Y-%m-%d %H:%M:%S UTC", gmtime_r(&sec, &tm));
|
||||
- printf(" Universal time: %.*s\n", (int) sizeof(a), a);
|
||||
+ n = strftime(a, sizeof a, "%a %Y-%m-%d %H:%M:%S UTC", gmtime_r(&sec, &tm));
|
||||
+ printf(" Universal time: %s\n", n > 0 ? a : "n/a");
|
||||
} else {
|
||||
printf(" Local time: %s\n", "n/a");
|
||||
printf(" Universal time: %s\n", "n/a");
|
||||
@@ -116,13 +117,13 @@ static void print_status_info(const StatusInfo *i) {
|
||||
time_t rtc_sec;
|
||||
|
||||
rtc_sec = (time_t) (i->rtc_time / USEC_PER_SEC);
|
||||
- xstrftime(a, "%a %Y-%m-%d %H:%M:%S", gmtime_r(&rtc_sec, &tm));
|
||||
- printf(" RTC time: %.*s\n", (int) sizeof(a), a);
|
||||
+ n = strftime(a, sizeof a, "%a %Y-%m-%d %H:%M:%S", gmtime_r(&rtc_sec, &tm));
|
||||
+ printf(" RTC time: %s\n", n > 0 ? a : "n/a");
|
||||
} else
|
||||
printf(" RTC time: %s\n", "n/a");
|
||||
|
||||
if (have_time)
|
||||
- xstrftime(a, "%Z, %z", localtime_r(&sec, &tm));
|
||||
+ n = strftime(a, sizeof a, "%Z, %z", localtime_r(&sec, &tm));
|
||||
|
||||
/* Restore the $TZ */
|
||||
if (old_tz)
|
||||
@@ -134,11 +135,11 @@ static void print_status_info(const StatusInfo *i) {
|
||||
else
|
||||
tzset();
|
||||
|
||||
- printf(" Time zone: %s (%.*s)\n"
|
||||
- " Network time on: %s\n"
|
||||
- "NTP synchronized: %s\n"
|
||||
- " RTC in local TZ: %s\n",
|
||||
- strna(i->timezone), (int) sizeof(a), have_time ? a : "n/a",
|
||||
+ printf(" Time zone: %s (%s)\n"
|
||||
+ " System clock synchronized: %s\n"
|
||||
+ "systemd-timesyncd.service active: %s\n"
|
||||
+ " RTC in local TZ: %s\n",
|
||||
+ strna(i->timezone), have_time && n > 0 ? a : "n/a",
|
||||
i->ntp_capable ? yes_no(i->ntp_enabled) : "n/a",
|
||||
yes_no(i->ntp_synced),
|
||||
yes_no(i->rtc_local));
|
|
@ -0,0 +1,38 @@
|
|||
From d6ac00972a031eda491a354bf3e2a6c9a7f2b553 Mon Sep 17 00:00:00 2001
|
||||
From: Lauri Tirkkonen <lotheac@iki.fi>
|
||||
Date: Tue, 24 Oct 2017 20:40:50 +0300
|
||||
Subject: [PATCH] nspawn: EROFS for chowning mount points is not fatal (#7122)
|
||||
|
||||
This fixes --read-only with --private-users. mkdir_userns_p may return
|
||||
-EROFS if either mkdir or lchown fails; lchown failing is fine as the
|
||||
mount point will just be overmounted, and if mkdir fails then the
|
||||
following mount() will also fail (with ENOENT).
|
||||
|
||||
(cherry picked from commit 4f13e534282414b5e58ef31a26cc5c3f06f8cb18)
|
||||
(cherry picked from commit 1b7014dfc1584d1f3b10eb91c4f22e0deaca999d)
|
||||
---
|
||||
src/nspawn/nspawn-mount.c | 8 ++++++--
|
||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/nspawn/nspawn-mount.c b/src/nspawn/nspawn-mount.c
|
||||
index ac7290732e..3d2151a06a 100644
|
||||
--- a/src/nspawn/nspawn-mount.c
|
||||
+++ b/src/nspawn/nspawn-mount.c
|
||||
@@ -601,11 +601,15 @@ int mount_all(const char *dest,
|
||||
|
||||
r = mkdir_userns_p(dest, where, 0755, mount_settings, uid_shift);
|
||||
if (r < 0 && r != -EEXIST) {
|
||||
- if (fatal)
|
||||
+ if (fatal && r != -EROFS)
|
||||
return log_error_errno(r, "Failed to create directory %s: %m", where);
|
||||
|
||||
log_debug_errno(r, "Failed to create directory %s: %m", where);
|
||||
- continue;
|
||||
+ /* If we failed mkdir() or chown() due to the root
|
||||
+ * directory being read only, attempt to mount this fs
|
||||
+ * anyway and let mount_verbose log any errors */
|
||||
+ if (r != -EROFS)
|
||||
+ continue;
|
||||
}
|
||||
|
||||
o = mount_table[k].options;
|
|
@ -0,0 +1,38 @@
|
|||
From 1e20ca63e06337b95f4b0deedc062511d2ff31cc Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Wed, 25 Oct 2017 11:19:19 +0200
|
||||
Subject: [PATCH] resolved: fix loop on packets with pseudo dns types
|
||||
|
||||
Reported by Karim Hossen & Thomas Imbert from Sogeti ESEC R&D.
|
||||
|
||||
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1725351
|
||||
(cherry picked from commit 9f939335a07085aa9a9663efd1dca06ef6405d62)
|
||||
(cherry picked from commit 743b771c559c6101544f7358a42c8c519fe4b0db)
|
||||
---
|
||||
src/resolve/resolved-dns-packet.c | 6 +-----
|
||||
1 file changed, 1 insertion(+), 5 deletions(-)
|
||||
|
||||
diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c
|
||||
index 49a04615d4..1165940e0d 100644
|
||||
--- a/src/resolve/resolved-dns-packet.c
|
||||
+++ b/src/resolve/resolved-dns-packet.c
|
||||
@@ -1503,7 +1503,7 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta
|
||||
|
||||
found = true;
|
||||
|
||||
- while (bitmask) {
|
||||
+ for (; bitmask; bit++, bitmask >>= 1)
|
||||
if (bitmap[i] & bitmask) {
|
||||
uint16_t n;
|
||||
|
||||
@@ -1517,10 +1517,6 @@ static int dns_packet_read_type_window(DnsPacket *p, Bitmap **types, size_t *sta
|
||||
if (r < 0)
|
||||
return r;
|
||||
}
|
||||
-
|
||||
- bit++;
|
||||
- bitmask >>= 1;
|
||||
- }
|
||||
}
|
||||
|
||||
if (!found)
|
|
@ -0,0 +1,143 @@
|
|||
From ea8cb69ee23cd67ef45ca34f1b192c9adb5fa878 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Sun, 9 Jul 2017 23:31:47 -0400
|
||||
Subject: [PATCH] cryptsetup-generator: add a helper utility to create symlinks
|
||||
|
||||
It seems that there's a common pattern among the various generators. Let's add
|
||||
a helper function for it and make use of it in cryptsetup-generator.
|
||||
|
||||
This fixes a bunch of theoretical memleaks in error paths, since *to wasn't
|
||||
generally freed properly. Not thath it matters.
|
||||
|
||||
(cherry picked from commit b559616f2321643c5194b474d39a722cefaf6059)
|
||||
---
|
||||
src/cryptsetup/cryptsetup-generator.c | 53 ++++++++++-------------------------
|
||||
src/shared/generator.c | 15 ++++++++++
|
||||
src/shared/generator.h | 2 ++
|
||||
3 files changed, 32 insertions(+), 38 deletions(-)
|
||||
|
||||
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
|
||||
index afc5d7cf49..4edf709c3e 100644
|
||||
--- a/src/cryptsetup/cryptsetup-generator.c
|
||||
+++ b/src/cryptsetup/cryptsetup-generator.c
|
||||
@@ -58,11 +58,11 @@ static int create_disk(
|
||||
const char *password,
|
||||
const char *options) {
|
||||
|
||||
- _cleanup_free_ char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *to = NULL, *e = NULL,
|
||||
+ _cleanup_free_ char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *e = NULL,
|
||||
*filtered = NULL;
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
+ const char *dmname;
|
||||
bool noauto, nofail, tmp, swap;
|
||||
- char *from;
|
||||
int r;
|
||||
|
||||
assert(name);
|
||||
@@ -120,7 +120,7 @@ static int create_disk(
|
||||
if (password) {
|
||||
if (STR_IN_SET(password, "/dev/urandom", "/dev/random", "/dev/hw_random"))
|
||||
fputs("After=systemd-random-seed.service\n", f);
|
||||
- else if (!streq(password, "-") && !streq(password, "none")) {
|
||||
+ else if (!STR_IN_SET(password, "-", "none")) {
|
||||
_cleanup_free_ char *uu;
|
||||
|
||||
uu = fstab_node_to_udev_node(password);
|
||||
@@ -186,46 +186,23 @@ static int create_disk(
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to write file %s: %m", p);
|
||||
|
||||
- from = strjoina("../", n);
|
||||
-
|
||||
if (!noauto) {
|
||||
-
|
||||
- to = strjoin(arg_dest, "/", d, ".wants/", n);
|
||||
- if (!to)
|
||||
- return log_oom();
|
||||
-
|
||||
- mkdir_parents_label(to, 0755);
|
||||
- if (symlink(from, to) < 0)
|
||||
- return log_error_errno(errno, "Failed to create symlink %s: %m", to);
|
||||
-
|
||||
- free(to);
|
||||
- if (!nofail)
|
||||
- to = strjoin(arg_dest, "/cryptsetup.target.requires/", n);
|
||||
- else
|
||||
- to = strjoin(arg_dest, "/cryptsetup.target.wants/", n);
|
||||
- if (!to)
|
||||
- return log_oom();
|
||||
-
|
||||
- mkdir_parents_label(to, 0755);
|
||||
- if (symlink(from, to) < 0)
|
||||
- return log_error_errno(errno, "Failed to create symlink %s: %m", to);
|
||||
+ r = generator_add_symlink(arg_dest, d, "wants", n);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
+
|
||||
+ r = generator_add_symlink(arg_dest, "cryptsetup.target",
|
||||
+ nofail ? "wants" : "requires", n);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
}
|
||||
|
||||
- free(to);
|
||||
- to = strjoin(arg_dest, "/dev-mapper-", e, ".device.requires/", n);
|
||||
- if (!to)
|
||||
- return log_oom();
|
||||
-
|
||||
- mkdir_parents_label(to, 0755);
|
||||
- if (symlink(from, to) < 0)
|
||||
- return log_error_errno(errno, "Failed to create symlink %s: %m", to);
|
||||
+ dmname = strjoina("dev-mapper-", e, ".device");
|
||||
+ r = generator_add_symlink(arg_dest, dmname, "requires", n);
|
||||
+ if (r < 0)
|
||||
+ return r;
|
||||
|
||||
if (!noauto && !nofail) {
|
||||
- _cleanup_free_ char *dmname;
|
||||
- dmname = strjoin("dev-mapper-", e, ".device");
|
||||
- if (!dmname)
|
||||
- return log_oom();
|
||||
-
|
||||
r = write_drop_in(arg_dest, dmname, 90, "device-timeout",
|
||||
"# Automatically generated by systemd-cryptsetup-generator \n\n"
|
||||
"[Unit]\nJobTimeoutSec=0");
|
||||
diff --git a/src/shared/generator.c b/src/shared/generator.c
|
||||
index 6a887e3aad..325fe9fcbf 100644
|
||||
--- a/src/shared/generator.c
|
||||
+++ b/src/shared/generator.c
|
||||
@@ -37,6 +37,21 @@
|
||||
#include "unit-name.h"
|
||||
#include "util.h"
|
||||
|
||||
+int generator_add_symlink(const char *root, const char *dst, const char *dep_type, const char *src) {
|
||||
+ /* Adds a symlink from <dst>.<dep_type>.d/ to ../<src> */
|
||||
+
|
||||
+ const char *from, *to;
|
||||
+
|
||||
+ from = strjoina("../", src);
|
||||
+ to = strjoina(root, "/", dst, ".", dep_type, "/", src);
|
||||
+
|
||||
+ mkdir_parents_label(to, 0755);
|
||||
+ if (symlink(from, to) < 0)
|
||||
+ return log_error_errno(errno, "Failed to create symlink \"%s\": %m", to);
|
||||
+
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
static int write_fsck_sysroot_service(const char *dir, const char *what) {
|
||||
_cleanup_free_ char *device = NULL, *escaped = NULL;
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
diff --git a/src/shared/generator.h b/src/shared/generator.h
|
||||
index 825d934c8e..e70016839f 100644
|
||||
--- a/src/shared/generator.h
|
||||
+++ b/src/shared/generator.h
|
||||
@@ -21,6 +21,8 @@
|
||||
|
||||
#include <stdio.h>
|
||||
|
||||
+int generator_add_symlink(const char *root, const char *dst, const char *dep_type, const char *src);
|
||||
+
|
||||
int generator_write_fsck_deps(
|
||||
FILE *f,
|
||||
const char *dir,
|
|
@ -0,0 +1,24 @@
|
|||
From c55ccd92b9503bc074e6ffb07925f09024e9949d Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 5 Sep 2017 09:14:51 +0200
|
||||
Subject: [PATCH] units: order cryptsetup-pre.target before cryptsetup.target
|
||||
|
||||
Normally this happens automatically, but if it happened that both targets were
|
||||
pulled in, even though there were no cryptsetup units, they could be started
|
||||
in reverse order, which would be somewhat confusing. Add an explicit ordering
|
||||
to avoid this potential issue.
|
||||
|
||||
(cherry picked from commit 947d21171bdd8375db6482bc7d758d74b27f7dd4)
|
||||
---
|
||||
units/cryptsetup-pre.target | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/units/cryptsetup-pre.target b/units/cryptsetup-pre.target
|
||||
index 65353419fc..42e35dd4e4 100644
|
||||
--- a/units/cryptsetup-pre.target
|
||||
+++ b/units/cryptsetup-pre.target
|
||||
@@ -9,3 +9,4 @@
|
||||
Description=Encrypted Volumes (Pre)
|
||||
Documentation=man:systemd.special(7)
|
||||
RefuseManualStart=yes
|
||||
+Before=cryptsetup.target
|
|
@ -0,0 +1,138 @@
|
|||
From ca24b1e7731260a972af22387aad16e506dc1826 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 5 Sep 2017 10:15:13 +0200
|
||||
Subject: [PATCH] units: add remote-cryptsetup.target and
|
||||
remote-cryptsetup-pre.target
|
||||
|
||||
The pair is similar to remote-fs.target and remote-fs-pre.target. Any
|
||||
cryptsetup devices which require network shall be ordered after
|
||||
remote-cryptsetup-pre.target and before remote-cryptsetup.target.
|
||||
|
||||
(cherry picked from commit 889128b8b27abb13e1691a72e4ce0562c564e257)
|
||||
---
|
||||
man/systemd.special.xml | 23 +++++++++++++++++++++++
|
||||
units/cryptsetup-pre.target | 2 +-
|
||||
units/cryptsetup.target | 2 +-
|
||||
units/meson.build | 3 +++
|
||||
units/remote-cryptsetup-pre.target | 15 +++++++++++++++
|
||||
units/remote-cryptsetup.target | 10 ++++++++++
|
||||
6 files changed, 53 insertions(+), 2 deletions(-)
|
||||
create mode 100644 units/remote-cryptsetup-pre.target
|
||||
create mode 100644 units/remote-cryptsetup.target
|
||||
|
||||
diff --git a/man/systemd.special.xml b/man/systemd.special.xml
|
||||
index 66c45e39a3..7107b8a920 100644
|
||||
--- a/man/systemd.special.xml
|
||||
+++ b/man/systemd.special.xml
|
||||
@@ -81,6 +81,8 @@
|
||||
<filename>poweroff.target</filename>,
|
||||
<filename>printer.target</filename>,
|
||||
<filename>reboot.target</filename>,
|
||||
+ <filename>remote-cryptsetup-pre.target</filename>,
|
||||
+ <filename>remote-cryptsetup.target</filename>,
|
||||
<filename>remote-fs-pre.target</filename>,
|
||||
<filename>remote-fs.target</filename>,
|
||||
<filename>rescue.target</filename>,
|
||||
@@ -450,6 +452,27 @@
|
||||
this target unit, for compatibility with SysV.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
+ <varlistentry>
|
||||
+ <term><filename>remote-cryptsetup-pre.target</filename></term>
|
||||
+ <listitem>
|
||||
+ <para>This target unit is automatically ordered before all cryptsetup devices
|
||||
+ marked with the <option>_netdev</option>. It can be used to execute additional
|
||||
+ units before such devices are set up.</para>
|
||||
+
|
||||
+ <para>It is ordered after <filename>network.target</filename> and
|
||||
+ <filename>network-online.target</filename>, and also pulls the latter in as a
|
||||
+ <varname>Wants=</varname> dependency.</para>
|
||||
+ </listitem>
|
||||
+ </varlistentry>
|
||||
+ <varlistentry>
|
||||
+ <term><filename>remote-cryptsetup.target</filename></term>
|
||||
+ <listitem>
|
||||
+ <para>Similar to <filename>cryptsetup.target</filename>, but for encrypted
|
||||
+ devices which are accessed over the network. It is used for
|
||||
+ <citerefentry><refentrytitle>crypttab</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
||||
+ entries marked with <option>_netdev</option>.</para>
|
||||
+ </listitem>
|
||||
+ </varlistentry>
|
||||
<varlistentry>
|
||||
<term><filename>remote-fs.target</filename></term>
|
||||
<listitem>
|
||||
diff --git a/units/cryptsetup-pre.target b/units/cryptsetup-pre.target
|
||||
index 42e35dd4e4..6cb28a61ae 100644
|
||||
--- a/units/cryptsetup-pre.target
|
||||
+++ b/units/cryptsetup-pre.target
|
||||
@@ -6,7 +6,7 @@
|
||||
# (at your option) any later version.
|
||||
|
||||
[Unit]
|
||||
-Description=Encrypted Volumes (Pre)
|
||||
+Description=Local Encrypted Volumes (Pre)
|
||||
Documentation=man:systemd.special(7)
|
||||
RefuseManualStart=yes
|
||||
Before=cryptsetup.target
|
||||
diff --git a/units/cryptsetup.target b/units/cryptsetup.target
|
||||
index 25d3e33f6a..10b17fd387 100644
|
||||
--- a/units/cryptsetup.target
|
||||
+++ b/units/cryptsetup.target
|
||||
@@ -6,5 +6,5 @@
|
||||
# (at your option) any later version.
|
||||
|
||||
[Unit]
|
||||
-Description=Encrypted Volumes
|
||||
+Description=Local Encrypted Volumes
|
||||
Documentation=man:systemd.special(7)
|
||||
diff --git a/units/meson.build b/units/meson.build
|
||||
index e94add6a6f..e6351c7a2e 100644
|
||||
--- a/units/meson.build
|
||||
+++ b/units/meson.build
|
||||
@@ -47,6 +47,9 @@ units = [
|
||||
['proc-sys-fs-binfmt_misc.mount', 'ENABLE_BINFMT'],
|
||||
['reboot.target', '',
|
||||
'runlevel6.target ctrl-alt-del.target'],
|
||||
+ ['remote-cryptsetup-pre.target', 'HAVE_LIBCRYPTSETUP'],
|
||||
+ ['remote-cryptsetup.target', 'HAVE_LIBCRYPTSETUP',
|
||||
+ join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')],
|
||||
['remote-fs-pre.target', ''],
|
||||
['remote-fs.target', '',
|
||||
join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')],
|
||||
diff --git a/units/remote-cryptsetup-pre.target b/units/remote-cryptsetup-pre.target
|
||||
new file mode 100644
|
||||
index 0000000000..a375e61889
|
||||
--- /dev/null
|
||||
+++ b/units/remote-cryptsetup-pre.target
|
||||
@@ -0,0 +1,15 @@
|
||||
+# This file is part of systemd.
|
||||
+#
|
||||
+# systemd is free software; you can redistribute it and/or modify it
|
||||
+# under the terms of the GNU Lesser General Public License as published by
|
||||
+# the Free Software Foundation; either version 2.1 of the License, or
|
||||
+# (at your option) any later version.
|
||||
+
|
||||
+[Unit]
|
||||
+Description=Remote Encrypted Volumes (Pre)
|
||||
+Documentation=man:systemd.special(7)
|
||||
+RefuseManualStart=yes
|
||||
+Before=remote-cryptsetup.target
|
||||
+
|
||||
+After=network.target network-online.target
|
||||
+Wants=network-online.target
|
||||
diff --git a/units/remote-cryptsetup.target b/units/remote-cryptsetup.target
|
||||
new file mode 100644
|
||||
index 0000000000..60943bd1cb
|
||||
--- /dev/null
|
||||
+++ b/units/remote-cryptsetup.target
|
||||
@@ -0,0 +1,10 @@
|
||||
+# This file is part of systemd.
|
||||
+#
|
||||
+# systemd is free software; you can redistribute it and/or modify it
|
||||
+# under the terms of the GNU Lesser General Public License as published by
|
||||
+# the Free Software Foundation; either version 2.1 of the License, or
|
||||
+# (at your option) any later version.
|
||||
+
|
||||
+[Unit]
|
||||
+Description=Remote Encrypted Volumes
|
||||
+Documentation=man:systemd.special(7)
|
|
@ -0,0 +1,106 @@
|
|||
From 8f21747f369f6d88768d1409d95527c60f2cd7c7 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 5 Sep 2017 11:30:33 +0200
|
||||
Subject: [PATCH] cryptsetup-generator: use remote-cryptsetup.target when
|
||||
_netdev is present
|
||||
|
||||
This allows such devices to depend on the network. Their startup will
|
||||
be delayed similarly to network mount units.
|
||||
|
||||
Fixes #4642.
|
||||
|
||||
(cherry picked from commit b001ad61e91b6499897f0c977045c7608c233bfa)
|
||||
---
|
||||
man/crypttab.xml | 13 +++++++++++++
|
||||
src/cryptsetup/cryptsetup-generator.c | 30 +++++++++++++++++-------------
|
||||
2 files changed, 30 insertions(+), 13 deletions(-)
|
||||
|
||||
diff --git a/man/crypttab.xml b/man/crypttab.xml
|
||||
index 17976f3704..162377ebc1 100644
|
||||
--- a/man/crypttab.xml
|
||||
+++ b/man/crypttab.xml
|
||||
@@ -213,6 +213,19 @@
|
||||
<option>size=</option>.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
+ <varlistentry>
|
||||
+ <term><option>_netdev</option></term>
|
||||
+
|
||||
+ <listitem><para>Marks this cryptsetup device as requiring network. It will be
|
||||
+ started after the network is available, similarly to
|
||||
+ <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
+ units marked with <option>_netdev</option>. The service unit to set up this device
|
||||
+ will be ordered between <filename>remote-cryptsetup-pre.target</filename> and
|
||||
+ <filename>remote-cryptsetup.target</filename>, instead of
|
||||
+ <filename>cryptsetup-pre.target</filename> and
|
||||
+ <filename>cryptsetup.target</filename>.</para></listitem>
|
||||
+ </varlistentry>
|
||||
+
|
||||
<varlistentry>
|
||||
<term><option>noauto</option></term>
|
||||
|
||||
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
|
||||
index 4edf709c3e..962d712639 100644
|
||||
--- a/src/cryptsetup/cryptsetup-generator.c
|
||||
+++ b/src/cryptsetup/cryptsetup-generator.c
|
||||
@@ -62,7 +62,7 @@ static int create_disk(
|
||||
*filtered = NULL;
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
const char *dmname;
|
||||
- bool noauto, nofail, tmp, swap;
|
||||
+ bool noauto, nofail, tmp, swap, netdev;
|
||||
int r;
|
||||
|
||||
assert(name);
|
||||
@@ -72,6 +72,7 @@ static int create_disk(
|
||||
nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0");
|
||||
tmp = fstab_test_option(options, "tmp\0");
|
||||
swap = fstab_test_option(options, "swap\0");
|
||||
+ netdev = fstab_test_option(options, "_netdev\0");
|
||||
|
||||
if (tmp && swap) {
|
||||
log_error("Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.", name);
|
||||
@@ -102,20 +103,22 @@ static int create_disk(
|
||||
if (!f)
|
||||
return log_error_errno(errno, "Failed to create unit file %s: %m", p);
|
||||
|
||||
- fputs("# Automatically generated by systemd-cryptsetup-generator\n\n"
|
||||
- "[Unit]\n"
|
||||
- "Description=Cryptography Setup for %I\n"
|
||||
- "Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:systemd-cryptsetup@.service(8)\n"
|
||||
- "SourcePath=/etc/crypttab\n"
|
||||
- "DefaultDependencies=no\n"
|
||||
- "Conflicts=umount.target\n"
|
||||
- "IgnoreOnIsolate=true\n"
|
||||
- "After=cryptsetup-pre.target\n",
|
||||
- f);
|
||||
+ fprintf(f,
|
||||
+ "# Automatically generated by systemd-cryptsetup-generator\n\n"
|
||||
+ "[Unit]\n"
|
||||
+ "Description=Cryptography Setup for %%I\n"
|
||||
+ "Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:systemd-cryptsetup@.service(8)\n"
|
||||
+ "SourcePath=/etc/crypttab\n"
|
||||
+ "DefaultDependencies=no\n"
|
||||
+ "Conflicts=umount.target\n"
|
||||
+ "IgnoreOnIsolate=true\n"
|
||||
+ "After=%s\n",
|
||||
+ netdev ? "remote-cryptsetup-pre.target" : "cryptsetup-pre.target");
|
||||
|
||||
if (!nofail)
|
||||
fprintf(f,
|
||||
- "Before=cryptsetup.target\n");
|
||||
+ "Before=%s\n",
|
||||
+ netdev ? "remote-cryptsetup.target" : "cryptsetup.target");
|
||||
|
||||
if (password) {
|
||||
if (STR_IN_SET(password, "/dev/urandom", "/dev/random", "/dev/hw_random"))
|
||||
@@ -191,7 +194,8 @@ static int create_disk(
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
- r = generator_add_symlink(arg_dest, "cryptsetup.target",
|
||||
+ r = generator_add_symlink(arg_dest,
|
||||
+ netdev ? "remote-cryptsetup.target" : "cryptsetup.target",
|
||||
nofail ? "wants" : "requires", n);
|
||||
if (r < 0)
|
||||
return r;
|
|
@ -0,0 +1,44 @@
|
|||
From e937bdf0271e664ede61fafd74f8487334745d01 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 12 Oct 2017 22:13:03 +0200
|
||||
Subject: [PATCH] units: add [Install] section to remote-cryptsetup.target
|
||||
|
||||
This makes this target the same as remote-fs.target in this regard. In practice
|
||||
it probably doesn't make that much difference, because all encrypted devices
|
||||
that are part of remote-fs.target (marked with _netdev) will be used for mount
|
||||
points, so they will be pulled in anyway individually, but with this change any
|
||||
such device will be configured, even if it is not pulled by any other unit.
|
||||
|
||||
(cherry picked from commit 8f462b074eb9830d6d5029f70c9010ce50e68357)
|
||||
(cherry picked from commit eaaa52cc40bc7f94762ca622d4bd3e9440ccee90)
|
||||
---
|
||||
system-preset/90-systemd.preset | 1 +
|
||||
units/remote-cryptsetup.target | 6 ++++++
|
||||
2 files changed, 7 insertions(+)
|
||||
|
||||
diff --git a/system-preset/90-systemd.preset b/system-preset/90-systemd.preset
|
||||
index 3ba4bb760d..98bc4c3c55 100644
|
||||
--- a/system-preset/90-systemd.preset
|
||||
+++ b/system-preset/90-systemd.preset
|
||||
@@ -9,6 +9,7 @@
|
||||
# generally follow a default-off policy.
|
||||
|
||||
enable remote-fs.target
|
||||
+enable remote-cryptsetup.target
|
||||
enable machines.target
|
||||
|
||||
enable getty@.service
|
||||
diff --git a/units/remote-cryptsetup.target b/units/remote-cryptsetup.target
|
||||
index 60943bd1cb..c306d521f7 100644
|
||||
--- a/units/remote-cryptsetup.target
|
||||
+++ b/units/remote-cryptsetup.target
|
||||
@@ -8,3 +8,9 @@
|
||||
[Unit]
|
||||
Description=Remote Encrypted Volumes
|
||||
Documentation=man:systemd.special(7)
|
||||
+After=remote-cryptsetup-pre.target
|
||||
+DefaultDependencies=no
|
||||
+Conflicts=shutdown.target
|
||||
+
|
||||
+[Install]
|
||||
+WantedBy=multi-user.target
|
|
@ -0,0 +1,150 @@
|
|||
From e4340effce763b111fc14a64f759beef6ed3a276 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 12 Oct 2017 22:34:54 +0200
|
||||
Subject: [PATCH] units: replace remote-cryptsetup-pre.target with
|
||||
remote-fs-pre.target
|
||||
|
||||
remote-cryptsetup-pre.target was designed as an active unit (that pulls in
|
||||
network-online.target), the opposite of remote-fs-pre.target (a passive unit,
|
||||
with individual provider services ordering itself before it and pulling it in,
|
||||
for example iscsi.service and nfs-client.target).
|
||||
|
||||
To make remote-cryptsetup-pre.target really work, those services should be
|
||||
ordered before it too. But this would require updates to all those services,
|
||||
not just changes from systemd side.
|
||||
|
||||
But the requirements for remote-fs-pre.target and remote-cryptset-pre.target
|
||||
are fairly similar (e.g. iscsi devices can certainly be used for both), so
|
||||
let's reuse remote-fs-pre.target also for remote cryptsetup units. This loses
|
||||
a bit of flexibility, but does away with the requirement for various provider
|
||||
services to know about remote-cryptsetup-pre.target.
|
||||
|
||||
(cherry picked from commit a0dd209763f9e67054ee322a2dfd52bccf345c2e)
|
||||
(cherry picked from commit c5e8935962eadc9e901f4fe13e187aaaad487142)
|
||||
---
|
||||
man/crypttab.xml | 2 +-
|
||||
man/systemd.special.xml | 20 ++++----------------
|
||||
src/cryptsetup/cryptsetup-generator.c | 2 +-
|
||||
units/meson.build | 1 -
|
||||
units/remote-cryptsetup-pre.target | 15 ---------------
|
||||
units/remote-cryptsetup.target | 2 +-
|
||||
6 files changed, 7 insertions(+), 35 deletions(-)
|
||||
delete mode 100644 units/remote-cryptsetup-pre.target
|
||||
|
||||
diff --git a/man/crypttab.xml b/man/crypttab.xml
|
||||
index 162377ebc1..239bbfa87d 100644
|
||||
--- a/man/crypttab.xml
|
||||
+++ b/man/crypttab.xml
|
||||
@@ -220,7 +220,7 @@
|
||||
started after the network is available, similarly to
|
||||
<citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
units marked with <option>_netdev</option>. The service unit to set up this device
|
||||
- will be ordered between <filename>remote-cryptsetup-pre.target</filename> and
|
||||
+ will be ordered between <filename>remote-fs-pre.target</filename> and
|
||||
<filename>remote-cryptsetup.target</filename>, instead of
|
||||
<filename>cryptsetup-pre.target</filename> and
|
||||
<filename>cryptsetup.target</filename>.</para></listitem>
|
||||
diff --git a/man/systemd.special.xml b/man/systemd.special.xml
|
||||
index 7107b8a920..145848dbc5 100644
|
||||
--- a/man/systemd.special.xml
|
||||
+++ b/man/systemd.special.xml
|
||||
@@ -81,7 +81,6 @@
|
||||
<filename>poweroff.target</filename>,
|
||||
<filename>printer.target</filename>,
|
||||
<filename>reboot.target</filename>,
|
||||
- <filename>remote-cryptsetup-pre.target</filename>,
|
||||
<filename>remote-cryptsetup.target</filename>,
|
||||
<filename>remote-fs-pre.target</filename>,
|
||||
<filename>remote-fs.target</filename>,
|
||||
@@ -452,18 +451,6 @@
|
||||
this target unit, for compatibility with SysV.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
- <varlistentry>
|
||||
- <term><filename>remote-cryptsetup-pre.target</filename></term>
|
||||
- <listitem>
|
||||
- <para>This target unit is automatically ordered before all cryptsetup devices
|
||||
- marked with the <option>_netdev</option>. It can be used to execute additional
|
||||
- units before such devices are set up.</para>
|
||||
-
|
||||
- <para>It is ordered after <filename>network.target</filename> and
|
||||
- <filename>network-online.target</filename>, and also pulls the latter in as a
|
||||
- <varname>Wants=</varname> dependency.</para>
|
||||
- </listitem>
|
||||
- </varlistentry>
|
||||
<varlistentry>
|
||||
<term><filename>remote-cryptsetup.target</filename></term>
|
||||
<listitem>
|
||||
@@ -864,9 +851,10 @@
|
||||
<term><filename>remote-fs-pre.target</filename></term>
|
||||
<listitem>
|
||||
<para>This target unit is automatically ordered before all
|
||||
- remote mount point units (see above). It can be used to run
|
||||
- certain units before the remote mounts are established. Note
|
||||
- that this unit is generally not part of the initial
|
||||
+ mount point units (see above) and cryptsetup devices
|
||||
+ marked with the <option>_netdev</option>. It can be used to run
|
||||
+ certain units before remote encrypted devices and mounts are established.
|
||||
+ Note that this unit is generally not part of the initial
|
||||
transaction, unless the unit that wants to be ordered before
|
||||
all remote mounts pulls it in via a
|
||||
<varname>Wants=</varname> type dependency. If the unit wants
|
||||
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
|
||||
index 962d712639..4d68710c1d 100644
|
||||
--- a/src/cryptsetup/cryptsetup-generator.c
|
||||
+++ b/src/cryptsetup/cryptsetup-generator.c
|
||||
@@ -113,7 +113,7 @@ static int create_disk(
|
||||
"Conflicts=umount.target\n"
|
||||
"IgnoreOnIsolate=true\n"
|
||||
"After=%s\n",
|
||||
- netdev ? "remote-cryptsetup-pre.target" : "cryptsetup-pre.target");
|
||||
+ netdev ? "remote-fs-pre.target" : "cryptsetup-pre.target");
|
||||
|
||||
if (!nofail)
|
||||
fprintf(f,
|
||||
diff --git a/units/meson.build b/units/meson.build
|
||||
index e6351c7a2e..d85cc491c9 100644
|
||||
--- a/units/meson.build
|
||||
+++ b/units/meson.build
|
||||
@@ -47,7 +47,6 @@ units = [
|
||||
['proc-sys-fs-binfmt_misc.mount', 'ENABLE_BINFMT'],
|
||||
['reboot.target', '',
|
||||
'runlevel6.target ctrl-alt-del.target'],
|
||||
- ['remote-cryptsetup-pre.target', 'HAVE_LIBCRYPTSETUP'],
|
||||
['remote-cryptsetup.target', 'HAVE_LIBCRYPTSETUP',
|
||||
join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')],
|
||||
['remote-fs-pre.target', ''],
|
||||
diff --git a/units/remote-cryptsetup-pre.target b/units/remote-cryptsetup-pre.target
|
||||
deleted file mode 100644
|
||||
index a375e61889..0000000000
|
||||
--- a/units/remote-cryptsetup-pre.target
|
||||
+++ /dev/null
|
||||
@@ -1,15 +0,0 @@
|
||||
-# This file is part of systemd.
|
||||
-#
|
||||
-# systemd is free software; you can redistribute it and/or modify it
|
||||
-# under the terms of the GNU Lesser General Public License as published by
|
||||
-# the Free Software Foundation; either version 2.1 of the License, or
|
||||
-# (at your option) any later version.
|
||||
-
|
||||
-[Unit]
|
||||
-Description=Remote Encrypted Volumes (Pre)
|
||||
-Documentation=man:systemd.special(7)
|
||||
-RefuseManualStart=yes
|
||||
-Before=remote-cryptsetup.target
|
||||
-
|
||||
-After=network.target network-online.target
|
||||
-Wants=network-online.target
|
||||
diff --git a/units/remote-cryptsetup.target b/units/remote-cryptsetup.target
|
||||
index c306d521f7..d485b06726 100644
|
||||
--- a/units/remote-cryptsetup.target
|
||||
+++ b/units/remote-cryptsetup.target
|
||||
@@ -8,7 +8,7 @@
|
||||
[Unit]
|
||||
Description=Remote Encrypted Volumes
|
||||
Documentation=man:systemd.special(7)
|
||||
-After=remote-cryptsetup-pre.target
|
||||
+After=remote-fs-pre.target
|
||||
DefaultDependencies=no
|
||||
Conflicts=shutdown.target
|
||||
|
|
@ -0,0 +1,41 @@
|
|||
From 3557377795afb0410c703707633dd5ad589fdd11 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Thu, 12 Oct 2017 22:43:58 +0200
|
||||
Subject: [PATCH] man: add a note about _netdev usage
|
||||
|
||||
(cherry picked from commit 288c26165e0ff71857394f360f42432bc808556f)
|
||||
(cherry picked from commit 51f2176d0df1088407afbadc138aeaa9dbe017e8)
|
||||
---
|
||||
man/crypttab.xml | 12 +++++++++++-
|
||||
1 file changed, 11 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/man/crypttab.xml b/man/crypttab.xml
|
||||
index 239bbfa87d..88f8909a60 100644
|
||||
--- a/man/crypttab.xml
|
||||
+++ b/man/crypttab.xml
|
||||
@@ -223,7 +223,16 @@
|
||||
will be ordered between <filename>remote-fs-pre.target</filename> and
|
||||
<filename>remote-cryptsetup.target</filename>, instead of
|
||||
<filename>cryptsetup-pre.target</filename> and
|
||||
- <filename>cryptsetup.target</filename>.</para></listitem>
|
||||
+ <filename>cryptsetup.target</filename>.</para>
|
||||
+
|
||||
+ <para>Hint: if this device is used for a mount point that is specified in
|
||||
+ <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
||||
+ the <option>_netdev</option> option should also be used for the mount
|
||||
+ point. Otherwise, a dependency loop might be created where the mount point
|
||||
+ will be pulled in by <filename>local-fs.target</filename>, while the
|
||||
+ service to configure the network is usually only started <emphasis>after</emphasis>
|
||||
+ the local file system has been mounted.</para>
|
||||
+ </listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
@@ -431,6 +440,7 @@ hidden /mnt/tc_hidden /dev/null tcrypt-hidden,tcrypt-keyfile=/etc/keyfil
|
||||
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>systemd-cryptsetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
||||
+ <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
||||
<citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
||||
<citerefentry project='man-pages'><refentrytitle>mkswap</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
||||
<citerefentry project='man-pages'><refentrytitle>mke2fs</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
|
@ -0,0 +1,28 @@
|
|||
From a33807a581643c73377d3ef476979bf1d53ccf08 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Wed, 18 Oct 2017 15:14:46 +0200
|
||||
Subject: [PATCH] units: make remote-cryptsetup.target also after
|
||||
cryptsetup-pre.target
|
||||
|
||||
This way people can order units before cryptsetup-pre.target and
|
||||
have them run before any cryptsetup-related stuff.
|
||||
|
||||
(cherry picked from commit a0e030f53bad355be1084a0475eb30aae20e3e43)
|
||||
(cherry picked from commit d56bbe6540ed5075ab6c2845c63d08c12499e46d)
|
||||
---
|
||||
units/remote-cryptsetup.target | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/units/remote-cryptsetup.target b/units/remote-cryptsetup.target
|
||||
index d485b06726..ac4e1b71db 100644
|
||||
--- a/units/remote-cryptsetup.target
|
||||
+++ b/units/remote-cryptsetup.target
|
||||
@@ -8,7 +8,7 @@
|
||||
[Unit]
|
||||
Description=Remote Encrypted Volumes
|
||||
Documentation=man:systemd.special(7)
|
||||
-After=remote-fs-pre.target
|
||||
+After=remote-fs-pre.target cryptsetup-pre.target
|
||||
DefaultDependencies=no
|
||||
Conflicts=shutdown.target
|
||||
|
|
@ -0,0 +1,123 @@
|
|||
From 3a5ffde6675f952785d39593bb5038e8f827b22d Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Wed, 18 Oct 2017 18:47:34 +0200
|
||||
Subject: [PATCH] man: describe how machine-id should be initialized (#7051)
|
||||
|
||||
(cherry picked from commit 74a79c657e17fc43172a59f1f158d4a26aec2be1)
|
||||
(cherry picked from commit 07ba9da0bc0d4e3309e766d3734ac56683d3298d)
|
||||
---
|
||||
man/machine-id.xml | 90 +++++++++++++++++++++++++++++++++++++++++-------------
|
||||
1 file changed, 69 insertions(+), 21 deletions(-)
|
||||
|
||||
diff --git a/man/machine-id.xml b/man/machine-id.xml
|
||||
index 3c261bffcc..e434c89de9 100644
|
||||
--- a/man/machine-id.xml
|
||||
+++ b/man/machine-id.xml
|
||||
@@ -53,18 +53,26 @@
|
||||
<refsect1>
|
||||
<title>Description</title>
|
||||
|
||||
- <para>The <filename>/etc/machine-id</filename> file contains the unique machine ID of the local
|
||||
- system that is set during installation. The machine ID is a single newline-terminated,
|
||||
- hexadecimal, 32-character, lowercase ID. When decoded from hexadecimal, this corresponds to a
|
||||
- 16-byte/128-bit value.</para>
|
||||
+ <para>The <filename>/etc/machine-id</filename> file contains the unique machine ID of
|
||||
+ the local system that is set during installation or boot. The machine ID is a single
|
||||
+ newline-terminated, hexadecimal, 32-character, lowercase ID. When decoded from
|
||||
+ hexadecimal, this corresponds to a 16-byte/128-bit value. This ID may not be all
|
||||
+ zeros.</para>
|
||||
|
||||
- <para>The machine ID is usually generated from a random source
|
||||
- during system installation and stays constant for all subsequent
|
||||
- boots. Optionally, for stateless systems, it is generated during
|
||||
- runtime at early boot if it is found to be empty.</para>
|
||||
+ <para>The machine ID is usually generated from a random source during system
|
||||
+ installation or first boot and stays constant for all subsequent boots. Optionally,
|
||||
+ for stateless systems, it is generated during runtime during early boot if necessary.
|
||||
+ </para>
|
||||
|
||||
- <para>The machine ID does not change based on local or network configuration or when hardware is
|
||||
- replaced. Due to this and its greater length, it is a more useful replacement for the
|
||||
+ <para>The machine ID may be set, for example when network booting, with the
|
||||
+ <varname>systemd.machine_id=</varname> kernel command line parameter or by passing the
|
||||
+ option <option>--machine-id=</option> to systemd. An ID is specified in this manner
|
||||
+ has higher priority and will be used instead of the ID stored in
|
||||
+ <filename>/etc/machine-id</filename>.</para>
|
||||
+
|
||||
+ <para>The machine ID does not change based on local or network configuration or when
|
||||
+ hardware is replaced. Due to this and its greater length, it is a more useful
|
||||
+ replacement for the
|
||||
<citerefentry project='man-pages'><refentrytitle>gethostid</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
call that POSIX specifies.</para>
|
||||
|
||||
@@ -79,19 +87,59 @@
|
||||
the original machine ID from the application-specific one. The
|
||||
<citerefentry><refentrytitle>sd_id128_get_machine_app_specific</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
API provides an implementation of such an algorithm.</para>
|
||||
+ </refsect1>
|
||||
|
||||
- <para>The
|
||||
+ <refsect1>
|
||||
+ <title>Initialization</title>
|
||||
+
|
||||
+ <para>Each machine should have a non-empty ID in normal operation. The ID of each
|
||||
+ machine should be unique. To achive those objectives,
|
||||
+ <filename>/etc/machine-id</filename> can be initialized in a few different ways.
|
||||
+ </para>
|
||||
+
|
||||
+ <para>For normal operating system installations, where a custom image is created for a
|
||||
+ specific machine, <filename>/etc/machine-id</filename> should be populated during
|
||||
+ installation.</para>
|
||||
+
|
||||
+ <para>
|
||||
<citerefentry><refentrytitle>systemd-machine-id-setup</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
- tool may be used by installer tools to initialize the machine ID
|
||||
- at install time. Use
|
||||
- <citerefentry><refentrytitle>systemd-firstboot</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
- to initialize it on mounted (but not booted) system images.</para>
|
||||
-
|
||||
- <para>The machine-id may also be set, for example when network
|
||||
- booting, by setting the <varname>systemd.machine_id=</varname>
|
||||
- kernel command line parameter or passing the option
|
||||
- <option>--machine-id=</option> to systemd. A machine-id may not
|
||||
- be set to all zeros.</para>
|
||||
+ may be used by installer tools to initialize the machine ID at install time, but
|
||||
+ <filename>/etc/machine-id</filename> may also be written using any other means.
|
||||
+ </para>
|
||||
+
|
||||
+ <para>For operating system images which are created once and used on multiple
|
||||
+ machines, for example for containers or in the cloud,
|
||||
+ <filename>/etc/machine-id</filename> should be an empty file in the generic file
|
||||
+ system image. An ID will be generated during boot and saved to this file if
|
||||
+ possible. Having an empty file in place is useful because it allows a temporary file
|
||||
+ to be bind-mounted over the real file, in case the image is used read-only.</para>
|
||||
+
|
||||
+ <para><citerefentry><refentrytitle>systemd-firstboot</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
+ may be used to to initialize <filename>/etc/machine-id</filename> on mounted (but not
|
||||
+ booted) system images.</para>
|
||||
+
|
||||
+ <para>When a machine is booted with
|
||||
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
+ the ID of the machine will be established. If <varname>systemd.machine_id=</varname>
|
||||
+ or <option>--machine-id=</option> options (see first section) are specified, this
|
||||
+ value will be used. Otherwise, the value in <filename>/etc/machine-id</filename> will
|
||||
+ be used. If this file is empty or missing, <filename>systemd</filename> will attempt
|
||||
+ to use the D-Bus machine ID from <filename>/var/lib/dbus/machine-id</filename>, the
|
||||
+ value of the kernel command line option <varname>container_uuid</varname>, the KVM DMI
|
||||
+ <filename>product_uuid</filename> (on KVM systems), and finally a randomly generated
|
||||
+ UUID.</para>
|
||||
+
|
||||
+ <para>After the machine ID is established,
|
||||
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
+ will attempt to save it to <filename>/etc/machine-id</filename>. If this fails, it
|
||||
+ will attempt to bind-mount a temporary file over <filename>/etc/machine-id</filename>.
|
||||
+ It is an error if the file system is read-only and does not contain a (possibly empty)
|
||||
+ <filename>/etc/machine-id</filename> file.</para>
|
||||
+
|
||||
+ <para><citerefentry><refentrytitle>systemd-machine-id-commit.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
||||
+ will attempt to write the machine ID to the file system if
|
||||
+ <filename>/etc/machine-id</filename> or <filename>/etc</filename> are read-only during
|
||||
+ early boot but become writable later on.</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
|
@ -1,280 +0,0 @@
|
|||
From 3acb27df403c9e5772eb1d81aba1c65b6c7acc08 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 5 Sep 2017 09:14:51 +0200
|
||||
Subject: [PATCH 1/3] units: order cryptsetup-pre.target before
|
||||
cryptsetup.target
|
||||
|
||||
Normally this happens automatically, but if it happened that both targets were
|
||||
pulled in, even though there were no cryptsetup units, they could be started
|
||||
in reverse order, which would be somewhat confusing. Add an explicit ordering
|
||||
to avoid this potential issue.
|
||||
---
|
||||
units/cryptsetup-pre.target | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/units/cryptsetup-pre.target b/units/cryptsetup-pre.target
|
||||
index 65353419f..42e35dd4e 100644
|
||||
--- a/units/cryptsetup-pre.target
|
||||
+++ b/units/cryptsetup-pre.target
|
||||
@@ -9,3 +9,4 @@
|
||||
Description=Encrypted Volumes (Pre)
|
||||
Documentation=man:systemd.special(7)
|
||||
RefuseManualStart=yes
|
||||
+Before=cryptsetup.target
|
||||
--
|
||||
2.14.1
|
||||
|
||||
|
||||
From 51a012da40e8d0d4d8df931b3bc56ea913c3856a Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 5 Sep 2017 10:15:13 +0200
|
||||
Subject: [PATCH 2/3] units: add remote-cryptsetup.target and
|
||||
remote-cryptsetup-pre.target
|
||||
|
||||
The pair is similar to remote-fs.target and remote-fs-pre.target. Any
|
||||
cryptsetup devices which require network shall be ordered after
|
||||
remote-cryptsetup-pre.target and before remote-cryptsetup.target.
|
||||
---
|
||||
man/systemd.special.xml | 23 +++++++++++++++++++++++
|
||||
units/cryptsetup-pre.target | 2 +-
|
||||
units/cryptsetup.target | 2 +-
|
||||
units/meson.build | 3 +++
|
||||
units/remote-cryptsetup-pre.target | 15 +++++++++++++++
|
||||
units/remote-cryptsetup.target | 10 ++++++++++
|
||||
6 files changed, 53 insertions(+), 2 deletions(-)
|
||||
create mode 100644 units/remote-cryptsetup-pre.target
|
||||
create mode 100644 units/remote-cryptsetup.target
|
||||
|
||||
diff --git a/man/systemd.special.xml b/man/systemd.special.xml
|
||||
index 66c45e39a..7107b8a92 100644
|
||||
--- a/man/systemd.special.xml
|
||||
+++ b/man/systemd.special.xml
|
||||
@@ -81,6 +81,8 @@
|
||||
<filename>poweroff.target</filename>,
|
||||
<filename>printer.target</filename>,
|
||||
<filename>reboot.target</filename>,
|
||||
+ <filename>remote-cryptsetup-pre.target</filename>,
|
||||
+ <filename>remote-cryptsetup.target</filename>,
|
||||
<filename>remote-fs-pre.target</filename>,
|
||||
<filename>remote-fs.target</filename>,
|
||||
<filename>rescue.target</filename>,
|
||||
@@ -450,6 +452,27 @@
|
||||
this target unit, for compatibility with SysV.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
+ <varlistentry>
|
||||
+ <term><filename>remote-cryptsetup-pre.target</filename></term>
|
||||
+ <listitem>
|
||||
+ <para>This target unit is automatically ordered before all cryptsetup devices
|
||||
+ marked with the <option>_netdev</option>. It can be used to execute additional
|
||||
+ units before such devices are set up.</para>
|
||||
+
|
||||
+ <para>It is ordered after <filename>network.target</filename> and
|
||||
+ <filename>network-online.target</filename>, and also pulls the latter in as a
|
||||
+ <varname>Wants=</varname> dependency.</para>
|
||||
+ </listitem>
|
||||
+ </varlistentry>
|
||||
+ <varlistentry>
|
||||
+ <term><filename>remote-cryptsetup.target</filename></term>
|
||||
+ <listitem>
|
||||
+ <para>Similar to <filename>cryptsetup.target</filename>, but for encrypted
|
||||
+ devices which are accessed over the network. It is used for
|
||||
+ <citerefentry><refentrytitle>crypttab</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
||||
+ entries marked with <option>_netdev</option>.</para>
|
||||
+ </listitem>
|
||||
+ </varlistentry>
|
||||
<varlistentry>
|
||||
<term><filename>remote-fs.target</filename></term>
|
||||
<listitem>
|
||||
diff --git a/units/cryptsetup-pre.target b/units/cryptsetup-pre.target
|
||||
index 42e35dd4e..6cb28a61a 100644
|
||||
--- a/units/cryptsetup-pre.target
|
||||
+++ b/units/cryptsetup-pre.target
|
||||
@@ -6,7 +6,7 @@
|
||||
# (at your option) any later version.
|
||||
|
||||
[Unit]
|
||||
-Description=Encrypted Volumes (Pre)
|
||||
+Description=Local Encrypted Volumes (Pre)
|
||||
Documentation=man:systemd.special(7)
|
||||
RefuseManualStart=yes
|
||||
Before=cryptsetup.target
|
||||
diff --git a/units/cryptsetup.target b/units/cryptsetup.target
|
||||
index 25d3e33f6..10b17fd38 100644
|
||||
--- a/units/cryptsetup.target
|
||||
+++ b/units/cryptsetup.target
|
||||
@@ -6,5 +6,5 @@
|
||||
# (at your option) any later version.
|
||||
|
||||
[Unit]
|
||||
-Description=Encrypted Volumes
|
||||
+Description=Local Encrypted Volumes
|
||||
Documentation=man:systemd.special(7)
|
||||
diff --git a/units/meson.build b/units/meson.build
|
||||
index e94add6a6..e6351c7a2 100644
|
||||
--- a/units/meson.build
|
||||
+++ b/units/meson.build
|
||||
@@ -47,6 +47,9 @@ units = [
|
||||
['proc-sys-fs-binfmt_misc.mount', 'ENABLE_BINFMT'],
|
||||
['reboot.target', '',
|
||||
'runlevel6.target ctrl-alt-del.target'],
|
||||
+ ['remote-cryptsetup-pre.target', 'HAVE_LIBCRYPTSETUP'],
|
||||
+ ['remote-cryptsetup.target', 'HAVE_LIBCRYPTSETUP',
|
||||
+ join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')],
|
||||
['remote-fs-pre.target', ''],
|
||||
['remote-fs.target', '',
|
||||
join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')],
|
||||
diff --git a/units/remote-cryptsetup-pre.target b/units/remote-cryptsetup-pre.target
|
||||
new file mode 100644
|
||||
index 000000000..a375e6188
|
||||
--- /dev/null
|
||||
+++ b/units/remote-cryptsetup-pre.target
|
||||
@@ -0,0 +1,15 @@
|
||||
+# This file is part of systemd.
|
||||
+#
|
||||
+# systemd is free software; you can redistribute it and/or modify it
|
||||
+# under the terms of the GNU Lesser General Public License as published by
|
||||
+# the Free Software Foundation; either version 2.1 of the License, or
|
||||
+# (at your option) any later version.
|
||||
+
|
||||
+[Unit]
|
||||
+Description=Remote Encrypted Volumes (Pre)
|
||||
+Documentation=man:systemd.special(7)
|
||||
+RefuseManualStart=yes
|
||||
+Before=remote-cryptsetup.target
|
||||
+
|
||||
+After=network.target network-online.target
|
||||
+Wants=network-online.target
|
||||
diff --git a/units/remote-cryptsetup.target b/units/remote-cryptsetup.target
|
||||
new file mode 100644
|
||||
index 000000000..60943bd1c
|
||||
--- /dev/null
|
||||
+++ b/units/remote-cryptsetup.target
|
||||
@@ -0,0 +1,10 @@
|
||||
+# This file is part of systemd.
|
||||
+#
|
||||
+# systemd is free software; you can redistribute it and/or modify it
|
||||
+# under the terms of the GNU Lesser General Public License as published by
|
||||
+# the Free Software Foundation; either version 2.1 of the License, or
|
||||
+# (at your option) any later version.
|
||||
+
|
||||
+[Unit]
|
||||
+Description=Remote Encrypted Volumes
|
||||
+Documentation=man:systemd.special(7)
|
||||
--
|
||||
2.14.1
|
||||
|
||||
|
||||
From 543a62336565c840bbda22df0eb2a1c19180a8d5 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||
Date: Tue, 5 Sep 2017 11:30:33 +0200
|
||||
Subject: [PATCH 3/3] cryptsetup-generator: use remote-cryptsetup.target when
|
||||
_netdev is present
|
||||
|
||||
This allows such devices to depend on the network. Their startup will
|
||||
be delayed similarly to network mount units.
|
||||
|
||||
Fixes #4642.
|
||||
---
|
||||
man/crypttab.xml | 13 +++++++++++++
|
||||
src/cryptsetup/cryptsetup-generator.c | 36 ++++++++++++++++++-----------------
|
||||
2 files changed, 32 insertions(+), 17 deletions(-)
|
||||
|
||||
diff --git a/man/crypttab.xml b/man/crypttab.xml
|
||||
index 17976f370..162377ebc 100644
|
||||
--- a/man/crypttab.xml
|
||||
+++ b/man/crypttab.xml
|
||||
@@ -213,6 +213,19 @@
|
||||
<option>size=</option>.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
+ <varlistentry>
|
||||
+ <term><option>_netdev</option></term>
|
||||
+
|
||||
+ <listitem><para>Marks this cryptsetup device as requiring network. It will be
|
||||
+ started after the network is available, similarly to
|
||||
+ <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
+ units marked with <option>_netdev</option>. The service unit to set up this device
|
||||
+ will be ordered between <filename>remote-cryptsetup-pre.target</filename> and
|
||||
+ <filename>remote-cryptsetup.target</filename>, instead of
|
||||
+ <filename>cryptsetup-pre.target</filename> and
|
||||
+ <filename>cryptsetup.target</filename>.</para></listitem>
|
||||
+ </varlistentry>
|
||||
+
|
||||
<varlistentry>
|
||||
<term><option>noauto</option></term>
|
||||
|
||||
diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
|
||||
index b58b6db7c..8571ab06e 100644
|
||||
--- a/src/cryptsetup/cryptsetup-generator.c
|
||||
+++ b/src/cryptsetup/cryptsetup-generator.c
|
||||
@@ -61,7 +61,7 @@ static int create_disk(
|
||||
_cleanup_free_ char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *to = NULL, *e = NULL,
|
||||
*filtered = NULL;
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
- bool noauto, nofail, tmp, swap;
|
||||
+ bool noauto, nofail, tmp, swap, netdev;
|
||||
char *from;
|
||||
int r;
|
||||
|
||||
@@ -72,6 +72,7 @@ static int create_disk(
|
||||
nofail = fstab_test_yes_no_option(options, "nofail\0" "fail\0");
|
||||
tmp = fstab_test_option(options, "tmp\0");
|
||||
swap = fstab_test_option(options, "swap\0");
|
||||
+ netdev = fstab_test_option(options, "_netdev\0");
|
||||
|
||||
if (tmp && swap) {
|
||||
log_error("Device '%s' cannot be both 'tmp' and 'swap'. Ignoring.", name);
|
||||
@@ -102,21 +103,22 @@ static int create_disk(
|
||||
if (!f)
|
||||
return log_error_errno(errno, "Failed to create unit file %s: %m", p);
|
||||
|
||||
- fputs("# Automatically generated by systemd-cryptsetup-generator\n\n"
|
||||
- "[Unit]\n"
|
||||
- "Description=Cryptography Setup for %I\n"
|
||||
- "Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:systemd-cryptsetup@.service(8)\n"
|
||||
- "SourcePath=/etc/crypttab\n"
|
||||
- "DefaultDependencies=no\n"
|
||||
- "Conflicts=umount.target\n"
|
||||
- "BindsTo=dev-mapper-%i.device\n"
|
||||
- "IgnoreOnIsolate=true\n"
|
||||
- "After=cryptsetup-pre.target\n",
|
||||
- f);
|
||||
+ fprintf(f,
|
||||
+ "# Automatically generated by systemd-cryptsetup-generator\n\n"
|
||||
+ "[Unit]\n"
|
||||
+ "Description=Cryptography Setup for %%I\n"
|
||||
+ "Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:systemd-cryptsetup@.service(8)\n"
|
||||
+ "SourcePath=/etc/crypttab\n"
|
||||
+ "DefaultDependencies=no\n"
|
||||
+ "Conflicts=umount.target\n"
|
||||
+ "IgnoreOnIsolate=true\n"
|
||||
+ "After=%s\n",
|
||||
+ netdev ? "remote-cryptsetup-pre.target" : "cryptsetup-pre.target");
|
||||
|
||||
if (!nofail)
|
||||
fprintf(f,
|
||||
- "Before=cryptsetup.target\n");
|
||||
+ "Before=%s\n",
|
||||
+ netdev ? "remote-cryptsetup.target" : "cryptsetup.target");
|
||||
|
||||
if (password) {
|
||||
if (STR_IN_SET(password, "/dev/urandom", "/dev/random", "/dev/hw_random"))
|
||||
@@ -200,10 +202,10 @@ static int create_disk(
|
||||
return log_error_errno(errno, "Failed to create symlink %s: %m", to);
|
||||
|
||||
free(to);
|
||||
- if (!nofail)
|
||||
- to = strjoin(arg_dest, "/cryptsetup.target.requires/", n);
|
||||
- else
|
||||
- to = strjoin(arg_dest, "/cryptsetup.target.wants/", n);
|
||||
+ to = strjoin(arg_dest,
|
||||
+ netdev ? "/remote-cryptsetup" : "/cryptsetup",
|
||||
+ ".target.",
|
||||
+ nofail ? "wants/" : "requires/", n);
|
||||
if (!to)
|
||||
return log_oom();
|
||||
|
||||
--
|
||||
2.14.1
|
||||
|
136
systemd.spec
136
systemd.spec
|
@ -13,7 +13,7 @@
|
|||
Name: systemd
|
||||
Url: http://www.freedesktop.org/wiki/Software/systemd
|
||||
Version: 234
|
||||
Release: 8%{?gitcommit:.git%{gitcommitshort}}%{?dist}
|
||||
Release: 9%{?gitcommit:.git%{gitcommitshort}}%{?dist}
|
||||
# For a breakdown of the licensing, see README
|
||||
License: LGPLv2+ and MIT and GPLv2+
|
||||
Summary: System and Service Manager
|
||||
|
@ -42,7 +42,7 @@ Source12: https://raw.githubusercontent.com/systemd/systemd/1000522a60cead
|
|||
|
||||
%if 0
|
||||
GIT_DIR=../../src/systemd/.git git format-patch-ab --no-signature -M -N v234..v234-stable
|
||||
i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done|xclip
|
||||
i=1; for j in 0[0-8]*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done|xclip
|
||||
GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[67]* hwdb/parse_hwdb.py > hwdb.patch
|
||||
%endif
|
||||
|
||||
|
@ -59,20 +59,96 @@ Patch0010: 0010-journald-make-sure-we-retain-all-stream-fds-across-r.patch
|
|||
Patch0011: 0011-Use-config_parse_sec_fix_0-also-for-JobRunningTimeou.patch
|
||||
Patch0012: 0012-virt-enable-detecting-QEMU-TCG-via-CPUID-6399.patch
|
||||
Patch0013: 0013-test-condition-don-t-assume-that-all-non-root-users-.patch
|
||||
Patch0014: 0014-call-chase_symlinks-without-the-sysroot-prefix-6411.patch
|
||||
Patch0015: 0015-nspawn-downgrade-warning-when-we-get-sd_notify-messa.patch
|
||||
Patch0016: 0016-Revert-core-don-t-load-dropin-data-multiple-times-fo.patch
|
||||
Patch0017: 0017-bash-completion-use-the-first-argument-instead-of-th.patch
|
||||
Patch0018: 0018-boot-efi-don-t-hard-fail-on-error-for-tpm-measure-64.patch
|
||||
Patch0019: 0019-meson-D-remote-and-D-importd-should-be-combo-options.patch
|
||||
Patch0020: 0020-cryptsetup-fix-infinite-timeout-6486.patch
|
||||
Patch0021: 0021-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch
|
||||
Patch0022: 0022-core-Do-not-fail-perpetual-mount-units-without-fragm.patch
|
||||
Patch0023: 0023-build-sys-bump-xslt-maxdepth-limit.patch
|
||||
Patch0024: 0024-device-make-sure-to-remove-all-device-units-sharing-.patch
|
||||
Patch0014: 0014-Revert-core-don-t-load-dropin-data-multiple-times-fo.patch
|
||||
Patch0015: 0015-bash-completion-use-the-first-argument-instead-of-th.patch
|
||||
Patch0016: 0016-meson-D-remote-and-D-importd-should-be-combo-options.patch
|
||||
Patch0017: 0017-cryptsetup-fix-infinite-timeout-6486.patch
|
||||
Patch0018: 0018-unit-when-JobTimeoutSec-is-turned-off-implicitly-tur.patch
|
||||
Patch0019: 0019-call-chase_symlinks-without-the-sysroot-prefix-6411.patch
|
||||
Patch0020: 0020-nspawn-downgrade-warning-when-we-get-sd_notify-messa.patch
|
||||
Patch0021: 0021-boot-efi-don-t-hard-fail-on-error-for-tpm-measure-64.patch
|
||||
Patch0022: 0022-rfkill-fix-erroneous-behavior-when-polling-the-udev-.patch
|
||||
Patch0023: 0023-core-Do-not-fail-perpetual-mount-units-without-fragm.patch
|
||||
Patch0024: 0024-process-util-update-the-end-pointer-of-the-process-n.patch
|
||||
Patch0025: 0025-dhcp-network-adjust-sockaddr-length-for-addresses-lo.patch
|
||||
Patch0026: 0026-service-attempt-to-execute-next-main-command-only-fo.patch
|
||||
Patch0027: 0027-namespace-avoid-assertion-failure-6649.patch
|
||||
Patch0028: 0028-terminal-reset-should-honour-default_utf8-kernel-set.patch
|
||||
Patch0029: 0029-networkd-do-not-fail-manager_connect_bus-if-dbus-is-.patch
|
||||
Patch0030: 0030-sd-bus-socket-only-transmit-auxillary-FDs-once-6603.patch
|
||||
Patch0031: 0031-device-make-sure-to-remove-all-device-units-sharing-.patch
|
||||
Patch0032: 0032-shutdown-don-t-remount-ro-network-filesystems.-6588.patch
|
||||
Patch0033: 0033-cryptsetup-generator-do-not-bind-to-the-decrypted-de.patch
|
||||
Patch0034: 0034-log-reopen-log-for-failed-assertions-6703.patch
|
||||
Patch0035: 0035-sd-bus-use-when-passing-arguments-to-ssh-6706.patch
|
||||
Patch0036: 0036-networkd-dont-crash-when-mtu-changes-6594.patch
|
||||
Patch0037: 0037-logind-remember-to-remove-run-systemd-shutdown-sched.patch
|
||||
Patch0038: 0038-logind-method_schedule_shutdown-already-rejects-empt.patch
|
||||
Patch0039: 0039-logind-add-missing-check-for-conflicting-operation-v.patch
|
||||
Patch0040: 0040-logind-respect-delay-inhibitors-in-scheduled-shutdow.patch
|
||||
Patch0041: 0041-logind-add-missing-resume-signal-when-we-fail-to-ini.patch
|
||||
Patch0042: 0042-logind-tighten-assertion-in-execute_shutdown_or_slee.patch
|
||||
Patch0043: 0043-tmpfiles-with-e-don-t-attempt-to-set-permissions-whe.patch
|
||||
Patch0044: 0044-man-fix-path-for-storing-random-seed.patch
|
||||
Patch0045: 0045-Load-virtio_rng-early-in-the-game-6710.patch
|
||||
Patch0046: 0046-tmpfiles-silently-ignore-any-path-that-passes-throug.patch
|
||||
Patch0047: 0047-6647-use-path_startswith-dev-in-cryptsetup-6732.patch
|
||||
Patch0048: 0048-systemd-mount-fix-that-wrong-argument-is-used-for-ar.patch
|
||||
Patch0049: 0049-systemd-mount-allow-to-specify-an-arbitrary-string-f.patch
|
||||
Patch0050: 0050-rfkill-Lookup-device-in-determine_state_file.patch
|
||||
Patch0051: 0051-rfkill-Delay-writes-until-exit-5768.patch
|
||||
Patch0052: 0052-systemctl-check-existence-of-all-units-not-just-the-.patch
|
||||
Patch0053: 0053-systemctl-fix-masking-of-template-units.patch
|
||||
Patch0054: 0054-networkd-send-dhcp-option-NTP-when-UseNTP-is-true-67.patch
|
||||
Patch0055: 0055-networkd-send-dhcp-timezone-option-when-UseTimezone-.patch
|
||||
Patch0056: 0056-journalctl-honor-quiet-when-vacuuming-6771.patch
|
||||
Patch0057: 0057-manager-when-reexecuting-try-to-connect-to-bus-only-.patch
|
||||
Patch0058: 0058-efivars-don-t-crash-when-somebody-wants-to-remove-an.patch
|
||||
Patch0059: 0059-util-make-get_block_device-available.patch
|
||||
Patch0060: 0060-shutdown-don-t-be-fooled-when-detaching-DM-devices-w.patch
|
||||
Patch0061: 0061-sd-bus-extend-D-Bus-authentication-timeout-considera.patch
|
||||
Patch0062: 0062-timer-don-t-use-persietent-file-timestamps-from-the-.patch
|
||||
Patch0063: 0063-shared-end-string-with-if-one-was-found-at-the-end-o.patch
|
||||
Patch0064: 0064-build-sys-bump-xslt-maxdepth-limit-6863.patch
|
||||
Patch0065: 0065-fileio-add-new-helper-call-read_line-as-bounded-getl.patch
|
||||
Patch0066: 0066-def-add-new-constant-LONG_LINE_MAX.patch
|
||||
Patch0067: 0067-fileio-rework-read_one_line_file-on-top-of-read_line.patch
|
||||
Patch0068: 0068-cgroup-util-replace-one-use-of-fgets-by-read_line.patch
|
||||
Patch0069: 0069-test-conf-parser-add-some-basic-tests-for-config_par.patch
|
||||
Patch0070: 0070-conf-parse-remove-4K-line-length-limit.patch
|
||||
Patch0071: 0071-fileio-use-_cleanup_-for-FILE-unlocking.patch
|
||||
Patch0072: 0072-test-conf-parser-use-_cleanup_.patch
|
||||
Patch0073: 0073-test-conf-parser-add-tests-for-the-new-long-lines-in.patch
|
||||
Patch0074: 0074-test-fileio-close-two-leaked-file-handles.patch
|
||||
Patch0075: 0075-test-fileio-also-test-read_line-with-actual-files.patch
|
||||
Patch0076: 0076-fileio-return-0-from-read_one_line_file-on-success.patch
|
||||
Patch0077: 0077-string-util-use-size_t-for-strjoina-macro-6914.patch
|
||||
Patch0078: 0078-mount-util-add-fusectl-to-list-of-API-VFS.patch
|
||||
Patch0079: 0079-units-do-not-kill-rescue-shell-when-machines.target-.patch
|
||||
Patch0080: 0080-units-express-Conflict-in-syslog.socket-instead-of-e.patch
|
||||
Patch0081: 0081-units-add-missing-ordering-deps-for-Conflicts-of-eme.patch
|
||||
Patch0082: 0082-units-add-missing-Before-shutdown.target-for-units-w.patch
|
||||
Patch0083: 0083-units-DefaultDependencies-already-implies-conflict-w.patch
|
||||
Patch0084: 0084-systemctl-supress-enable-disable-messages-when-q-is-.patch
|
||||
Patch0085: 0085-basic-env-util-drop-the-validation-when-deserializin.patch
|
||||
Patch0086: 0086-basic-env-util-don-t-relax-unesaping-of-serialized-e.patch
|
||||
Patch0087: 0087-networkd-Consider-linkLocalAddressing-state-while-co.patch
|
||||
Patch0088: 0088-networkd-don-t-stop-the-dhcp-server-if-it-s-not-conf.patch
|
||||
Patch0089: 0089-nspawn-Fix-calculation-of-capabilities-for-configura.patch
|
||||
Patch0090: 0090-timedatectl-stop-using-xstrftime.patch
|
||||
Patch0091: 0091-nspawn-EROFS-for-chowning-mount-points-is-not-fatal-.patch
|
||||
Patch0092: 0092-resolved-fix-loop-on-packets-with-pseudo-dns-types.patch
|
||||
Patch0093: 0093-cryptsetup-generator-add-a-helper-utility-to-create-.patch
|
||||
Patch0094: 0094-units-order-cryptsetup-pre.target-before-cryptsetup..patch
|
||||
Patch0095: 0095-units-add-remote-cryptsetup.target-and-remote-crypts.patch
|
||||
Patch0096: 0096-cryptsetup-generator-use-remote-cryptsetup.target-wh.patch
|
||||
Patch0097: 0097-units-add-Install-section-to-remote-cryptsetup.targe.patch
|
||||
Patch0098: 0098-units-replace-remote-cryptsetup-pre.target-with-remo.patch
|
||||
Patch0099: 0099-man-add-a-note-about-_netdev-usage.patch
|
||||
Patch0100: 0100-units-make-remote-cryptsetup.target-also-after-crypt.patch
|
||||
Patch0101: 0101-man-describe-how-machine-id-should-be-initialized-70.patch
|
||||
|
||||
Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
||||
Patch0999: 0999-netdev-crypttab.patch
|
||||
|
||||
%global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);}
|
||||
|
||||
|
@ -1053,6 +1129,38 @@ getent passwd systemd-journal-upload &>/dev/null || useradd -r -l -g systemd-jou
|
|||
%{pkgdir}/tests
|
||||
|
||||
%changelog
|
||||
* Thu Oct 26 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 234-9
|
||||
- Use infinite timeouts for passwords during boot when JobTimeoutSec=0
|
||||
- Some tty utf8-mode fixes
|
||||
- Only send one auxillary fd set over dbus
|
||||
- Various network-manager crash and spurious assert fixes
|
||||
- Do not remount network filesystems ro during shutdown and unmount DM
|
||||
devices better
|
||||
- Fix cryptsetup devices disappearing when used for btrfs
|
||||
- Fix assertions messages sometimes not appearing during bootup/shutdown
|
||||
- Fix passing arguments over ssh (-H)
|
||||
- Fix networks crash on MTU changes
|
||||
- Respect delay inhibitors in scheduled shutdowns using logind
|
||||
- Send resume signal on failed sleep/shutdown from logind (#1476313)
|
||||
- Make tmpfiles treat various errors more leniently and ignore autofs paths
|
||||
- Load virtio_rng early
|
||||
- Fix cryptsetup generator usage in initramfs
|
||||
- Fix mounting of APIFSs using systemd-mount
|
||||
- Fix rfkill on some thinkpads
|
||||
- Fix masking of template units
|
||||
- Honour quiet flag in more places
|
||||
- Fix crash when removing EFI variables
|
||||
- Fix handling of persistent timer timestamps from the future
|
||||
- Extend dbus timeouts to handle slow dbus daemon startup
|
||||
- Allow lines of unlimited length in configuration files
|
||||
- Fix starting of units in emergency mode
|
||||
- Make environment variable validation allow all shell variables
|
||||
- Fix systemd-networkd issues when LinkLocalAddressing=no and DHCPServer=no
|
||||
- Fix assertion triggered in timedatectl under Iranian locale
|
||||
- Fix systemd-resolved DOS with crafted NSEC packets (LP#1725351)
|
||||
- Backport /etc/crypttab _netdev feature from upstream
|
||||
(v2, with crypttab _netdev units using remote-fs-pre.target)
|
||||
|
||||
* Tue Sep 26 2017 Nathaniel McCallum <npmccallum@redhat.com> - 234-8
|
||||
- Backport /etc/crypttab _netdev feature from upstream
|
||||
|
||||
|
|
Loading…
Reference in New Issue