summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* hwdb: update to state from v249v248.4Zbigniew Jędrzejewski-Szmek2021-07-1218-1374/+10825
| | | | | | This updates various "upstream" hwdb entries. The two new files that were added in v249, and the associated udev rules, are not included in this.
* hwdb: allow parser to expect usage of slash sign in value of propertyTakashi Sakamoto2021-07-121-1/+1
| | | | | | | | | | | | | Although in IEEE 1394 unit function list I have a plan to use slash sign in name of property, current implementation of parser doesn't allow it. When parsing current entries in database excluded from parser testing, we can find usage of slash sign in name of property. This commit adds slash sign in allow list of the parser for my convenience. Signed-off-by: Takashi Sakamoto <o-takashi@sakamocchi.jp> (cherry picked from commit 5e939304f513ba57ce6595f36b7da641c62c60db)
* hostnamed: correct variable with errno in fallback_chassisJan Palus2021-07-121-4/+4
| | | | | | | | fixes assertion failure on arm: systemd-hostnamed[642]: Assertion '(_error) != 0' failed at src/hostname/hostnamed.c:207, function fallback_chassis(). Aborting. (cherry picked from commit 105a4245ff13d588e1e848e8ee3cffd6185bd0ae)
* meson: install the right README file in modprobe.dZbigniew Jędrzejewski-Szmek2021-07-122-3/+6
| | | | | | | We put the "global" README file there. Introduced in d83e90c73cf25a839f5e60f355baa0d38364ff41. (cherry picked from commit 378e9d2b6d701a1385c4bf72dfc0697c2c37bd57)
* Clarify the behaviour of suspend-then-sleep mode in the manual pages.Hamish Moffatt2021-07-122-7/+12
| | | | | | Fixes #20125. (cherry picked from commit 33f899bd479534b0a920ce427cdf06739028f5ab)
* NEWS: add old entry about Type=etherZbigniew Jędrzejewski-Szmek2021-07-121-0/+5
| | | | | | | | | Apparently it's an important feature for some folks: https://utcc.utoronto.ca/\~cks/space/blog/linux/NetworkdMACMatchesWidely. I think we considered this more of a bugfix, but it's somewhere on the border. Let's add this it's easier to discover. (cherry picked from commit 88b2a95064675c5f86648053cf124265f5289095)
* oomd: don't collect candidate stats on every intervalAnita Zhang2021-07-121-7/+0
| | | | | | | | | | | cb13961ada52c1b27f6d6c2c6e37a2901f01ed30 updated the oomd logic to collect candidate data when a kill was about to happen. However there was still a call left over in the main loop to collect candidate data on every interval. Remove this since it's unneeded. Fixes #20122 (cherry picked from commit d61ee727f037ab4e07af720ab34055e9cafe9cec)
* tmpfiles: fix borked assertZbigniew Jędrzejewski-Szmek2021-07-121-4/+4
| | | | | | | | | | | | It seems that fd_set_perms() is always called after checking that fd >= 0 (also when called as action() in glob_item_recursively()), so it seems that the assertion really came from fd==0. Fixes #20140. Also three other similar cases are updated. (cherry picked from commit b4b0f87c6275dde32769c2e75231caa1d4c21f9b)
* man: correct return value of sd_bus_open_with_descriptionLuca Boccassi2021-07-121-2/+5
| | | | | | | | Since https://github.com/systemd/systemd/commit/f4b2933ee7890e5d414ab266d8586f19027a2bd9 if a description is not set, sd_bus_open_with_description returns -ENXIO, but the documnetation stated that it returned successfully with a NULL string. (cherry picked from commit 48e5ef14af5ade97b0f7491c63443778c7602c43)
* units: correct description of final.targetqhill2021-07-121-1/+1
| | | | | | This was updated incorrectly in https://github.com/systemd/systemd/pull/20058/commits/4fd3fc66396026f81fd5b27746f2faf8a9a7b9ee. As https://github.com/systemd/systemd/blob/main/man/systemd.special.xml decribes, this unit is about shutdown rather than boot. (cherry picked from commit f127fed75d3bae3a1eb0be6feea334bb8d1c3a43)
* coredumpctl: show --help text if "coredumpctl help" is calledLennart Poettering2021-07-121-2/+3
| | | | | | | | | Most of our programs that take "verbs" make the "help" verb either equivalent to passing the --help switch (or at least print a message redirecting the user to that switch). Do so in coredumpctl too, in order to minimize surprises. (cherry picked from commit 6d8be376e1682a79f0aecceb2136884c5b4327e2)
* udev: Fix by-uuid symlink for ubifs volumesTrent Piepho2021-07-121-1/+1
| | | | | | | | | | | | | | | ubifs volumes have a UUID and the built-in blkid is able to determine it. The disk/by-uuid symlink isn't created because ubifs volumes are not on block devices but on SUBSYSTEM="ubi" devices. See #20071. Allow ubi subsystem devices to be processed by the persistent storage rules too. The kernel device name matching already allows ubi* to pass. The existing rules are sufficient to create the link. The links look like other by-uuid symlinks, for example: /dev/disk/by-uuid/9a136158-585b-4ba4-9b70-cbaf2cf78a1c -> ../../ubi0_1 (cherry picked from commit 21ac7884e9c1684d091d893254bcbe4b83740e9f)
* oomd: review follow ups to #20020Anita Zhang2021-07-123-12/+27
| | | | (cherry picked from commit e82acab4db6f5f212f6c9c9b3ec2df9010a83925)
* Revert "rules: ubi mtd - add link to named partitions"Lennart Poettering2021-07-122-6/+0
| | | | | | | | | | This reverts commit 7f1e9c806b6915e8020cf3706dc87e1cd37bc2fa, PR #6750 Apparently the rule change never worked, see #20071. Fixes #20071 (cherry picked from commit 4b6bc397b454f79006481c1e8507d85c5bfd2e9a)
* core: add comment explaining event source deallocationZbigniew Jędrzejewski-Szmek2021-07-121-5/+5
| | | | | | | Followup for bc989831e6. The original reproducer still works w/o the unref, and doesn't work with this change. (cherry picked from commit 13bb1ffb912cacea4041910e38674e0984ac5772)
* units: adjust description of systemd-update-utmp.serviceZbigniew Jędrzejewski-Szmek2021-07-123-4/+4
| | | | | | | "Update about" is not gramatically correct. I also think saying "Record" makes this easier to understand for people who don't necessarilly know what UTMP is. (cherry picked from commit 2e32d390b0cb49a7fd074c50fab43c097c38d4f3)
* units: shorten description of kmod-static-nodes.serviceZbigniew Jędrzejewski-Szmek2021-07-121-1/+1
| | | | | | | As suggested in https://github.com/systemd/systemd/pull/20058#pullrequestreview-695023490. (cherry picked from commit 8ea257852998ee4b2ee7af18313a7af4e172535d)
* units: adjust Descriptions of various unitsZbigniew Jędrzejewski-Szmek2021-07-1223-23/+23
| | | | | | | | | | | | In general, it's not very usuful to repeat the unit name as the description. Especially when the word is a common name and if somebody doesn't understand the meaning immediately, they are not going to gain anything from the repeat either, e.g. "halt", "swap". In the status-unit-format=combined output parentheses are used around Description, so avoid using parenthesis in the Description itself. (cherry picked from commit 4fd3fc66396026f81fd5b27746f2faf8a9a7b9ee)
* logind, units: unit Descriptions should be capitalizedZbigniew Jędrzejewski-Szmek2021-07-123-3/+3
| | | | (cherry picked from commit 0a59216caebdf0488d1200cd818cb46361d1f17b)
* core: add default descriptions for slicesZbigniew Jędrzejewski-Szmek2021-07-121-0/+8
| | | | | | | | | | | | [ OK ] Created slice system-getty.slice (Slice /system/getty). [ OK ] Created slice system-modprobe.slice (Slice /system/modprobe). [ OK ] Created slice system-sshd\x2dkeygen.slice (Slice /system/sshd-keygen). [ OK ] Created slice user.slice (User and Session Slice). Before, the first three slices were shown without any description which didn't look nice. (cherry picked from commit 4dd21726f852010aef17e9b952b4bb1646fdf496)
* core/service: rework management of exec_fd event sourceZbigniew Jędrzejewski-Szmek2021-07-121-3/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The code in service_spawn() was written as if exec_fd_event_source was always unset. (We would either fail the assertion that is moved in the patch, or leak the event source object if it was set.) To make this work, let's always assert that exec_fd_event_source is unset, and actually unset it service_sigchld_event(). I think this is the most elegant approach. The problem is that we don't have the same information about execution flags as in service_spawn(), so we need to conditionalize on pid==main_pid to know if we should disable exec_fd_event_source. I think this matches all cases where we may set exec_fd_event_source: service_enter_start() and service_run_next_main(). service_enter_stop_post() calls service_set_state(), which will also destroy the source. But that happens too late, because from service_enter_stop_post() we call service_spawn() first, and then service_set_state() second. (An alternative approach would be to deallocate the existing exec_fd_event_source in service_spawn(). But this would mean that we would temporarily have an event source attached to a process that we already know is dead, which seems less than ideal.) Original report from Dimitri John Ledkov <dimitri.ledkov@canonical.com>: > Ubuntu private bug reference for this issue at the moment is > https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1921145 > Michael's and Ian's team run into an issue when using systemd in the > initrd, without dbus daemon running, and launching a unit in a > particular way that appears to lock up systemd (pid 1) it self. > michael vogt: "The attached script works for me to reproduce this on > classic. I tested 20.04 (245) and 21.04 (247) in a qemu VM. Sometimes > I need to run it multiple times but usually it crashes after at most 2 > runs. Use "journalctl | tail" to see the messages, it's the same that > Ian reported. There is also a /var/crash/_usr_lib_systemd_systemd > crash file created." > I understand that the particular way to run a unit is very odd, > however, it is currently possible to invoke, and it would be expected > for pid1 to not lock up and crash. > The Assertion that systemd hits is along the lines of: > [ 10.182627] systemd[1]: Assertion 's' failed at > src/core/service.c:3204, function service_dispatch_exec_io(). > Aborting. > [ 10.195458] systemd[1]: Caught <ABRT>, dumped core as pid 449. > [ 10.204446] systemd[1]: Freezing execution. (cherry picked from commit bc989831e634123c2ff43bcbbeae19097ccc9ff9)
* sd-event: add more asserts about event source integrityZbigniew Jędrzejewski-Szmek2021-07-121-1/+13
| | | | | | Also "downgrade" assert_se() to assert(), this is not test code. (cherry picked from commit 199475092d9a6f0482a7b934592784a54b82ffd0)
* core: disable event sources before unreffing themZbigniew Jędrzejewski-Szmek2021-07-1213-49/+49
| | | | | | | | | | | | | | | | | | This mirrors the change done for systemd-resolved in 97935302283729c9206b84f5e00b1aff0f78ad19. Quoting that patch: > We generally operate on the assumption that a source is "gone" as soon as we > unref it. This is generally true because we have the only reference. But if > something else holds the reference, our unref doesn't really stop the source > and it could fire again. In particular, we take temporary references from sd-event code, and when called from an sd-event callback, we could temporarily see this elevated reference count. This patch doesn't seem to change anything, but I think it's nicer to do the same change as in other places and not rely on _unref() immediately disabling the source. (cherry picked from commit 5dcadb4c8320f6a7b8a9353404874d43668e4648)
* Revert "core: do not set noexec on sysfs/procfs"Lennart Poettering2021-07-121-1/+1
| | | | | | This reverts commit b33cd6b3eec52fc50c6c34d6f07a41cc6254c27f. (cherry picked from commit 988bcc7c21a07acc08f9343b52b492b98b08444a)
* core/cgroup: upgrade log level when we fail to rescope a pidZbigniew Jędrzejewski-Szmek2021-07-121-7/+11
| | | | | | | | | | | | | | | | | | | | | | | See https://bugzilla.redhat.com/show_bug.cgi?id=1973058 again: systemd[1779]: Started Application launched by gnome-session-binary. systemd[1779]: app-glib-liveinst\x2dsetup-1897.scope: Failed to add PIDs to scope's control group: No such process systemd[1779]: app-glib-liveinst\x2dsetup-1897.scope: Failed with result 'resources'. systemd[1779]: Failed to start Application launched by gnome-session-binary. systemd[1779]: app-glib-xdg\x2duser\x2ddirs-1900.scope: Failed to add PIDs to scope's control group: No such process systemd[1779]: app-glib-xdg\x2duser\x2ddirs-1900.scope: Failed with result 'resources'. systemd[1779]: Failed to start Application launched by gnome-session-binary. systemd[1779]: app-gnome-gsettings\x2ddata\x2dconvert-1902.scope: Failed to add PIDs to scope's control group: No such process systemd[1779]: app-gnome-gsettings\x2ddata\x2dconvert-1902.scope: Failed with result 'resources'. systemd[1779]: Failed to start Application launched by gnome-session-binary. Since we don't show the PID anywhere, it can be quite hard to figure out what is going on. There may be logs from the pid above or below in the log, but we have no PID number to identify them. So let's upgrade the log from unit_attach_pids_to_cgroup() to tell us precisely which PIDs and why couldn't be handled. (cherry picked from commit 7a2ba4078731a00fa105c38c283b2ce7789bb512)
* core: emit nicer log message for exiting ConditionExec processesZbigniew Jędrzejewski-Szmek2021-07-122-5/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | See https://bugzilla.redhat.com/show_bug.cgi?id=1973058: we would log something like: systemd[244]: Starting willskip.service... systemd[244]: willskip.service: Control process exited, code=exited, status=2/INVALIDARGUMENT systemd[244]: willskip.service: Skipped due to 'exec-condition'. systemd[244]: Condition check resulted in willskip.service being skipped. The line with 'Control process exited' would be at LOG_NOTICE level. With the patch: systemd[244]: Starting willskip.service... systemd[244]: willskip.service: Skipped due to 'exec-condition'. systemd[244]: Condition check resulted in willskip.service being skipped. Debug logs: systemd[244]: Starting willskip.service... systemd[244]: Sent message type=signal sender=org.freedesktop.systemd1 destination=n/a path=/org/freedesktop/systemd1/unit/willskip_2eservice interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=8 reply_cookie=0 signature=sa{sv}as error-name=n/a error-message=n/a systemd[244]: Sent message type=signal sender=org.freedesktop.systemd1 destination=n/a path=/org/freedesktop/systemd1/unit/willskip_2eservice interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=9 reply_cookie=0 signature=sa{sv}as error-name=n/a error-message=n/a systemd[244]: Sent message type=signal sender=org.freedesktop.systemd1 destination=n/a path=/org/freedesktop/systemd1/job/46 interface=org.freedesktop.DBus.Properties member=PropertiesChanged cookie=10 reply_cookie=0 signature=sa{sv}as error-name=n/a error-message=n/a systemd[11020]: Skipping PR_SET_MM, as we don't have privileges. systemd[11020]: willskip.service: Executing: sh -c 'exit 2' systemd[244]: Received SIGCHLD from PID 11020 (sh). systemd[244]: Child 11020 (sh) died (code=exited, status=2/INVALIDARGUMENT) systemd[244]: willskip.service: Child 11020 belongs to willskip.service. systemd[244]: willskip.service: Condition check process exited, code=exited, status=2/INVALIDARGUMENT (success) systemd[244]: willskip.service: Got final SIGCHLD for state condition. systemd[244]: willskip.service: Skipped due to 'exec-condition'. systemd[244]: willskip.service: Service will not restart (restart setting) systemd[244]: willskip.service: Changed condition -> dead systemd[244]: willskip.service: Job 46 willskip.service/start finished, result=done systemd[244]: Condition check resulted in willskip.service being skipped. (cherry picked from commit 58441bc177bb1bcdeceff74d3ae6b6d9f93a7fbe)
* oomd: check mem free and swap free before doing a swap-based killAnita Zhang2021-07-122-8/+15
| | | | | https://bugzilla.redhat.com/show_bug.cgi?id=1974763 (cherry picked from commit cb5ce676d96df64fc08a551581489e6e196ea373)
* oomd: get memory total and free as part of system contextAnita Zhang2021-07-123-14/+54
| | | | (cherry picked from commit eeeaa422845a045bded6c44732d5e9b025084011)
* oomd: switch system context parsing to use /proc/meminfoAnita Zhang2021-07-126-72/+108
| | | | | | | Makes it easier in the next commits to unify on one way to read swap and memory info. (cherry picked from commit 47136b9d9a75fff5f9e2e777aaed736e6f66c7f7)
* core: when recursively bind-remounting nested mounts, use options from top oneLuca Boccassi2021-07-121-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When mount points are stacked, bind_remount_recursive_with_mountinfo() uses the existing mount options of the "lower" level mount (ie: the first one that was mounted on a mount point). But the actual mount point in use is the "top" one (ie: the last one that was mounted on a mount point), so in practice if the mount options are different between the layers, the bottom options are used by mistake on the top mount, which is not what we want. This is because libmount returns the "bottom" one first. If the hashmap returns EEXIST, which means the same key (path) with different value (options) is already present, update the hashmap instead of discarding the result. This way, the last/top mount options are always used when mounts are stacked on a mount point. This was found to cause problems as LXC version 4.x stacks two /sys mounts, the bottom one read-write and the top one read-only. systemd accidentally remounts the top-one read-write, breaking various expectations since a read-only /sys is the way we decide whether we are running in a container or not (in this particular case, networkd tests are broken as networkd expects to be able to modify network settings with a writable /sys). Future versions of LXC will no longer do this double-stacking, but we need to support running inside older versions too. This was triggered by https://github.com/systemd/systemd/commit/6720e356c137 as that causes a recursive remount of '/', which processes '/sys' as one of the submounts, from make_nosuid(). But it's likely that other combinations of options could trigger this as well. Before: root@systemd-debug:/# systemd-run -t --wait --property ProtectSystem=yes findmnt Running as unit: run-u9.service Press ^] three times within 1s to disconnect TTY. TARGET SOURCE FSTYPE OPTIONS / /dev/sda2[/var/lib/lxc/systemd-debug/rootfs] │ ext4 ro,nosuid,relatime,errors=remount-ro,stripe= ├─/dev none tmpfs rw,nosuid,relatime,size=492k,mode=755 │ ├─/dev/.lxc/proc proc proc rw,nosuid,relatime │ ├─/dev/.lxc/sys sys sysfs rw,nosuid,relatime │ ├─/dev/console devpts[/2] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptm │ ├─/dev/pts devpts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptm │ ├─/dev/ptmx devpts[/ptmx] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptm │ ├─/dev/tty1 devpts[/0] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptm │ ├─/dev/tty2 devpts[/1] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptm │ ├─/dev/tty3 devpts[/2] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptm │ ├─/dev/tty4 devpts[/3] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptm │ ├─/dev/shm tmpfs tmpfs rw,nosuid,nodev │ ├─/dev/hugepages hugetlbfs hugetlbfs rw,nosuid,relatime,pagesize=2M │ └─/dev/mqueue mqueue mqueue rw,nosuid,nodev,noexec,relatime ├─/proc proc proc rw,nosuid,nodev,noexec,relatime │ ├─/proc/sys proc[/sys] proc ro,nosuid,nodev,noexec,relatime │ │ ├─/proc/sys/net proc[/sys/net] proc rw,nosuid,nodev,noexec,relatime │ │ └─/proc/sys/kernel/random/boot_id │ │ none[/.lxc-boot-id] tmpfs ro,nosuid,nodev,noexec,relatime,size=492k,mo │ └─/proc/sysrq-trigger proc[/sysrq-trigger] proc ro,nosuid,nodev,noexec,relatime ├─/sys sysfs sysfs rw,nosuid,nodev,noexec,relatime │ └─/sys sysfs sysfs rw,nosuid,nodev,noexec,relatime │ ├─/sys/devices/virtual/net sysfs sysfs rw,relatime │ │ └─/sys/devices/virtual/net │ │ sysfs[/devices/virtual/net] sysfs rw,nosuid,relatime │ ├─/sys/fs/fuse/connections fusectl fusectl rw,nosuid,nodev,noexec,relatime │ └─/sys/fs/cgroup cgroup cgroup2 rw,nosuid,nodev,noexec,relatime,nsdelegate,m ├─/run tmpfs tmpfs ro,nosuid,nodev,size=4912348k,nr_inodes=8192 │ ├─/run/credentials tmpfs[/systemd/inaccessible/dir] tmpfs ro,nosuid,nodev,noexec,size=4912348k,nr_inod │ └─/run/systemd/incoming tmpfs[/systemd/propagate/run-u9.service] │ tmpfs ro,nosuid,nodev,size=4912348k,nr_inodes=8192 ├─/tmp tmpfs tmpfs rw,nosuid,nodev,size=12280872k,nr_inodes=409 │ └─/tmp tmpfs[/systemd-private-b730df90da424397a3f246cb15dcdbb1-run-u9.service-K6EUwf/tmp] │ tmpfs rw,nosuid,nodev,size=12280872k,nr_inodes=409 └─/var/tmp /dev/sda2[/var/lib/lxc/systemd-debug/rootfs/var/tmp/systemd-private-b730df90da424397a3f246cb15dcdbb1-run-u9.service-vEHyRi/tmp] ext4 rw,nosuid,relatime,errors=remount-ro,stripe= Finished with result: success Main processes terminated with: code=exited/status=0 Service runtime: 14.249s CPU time consumed: 37ms After: root@systemd-debug:/# systemd-run -t --wait --property ProtectSystem=yes findmnt Running as unit: run-u3.service Press ^] three times within 1s to disconnect TTY. TARGET SOURCE FSTYPE OPTIONS / /dev/sda2[/var/lib/lxc/systemd-debug/rootfs] │ ext4 rw,relatime,errors=remount-ro,stripe=32699 ├─/dev none tmpfs rw,relatime,size=492k,mode=755 │ ├─/dev/.lxc/proc proc proc rw,relatime │ ├─/dev/.lxc/sys sys sysfs rw,relatime │ ├─/dev/console devpts[/2] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode │ ├─/dev/pts devpts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode │ ├─/dev/ptmx devpts[/ptmx] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode │ ├─/dev/tty1 devpts[/0] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode │ ├─/dev/tty2 devpts[/1] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode │ ├─/dev/tty3 devpts[/2] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode │ ├─/dev/tty4 devpts[/3] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode │ ├─/dev/shm tmpfs tmpfs rw,nosuid,nodev │ ├─/dev/hugepages hugetlbfs hugetlbfs rw,relatime,pagesize=2M │ └─/dev/mqueue mqueue mqueue rw,nosuid,nodev,noexec,relatime ├─/proc proc proc rw,nosuid,nodev,noexec,relatime │ ├─/proc/sys proc[/sys] proc ro,nosuid,nodev,noexec,relatime │ │ ├─/proc/sys/net proc[/sys/net] proc rw,nosuid,nodev,noexec,relatime │ │ └─/proc/sys/kernel/random/boot_id │ │ none[/.lxc-boot-id] tmpfs ro,nosuid,nodev,noexec,relatime,size=492k,mode=75 │ └─/proc/sysrq-trigger proc[/sysrq-trigger] proc ro,nosuid,nodev,noexec,relatime ├─/sys sysfs sysfs rw,nosuid,nodev,noexec,relatime │ └─/sys sysfs sysfs ro,nosuid,nodev,noexec,relatime │ ├─/sys/devices/virtual/net sysfs sysfs rw,relatime │ │ └─/sys/devices/virtual/net │ │ sysfs[/devices/virtual/net] sysfs rw,nosuid,nodev,noexec,relatime │ ├─/sys/fs/fuse/connections fusectl fusectl rw,nosuid,nodev,noexec,relatime │ └─/sys/fs/cgroup cgroup cgroup2 rw,nosuid,nodev,noexec,relatime,nsdelegate,memory ├─/run tmpfs tmpfs rw,nosuid,nodev,size=4912348k,nr_inodes=819200,mo │ ├─/run/credentials tmpfs[/systemd/inaccessible/dir] │ │ tmpfs ro,nosuid,nodev,noexec,size=4912348k,nr_inodes=81 │ └─/run/systemd/incoming tmpfs[/systemd/propagate/run-u3.service] │ tmpfs ro,nosuid,nodev,size=4912348k,nr_inodes=819200,mo ├─/tmp tmpfs tmpfs rw,nosuid,nodev,size=12280872k,nr_inodes=409600 ├─/boot /dev/sda2[/var/lib/lxc/systemd-debug/rootfs/boot] │ ext4 ro,relatime,errors=remount-ro,stripe=32699 └─/usr /dev/sda2[/var/lib/lxc/systemd-debug/rootfs/usr] ext4 ro,relatime,errors=remount-ro,stripe=32699 Finished with result: success Main processes terminated with: code=exited/status=0 Service runtime: 14ms CPU time consumed: 5ms Host (LXC): root@systemd-debug:/# findmnt TARGET SOURCE FSTYPE OPTIONS / /dev/sda2[/var/lib/lxc/systemd-debug/rootfs] │ ext4 rw,relatime,errors=remount-ro,stripe=32699 ├─/run tmpfs tmpfs rw,nosuid,nodev,size=4912348k,nr_inodes=819200,mode=755 ├─/tmp tmpfs tmpfs rw,nosuid,nodev,size=12280872k,nr_inodes=409600 ├─/dev none tmpfs rw,relatime,size=492k,mode=755 │ ├─/dev/pts devpts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666,ma │ ├─/dev/ptmx devpts[/ptmx] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666,ma │ ├─/dev/tty1 devpts[/0] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666,ma │ ├─/dev/tty2 devpts[/1] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666,ma │ ├─/dev/tty3 devpts[/2] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666,ma │ ├─/dev/tty4 devpts[/3] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666,ma │ ├─/dev/shm tmpfs tmpfs rw,nosuid,nodev │ ├─/dev/hugepages hugetlbfs hugetlbfs rw,relatime,pagesize=2M │ ├─/dev/mqueue mqueue mqueue rw,nosuid,nodev,noexec,relatime │ ├─/dev/console devpts[/2] devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 │ ├─/dev/.lxc/proc proc proc rw,relatime │ └─/dev/.lxc/sys sys sysfs rw,relatime ├─/proc proc proc rw,nosuid,nodev,noexec,relatime │ ├─/proc/sys proc[/sys] proc ro,nosuid,nodev,noexec,relatime │ │ ├─/proc/sys/kernel/random/boot_id │ │ │ none[/.lxc-boot-id] tmpfs ro,nosuid,nodev,noexec,relatime,size=492k,mode=755 │ │ └─/proc/sys/net proc[/sys/net] proc rw,nosuid,nodev,noexec,relatime │ └─/proc/sysrq-trigger proc[/sysrq-trigger] proc ro,nosuid,nodev,noexec,relatime └─/sys sysfs sysfs rw,nosuid,nodev,noexec,relatime └─/sys sysfs sysfs ro,nosuid,nodev,noexec,relatime ├─/sys/devices/virtual/net sysfs sysfs rw,relatime │ └─/sys/devices/virtual/net │ sysfs[/devices/virtual/net] │ sysfs rw,nosuid,nodev,noexec,relatime ├─/sys/fs/fuse/connections fusectl fusectl rw,nosuid,nodev,noexec,relatime └─/sys/fs/cgroup cgroup cgroup2 rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recurs Fixes https://github.com/systemd/systemd/issues/20032 (cherry picked from commit e01030633c73d3974390292bba381aca1224709b)
* Improve tmpfiles unsafe transition log message (#20048)Albert Brox2021-07-121-3/+9
| | | | (cherry picked from commit f1bda7ead20c210a28be5decad636e1d95d8c3ec)
* man/dnssec-trust-anchors: update comment syntax descriptionZbigniew Jędrzejewski-Szmek2021-07-121-7/+5
| | | | | | | Let's just use the same phrase as in systemd.syntax(7). Fixes #20045. (cherry picked from commit 0b497bc46f4599906e153c1613b32fbb4e4f129e)
* resolved: Fix link to resolv.conf manpageRaul Tambre2021-07-121-1/+1
| | | | | | Seems to typically located in volume 5 these days on Linux systems that systemd targets. (cherry picked from commit 12c0bb31a7c20663bf10a2effe498332400de92c)
* resolved: do not try to copy empty NSEC types bitmapsAlexander Tsoy2021-07-121-6/+10
| | | | | | | | dns_resource_record_copy() assumes that NSEC types bitmap is non-empty which results in a null pointer dereference inside bitmap_copy() in some cases. Fix this by calling bitmap_copy() conditionally. (cherry picked from commit 1f00a50c695fe3b55dee38fbd02a902a6c703c87)
* sd-device: allow to read sysattr which contains embedded NULYu Watanabe2021-07-121-3/+7
| | | | | | | | | | This effectively reverts the commit 2a394d0bf2f0afd8b9ed5faeb33f23459e3c6504. But drop trailing '\r' of the read value, as sd_device_set_sysattr_value() drops it. Fixes #20025. (cherry picked from commit 70160c6eeee07ac6aa817826d13e8eff9563ce1e)
* man: fix incorrect description regarding DynamicUser= and StateDirectory=dgcampea2021-07-121-7/+6
| | | | (cherry picked from commit e8f4bf33d8a6123ad8ae3955c989e36972f4884d)
* udev-test: add a testcase for string_escape=replaceYu Watanabe2021-07-121-0/+15
| | | | (cherry picked from commit 33989b967e30acc3f29f9cf9af3eec1817fd508e)
* udev: fix use of invalid pointerYu Watanabe2021-07-121-1/+1
| | | | | | | | Fixes a bug introduced by ea0f4578a7e90f5227817058bfb11bb91dbb1431. Fixes CID#1457766. (cherry picked from commit 7db6b672752ec7335ade74c7a7c52e5fc684c97a)
* dbus-socket: fix check of Listen* argumentsZbigniew Jędrzejewski-Szmek2021-07-121-2/+2
| | | | | | | | | | | We checked the wrong field, which was always NULL here, so we would always reject the assignment. We would also print the wrong string in the error message: $ sudo systemd-run --socket-property ListenFIFO=/tmp/fifo3 cat Failed to start transient socket unit: Invalid socket path: FIFO (cherry picked from commit aeecab3804aae973577f36880af4b7799e4eb7d5)
* remove a left-over breakDavid Tardon2021-07-121-1/+0
| | | | | | | | | By the "same logic as above...", we want to continue to fallback here, but the break prohibits that. This is a follow-up for ee1aa61c4710ae567a2b844e0f0bb8cb0456ab8c . (cherry picked from commit 99df1cb6f50875db513a5b45f18191460a150f3d)
* resolvectl: Only strip ifname suffixes when being resolvconfMike Crowe2021-07-123-9/+21
| | | | | | | | | | | Only treat interface names containing dots specially when resolvectl is pretending to be resolvconf to fix https://github.com/systemd/systemd/issues/20014 . Move the special suffix-stripping behaviour of ifname_mangle out to the new ifname_resolvconf_mangle to be called from resolvconf only. (cherry picked from commit 7875170f01991a1d28cfe284cc7075630cd69055)
* udev: remove unsafe characters from ID_SERIAL for nvmeYu Watanabe2021-07-121-2/+2
| | | | | | Fixes #19309. (cherry picked from commit 5118e8e71dda211d20e34ec8d3012186ba27d3d3)
* man: update description of "string_escape=" udev optionYu Watanabe2021-07-121-4/+7
| | | | (cherry picked from commit 91c27ac686261fcca913ac6e3fe1520f38440dcb)
* udev: fix key name in debug logYu Watanabe2021-07-121-1/+2
| | | | (cherry picked from commit 51c2f543d1474c2615fb8282ea90b2954db33a7e)
* udev: replace unsafe characters on assigning ENV{key}="val" when ↵Yu Watanabe2021-07-121-0/+6
| | | | | | | | | | | | OPTIONS="string_escape=replace" is set Strictly speaking, this breaks backward compatibility, as previously `ENV{key}="val"` ignored `string_escape=` option. But, introducing a new option such as `string_escape=hoge` sounds overkill for me. The default escape mode is `ESCAPE_UNSET`, so I hope this merely break existing rules. (cherry picked from commit ea0f4578a7e90f5227817058bfb11bb91dbb1431)
* docs: update autofs Kconfig nameAndrea Pappacoda2021-07-121-1/+1
| | | | (cherry picked from commit 0c651d32d49e66ea0152eea5e65dd19fe01e7a06)
* man/50-xdg-data-dirs: add quotes as suggested by shellcheckZbigniew Jędrzejewski-Szmek2021-07-121-2/+2
| | | | (cherry picked from commit aa45911b793255bec34fe8c128c80bda1482cc14)
* sd-journal: add missing bracket in journal verify log messageLennart Poettering2021-07-121-1/+1
| | | | (cherry picked from commit 6abd991c718dbc1480ab7e71103a8b3e886bd3a3)
* sd-dhcp-client: tentatively ignore FORCERENEW commandYu Watanabe2021-07-121-0/+8
| | | | | | | | | | | | This makes DHCP client ignore FORCERENEW requests, as unauthenticated FORCERENEW requests causes a security issue (TALOS-2020-1142, CVE-2020-13529). Let's re-enable this after RFC3118 (Authentication for DHCP Messages) and/or RFC6704 (Forcerenew Nonce Authentication) are implemented. Fixes #16774. (cherry picked from commit 38e980a6a5a3442c2f48b1f827284388096d8ca5)
* completion: fix 'unbound variables' errorsLuca Boccassi2021-07-1217-18/+18
| | | | | | Fixes https://github.com/systemd/systemd/issues/19987 (cherry picked from commit 36ec026830c6978be8bd39f3c6d1d7822495e07f)
View Lorry Controller Status