diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml index 8b32ec82e32..5fc51238007 100644 --- a/.github/workflows/mkosi.yml +++ b/.github/workflows/mkosi.yml @@ -68,8 +68,6 @@ jobs: release: tumbleweed - distro: centos release: "9" - - distro: centos - release: "8" env: SYSTEMD_LOG_LEVEL: debug diff --git a/LICENSES/README.md b/LICENSES/README.md index e4c9fd6c34a..16a53386e55 100644 --- a/LICENSES/README.md +++ b/LICENSES/README.md @@ -13,7 +13,14 @@ The 'LICENSES/' directory contains all the licenses used by the sources included the systemd project source tree. Unless otherwise noted, the systemd project sources are licensed under the terms -and conditions of the **GNU Lesser General Public License v2.1 or later**. +and conditions of +**LGPL-2.1-or-later** (**GNU Lesser General Public License v2.1 or later**). + +Unless otherwise noted, compiled programs and all shared or static libraries +include sources under **LGPL-2.1-or-later** along with more permissive +licenses, and are effectively licensed **LGPL-2.1-or-later**. +systemd-udevd and other udev helper programs also include sources under +**GPL-2.0-or-later**, and are effectively licensed **GPL-2.0-or-later**. New sources that cannot be distributed under LGPL-2.1-or-later will no longer be accepted for inclusion in the systemd project to maintain license uniformity. @@ -22,8 +29,9 @@ be accepted for inclusion in the systemd project to maintain license uniformity. The following exceptions apply: - * some udev sources under src/udev/ are licensed under **GPL-2.0-or-later**, so the - udev binaries as a whole are also distributed under **GPL-2.0-or-later**. + * some sources under src/udev/ are licensed under **GPL-2.0-or-later**, + so all udev programs (`systemd-udevd`, `udevadm`, and the udev builtins + and test programs) are also distributed under **GPL-2.0-or-later**. * the header files contained in src/basic/linux/ and src/shared/linux/ are copied verbatim from the Linux kernel source tree and are licensed under **GPL-2.0 WITH Linux-syscall-note** and are used within the scope of the Linux-syscall-note diff --git a/README b/README index d6ff8fa6be2..9a46678e70b 100644 --- a/README +++ b/README @@ -128,9 +128,10 @@ REQUIREMENTS: Required for signed Verity images support: CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG - Required to verify signed Verity images using keys enrolled in the MoK - (Machine-Owner Key) keyring: + Required to verify signed Verity images using keys enrolled in the MOK + (Machine-Owner Key) and DB UEFI certificate stores: CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING + CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_PLATFORM_KEYRING CONFIG_IMA_ARCH_POLICY CONFIG_INTEGRITY_MACHINE_KEYRING @@ -166,6 +167,7 @@ REQUIREMENTS: Required for systemd-oomd: CONFIG_PSI + CONFIG_MEMCG Note that kernel auditing is broken when used with systemd's container code. When using systemd in conjunction with containers, please make diff --git a/docs/CODING_STYLE.md b/docs/CODING_STYLE.md index b4e88c99df2..164ab10d271 100644 --- a/docs/CODING_STYLE.md +++ b/docs/CODING_STYLE.md @@ -54,6 +54,18 @@ SPDX-License-Identifier: LGPL-2.1-or-later } ``` +- Function return types should be seen/written as whole, i.e. write this: + + ```c + const char* foo(const char *input); + ``` + + instead of this: + + ```c + const char *foo(const char *input); + ``` + - Single-line `if` blocks should not be enclosed in `{}`. Write this: ```c @@ -180,7 +192,7 @@ SPDX-License-Identifier: LGPL-2.1-or-later ```c static int foobar_frobnicate( - Foobar* object, /* the associated mutable object */ + Foobar *object, /* the associated mutable object */ const char *input, /* immutable input parameter */ char **ret_frobnicated) { /* return parameter */ … diff --git a/docs/HACKING.md b/docs/HACKING.md index 45334d8c811..b072b5c65fd 100644 --- a/docs/HACKING.md +++ b/docs/HACKING.md @@ -100,6 +100,50 @@ $ meson test -C build Happy hacking! +## Building distribution packages with mkosi + +To build distribution packages for a specific distribution and release without +building an actual image, the following command can be used: + +```sh +mkosi -d -r -t none -f +``` + +Afterwards the distribution packages will be located in `build/mkosi.output`. To +also build debuginfo packages, the following command can be used: + +```sh +mkosi -d -r -E WITH_DEBUG=1 -t none -f +``` + +To upgrade the systemd packages on the host system to the newer versions built +by mkosi, run the following: + +```sh +dnf upgrade build/mkosi.output/*.rpm # Fedora/CentOS +# TODO: Other distributions +``` + +To downgrade back to the old version shipped by the distribution, run the +following: + +```sh +dnf downgrade "systemd*" # Fedora/CentOS +# TODO: Other distributions +``` + +Additionally, for each pull request, the built distribution packages are +attached as CI artifacts to the pull request CI jobs, which means that users can +download and install them to test out if a pull request fixes the issue that +they reported. To download the packages from a pull request, click on the +`Checks` tab. Then click on the `mkosi` workflow in the list of workflows on the +left of the `Checks` page. Finally, scroll down to find the list of CI +artifacts. In this list of artifacts you can find artifacts containing +distribution packages. To install these, download the artifact which is a zip +archive, extract the zip archive to access the individual packages, and install +them with your package manager in the same way as described above for packages +that were built locally. + ## Templating engines in .in files Some source files are generated during build. We use two templating engines: diff --git a/docs/MEMORY_PRESSURE.md b/docs/MEMORY_PRESSURE.md index 69c23eccb2b..38f1c645c9f 100644 --- a/docs/MEMORY_PRESSURE.md +++ b/docs/MEMORY_PRESSURE.md @@ -227,7 +227,7 @@ handling, it's typically sufficient to add a line such as: Other programming environments might have native APIs to watch memory pressure/low memory events. Most notable is probably GLib's -[GMemoryMonitor](https://developer-old.gnome.org/gio/stable/GMemoryMonitor.html). It +[GMemoryMonitor](https://docs.gtk.org/gio/iface.MemoryMonitor.html). It currently uses the per-system Linux PSI interface as the backend, but operates differently than the above: memory pressure events are picked up by a system service, which then propagates this through D-Bus to the applications. This is diff --git a/man/file-hierarchy.xml b/man/file-hierarchy.xml index 583b9ab811a..1ad2af45492 100644 --- a/man/file-hierarchy.xml +++ b/man/file-hierarchy.xml @@ -48,93 +48,63 @@ / - The file system root. Usually writable, but - this is not required. Possibly a temporary file system - (tmpfs). Not shared with other hosts - (unless read-only). - - + The file system root. Usually writable, but this is not required. Possibly a + temporary file system (tmpfs). Not shared with other hosts (unless + read-only). /boot/ - The boot partition used for bringing up the - system. On EFI systems, this is possibly the EFI System - Partition (ESP), also see + The boot partition used for bringing up the system. On EFI systems, this is possibly + the EFI System Partition (ESP), also see systemd-gpt-auto-generator8. - This directory is usually strictly local to the host, and - should be considered read-only, except when a new kernel or - boot loader is installed. This directory only exists on - systems that run on physical or emulated hardware that - requires boot loaders. - - + This directory is usually strictly local to the host, and should be considered read-only, except when + a new kernel or boot loader is installed. This directory only exists on systems that run on physical + or emulated hardware that requires boot loaders. /efi/ - If the boot partition /boot/ is maintained separately from the EFI System - Partition (ESP), the latter is mounted here. Tools that need to operate on the EFI system partition should look - for it at this mount point first, and fall back to /boot/ — if the former doesn't qualify - (for example if it is not a mount point or does not have the correct file system type - MSDOS_SUPER_MAGIC). - - + If the boot partition /boot/ is maintained separately from the + EFI System Partition (ESP), the latter is mounted here. Tools that need to operate on the EFI system + partition should look for it at this mount point first, and fall back to /boot/ + — if the former doesn't qualify (for example if it is not a mount point or does not have the correct + file system type MSDOS_SUPER_MAGIC). /etc/ - System-specific configuration. This directory - may or may not be read-only. Frequently, this directory is - pre-populated with vendor-supplied configuration files, but - applications should not make assumptions about this directory - being fully populated or populated at all, and should fall - back to defaults if configuration is - missing. - - + System-specific configuration. This directory may or may not be + read-only. Frequently, this directory is pre-populated with vendor-supplied configuration files, but + applications should not make assumptions about this directory being fully populated or populated at + all, and should fall back to defaults if configuration is missing. /home/ - The location for normal user's home - directories. Possibly shared with other systems, and never - read-only. This directory should only be used for normal - users, never for system users. This directory and possibly the - directories contained within it might only become available or - writable in late boot or even only after user authentication. - This directory might be placed on limited-functionality - network file systems, hence applications should not assume the - full set of file API is available on this directory. - Applications should generally not reference this directory - directly, but via the per-user $HOME - environment variable, or via the home directory field of the - user database. - - + The location for normal user's home directories. Possibly shared with other systems, + and never read-only. This directory should only be used for normal users, never for system + users. This directory and possibly the directories contained within it might only become available or + writable in late boot or even only after user authentication. This directory might be placed on + limited-functionality network file systems, hence applications should not assume the full set of file + API is available on this directory. Applications should generally not reference this directory + directly, but via the per-user $HOME environment variable, or via the home + directory field of the user database. /root/ - The home directory of the root user. The root - user's home directory is located outside of - /home/ in order to make sure the root user - may log in even without /home/ being - available and mounted. - - + The home directory of the root user. The root user's home directory is located + outside of /home/ in order to make sure the root user may log in even without + /home/ being available and mounted. /srv/ - The place to store general server payload, - managed by the administrator. No restrictions are made how - this directory is organized internally. Generally writable, - and possibly shared among systems. This directory might become - available or writable only very late during - boot. - - + The place to store general server payload, managed by the administrator. No + restrictions are made how this directory is organized internally. Generally writable, and possibly + shared among systems. This directory might become available or writable only very late during + boot. @@ -156,10 +126,7 @@ mkdtemp3, and similar calls. For more details, see Using - /tmp/ and /var/tmp/ Safely. - - - + /tmp/ and /var/tmp/ Safely. @@ -173,34 +140,24 @@ /run/ A tmpfs file system for system packages to place runtime data, socket files, and similar. This directory is flushed on boot, and generally writable for privileged - programs only. Always writable. - - + programs only. Always writable. /run/log/ - Runtime system logs. System components may - place private logs in this directory. Always writable, even - when /var/log/ might not be accessible - yet. - - + Runtime system logs. System components may place private logs in this + directory. Always writable, even when /var/log/ might not be accessible + yet. /run/user/ - Contains per-user runtime directories, each - usually individually mounted tmpfs - instances. Always writable, flushed at each reboot and when - the user logs out. User code should not reference this - directory directly, but via the - $XDG_RUNTIME_DIR environment variable, as - documented in the XDG - Base Directory Specification. - - + Contains per-user runtime directories, each usually individually mounted + tmpfs instances. Always writable, flushed at each reboot and when the user logs + out. User code should not reference this directory directly, but via the + $XDG_RUNTIME_DIR environment variable, as documented in the XDG Base Directory + Specification. @@ -212,99 +169,68 @@ /usr/ - Vendor-supplied operating system resources. - Usually read-only, but this is not required. Possibly shared - between multiple hosts. This directory should not be modified - by the administrator, except when installing or removing - vendor-supplied packages. - - + Vendor-supplied operating system resources. Usually read-only, but this is not + required. Possibly shared between multiple hosts. This directory should not be modified by the + administrator, except when installing or removing vendor-supplied packages. /usr/bin/ - Binaries and executables for user commands - that shall appear in the $PATH search path. - It is recommended not to place binaries in this directory that - are not useful for invocation from a shell (such as daemon - binaries); these should be placed in a subdirectory of - /usr/lib/ instead. - - + Binaries and executables for user commands that shall appear in the + $PATH search path. It is recommended not to place binaries in this directory that + are not useful for invocation from a shell (such as daemon binaries); these should be placed in a + subdirectory of /usr/lib/ instead. /usr/include/ - C and C++ API header files of system - libraries. - - + C and C++ API header files of system libraries. /usr/lib/ - Static, private vendor data that is compatible - with all architectures (though not necessarily - architecture-independent). Note that this includes internal - executables or other binaries that are not regularly invoked - from a shell. Such binaries may be for any architecture - supported by the system. Do not place public libraries in this - directory, use $libdir (see below), - instead. - - + Static, private vendor data that is compatible with all architectures (though not + necessarily architecture-independent). Note that this includes internal executables or other binaries + that are not regularly invoked from a shell. Such binaries may be for any architecture supported by + the system. Do not place public libraries in this directory, use $libdir (see + below), instead. /usr/lib/arch-id/ - Location for placing dynamic libraries into, also - called $libdir. The architecture identifier - to use is defined on Multiarch - Architecture Specifiers (Tuples) list. Legacy - locations of $libdir are - /usr/lib/, - /usr/lib64/. This directory should not be - used for package-specific data, unless this data is - architecture-dependent, too. To query - $libdir for the primary architecture of the - system, invoke: - # systemd-path system-library-arch - - - + Location for placing dynamic libraries into, also called + $libdir. The architecture identifier to use is defined on Multiarch Architecture Specifiers (Tuples) + list. Legacy locations of $libdir are /usr/lib/, + /usr/lib64/. This directory should not be used for package-specific data, unless + this data is architecture-dependent, too. To query $libdir for the primary + architecture of the system, invoke: # systemd-path + system-library-arch /usr/share/ - Resources shared between multiple packages, - such as documentation, man pages, time zone information, fonts - and other resources. Usually, the precise location and format - of files stored below this directory is subject to - specifications that ensure interoperability. + Resources shared between multiple packages, such as documentation, man pages, time + zone information, fonts and other resources. Usually, the precise location and format of files stored + below this directory is subject to specifications that ensure interoperability. - + Note that resources placed in this directory typically are under shared ownership, + i.e. multiple different packages have provide and consume these resources, on equal footing, without + any obvious primary owner. This makes makes things systematically different from + /usr/lib/, where ownership is generally not shared. /usr/share/doc/ - Documentation for the operating system or - system packages. - - + Documentation for the operating system or system packages. /usr/share/factory/etc/ - Repository for vendor-supplied default - configuration files. This directory should be populated with - pristine vendor versions of all configuration files that may - be placed in /etc/. This is useful to - compare the local configuration of a system with vendor - defaults and to populate the local configuration with - defaults. - - + Repository for vendor-supplied default configuration files. This directory should be + populated with pristine vendor versions of all configuration files that may be placed in + /etc/. This is useful to compare the local configuration of a system with vendor + defaults and to populate the local configuration with defaults. @@ -313,10 +239,7 @@ Similar to /usr/share/factory/etc/, but for vendor versions of files in the variable, persistent data directory - /var/. - - - + /var/. @@ -333,49 +256,34 @@ system might start up without this directory being populated. Persistency is recommended, but optional, to support ephemeral systems. This directory might become available or writable only very late during boot. Components that are required to operate during early boot hence shall not - unconditionally rely on this directory. - - + unconditionally rely on this directory. /var/cache/ - Persistent system cache data. System - components may place non-essential data in this directory. - Flushing this directory should have no effect on operation of - programs, except for increased runtimes necessary to rebuild - these caches. - - + Persistent system cache data. System components may place non-essential data in this + directory. Flushing this directory should have no effect on operation of programs, except for + increased runtimes necessary to rebuild these caches. /var/lib/ - Persistent system data. System components may - place private data in this directory. - - + Persistent system data. System components may place private data in this + directory. /var/log/ - Persistent system logs. System components may - place private logs in this directory, though it is recommended - to do most logging via the - syslog3 - and + Persistent system logs. System components may place private logs in this directory, + though it is recommended to do most logging via the syslog3 and sd_journal_print3 - calls. - - + calls. /var/spool/ - Persistent system spool data, such as printer - or mail queues. - - + Persistent system spool data, such as printer or mail queues. @@ -396,10 +304,8 @@ mkdtemp3, and similar calls should be used. For further details about this directory, see Using /tmp/ and /var/tmp/ Safely. - - - + url="https://systemd.io/TEMPORARY_DIRECTORIES">Using /tmp/ and /var/tmp/ + Safely. @@ -411,97 +317,67 @@ /dev/ - The root directory for device nodes. Usually, - this directory is mounted as a devtmpfs - instance, but might be of a different type in - sandboxed/containerized setups. This directory is managed - jointly by the kernel and + The root directory for device nodes. Usually, this directory is mounted as a + devtmpfs instance, but might be of a different type in sandboxed/containerized + setups. This directory is managed jointly by the kernel and systemd-udevd8, - and should not be written to by other components. A number of - special purpose virtual file systems might be mounted below - this directory. - - + and should not be written to by other components. A number of special purpose virtual file systems + might be mounted below this directory. /dev/shm/ - Place for POSIX shared memory segments, as - created via - shm_open3. - This directory is flushed on boot, and is a - tmpfs file system. Since all users have - write access to this directory, special care should be taken - to avoid name clashes and vulnerabilities. For normal users, - shared memory segments in this directory are usually deleted - when the user logs out. Usually, it is a better idea to use - memory mapped files in /run/ (for system - programs) or $XDG_RUNTIME_DIR (for user - programs) instead of POSIX shared memory segments, since these - directories are not world-writable and hence not vulnerable to - security-sensitive name clashes. - - + Place for POSIX shared memory segments, as created via shm_open3. + This directory is flushed on boot, and is a tmpfs file system. Since all users + have write access to this directory, special care should be taken to avoid name clashes and + vulnerabilities. For normal users, shared memory segments in this directory are usually deleted when + the user logs out. Usually, it is a better idea to use memory mapped files in + /run/ (for system programs) or $XDG_RUNTIME_DIR (for user + programs) instead of POSIX shared memory segments, since these directories are not world-writable and + hence not vulnerable to security-sensitive name clashes. /proc/ - A virtual kernel file system exposing the - process list and other functionality. This file system is - mostly an API to interface with the kernel and not a place - where normal files may be stored. For details, see - proc5. - A number of special purpose virtual file systems might be - mounted below this directory. - - + A virtual kernel file system exposing the process list and other functionality. This + file system is mostly an API to interface with the kernel and not a place where normal files may be + stored. For details, see proc5. A + number of special purpose virtual file systems might be mounted below this + directory. /proc/sys/ - A hierarchy below /proc/ - that exposes a number of kernel tunables. The primary way to - configure the settings in this API file tree is via + A hierarchy below /proc/ that exposes a number of kernel + tunables. The primary way to configure the settings in this API file tree is via sysctl.d5 - files. In sandboxed/containerized setups, this directory is - generally mounted read-only. - - + files. In sandboxed/containerized setups, this directory is generally mounted + read-only. /sys/ - A virtual kernel file system exposing - discovered devices and other functionality. This file system - is mostly an API to interface with the kernel and not a place - where normal files may be stored. In sandboxed/containerized - setups, this directory is generally mounted read-only. A number - of special purpose virtual file systems might be mounted below - this directory. - - + A virtual kernel file system exposing discovered devices and other + functionality. This file system is mostly an API to interface with the kernel and not a place where + normal files may be stored. In sandboxed/containerized setups, this directory is generally mounted + read-only. A number of special purpose virtual file systems might be mounted below this + directory. /sys/fs/cgroup/ - A virtual kernel file system exposing process - control groups (cgroups). This file system is an API to interface - with the kernel and not a place where normal files may be stored. On - current systems running in the default "unified" mode, - this directory serves as the mount point for the - cgroup2 filesystem, which provides a unified - cgroup hierarchy for all resource controllers. On systems with - non-default configurations, this directory may instead be a tmpfs - filesystem containing mount points for various - cgroup (v1) resource controllers; in such - configurations, if cgroup2 is mounted it will be - mounted on /sys/fs/cgroup/unified/, but - cgroup2 will not have resource controllers attached. In - sandboxed/containerized setups, this directory may either not exist or - may include a subset of functionality. - - - + A virtual kernel file system exposing process control groups (cgroups). This file + system is an API to interface with the kernel and not a place where normal files may be stored. On + current systems running in the default "unified" mode, this directory serves as the mount point for + the cgroup2 filesystem, which provides a unified cgroup hierarchy for all resource + controllers. On systems with non-default configurations, this directory may instead be a tmpfs + filesystem containing mount points for various cgroup (v1) resource controllers; + in such configurations, if cgroup2 is mounted it will be mounted on + /sys/fs/cgroup/unified/, but cgroup2 will not have resource controllers + attached. In sandboxed/containerized setups, this directory may either not exist or may include a + subset of functionality. @@ -515,47 +391,31 @@ /sbin/ /usr/sbin/ - These compatibility symlinks point to - /usr/bin/, ensuring that scripts and - binaries referencing these legacy paths correctly find their - binaries. - - + These compatibility symlinks point to /usr/bin/, ensuring that + scripts and binaries referencing these legacy paths correctly find their binaries. /lib/ - This compatibility symlink points to - /usr/lib/, ensuring that programs - referencing this legacy path correctly find their - resources. - - + This compatibility symlink points to /usr/lib/, ensuring that + programs referencing this legacy path correctly find their resources. /lib64/ - On some architecture ABIs, this compatibility - symlink points to $libdir, ensuring that - binaries referencing this legacy path correctly find their - dynamic loader. This symlink only exists on architectures - whose ABI places the dynamic loader in this - path. - - + On some architecture ABIs, this compatibility symlink points to + $libdir, ensuring that binaries referencing this legacy path correctly find their + dynamic loader. This symlink only exists on architectures whose ABI places the dynamic loader in this + path. /var/run/ - This compatibility symlink points to - /run/, ensuring that programs referencing - this legacy path correctly find their runtime - data. - - + This compatibility symlink points to /run/, ensuring that + programs referencing this legacy path correctly find their runtime data. @@ -581,9 +441,7 @@ directory. Flushing this directory should have no effect on operation of programs, except for increased runtimes necessary to rebuild these caches. If an application finds $XDG_CACHE_HOME set, it should use the directory specified in it instead of this - directory. - - + directory. @@ -592,9 +450,7 @@ Application configuration. When a new user is created, this directory will be empty or not exist at all. Applications should fall back to defaults should their configuration in this directory be missing. If an application finds $XDG_CONFIG_HOME set, it should use - the directory specified in it instead of this directory. - - + the directory specified in it instead of this directory. @@ -605,18 +461,14 @@ shell; these should be placed in a subdirectory of ~/.local/lib/ instead. Care should be taken when placing architecture-dependent binaries in this place, which might be problematic if the home directory is shared between multiple hosts with different - architectures. - - + architectures. ~/.local/lib/ Static, private vendor data that is compatible with all - architectures. - - + architectures. @@ -624,9 +476,7 @@ Location for placing public dynamic libraries. The architecture identifier to use is defined on Multiarch Architecture Specifiers - (Tuples) list. - - + (Tuples) list. @@ -635,9 +485,7 @@ Resources shared between multiple packages, such as fonts or artwork. Usually, the precise location and format of files stored below this directory is subject to specifications that ensure interoperability. If an application finds $XDG_DATA_HOME set, it should use - the directory specified in it instead of this directory. - - + the directory specified in it instead of this directory. @@ -646,9 +494,7 @@ Application state. When a new user is created, this directory will be empty or not exist at all. Applications should fall back to defaults should their state in this directory be missing. If an application finds $XDG_STATE_HOME set, it should use the directory - specified in it instead of this directory. - - + specified in it instead of this directory. @@ -777,9 +623,9 @@ - Additional static vendor files may be installed in the - /usr/share/ hierarchy to the locations - defined by the various relevant specifications. + Additional static vendor files with shared ownership may be installed in the + /usr/share/ hierarchy to the locations defined by the various relevant + specifications. The following directories shall be used by the package for local configuration and files created during runtime: @@ -869,9 +715,9 @@ - Additional static vendor files may be installed in the ~/.local/share/ - hierarchy, mirroring the subdirectories specified in the section "Vendor-supplied operating system - resources" above. + Additional static vendor files with shared ownership may be installed in the + ~/.local/share/ hierarchy, mirroring the subdirectories specified in the section + "Vendor-supplied operating system resources" above. The following directories shall be used by the package for per-user local configuration and files created during runtime: @@ -890,7 +736,7 @@ ~/.config/package/ - User-specific configuration and state for the package. It is required to default to safe fallbacks if this configuration is missing. + User-specific configuration for the package. It is required to default to safe fallbacks if this configuration is missing. $XDG_RUNTIME_DIR/package/ @@ -900,6 +746,10 @@ ~/.cache/package/ Persistent cache data of the package. If this directory is flushed, the application should work correctly on next invocation, though possibly slowed down due to the need to rebuild any local cache files. The application must be capable of recreating this directory should it be missing and necessary. + + ~/.local/state/package/ + Persistent state data of the package. + diff --git a/man/kernel-install.xml b/man/kernel-install.xml index c05176a5dc4..c7b220f6a81 100644 --- a/man/kernel-install.xml +++ b/man/kernel-install.xml @@ -18,7 +18,7 @@ kernel-install - Add and remove kernel and initrd images to and from /boot + Add and remove kernel and initrd images to and from the boot partition @@ -59,9 +59,9 @@ bootup7 for an explanation. - to and from the boot loader partition, referred to as $BOOT here. It will usually be - one of /boot/, /efi/, or /boot/efi/, see - below. + to and from the boot partition, referred to as $BOOT here. It will usually be one of + /boot/, /efi/, or /boot/efi/, see below. + kernel-install will run the executable files ("plugins") located in the directory /usr/lib/kernel/install.d/ and the local administration directory diff --git a/man/machine-id.xml b/man/machine-id.xml index e57a7c13b8c..aea3ad150be 100644 --- a/man/machine-id.xml +++ b/man/machine-id.xml @@ -124,7 +124,7 @@ are as follows: - The kernel command argument systemd.condition-first-boot= may be + The kernel command argument systemd.condition_first_boot= may be used to override the autodetection logic, see kernel-command-line7. diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 1e95a9491b9..ab046a2478b 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -2006,8 +2006,9 @@ BindReadOnlyPaths=/var/lib/systemd /proc/sys/, /sys/, /proc/sysrq-trigger, /proc/latency_stats, /proc/acpi, /proc/timer_stats, /proc/fs and /proc/irq will - be made read-only to all processes of the unit. Usually, tunable kernel variables should be initialized only at - boot-time, for example with the + be made read-only and /proc/kallsyms as well as /proc/kcore will be + inaccessible to all processes of the unit. + Usually, tunable kernel variables should be initialized only at boot-time, for example with the sysctl.d5 mechanism. Few services need to write to these at runtime; it is hence recommended to turn this on for most services. For this setting the same restrictions regarding mount propagation and privileges apply as for diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml index 971b7e6a9e9..2f5af8aa614 100644 --- a/man/tmpfiles.d.xml +++ b/man/tmpfiles.d.xml @@ -303,7 +303,7 @@ L /tmp/foobar - - - - /dev/null argument is omitted, symlinks to files with the same name residing in the directory /usr/share/factory/ are created. Note - that permissions and ownership on symlinks are ignored. + that permissions on symlinks are ignored. @@ -589,8 +589,8 @@ w- /proc/sys/vm/swappiness - - - - 10 systemd-tmpfiles8 is used. For z and Z lines, when omitted or when set to -, the file ownership will not be modified. These parameters are ignored for - x, r, R, L, - t, and a lines. + x, r, R, t, + and a lines. This field should generally only reference system users/groups, i.e. users/groups that are guaranteed to be resolvable during early boot. If this field references users/groups that only become diff --git a/meson.build b/meson.build index 15ad855a7f6..60092109238 100644 --- a/meson.build +++ b/meson.build @@ -524,6 +524,7 @@ decl_headers = ''' #include #include #include +#include ''' foreach decl : ['char16_t', @@ -531,6 +532,7 @@ foreach decl : ['char16_t', 'struct mount_attr', 'struct statx', 'struct dirent64', + 'struct sched_attr', ] # We get -1 if the size cannot be determined @@ -578,6 +580,7 @@ foreach ident : [ #include '''], # no known header declares pivot_root ['ioprio_get', '''#include '''], # no known header declares ioprio_get ['ioprio_set', '''#include '''], # no known header declares ioprio_set + ['sched_setattr', '''#include '''], # no known header declares sched_setattr ['name_to_handle_at', '''#include #include #include '''], @@ -1691,6 +1694,7 @@ if conf.get('BPF_FRAMEWORK') == 1 '-ffile-prefix-map=', '-fdebug-prefix-map=', '-fmacro-prefix-map=', + '--sysroot=', ] foreach opt : c_args @@ -1710,15 +1714,15 @@ if conf.get('BPF_FRAMEWORK') == 1 # C.f. https://mesonbuild.com/Reference-tables.html#cpu-families # and src/basic/missing_syscall_def.h. cpu_arch_defines = { - 'ppc' : ['-D__powerpc__'], - 'ppc64' : ['-D__powerpc64__', '-D_CALL_ELF=2'], - 'riscv32' : ['-D__riscv', '-D__riscv_xlen=32'], - 'riscv64' : ['-D__riscv', '-D__riscv_xlen=64'], - 'x86' : ['-D__i386__'], - 's390x' : ['-D__s390__', '-D__s390x__'], + 'ppc' : ['-D__powerpc__', '-D__TARGET_ARCH_powerpc'], + 'ppc64' : ['-D__powerpc64__', '-D__TARGET_ARCH_powerpc', '-D_CALL_ELF=2'], + 'riscv32' : ['-D__riscv', '-D__riscv_xlen=32', '-D__TARGET_ARCH_riscv'], + 'riscv64' : ['-D__riscv', '-D__riscv_xlen=64', '-D__TARGET_ARCH_riscv'], + 'x86' : ['-D__i386__', '-D__TARGET_ARCH_x86'], + 's390x' : ['-D__s390__', '-D__s390x__', '-D__TARGET_ARCH_s390'], # For arm, assume hardware fp is available. - 'arm' : ['-D__arm__', '-D__ARM_PCS_VFP'], + 'arm' : ['-D__arm__', '-D__ARM_PCS_VFP', '-D__TARGET_ARCH_arm'], } bpf_arch_flags = cpu_arch_defines.get(host_machine.cpu_family(), diff --git a/mkosi.conf.d/10-centos.conf b/mkosi.conf.d/10-centos.conf index ae2706c7917..ee8d0e5581e 100644 --- a/mkosi.conf.d/10-centos.conf +++ b/mkosi.conf.d/10-centos.conf @@ -8,3 +8,4 @@ Distribution=centos Repositories=epel epel-next hyperscale-packages-main + hyperscale-packages-experimental diff --git a/src/analyze/analyze-security.c b/src/analyze/analyze-security.c index 5f1b5e69705..e78356d240e 100644 --- a/src/analyze/analyze-security.c +++ b/src/analyze/analyze-security.c @@ -1252,8 +1252,8 @@ static const struct security_assessor security_assessor_table[] = { { .id = "CapabilityBoundingSet=~CAP_BPF", .json_field = "CapabilityBoundingSet_CAP_BPF", - .description_good = "Service may load BPF programs", - .description_bad = "Service may not load BPF programs", + .description_good = "Service may not load BPF programs", + .description_bad = "Service may load BPF programs", .url = "https://www.freedesktop.org/software/systemd/man/systemd.exec.html#CapabilityBoundingSet=", .weight = 25, .range = 1, diff --git a/src/basic/missing_sched.h b/src/basic/missing_sched.h index bcd5b771206..fbf18c315fc 100644 --- a/src/basic/missing_sched.h +++ b/src/basic/missing_sched.h @@ -1,6 +1,7 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ #pragma once +#include #include #ifndef CLONE_NEWCGROUP @@ -24,3 +25,20 @@ #ifndef TASK_COMM_LEN #define TASK_COMM_LEN 16 #endif + +#if !HAVE_STRUCT_SCHED_ATTR +struct sched_attr { + __u32 size; /* Size of this structure */ + __u32 sched_policy; /* Policy (SCHED_*) */ + __u64 sched_flags; /* Flags */ + __s32 sched_nice; /* Nice value (SCHED_OTHER, + SCHED_BATCH) */ + __u32 sched_priority; /* Static priority (SCHED_FIFO, + SCHED_RR) */ + /* Remaining fields are for SCHED_DEADLINE + and potentially soon for SCHED_OTHER/SCHED_BATCH */ + __u64 sched_runtime; + __u64 sched_deadline; + __u64 sched_period; +}; +#endif diff --git a/src/basic/missing_syscall.h b/src/basic/missing_syscall.h index 86280771c49..e2cd8b4e356 100644 --- a/src/basic/missing_syscall.h +++ b/src/basic/missing_syscall.h @@ -22,6 +22,7 @@ #include "macro.h" #include "missing_keyctl.h" +#include "missing_sched.h" #include "missing_stat.h" #include "missing_syscall_def.h" @@ -667,6 +668,22 @@ static inline ssize_t missing_getdents64(int fd, void *buffer, size_t length) { /* ======================================================================= */ +#if !HAVE_SCHED_SETATTR + +static inline ssize_t missing_sched_setattr(pid_t pid, struct sched_attr *attr, unsigned int flags) { +# if defined __NR_sched_setattr + return syscall(__NR_sched_setattr, pid, attr, flags); +# else + errno = ENOSYS; + return -1; +# endif +} + +# define sched_setattr missing_sched_setattr +#endif + +/* ======================================================================= */ + /* glibc does not provide clone() on ia64, only clone2(). Not only that, but it also doesn't provide a * prototype, only the symbol in the shared library (it provides a prototype for clone(), but not the * symbol in the shared library). */ diff --git a/src/basic/mountpoint-util.c b/src/basic/mountpoint-util.c index 9897ca0aa67..51fbe4ed843 100644 --- a/src/basic/mountpoint-util.c +++ b/src/basic/mountpoint-util.c @@ -231,8 +231,6 @@ int fd_is_mount_point(int fd, const char *filename, int flags) { /* If statx() is not available or forbidden, fall back to name_to_handle_at() below */ } else if (FLAGS_SET(sx.stx_attributes_mask, STATX_ATTR_MOUNT_ROOT)) /* yay! */ return FLAGS_SET(sx.stx_attributes, STATX_ATTR_MOUNT_ROOT); - else if (FLAGS_SET(sx.stx_mask, STATX_TYPE) && S_ISLNK(sx.stx_mode)) - return false; /* symlinks are never mount points */ r = name_to_handle_at_loop(fd, filename, &h, &mount_id, flags); if (r < 0) { @@ -311,8 +309,6 @@ int fd_is_mount_point(int fd, const char *filename, int flags) { flags |= AT_SYMLINK_NOFOLLOW; if (fstatat(fd, filename, &a, flags) < 0) return -errno; - if (S_ISLNK(a.st_mode)) /* Symlinks are never mount points */ - return false; if (isempty(filename)) r = fstatat(fd, "..", &b, 0); diff --git a/src/basic/os-util.c b/src/basic/os-util.c index 985d89bc7eb..3cd6134f724 100644 --- a/src/basic/os-util.c +++ b/src/basic/os-util.c @@ -264,13 +264,7 @@ int open_extension_release_at( } if (!relax_extension_release_check) { - _cleanup_free_ char *base_image_name = NULL, *base_extension = NULL; - - r = path_extract_image_name(image_name, &base_image_name); - if (r < 0) { - log_debug_errno(r, "Failed to extract image name from %s/%s, ignoring: %m", dir_path, de->d_name); - continue; - } + _cleanup_free_ char *base_extension = NULL; r = path_extract_image_name(extension, &base_extension); if (r < 0) { @@ -278,7 +272,7 @@ int open_extension_release_at( continue; } - if (!streq(base_image_name, base_extension) && + if (!streq(image_name, base_extension) && extension_release_strict_xattr_value(fd, dir_path, image_name) != 0) continue; } diff --git a/src/boot/efi/boot.c b/src/boot/efi/boot.c index e0ffc3b62df..6a1b3845f38 100644 --- a/src/boot/efi/boot.c +++ b/src/boot/efi/boot.c @@ -874,6 +874,7 @@ static bool menu_run( switch (key) { case KEYPRESS(0, SCAN_UP, 0): + case KEYPRESS(0, SCAN_VOLUME_UP, 0): /* Handle phones/tablets that only have a volume up/down rocker + power key (and otherwise just touchscreen input) */ case KEYPRESS(0, 0, 'k'): case KEYPRESS(0, 0, 'K'): if (idx_highlight > 0) @@ -881,6 +882,7 @@ static bool menu_run( break; case KEYPRESS(0, SCAN_DOWN, 0): + case KEYPRESS(0, SCAN_VOLUME_DOWN, 0): case KEYPRESS(0, 0, 'j'): case KEYPRESS(0, 0, 'J'): if (idx_highlight < config->n_entries-1) @@ -918,9 +920,10 @@ static bool menu_run( case KEYPRESS(0, 0, '\n'): case KEYPRESS(0, 0, '\r'): - case KEYPRESS(0, SCAN_F3, 0): /* EZpad Mini 4s firmware sends malformed events */ - case KEYPRESS(0, SCAN_F3, '\r'): /* Teclast X98+ II firmware sends malformed events */ + case KEYPRESS(0, SCAN_F3, 0): /* EZpad Mini 4s firmware sends malformed events */ + case KEYPRESS(0, SCAN_F3, '\r'): /* Teclast X98+ II firmware sends malformed events */ case KEYPRESS(0, SCAN_RIGHT, 0): + case KEYPRESS(0, SCAN_SUSPEND, 0): /* Handle phones/tablets with only a power key + volume up/down rocker (and otherwise just touchscreen input) */ action = ACTION_RUN; break; diff --git a/src/boot/efi/util.c b/src/boot/efi/util.c index e56ccfd8ae5..450b67ccfc4 100644 --- a/src/boot/efi/util.c +++ b/src/boot/efi/util.c @@ -330,7 +330,14 @@ EFI_STATUS chunked_read(EFI_FILE *file, size_t *size, void *buf) { return EFI_SUCCESS; } -EFI_STATUS file_read(EFI_FILE *dir, const char16_t *name, size_t off, size_t size, char **ret, size_t *ret_size) { +EFI_STATUS file_read( + EFI_FILE *dir, + const char16_t *name, + uint64_t off, + size_t size, + char **ret, + size_t *ret_size) { + _cleanup_(file_closep) EFI_FILE *handle = NULL; _cleanup_free_ char *buf = NULL; EFI_STATUS err; @@ -350,6 +357,9 @@ EFI_STATUS file_read(EFI_FILE *dir, const char16_t *name, size_t off, size_t siz if (err != EFI_SUCCESS) return err; + if (info->FileSize > SIZE_MAX) + return EFI_BAD_BUFFER_SIZE; + size = info->FileSize; } diff --git a/src/boot/efi/util.h b/src/boot/efi/util.h index 0306e328103..9073097bf31 100644 --- a/src/boot/efi/util.h +++ b/src/boot/efi/util.h @@ -102,7 +102,7 @@ char16_t *xstr8_to_path(const char *stra); char16_t *mangle_stub_cmdline(char16_t *cmdline); EFI_STATUS chunked_read(EFI_FILE *file, size_t *size, void *buf); -EFI_STATUS file_read(EFI_FILE *dir, const char16_t *name, size_t off, size_t size, char **content, size_t *content_size); +EFI_STATUS file_read(EFI_FILE *dir, const char16_t *name, uint64_t off, size_t size, char **content, size_t *content_size); static inline void file_closep(EFI_FILE **handle) { if (!*handle) diff --git a/src/boot/efi/vmm.c b/src/boot/efi/vmm.c index 60e216d54c5..bfc7acc0523 100644 --- a/src/boot/efi/vmm.c +++ b/src/boot/efi/vmm.c @@ -241,13 +241,21 @@ static const SmbiosHeader *get_smbios_table(uint8_t type, uint64_t *ret_size_lef size -= header->length; p += header->length; - /* Skip over string table. */ + /* Special case: if there are no strings appended, we'll see two NUL bytes, skip over them */ + if (size >= 2 && p[0] == 0 && p[1] == 0) { + size -= 2; + p += 2; + continue; + } + + /* Skip over a populated string table. */ + bool first = true; for (;;) { const uint8_t *e = memchr(p, 0, size); if (!e) return NULL; - if (e == p) {/* Double NUL byte means we've reached the end of the string table. */ + if (!first && e == p) {/* Double NUL byte means we've reached the end of the string table. */ p++; size--; break; @@ -255,6 +263,7 @@ static const SmbiosHeader *get_smbios_table(uint8_t type, uint64_t *ret_size_lef size -= e + 1 - p; p = e + 1; + first = false; } } diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c index b33711e22e7..03ccb6b0f2f 100644 --- a/src/core/dbus-manager.c +++ b/src/core/dbus-manager.c @@ -1723,6 +1723,10 @@ static int method_soft_reboot(sd_bus_message *message, void *userdata, sd_bus_er assert(message); + if (!MANAGER_IS_SYSTEM(m)) + return sd_bus_error_set(error, SD_BUS_ERROR_NOT_SUPPORTED, + "Soft reboot is only supported by system manager."); + r = verify_run_space_permissive("soft reboot may fail", error); if (r < 0) return r; diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c index 24524fa0f1c..32373ed0c2d 100644 --- a/src/core/exec-invoke.c +++ b/src/core/exec-invoke.c @@ -1,5 +1,6 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ +#include #include #include #include @@ -43,6 +44,7 @@ #include "iovec-util.h" #include "missing_ioprio.h" #include "missing_prctl.h" +#include "missing_sched.h" #include "missing_securebits.h" #include "missing_syscall.h" #include "mkdir-label.h" @@ -3721,7 +3723,7 @@ static int get_open_file_fd(const ExecContext *c, const ExecParameters *p, const else if (FLAGS_SET(of->flags, OPENFILE_TRUNCATE)) flags |= O_TRUNC; - fd = fd_reopen(ofd, flags | O_CLOEXEC); + fd = fd_reopen(ofd, flags|O_NOCTTY|O_CLOEXEC); if (fd < 0) return log_exec_error_errno(c, p, fd, "Failed to open file %s: %m", of->path); @@ -4286,15 +4288,14 @@ int exec_invoke( } if (context->cpu_sched_set) { - struct sched_param param = { + struct sched_attr attr = { + .size = sizeof(attr), + .sched_policy = context->cpu_sched_policy, .sched_priority = context->cpu_sched_priority, + .sched_flags = context->cpu_sched_reset_on_fork ? SCHED_FLAG_RESET_ON_FORK : 0, }; - r = sched_setscheduler(0, - context->cpu_sched_policy | - (context->cpu_sched_reset_on_fork ? - SCHED_RESET_ON_FORK : 0), - ¶m); + r = sched_setattr(/* pid= */ 0, &attr, /* flags= */ 0); if (r < 0) { *exit_status = EXIT_SETSCHEDULER; return log_exec_error_errno(context, params, errno, "Failed to set up CPU scheduling: %m"); diff --git a/src/core/namespace.c b/src/core/namespace.c index 88681aa31ff..4ec38a3ea93 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -1687,11 +1687,11 @@ static int apply_one_mount( (void) mkdir_parents(mount_entry_path(m), 0755); q = make_mount_point_inode_from_path(what, mount_entry_path(m), 0755); - if (q < 0) { - if (q != -EEXIST) // FIXME: this shouldn't be logged at LOG_WARNING, but be bubbled up, and logged there to avoid duplicate logging - log_warning_errno(q, "Failed to create destination mount point node '%s', ignoring: %m", - mount_entry_path(m)); - } else + if (q < 0 && q != -EEXIST) + // FIXME: this shouldn't be logged at LOG_WARNING, but be bubbled up, and logged there to avoid duplicate logging + log_warning_errno(q, "Failed to create destination mount point node '%s', ignoring: %m", + mount_entry_path(m)); + else try_again = true; } diff --git a/src/core/unit.c b/src/core/unit.c index 2fc9f5ad2d3..753fbe3b7f5 100644 --- a/src/core/unit.c +++ b/src/core/unit.c @@ -1457,11 +1457,13 @@ int unit_load_fragment_and_dropin(Unit *u, bool fragment_required) { u->load_state = UNIT_LOADED; } + u = unit_follow_merge(u); + /* Load drop-in directory data. If u is an alias, we might be reloading the * target unit needlessly. But we cannot be sure which drops-ins have already * been loaded and which not, at least without doing complicated book-keeping, * so let's always reread all drop-ins. */ - r = unit_load_dropin(unit_follow_merge(u)); + r = unit_load_dropin(u); if (r < 0) return r; diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c index 32c17664fd8..f4adb325881 100644 --- a/src/coredump/coredump.c +++ b/src/coredump/coredump.c @@ -503,17 +503,21 @@ static int save_external_coredump( bus_error_message(&error, r)); } + /* First, ensure we are not going to go over the cgroup limit */ max_size = MIN(cgroup_limit, max_size); - max_size = LESS_BY(max_size, 1024U) / 2; /* Account for 1KB metadata overhead for compressing */ - max_size = MAX(PROCESS_SIZE_MIN, max_size); /* Impose a lower minimum */ - - /* tmpfs might get full quickly, so check the available space too. - * But don't worry about errors here, failing to access the storage - * location will be better logged when writing to it. */ + /* tmpfs might get full quickly, so check the available space too. But don't worry about + * errors here, failing to access the storage location will be better logged when writing to + * it. */ if (fstatvfs(fd, &sv) >= 0) max_size = MIN((uint64_t)sv.f_frsize * (uint64_t)sv.f_bfree, max_size); - - log_debug("Limiting core file size to %" PRIu64 " bytes due to cgroup memory limits.", max_size); + /* Impose a lower minimum, otherwise we will miss the basic headers. */ + max_size = MAX(PROCESS_SIZE_MIN, max_size); + /* Ensure we can always switch to compressing on the fly in case we are running out of space + * by keeping half of the space/memory available, plus 1KB metadata overhead from the + * compression algorithm. */ + max_size = LESS_BY(max_size, 1024U) / 2; + + log_debug("Limiting core file size to %" PRIu64 " bytes due to cgroup and/or filesystem limits.", max_size); } r = copy_bytes(input_fd, fd, max_size, 0); diff --git a/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c b/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c index a76fd1c9b60..c11f37cf00e 100644 --- a/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c +++ b/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c @@ -237,7 +237,7 @@ _public_ void cryptsetup_token_dump( crypt_log(cd, "\ttpm2-pubkey:" CRYPT_DUMP_LINE_SEP "%s\n", pubkey_str); crypt_log(cd, "\ttpm2-pubkey-pcrs: %s\n", strna(pubkey_pcrs_str)); crypt_log(cd, "\ttpm2-primary-alg: %s\n", strna(tpm2_asym_alg_to_string(primary_alg))); - crypt_log(cd, "\ttpm2-blob: %s\n", blob_str); + crypt_log(cd, "\ttpm2-blob: %s\n", blob_str); crypt_log(cd, "\ttpm2-policy-hash:" CRYPT_DUMP_LINE_SEP "%s\n", policy_hash_str); crypt_log(cd, "\ttpm2-pin: %s\n", true_false(flags & TPM2_FLAGS_USE_PIN)); crypt_log(cd, "\ttpm2-pcrlock: %s\n", true_false(flags & TPM2_FLAGS_USE_PCRLOCK)); diff --git a/src/kernel-install/kernel-install.c b/src/kernel-install/kernel-install.c index 14ae1a84c5d..07e5c31116c 100644 --- a/src/kernel-install/kernel-install.c +++ b/src/kernel-install/kernel-install.c @@ -1519,7 +1519,7 @@ static int help(void) { return log_oom(); printf("%1$s [OPTIONS...] COMMAND ...\n\n" - "%5$sAdd and remove kernel and initrd images to and from /boot/%6$s\n" + "%5$sAdd and remove kernel and initrd images to and from the boot partition.%6$s\n" "\n%3$sUsage:%4$s\n" " kernel-install [OPTIONS...] add [[[KERNEL-VERSION] KERNEL-IMAGE] [INITRD ...]]\n" " kernel-install [OPTIONS...] add-all\n" diff --git a/src/partition/repart.c b/src/partition/repart.c index 6a71e9786ff..cff44f74171 100644 --- a/src/partition/repart.c +++ b/src/partition/repart.c @@ -2338,7 +2338,7 @@ static int context_load_partition_table(Context *context) { if (IN_SET(arg_empty, EMPTY_REQUIRE, EMPTY_FORCE, EMPTY_CREATE) && S_ISREG(st.st_mode)) /* Don't probe sector size from partition table if we are supposed to strat from an empty disk */ - fs_secsz = ssz = 512; + ssz = 512; else { /* Auto-detect sector size if not specified. */ r = probe_sector_size_prefer_ioctl(context->backing_fd, &ssz); @@ -2348,8 +2348,10 @@ static int context_load_partition_table(Context *context) { /* If we found the sector size and we're operating on a block device, use it as the file * system sector size as well, as we know its the sector size of the actual block device and * not just the offset at which we found the GPT header. */ - if (r > 0 && S_ISBLK(st.st_mode)) + if (r > 0 && S_ISBLK(st.st_mode)) { + log_debug("Probed sector size of %s is %" PRIu32 " bytes.", context->node, ssz); fs_secsz = ssz; + } } r = fdisk_save_user_sector_size(c, /* phy= */ 0, ssz); @@ -2413,7 +2415,7 @@ static int context_load_partition_table(Context *context) { * larger */ grainsz = secsz < 4096 ? 4096 : secsz; - log_debug("Sector size of device is %lu bytes. Using grain size of %" PRIu64 ".", secsz, grainsz); + log_debug("Sector size of device is %lu bytes. Using filesystem sector size of %" PRIu64 " and grain size of %" PRIu64 ".", secsz, fs_secsz, grainsz); switch (arg_empty) { diff --git a/src/resolve/resolved-dns-packet.c b/src/resolve/resolved-dns-packet.c index 426711b0616..a4401d860a7 100644 --- a/src/resolve/resolved-dns-packet.c +++ b/src/resolve/resolved-dns-packet.c @@ -1719,9 +1719,9 @@ int dns_packet_read_rr( if (r < 0) return r; - /* RFC 2181, Section 8, suggests to - * treat a TTL with the MSB set as a zero TTL. */ - if (rr->ttl & UINT32_C(0x80000000)) + /* RFC 2181, Section 8, suggests to treat a TTL with the MSB set as a zero TTL. We avoid doing this + * for OPT records so that all 8 bits of the extended RCODE may be used .*/ + if (key->type != DNS_TYPE_OPT && rr->ttl & UINT32_C(0x80000000)) rr->ttl = 0; r = dns_packet_read_uint16(p, &rdlength, NULL); diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h index a6af44c6ec0..5a5ef13c8d5 100644 --- a/src/resolve/resolved-dns-packet.h +++ b/src/resolve/resolved-dns-packet.h @@ -117,7 +117,7 @@ static inline uint16_t DNS_PACKET_RCODE(DnsPacket *p) { uint16_t rcode; if (p->opt) - rcode = (uint16_t) (p->opt->ttl >> 24); + rcode = (uint16_t) ((p->opt->ttl >> 20) & 0xFF0); else rcode = 0; diff --git a/src/shared/condition.c b/src/shared/condition.c index d3446e8a9da..3b7436c1d79 100644 --- a/src/shared/condition.c +++ b/src/shared/condition.c @@ -1009,6 +1009,7 @@ static int condition_test_psi(Condition *c, char **env) { loadavg_t *current, limit; ResourcePressure pressure; int r; + PressureType preferred_pressure_type = PRESSURE_TYPE_FULL; assert(c); assert(c->parameter); @@ -1029,6 +1030,10 @@ static int condition_test_psi(Condition *c, char **env) { return log_debug_errno(r < 0 ? r : SYNTHETIC_ERRNO(EINVAL), "Failed to parse condition parameter %s: %m", c->parameter); /* If only one parameter is passed, then we look at the global system pressure rather than a specific cgroup. */ if (r == 1) { + /* cpu.pressure 'full' is reported but undefined at system level */ + if(c->type == CONDITION_CPU_PRESSURE) + preferred_pressure_type = PRESSURE_TYPE_SOME; + pressure_path = path_join("/proc/pressure", pressure_type); if (!pressure_path) return log_oom_debug(); @@ -1133,8 +1138,9 @@ static int condition_test_psi(Condition *c, char **env) { if (r < 0) return log_debug_errno(r, "Failed to parse loadavg: %s", c->parameter); - r = read_resource_pressure(pressure_path, PRESSURE_TYPE_FULL, &pressure); - if (r == -ENODATA) /* cpu.pressure 'full' was added recently, fall back to 'some'. */ + r = read_resource_pressure(pressure_path, preferred_pressure_type, &pressure); + /* cpu.pressure 'full' was recently added at cgroup level, fall back to 'some' */ + if (r == -ENODATA && preferred_pressure_type == PRESSURE_TYPE_FULL) r = read_resource_pressure(pressure_path, PRESSURE_TYPE_SOME, &pressure); if (r == -ENOENT) { /* We already checked that /proc/pressure exists, so this means we were given a cgroup diff --git a/src/shared/mkfs-util.c b/src/shared/mkfs-util.c index 4e58b6e871e..74c68370fb9 100644 --- a/src/shared/mkfs-util.c +++ b/src/shared/mkfs-util.c @@ -466,6 +466,15 @@ int make_filesystem( if (quiet) stdio_fds[1] = -EBADF; + if (sector_size > 0) { + if (strv_extend(&argv, "--sectorsize") < 0) + return log_oom(); + + /* mkfs.btrfs expects a sector size of at least 4k bytes. */ + if (strv_extendf(&argv, "%"PRIu64, MAX(sector_size, UINT64_C(4) * UINT64_C(1024))) < 0) + return log_oom(); + } + } else if (streq(fstype, "f2fs")) { argv = strv_new(mkfs, "-g", /* "default options" */ diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c index 514f3c79357..794e09ce53f 100644 --- a/src/sysusers/sysusers.c +++ b/src/sysusers/sysusers.c @@ -1064,7 +1064,7 @@ static int uid_is_ok( if (p) return 0; if (!IN_SET(errno, 0, ENOENT)) - return -errno; + log_warning_errno(errno, "Unexpected failure while looking up UID '" UID_FMT "' via NSS, assuming it doesn't exist: %m", uid); if (check_with_gid) { errno = 0; @@ -1073,7 +1073,7 @@ static int uid_is_ok( if (!streq(g->gr_name, name)) return 0; } else if (!IN_SET(errno, 0, ENOENT)) - return -errno; + log_warning_errno(errno, "Unexpected failure while looking up GID '" GID_FMT "' via NSS, assuming it doesn't exist: %m", uid); } } @@ -1179,7 +1179,7 @@ static int add_user(Context *c, Item *i) { return 0; } if (!errno_is_not_exists(errno)) - return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name); + log_warning_errno(errno, "Unexpected failure while looking up user '%s' via NSS, assuming it doesn't exist: %m", i->name); } /* Try to use the suggested numeric UID */ @@ -1301,7 +1301,7 @@ static int gid_is_ok( if (g) return 0; if (!IN_SET(errno, 0, ENOENT)) - return -errno; + log_warning_errno(errno, "Unexpected failure while looking up GID '" GID_FMT "' via NSS, assuming it doesn't exist: %m", gid); if (check_with_uid) { errno = 0; @@ -1309,7 +1309,7 @@ static int gid_is_ok( if (p) return 0; if (!IN_SET(errno, 0, ENOENT)) - return -errno; + log_warning_errno(errno, "Unexpected failure while looking up GID '" GID_FMT "' via NSS, assuming it doesn't exist: %m", gid); } } @@ -1344,7 +1344,7 @@ static int get_gid_by_name( return 0; } if (!errno_is_not_exists(errno)) - return log_error_errno(errno, "Failed to check if group %s already exists: %m", name); + log_warning_errno(errno, "Unexpected failure while looking up group '%s' via NSS, assuming it doesn't exist: %m", name); } return -ENOENT; diff --git a/test/TEST-24-CRYPTSETUP/test.sh b/test/TEST-24-CRYPTSETUP/test.sh index 4ace177f1fd..ebfb13d1998 100755 --- a/test/TEST-24-CRYPTSETUP/test.sh +++ b/test/TEST-24-CRYPTSETUP/test.sh @@ -72,7 +72,7 @@ EOF # Forward journal messages to the console, so we have something to investigate even if we fail to mount # the encrypted /var - mkdir "$initdir/etc/systemd/journald.conf.d/" + mkdir -p "$initdir/etc/systemd/journald.conf.d/" echo -ne "[Journal]\nForwardToConsole=yes\n" >"$initdir/etc/systemd/journald.conf.d/99-forward.conf" # If $INITRD wasn't provided explicitly, generate a custom one with dm-crypt diff --git a/test/test-functions b/test/test-functions index 98d0b116498..91d87f8b733 100644 --- a/test/test-functions +++ b/test/test-functions @@ -2047,6 +2047,7 @@ EOF install_config_files() { dinfo "Install config files" inst /etc/sysconfig/init || : + inst /etc/hosts || : inst /etc/passwd inst /etc/shadow inst_any /etc/login.defs /usr/etc/login.defs diff --git a/test/units/TEST-74-AUX-UTILS.sysusers.sh b/test/units/TEST-74-AUX-UTILS.sysusers.sh new file mode 100755 index 00000000000..dcd29938b53 --- /dev/null +++ b/test/units/TEST-74-AUX-UTILS.sysusers.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash +# SPDX-License-Identifier: LGPL-2.1-or-later +set -eux +set -o pipefail + +# shellcheck source=test/units/util.sh +. "$(dirname "$0")"/util.sh + +at_exit() { + set +e + userdel -r foobarbaz + umount /run/systemd/userdb/ +} + +# Check that we indeed run under root to make the rest of the test work +[[ "$(id -u)" -eq 0 ]] + +trap at_exit EXIT + +# Ensure that a non-responsive NSS socket doesn't make sysusers fail +mount -t tmpfs tmpfs /run/systemd/userdb/ +touch /run/systemd/userdb/io.systemd.DynamicUser +echo 'u foobarbaz' | SYSTEMD_LOG_LEVEL=debug systemd-sysusers - +grep -q foobarbaz /etc/passwd diff --git a/test/units/testsuite-29.sh b/test/units/testsuite-29.sh index 676330cbf1f..55e162db288 100755 --- a/test/units/testsuite-29.sh +++ b/test/units/testsuite-29.sh @@ -276,6 +276,17 @@ portablectl detach --now --runtime --enable /tmp/rootdir minimal-app0 portablectl "${ARGS[@]}" attach --copy=symlink --now --runtime /tmp/rootdir minimal-app0 portablectl detach --now --runtime --enable /tmp/rootdir minimal-app0 +# The wrong file should be ignored, given the right one has the xattr set +mkdir -p /tmp/wrongext/usr/lib/extension-release.d /tmp/wrongext/usr/lib/systemd/system/ +echo "[Service]" > /tmp/wrongext/usr/lib/systemd/system/app0.service +touch /tmp/wrongext/usr/lib/extension-release.d/extension-release.wrongext_somethingwrong.txt +cp /tmp/rootdir/usr/lib/os-release /tmp/wrongext/usr/lib/extension-release.d/extension-release.app0 +setfattr -n user.extension-release.strict -v "false" /tmp/wrongext/usr/lib/extension-release.d/extension-release.app0 +portablectl "${ARGS[@]}" attach --runtime --extension /tmp/wrongext /tmp/rootdir app0 +status="$(portablectl is-attached --extension wrongext rootdir)" +[[ "${status}" == "attached-runtime" ]] +portablectl detach --runtime --extension /tmp/wrongext /tmp/rootdir app0 + umount /tmp/rootdir umount /tmp/app0 umount /tmp/app1 diff --git a/test/units/testsuite-58.sh b/test/units/testsuite-58.sh index 20d4bda84ee..d875461721d 100755 --- a/test/units/testsuite-58.sh +++ b/test/units/testsuite-58.sh @@ -423,7 +423,7 @@ EOF --json=pretty \ "$imgs/zzz") - diff -u <(echo "$output") - <