Commit Graph

43199 Commits

Author SHA1 Message Date
Yu Watanabe
9094ae52ca udev/net: assign alternative names only on add uevent
Previously, we first assign alternative names to a network interface,
then later change its main name if requested. So, we could not assign
the name that currently assigned as the main name of an interface as an
alternative name. So, we retry to assign the previous main name as an
alternative name on later move uevent.

However, that causes some confusing situation. E.g. if a .link file has
```
Name=foo
AlternativeNames=foo baz
```
then even if the interface is renamed by a user e.g. by invoking 'ip link'
command manually, the interface can be still referenced as 'foo', as the
name is now assigned as an alternative name.

This makes the order of name assignment inverse: the main name is first
changed, and then the requested alternative names are assigned. And
udevd do not assign alternative names on move uevent.

Replaces #27506.
2023-05-16 16:37:31 +09:00
Yu Watanabe
8182445500 sd-netlink: make rtnl_set_link_name() optionally append alternative names 2023-05-16 16:37:31 +09:00
Yu Watanabe
cd941e6596 udev/net: generate new network interface name only on add uevent
On other uevents, the name will be anyway ignored in rename_netif() in
udev-event.c.
2023-05-16 16:37:31 +09:00
Yu Watanabe
e65c6c1baa udev/net: verify ID_NET_XYZ before trying to assign it as an alternative name 2023-05-16 16:37:31 +09:00
Yu Watanabe
5668f3a7cf udev: make udev_builtin_run() take UdevEvent*
No functional change, preparation for later commits.
2023-05-16 16:37:31 +09:00
Yu Watanabe
b3cfe59001 udev: use SYNTHETIC_ERRNO() at one more place 2023-05-16 16:37:28 +09:00
Lennart Poettering
f81048f8f5 watchdog: always disarm watchdog properly before closing it
If we change the watchdog device we should disarm the old one first.

Similar, if we open the watchdog, but then fail setting it up, disarm it
before closing it again.
2023-05-15 21:55:19 +08:00
Daan De Meyer
62281c78bb machine-id-setup: Do not overwrite if /etc/machine-id contains uninitialized
When we're building OS images, we never want /etc/machine-id to contain
anything other than "uninitialized" until we actually boot the image. So
let's allow image builders to write "uninitialized" to /etc/machine-id
and if systemd-machine-id-setup is called after, make sure we don't
overwrite it.
2023-05-15 10:16:27 +09:00
Frantisek Sumsal
fee9f7b5c7 nspawn: simplify error handling 2023-05-14 19:32:07 +02:00
Yu Watanabe
0c3ea0c222 sd-dhcp-server: also send DNS servers or friends on DHCPOFFER
From RFC 2131 section 4.3.1 (https://www.rfc-editor.org/rfc/rfc2131#section-4.3.1):
----
The server MUST return to the client:
- Parameters requested by the client, according to the following rules:
  -- IF the server has been explicitly configured with a default
     value for the parameter, the server MUST include that value
     in an appropriate option in the 'option' field,
----
The sentence is not only for ACK, but for all (positive) responses, that
is DHCPOFFER and DHCPACK.

Fixes #27471.
2023-05-13 12:37:17 +01:00
Luca Boccassi
d5e6c4be91 Merge pull request #27605 from YHNdnzj/dbus-activation-followup
core: only refuse Type=dbus service enqueue if dbus has pending stop job
2023-05-13 11:49:21 +01:00
Luca Boccassi
942afbad2a Merge pull request #27634 from mrc0mmand/TEST-13-shenanigans
test: clean up & extend the nspawn/machinectl test suite
2023-05-13 10:23:14 +01:00
Daan De Meyer
fecbce1fc6 sulogin: Read SYSTEMD_SULOGIN_FORCE from kernel cmdline
This allows setting it on the kernel cmdline and having it work
automatically without having to write any dropins or such.

Also enable the option in mkosi so that we can debug the initrd
properly with a locked root account.
2023-05-13 09:16:55 +02:00
Frantisek Sumsal
7362947c3f machine,portable: fix a typo in an info message 2023-05-13 00:26:38 +02:00
Luca Boccassi
27cead47be Merge pull request #27633 from DaanDeMeyer/repart-dropin
repart: Make sure we look up dropin files in the root directory
2023-05-12 21:29:38 +01:00
Frantisek Sumsal
efdaa92ecb machine: fix a memory leak when showing multiple machines
+ machinectl status long-running long-running long-running
=================================================================
==986==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 1568 byte(s) in 2 object(s) allocated from:
    #0 0x7fe57caba097 in calloc (/lib64/libasan.so.8+0xba097)
    #1 0x7fe57b891e8e in message_from_header ../src/libsystemd/sd-bus/bus-message.c:372
    #2 0x7fe57b892dfd in bus_message_from_malloc ../src/libsystemd/sd-bus/bus-message.c:421
    #3 0x7fe57b9089a8 in bus_socket_make_message ../src/libsystemd/sd-bus/bus-socket.c:1165
    #4 0x7fe57b90affe in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1294
    #5 0x7fe57b92db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
    #6 0x7fe57b933352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
    #7 0x7fe57b84da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
    #8 0x7fe57b2789e8 in bus_call_method ../src/shared/bus-locator.c:109
    #9 0x40f71c in show_machine ../src/machine/machinectl.c:713
    #10 0x7fe57b65c8cf in dispatch_verb ../src/shared/verbs.c:103
    #11 0x42e9ce in machinectl_main ../src/machine/machinectl.c:2980
    #12 0x42ebf9 in run ../src/machine/machinectl.c:3005
    #13 0x42ed1f in main ../src/machine/machinectl.c:3008
    #14 0x7fe579e4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
Indirect leak of 234 byte(s) in 2 object(s) allocated from:
    #0 0x7fe57cab95b5 in __interceptor_realloc.part.0 (/lib64/libasan.so.8+0xb95b5)
    #1 0x7fe57b909822 in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1214
    #2 0x7fe57b92db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
    #3 0x7fe57b933352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
    #4 0x7fe57b84da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
    #5 0x7fe57b2789e8 in bus_call_method ../src/shared/bus-locator.c:109
    #6 0x40f71c in show_machine ../src/machine/machinectl.c:713
    #7 0x7fe57b65c8cf in dispatch_verb ../src/shared/verbs.c:103
    #8 0x42e9ce in machinectl_main ../src/machine/machinectl.c:2980
    #9 0x42ebf9 in run ../src/machine/machinectl.c:3005
    #10 0x42ed1f in main ../src/machine/machinectl.c:3008
    #11 0x7fe579e4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
Indirect leak of 4 byte(s) in 2 object(s) allocated from:
    #0 0x7fe57ca7243b in strdup (/lib64/libasan.so.8+0x7243b)
    #1 0x7fe57b8c1543 in message_parse_fields ../src/libsystemd/sd-bus/bus-message.c:4125
    #2 0x7fe57b893586 in bus_message_from_malloc ../src/libsystemd/sd-bus/bus-message.c:443
    #3 0x7fe57b9089a8 in bus_socket_make_message ../src/libsystemd/sd-bus/bus-socket.c:1165
    #4 0x7fe57b90affe in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1294
    #5 0x7fe57b92db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
    #6 0x7fe57b933352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
    #7 0x7fe57b84da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
    #8 0x7fe57b2789e8 in bus_call_method ../src/shared/bus-locator.c:109
    #9 0x40f71c in show_machine ../src/machine/machinectl.c:713
    #10 0x7fe57b65c8cf in dispatch_verb ../src/shared/verbs.c:103
    #11 0x42e9ce in machinectl_main ../src/machine/machinectl.c:2980
    #12 0x42ebf9 in run ../src/machine/machinectl.c:3005
    #13 0x42ed1f in main ../src/machine/machinectl.c:3008
    #14 0x7fe579e4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
SUMMARY: AddressSanitizer: 1806 byte(s) leaked in 6 allocation(s).
2023-05-12 18:05:32 +02:00
Frantisek Sumsal
4b6ce580ee machine: fix a memory leak when showing multiple images
+ machinectl image-status container1 container1 container0 container1 container2 container3 container4
 =================================================================
 ==1354==ERROR: LeakSanitizer: detected memory leaks
 Direct leak of 4704 byte(s) in 6 object(s) allocated from:
     #0 0x7fc3670ba097 in calloc (/lib64/libasan.so.8+0xba097)
     #1 0x7fc365e91e8e in message_from_header ../src/libsystemd/sd-bus/bus-message.c:372
     #2 0x7fc365e92dfd in bus_message_from_malloc ../src/libsystemd/sd-bus/bus-message.c:421
     #3 0x7fc365f089a8 in bus_socket_make_message ../src/libsystemd/sd-bus/bus-socket.c:1165
     #4 0x7fc365f0affe in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1294
     #5 0x7fc365f2db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
     #6 0x7fc365f33352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
     #7 0x7fc365e4da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
     #8 0x7fc3658789e8 in bus_call_method ../src/shared/bus-locator.c:109
     #9 0x413b76 in show_image ../src/machine/machinectl.c:1014
     #10 0x7fc365c5c8cf in dispatch_verb ../src/shared/verbs.c:103
     #11 0x42e992 in machinectl_main ../src/machine/machinectl.c:2981
     #12 0x42ebbd in run ../src/machine/machinectl.c:3006
     #13 0x42ece3 in main ../src/machine/machinectl.c:3009
     #14 0x7fc36444a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
 Indirect leak of 666 byte(s) in 6 object(s) allocated from:
     #0 0x7fc3670b95b5 in __interceptor_realloc.part.0 (/lib64/libasan.so.8+0xb95b5)
     #1 0x7fc365f09822 in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1214
     #2 0x7fc365f2db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
     #3 0x7fc365f33352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
     #4 0x7fc365e4da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
     #5 0x7fc3658789e8 in bus_call_method ../src/shared/bus-locator.c:109
     #6 0x413b76 in show_image ../src/machine/machinectl.c:1014
     #7 0x7fc365c5c8cf in dispatch_verb ../src/shared/verbs.c:103
     #8 0x42e992 in machinectl_main ../src/machine/machinectl.c:2981
     #9 0x42ebbd in run ../src/machine/machinectl.c:3006
     #10 0x42ece3 in main ../src/machine/machinectl.c:3009
     #11 0x7fc36444a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
 Indirect leak of 12 byte(s) in 6 object(s) allocated from:
     #0 0x7fc36707243b in strdup (/lib64/libasan.so.8+0x7243b)
     #1 0x7fc365ec1543 in message_parse_fields ../src/libsystemd/sd-bus/bus-message.c:4125
     #2 0x7fc365e93586 in bus_message_from_malloc ../src/libsystemd/sd-bus/bus-message.c:443
     #3 0x7fc365f089a8 in bus_socket_make_message ../src/libsystemd/sd-bus/bus-socket.c:1165
     #4 0x7fc365f0affe in bus_socket_read_message ../src/libsystemd/sd-bus/bus-socket.c:1294
     #5 0x7fc365f2db71 in bus_read_message ../src/libsystemd/sd-bus/sd-bus.c:2082
     #6 0x7fc365f33352 in sd_bus_call ../src/libsystemd/sd-bus/sd-bus.c:2483
     #7 0x7fc365e4da61 in sd_bus_call_methodv ../src/libsystemd/sd-bus/bus-convenience.c:183
     #8 0x7fc3658789e8 in bus_call_method ../src/shared/bus-locator.c:109
     #9 0x413b76 in show_image ../src/machine/machinectl.c:1014
     #10 0x7fc365c5c8cf in dispatch_verb ../src/shared/verbs.c:103
     #11 0x42e992 in machinectl_main ../src/machine/machinectl.c:2981
     #12 0x42ebbd in run ../src/machine/machinectl.c:3006
     #13 0x42ece3 in main ../src/machine/machinectl.c:3009
     #14 0x7fc36444a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)
 SUMMARY: AddressSanitizer: 5382 byte(s) leaked in 18 allocation(s).
2023-05-12 18:05:32 +02:00
Daan De Meyer
34f2fd5096 repart: Make sure we look up dropin files in the root directory 2023-05-12 17:52:47 +02:00
Daan De Meyer
947f59ba2b conf-parser: Add root argument to config_parse_many() 2023-05-12 17:52:32 +02:00
Frantisek Sumsal
e8dba80626 core: fix memory leak during deserialization
when activation-details-unit-name is encountered multiple times.

Resolves: #27623
2023-05-13 00:42:25 +09:00
Daan De Meyer
9b05a3715b repart: Make sure r is declared last 2023-05-12 17:38:00 +02:00
Daan De Meyer
4b047310f6 repart: Read arguments directly instead of passing them in 2023-05-12 17:38:00 +02:00
Mike Yuan
2b680534c9 Revert "core/manager: export manager_dbus_is_running" and partially "core: refuse dbus activation if dbus is not running"
This reverts commit e886315065
and partially 53964fd26b.

Specifically, changes to signal_activation_request()
is not desired.
2023-05-12 16:21:44 +08:00
Mike Yuan
bee6e755bb core: only refuse Type=dbus service enqueuing if dbus has stop job
Follow-up for #27579

In #27579 we refused all StartUnit requests for Type=dbus units
if dbus is not running, which means if dbus is manually stopped,
user can't use systemctl to start Type=dbus units again, which
is incorrect.

The only culprit that leads to the cancellation of the whole
transaction mentioned in #26799 is job type conflict on dbus.
So let's relax the restriction and only refuse job enqueuing
if dbus has a stop job.

To summarize, the case we want to avoid is:

1. dbus has a stop job installed
2. StartUnit/ActivationRequest is received
3. Type=dbus service gets started, which has Requires=dbus.socket
4. dbus is pulled in again, resulting in job type conflict

What we can support is:

1. dbus is already stopped
2. StartUnit is received (possibly through systemctl, i.e. on private bus)
3. Type=dbus service gets started, which will wait for dbus to start
4. dbus is started again, thus the job for Type=dbus service

Replaces #27590
Fixes #27588
2023-05-12 16:21:44 +08:00
Daan De Meyer
153d5dfd87 core: Try to initialize TERM from systemd.tty.term.console as well
We already have the systemd.tty.xxx kernel cmdline arguments for
configuring tty's for services, let's make sure the term cmdline
argument applies to pid1 as well.
2023-05-12 08:38:20 +02:00
Daan De Meyer
32b0be0eb8 Merge pull request #27565 from yuwata/static-destruct
static-destruct: support clearing array on exit
2023-05-12 08:36:43 +02:00
Daan De Meyer
2bc161dddb mkfs-util: Add quiet argument to make_filesystem()
We default to quiet operation everywhere except for repart, where
we disable quiet and have the mkfs tools write to stdout.

We also make sure --quiet or equivalent is implemented for all mkfs
tools.
2023-05-12 07:51:50 +02:00
Daan De Meyer
aaa27e2e21 core: Check if any init exists before switching root
If we switch root and can't execute an init program afterwards, we're
completely stuck as we can't go back to the initramfs to start
emergency.service as it will have been completely removed by the switch
root operation.

To prevent leaving users with a completely undebuggable system, let's
at least check before we switch root whether at least one of the init
programs we might want to execute actually exist, and fail early if
none of them exists.
2023-05-12 07:48:50 +02:00
Daan De Meyer
3f92250f4c core: Make sure systemctl exit <X> works outside of a container
When running in a VM, we now support propagating the exit status
via a vsock notify socket, so drop the restrictions on propagating
an exit status when not in a container to make sure this works
properly.
2023-05-12 07:48:29 +02:00
Yu Watanabe
f466e828db Merge pull request #27618 from DaanDeMeyer/fstab-generator
Fstab generator fixes
2023-05-12 04:23:54 +09:00
Yu Watanabe
db4afb95c2 Merge pull request #27611 from yuwata/core-mount-escape-utf8
core/mount: escape invalid utf8 chars
2023-05-12 01:40:32 +09:00
Daan De Meyer
32fe629abc fstab-generator: Fix log message 2023-05-11 14:44:16 +02:00
Daan De Meyer
338da50141 fstab-generator: Unset kernel cmdline options if empty value is given 2023-05-11 14:44:16 +02:00
Daan De Meyer
200268c6db fstab-generator: Take systemd.verity= into account
Disable verity logic if systemd.verity= switch is disabled.
2023-05-11 14:44:14 +02:00
Frantisek Sumsal
b0582f6b63 cryptenroll: actually allow using multiple "special" strings when wiping
The systemd-cryptenroll man page states:

    Takes a comma separated list of numeric slot indexes, or the special
    strings ..., or any combination of these strings or numeric
    indexes, in which case all slots matching either are wiped.

but we'd allow only one special string at any given time as the value
was not ORed when assigning. So, for example, --wipe=recovery,password
would actually become --wipe=password, etc.
2023-05-11 13:12:08 +01:00
Yu Watanabe
4804da5853 core/mount: escape invalid UTF8 char in dbus reply
When What= or Options= may contain invalid UTF8 chars.

Replaces aaf7b0e411 (#27541).
2023-05-11 19:25:38 +09:00
Yu Watanabe
bcf58ff559 Revert "core/mount: replace invalid UTF-8 code points in "what" and "options""
This reverts commit aaf7b0e411.

Not only /proc/mountinfo, .mount units not started yet may contain
invalid UTF-8 chars.
2023-05-11 19:24:42 +09:00
Luca Boccassi
fcb4ba6c14 Merge pull request #27539 from esposem/ukify_pesign
ukify: support pesign as alternative to sbsign
2023-05-11 10:45:59 +01:00
Yu Watanabe
d698679112 Merge pull request #27596 from yuwata/drop-pure
drop two more inappropriate _pure_ attributes and several cleanups
2023-05-11 16:49:40 +09:00
Daan De Meyer
1fd5ec5697 tmpfiles: Add merge support for copy files action
If '+' is specified with 'C', let's merge the tree with any existing
tree.
2023-05-10 18:08:07 +02:00
Daan De Meyer
e57b7020d2 repart: Fix deny list logic
Until now, we always excluded the top level directories that were
covered by child partition mount points, regardless of the source
directory and the target directory of the copy files operation.
This means that even if we were populating a XBOOTLDR partition, if
there was an EFI partition in the image, we'd exclude /boot
unconditionally, leading to the XBOOTLDR partition to be empty.

Also, because of the same cause, if we were copying a nested source
directory (e.g. /abc/def) to the root directory in the root
partition, if /abc/def/usr existed and was populated with files and
directories, the root partition would have those files under /usr,
even if a /usr partition was defined.

To fix these issues, instead of unconditionally excluding the top
level partition mount points under <source>, let's make sure that
when we're copying files from any source directory to the root
directory of a root partition, that we exclude the partition mount
point directories under the source directory instead of the top
level ones.
2023-05-10 18:07:47 +02:00
Emanuele Giuseppe Esposito
4e906270a3 src/ukify/test/test_ukify: fix skipped tests
Some tests are skipped because initrd extracted from bootctl
is "/boot/initramfs-5.14.0-284.el9.x86_64.img $tuned_initrd"
and not just "/boot/initramfs-5.14.0-284.el9.x86_64.img".
Therefore split and remove the additional garbage.

Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
2023-05-10 09:20:46 -04:00
Emanuele Giuseppe Esposito
ff5618c7c0 src/ukify/test/test_ukify: add pesign unit test
Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
2023-05-10 09:20:46 -04:00
Emanuele Giuseppe Esposito
c1e8d1727b ukify: support pesign as alternative to sbsign
sbsign is not available everywhere, for example RHEL does not have it.
Add pesign as alternative to it.

pesign will use options "--secureboot-certificate-name" (mandatory) and
"--secureboot-certificate-dir" (optional), while sbsign will use
"--secureboot-private-key" and "--secureboot-certificate".

By default, use sbsign. If no key/cert is provided or sbsign is not found,
try pesign.

Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
2023-05-10 09:18:27 -04:00
Emanuele Giuseppe Esposito
e673c5c2d9 ukify: typo in doc and print when package is missing
If a package is missing, a subprocess is started with None as
command argument. Error raised by subprocess is therefore not helpful
at all to understand what needs to be done to fix that error.

Also fix doc since systemd-stub will look for .cmdline files, and not
.cmdline.efi files.

Signed-off-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
2023-05-10 09:18:25 -04:00
Yu Watanabe
39a39f18f2 udev: do not set ID_PATH and by-path symlink for nvmf disks
Prompted by #27391.
2023-05-10 19:42:49 +08:00
Yu Watanabe
6112c86139 core: replace hashmap_get() with hashmap_contains() where appropriate 2023-05-10 15:06:44 +09:00
Yu Watanabe
735f0645db core: drop unused argument 2023-05-10 15:06:39 +09:00
Yu Watanabe
fcd7e0b7ed core: several cleanups for job_get_timeout()
- add missing assertion,
- rename the argument for storing result,
- always initialize result on success.
2023-05-10 15:06:39 +09:00
Yu Watanabe
bc52801034 tree-wide: drop _pure_ attribute from non-pure functions
Prompted by #27595.
Follow-ups for 6723c28f36.
2023-05-10 15:06:24 +09:00