Commit Graph

27201 Commits

Author SHA1 Message Date
Martin Ejdestig
6d6e4ddd3d man: document sd_event_get_tid() return value (#4385) 2016-10-16 10:25:34 -04:00
Lukáš Nykrýn
08a28eeca7 virt: add possibility to skip the check for chroot (#4374)
https://bugzilla.redhat.com/show_bug.cgi?id=1379852
2016-10-15 13:54:58 -04:00
Tejun Heo
7d862ab8c2 core: make settings for unified cgroup hierarchy supersede the ones for legacy hierarchy (#4269)
There are overlapping control group resource settings for the unified and
legacy hierarchies.  To help transition, the settings are translated back and
forth.  When both versions of a given setting are present, the one matching the
cgroup hierarchy type in use is used.  Unfortunately, this is more confusing to
use and document than necessary because there is no clear static precedence.

Update the translation logic so that the settings for the unified hierarchy are
always preferred.  systemd.resource-control man page is updated to reflect the
change and reorganized so that the deprecated settings are at the end in its
own section.
2016-10-14 21:07:16 -04:00
Thomas H. P. Andersen
5c4624e082 nspawn: remove unused variable (#4369) 2016-10-14 00:30:28 +03:00
Lennart Poettering
8bfdf29b24 Merge pull request #4243 from endocode/djalal/sandbox-first-protection-kernelmodules-v1
core:sandbox: Add ProtectKernelModules= and some fixes
2016-10-13 18:36:29 +02:00
Zbigniew Jędrzejewski-Szmek
f5df066d1d Merge pull request #653 from dvdhrm/bus-gold 2016-10-13 12:25:56 -04:00
Daniel Mack
d02b5af3f3 Merge pull request #4363 from stefan-it/replace-while-loops
basic,coredump: use for loop instead of while
2016-10-13 15:56:23 +02:00
Daniel Mack
c5a6157b4a Merge pull request #4364 from phomes/man-fixes
man: typo fixes
2016-10-13 15:55:40 +02:00
Evgeny Vereshchagin
f0bef277a4 nspawn: cleanup and chown the synced cgroup hierarchy (#4223)
Fixes: #4181
2016-10-13 09:50:46 -04:00
Zbigniew Jędrzejewski-Szmek
c1a9199ec4 Merge pull request #4362 from poettering/journalbootlistfix 2016-10-13 07:45:09 -04:00
Thomas Hindoe Paaboel Andersen
2dd678171e man: typo fixes
A mix of fixes for typos and UK english
2016-10-12 23:02:44 +02:00
Stefan Schweter
aa7530d681 coredump: use for() loop instead of while() 2016-10-12 22:49:01 +02:00
Stefan Schweter
e7f1334f07 basic: use for() loop instead of while() 2016-10-12 22:48:41 +02:00
Lennart Poettering
6612379adf Merge pull request #4358 from fsateler/pam-config
Pam config fixes
2016-10-12 20:41:52 +02:00
Lennart Poettering
da597d2b52 update TODO 2016-10-12 20:33:33 +02:00
Lennart Poettering
3cc44bf91b journalctl: say in which directory we vacuum stuff
Fixes: #4060
2016-10-12 20:25:20 +02:00
Lennart Poettering
8da830bca9 journalctl: don't claim the journal was stored on disk
Let's just say that the journal takes up space in the file system, not on disk,
as tmpfs is definitely a file system, but not a disk.

Fixes: #4059
2016-10-12 20:25:20 +02:00
Lennart Poettering
ae739cc1ed journal: refuse opening journal files from the future for writing
Never permit that we write to journal files that have newer timestamps than our
local wallclock has. If we'd accept that, then the entries in the file might
end up not being ordered strictly.

Let's refuse this with ETXTBSY, and then immediately rotate to use a new file,
so that each file remains strictly ordered also be wallclock internally.
2016-10-12 20:25:20 +02:00
Lennart Poettering
7c07001711 journald: automatically rotate journal files when the clock jumps backwards
As soon as we notice that the clock jumps backwards, rotate journal files. This
is beneficial, as this makes sure that the entries in journal files remain
strictly ordered internally, and thus the bisection algorithm applied on it is
not confused.

This should help avoiding borked wallclock-based bisection on journal files as
witnessed in #4278.
2016-10-12 20:25:20 +02:00
Lennart Poettering
0f972d66d4 journald: use the event loop dispatch timestamp for journal entries
Let's use the earliest linearized event timestamp for journal entries we have:
the event dispatch timestamp from the event loop, instead of requerying the
timestamp at the time of writing.

This makes the time a bit more accurate, allows us to query the kernel time one
time less per event loop, and also makes sure we always use the same timestamp
for both attempts to write an entry to a journal file.
2016-10-12 20:25:20 +02:00
Lennart Poettering
989793d341 journal: when iterating through entry arrays and we hit an invalid one keep going
When iterating through partially synced journal files we need to be prepared
for hitting with invalid entries (specifically: non-initialized). Instead of
generated an error and giving up, let's simply try to preceed with the next one
that is valid (and debug log about this).

This reworks the logic introduced with caeab8f626
to iteration in both directions, and tries to look for valid entries located
after the invalid one. It also extends the behaviour to both iterating through
the global entry array and per-data object entry arrays.

Fixes: #4088
2016-10-12 20:25:20 +02:00
Lennart Poettering
1c69f0966a journal: add an explicit check for uninitialized objects
Let's make dissecting of borked journal files more expressive: if we encounter
an object whose first 8 bytes are all zeroes, then let's assume the object was
simply never initialized, and say so.

Previously, this would be detected as "overly short object", which is true too
in a away, but it's a lot more helpful printing different debug options for the
case where the size is not initialized at all and where the size is initialized
to some bogus value.

No function behaviour change, only a different log messages for both cases.
2016-10-12 20:25:20 +02:00
Lennart Poettering
ded5034e7a journal: also check that our entry arrays are properly ordered
Let's and extra check, reusing check_properly_ordered() also for
journal_file_next_entry_for_data().
2016-10-12 20:25:20 +02:00
Lennart Poettering
b6da4ed045 journal: split out check for properly ordered arrays into its own function
This adds a new call check_properly_ordered(), which we can reuse later, and
makes the code a bit more readable.
2016-10-12 20:25:20 +02:00
Lennart Poettering
aa598ba5b6 journal: split out array index inc/dec code into a new call bump_array_index()
This allows us to share a bit more code between journal_file_next_entry() and
journal_file_next_entry_for_data().
2016-10-12 20:25:20 +02:00
Lennart Poettering
202fd896e5 journal: when we encounter a broken journal file, add some debug logging
Let's make it easier to figure out when we see an invalid journal file, why we
consider it invalid, and add some minimal debug logging for it.

This log output is normally not seen (after all, this all is library code),
unless debug logging is exlicitly turned on.
2016-10-12 20:25:20 +02:00
Felipe Sateler
651742d8ec build-sys: Allow disabling installation of pam config snippet 2016-10-12 14:09:14 -03:00
hese10
ec02a6c90a Avoid forever loop for journalctl --list-boots command (#4278)
When date is changed in system to future and normal user logs to new journal file, and then date is changed back to present time, the "journalctl --list-boot" command goes to forever loop. This commit tries to fix this problem by checking first the boot id list if the found boot id was already in that list. If it is found, then stopping the boot id find loop.
2016-10-12 18:40:28 +02:00
Felipe Sateler
95cbf84564 systemd-user: add pam_unix account module
Otherwise systemd-user@ fails because systemd validates the account

Fixes: #4342
2016-10-12 11:56:36 -03:00
Ben Harris
63b0a24b56 hwdb: Treat Latitude 2110 brightness keys like on Inspiron 1520 (#4355)
Like the Inspiron 1520, the Dell Latitude 2110 emits brightness-control
key events both through atkbd and acpi-video.  This suppresses them on
the atkbd side.
2016-10-12 15:41:56 +02:00
Djalal Harouni
4982dbcc30 test: add test to make sure that ProtectKernelModules=yes disconnect mount propagation 2016-10-12 14:12:36 +02:00
Djalal Harouni
e66a2f658b core: make sure to dump ProtectKernelModules= value 2016-10-12 14:12:17 +02:00
Djalal Harouni
4084e8fc89 core: check protect_kernel_modules and private_devices in order to setup NNP 2016-10-12 14:12:07 +02:00
Djalal Harouni
c575770b75 core:sandbox: lets make /lib/modules/ inaccessible on ProtectKernelModules=
Lets go further and make /lib/modules/ inaccessible for services that do
not have business with modules, this is a minor improvment but it may
help on setups with custom modules and they are limited... in regard of
kernel auto-load feature.

This change introduce NameSpaceInfo struct which we may embed later
inside ExecContext but for now lets just reduce the argument number to
setup_namespace() and merge ProtectKernelModules feature.
2016-10-12 14:11:16 +02:00
Djalal Harouni
ac246d9868 doc: minor hint about InaccessiblePaths= in regard of ProtectKernelTunables= 2016-10-12 13:52:40 +02:00
Djalal Harouni
625d8769fa test: add test to make sure that CAP_SYS_RAWIO was removed on PrivateDevices=yes 2016-10-12 13:47:59 +02:00
Djalal Harouni
2cd0a73547 core:sandbox: remove CAP_SYS_RAWIO on PrivateDevices=yes
The rawio system calls were filtered, but CAP_SYS_RAWIO allows to access raw
data through /proc, ioctl and some other exotic system calls...
2016-10-12 13:39:49 +02:00
Djalal Harouni
3ae33295f0 test: add capability tests for ProtectKernelModules=
This just adds capabilities test.
2016-10-12 13:36:27 +02:00
Djalal Harouni
502d704e5e core:sandbox: Add ProtectKernelModules= option
This is useful to turn off explicit module load and unload operations on modular
kernels. This option removes CAP_SYS_MODULE from the capability bounding set for
the unit, and installs a system call filter to block module system calls.

This option will not prevent the kernel from loading modules using the module
auto-load feature which is a system wide operation.
2016-10-12 13:31:21 +02:00
Lennart Poettering
18e51a022c Merge pull request #4351 from keszybz/nspawn-debugging
Enhance nspawn debug logs for mount/unmount operations
2016-10-12 11:21:11 +02:00
Yu Watanabe
3f2a3726d0 units: journal-upload Wants= and After=network-online.target (#4354)
To upload journal entries to a remote server, it is required that
the network is online.
2016-10-12 11:13:13 +02:00
Zbigniew Jędrzejewski-Szmek
3ccb886283 Allow block and char classes in DeviceAllow bus properties (#4353)
Allowed paths are unified betwen the configuration file parses and the bus
property checker. The biggest change is that the bus code now allows "block-"
and "char-" classes. In addition, path_startswith("/dev") was used in the bus
code, and startswith("/dev") was used in the config file code. It seems
reasonable to use path_startswith() which allows a slightly broader class of
strings.

Fixes #3935.
2016-10-12 11:12:11 +02:00
Andrew Jeddeloh
9f1008d513 networkd: add dbus interface for lease raw options (#3528)
Add a dbus object to represent dhcp leases and their raw options (i.e.
options 224-254).
2016-10-11 21:28:22 -04:00
0xAX
74e7579c17 core/main: get rid from excess check of ACTION_TEST (#4350)
If `--test` command line option was passed, the systemd set skip_setup
to true during bootup. But after this we check again that arg_action is
test or help and opens pager depends on result.

We should skip setup in a case when `--test` is passed, but it is also
safe to set skip_setup in a case of `--help`. So let's remove first
check and move skip_setup = true to the second check.
2016-10-11 17:30:04 -04:00
Zbigniew Jędrzejewski-Szmek
7ef7147041 missing: add a bunch of mount flags 2016-10-11 17:24:03 -04:00
Evgeny Vereshchagin
8492849ee5 nspawn: let's mount(/tmp) inside the user namespace (#4340)
Fixes:
host# systemd-nspawn -D ... -U -b systemd.unit=multi-user.target
...
$ grep /tmp /proc/self/mountinfo
154 145 0:41 / /tmp rw - tmpfs tmpfs rw,seclabel,uid=1036124160,gid=1036124160

$ umount /tmp
umount: /root/tmp: not mounted

$ systemctl poweroff
...
[FAILED] Failed unmounting Temporary Directory.
2016-10-11 17:18:27 -04:00
Zbigniew Jędrzejewski-Szmek
60e76d4897 nspawn,mount-util: add [u]mount_verbose and use it in nspawn
This makes it easier to debug failed nspawn invocations:

Mounting sysfs on /var/lib/machines/fedora-rawhide/sys (MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV "")...
Mounting tmpfs on /var/lib/machines/fedora-rawhide/dev (MS_NOSUID|MS_STRICTATIME "mode=755,uid=1450901504,gid=1450901504")...
Mounting tmpfs on /var/lib/machines/fedora-rawhide/dev/shm (MS_NOSUID|MS_NODEV|MS_STRICTATIME "mode=1777,uid=1450901504,gid=1450901504")...
Mounting tmpfs on /var/lib/machines/fedora-rawhide/run (MS_NOSUID|MS_NODEV|MS_STRICTATIME "mode=755,uid=1450901504,gid=1450901504")...
Bind-mounting /sys/fs/selinux on /var/lib/machines/fedora-rawhide/sys/fs/selinux (MS_BIND "")...
Remounting /var/lib/machines/fedora-rawhide/sys/fs/selinux (MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_BIND|MS_REMOUNT "")...
Mounting proc on /proc (MS_NOSUID|MS_NOEXEC|MS_NODEV "")...
Bind-mounting /proc/sys on /proc/sys (MS_BIND "")...
Remounting /proc/sys (MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_BIND|MS_REMOUNT "")...
Bind-mounting /proc/sysrq-trigger on /proc/sysrq-trigger (MS_BIND "")...
Remounting /proc/sysrq-trigger (MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_BIND|MS_REMOUNT "")...
Mounting tmpfs on /tmp (MS_STRICTATIME "mode=1777,uid=0,gid=0")...
Mounting tmpfs on /sys/fs/cgroup (MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME "mode=755,uid=0,gid=0")...
Mounting cgroup on /sys/fs/cgroup/systemd (MS_NOSUID|MS_NOEXEC|MS_NODEV "none,name=systemd,xattr")...
Failed to mount cgroup on /sys/fs/cgroup/systemd (MS_NOSUID|MS_NOEXEC|MS_NODEV "none,name=systemd,xattr"): No such file or directory
2016-10-11 16:50:07 -04:00
Zbigniew Jędrzejewski-Szmek
add554f4e1 nspawn: small cleanups in get_controllers()
- check for oom after strdup
- no need to truncate the line since we're only extracting one field anyway
- use STR_IN_SET
2016-10-11 16:46:58 -04:00
Zbigniew Jędrzejewski-Szmek
ada5412039 nspawn: simplify arg_us_cgns passing
We would check the condition cg_ns_supported() twice. No functional
change.
2016-10-11 16:46:58 -04:00
Lennart Poettering
e0d2adfde6 core: chown() any TTY used for stdin, not just when StandardInput=tty is used (#4347)
If stdin is supplied as an fd for transient units (using the
StandardInputFileDescriptor pseudo-property for transient units), then we
should also fix up the TTY ownership, not just when we opened the TTY
ourselves.

This simply drops the explicit is_terminal_input()-based check. Note that
chown_terminal() internally does a much more appropriate isatty()-based check
anyway, hence we can drop this without replacement.

Fixes: #4260
2016-10-11 14:07:22 -04:00