| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
| |
Remember to set sd->pushed_fd when we receive an fd from PID1 on startup,
the same as we set it when we send an fd to PID1.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
$ git grep FDNAME
logind-session-device.c: ... "FDNAME=session-", sd->session->id);
logind-session-device.c: ... "FDNAME=session", sd->session->id);
Oops.
Fixes #8343. Or at least a more minimal reproducer. Xorg still
dies when logind is restarted, but the Xorg message says this
is entirely deliberate.
(This could also be the reason I hit #8035, instead of the race
condition I originally suggested).
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Quite often we need to set up a number of fds as stdin/stdout/stderr of
a process we are about to start. Add a generic implementation for a
routine doing that that takes care to do so properly:
1. Can handle the case where stdin/stdout/stderr where previously
closed, and the fds to set as stdin/stdout/stderr hence likely in the
0..2 range. handling this properly is nasty, since we need to first
move the fds out of this range in order to later move them back in, to
make things fully robust.
2. Can optionally open /dev/null in case for one or more of the fds, in
a smart way, sharing the open file if possible between multiple of
the fds.
3. Guarantees that O_CLOEXEC is not set on the three fds, even if the fds
already were in the 0..2 range and hence possibly weren't moved.
|
| |
|
|
|
| |
Let's systematically make use of reallocarray() whereever we invoke
realloc() with a product of two values.
|
| |
|
|
| |
For consistency.
|
| | |
|
| |
|
|
| |
Fixes: #8291
|
| | |
|
| | |
|
| |
|
|
|
| |
After discussing with the kernel folks, we agreed to default to 0700 for
this. Better safe than sorry.
|
| |
|
|
| |
Follow-up for 157baa87e4.
|
| |
|
|
| |
Follow-up for #8149.
|
| |
|
|
|
| |
I didn't like the nested loop where we'd count what we have acquired already,
since we should always know that.
|
| |
|
|
|
|
|
|
| |
The kernel exposes the necessary data in /proc anyway, let's expose it
hence by default.
With this in place "systemctl status -- -.slice" will show accounting
data out-of-the-box now.
|
| |
|
|
|
| |
Do what we already prepped in cgtop for the root slice in PID 1 too:
consult /proc for the data we need.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Let's make sure we don't clobber the return parameter on failure, to
follow our coding style. Also, break the loop early if we have all
attributes we need.
This also changes the keys parameter to a simple char**, so that we can
use STRV_MAKE() for passing the list of attributes to read.
This also makes it possible to distuingish the case when the whole
attribute file doesn't exist from one key in it missing. In the former
case we return -ENOENT, in the latter we now return -ENXIO.
|
| |
|
|
|
|
| |
This is preparation for emulating the "usage_usec" keyed attribute of
the "cpu.stat" property of the root cgroup from data in /proc. Similar,
for emulating the "memory.current" attribute.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
messages pending
We maintain a queue of units and jobs that we are supposed to generate
change/new notifications for because they were either just created or
some of their property has changed. Let's throttle processing of this
queue a bit: as soon as > 1K of bus messages are queued for writing
let's skip processing the queue, and then recheck on the next
iteration again.
Moreover, never process more than 100 units in one go, return to the
event loop after that. Both limits together should put effective limits
on both space and time usage of the function, delaying further
operations until a later moment, when the queue is empty or the the
event loop is sufficiently idle again.
This should keep the number of generated messages much lower than
before on busy systems or where some client is hanging.
Note that this also means a bad client can slow down message dispatching
substantially for up to 90s if it likes to, for all clients. But that
should be acceptable as we only allow trusted bus clients, anyway.
Fixes: #8166
|
| | |
|
| | |
|
| |
|
|
|
|
| |
At various places we only want to close fds if they are not
stdin/stdout/stderr, i.e. fds 0, 1, 2. Let's add a unified helper call
for that, and port everything over.
|
| |
|
|
|
|
|
|
|
| |
I figure sooneror later we'll have more of these docs, hence let's give
them a clean place to be.
This leaves NEWS and README/README.md as well as the LICENSE texts in
the root directory of the project since that appears to be customary for
Free Software projects.
|
| |
|
|
|
|
|
|
|
|
|
| |
rule-syntax-check.py failed with the following error:
$ ./test/rule-syntax-check.py ./src/login/70-uaccess.rules
Invalid line ./src/login/70-uaccess.rules:31: SUBSYSTEM=="sound", TAG+="uaccess" OPTIONS+="static_node=snd/timer", OPTIONS+="static_node=snd/seq"
clause: TAG+="uaccess" OPTIONS+="static_node=snd/timer"
The comma is actually optional but the script makes it mandatory which seems a
good thing since it improves readability.
|
| |
|
|
| |
Accurate for both ppc and ppc64 according to https://fedora.juszkiewicz.com.pl/syscalls.html.
|
| |
|
|
| |
Fixes: #8278
|
| | |
|
| |
|
|
| |
Fixes: #8035
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Let's initialize static variables properly and get rid of redundant
variables.
|
| |
|
|
|
| |
Just some addition whitespace, some additional assert()s, and removal of
redundant variables.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gcc warns about unitialized memory access because it notices that ssize_t which
is < 0 could be cast to positive int value. We know that this can't really
happen because only -1 can be returned, but OTOH, in principle a large
*positive* value cannot be cast properly. This is unlikely too, since xattrs
cannot be too large, but it seems cleaner to just use a size_t to return the
value and avoid the cast altoghter. This makes the code simpler and gcc is
happy too.
The following warning goes away:
[113/1502] Compiling C object 'src/basic/basic@sta/xattr-util.c.o'.
In file included from ../src/basic/alloc-util.h:28:0,
from ../src/basic/xattr-util.c:30:
../src/basic/xattr-util.c: In function ‘fd_getcrtime_at’:
../src/basic/macro.h:207:60: warning: ‘b’ may be used uninitialized in this function [-Wmaybe-uninitialized]
UNIQ_T(A,aq) < UNIQ_T(B,bq) ? UNIQ_T(A,aq) : UNIQ_T(B,bq); \
^
../src/basic/xattr-util.c:155:19: note: ‘b’ was declared here
usec_t a, b;
^
|
| | |
|
| |
|
|
| |
gcc complains that len might be used unitialized, but afaict, this is not true.
|
| |
|
|
|
|
|
|
| |
There isn't much difference, but in general we prefer to use the standard
functions. glibc provides reallocarray since version 2.26.
I moved explicit_bzero is configure test to the bottom, so that the two stdlib
functions are at the bottom.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
$ sudo systemd-run -p RootDirectory=/usr -E LD_LIBRARY_PATH=/lib/systemd/ -E SYSTEMD_LOG_LEVEL=debug /bin/systemd-detect-virt
Before
systemd-detect-virt[18498]: No virtualization found in DMI
systemd-detect-virt[18498]: No virtualization found in CPUID
systemd-detect-virt[18498]: Virtualization XEN not found, /proc/xen does not exist
systemd-detect-virt[18498]: This platform does not support /proc/device-tree
systemd-detect-virt[18498]: Failed to check for virtualization: No such file or directory
The first four lines are at debug level, so the user would only see that last
one usually, which is not very enlightening.
This now becomes:
systemd-detect-virt[21172]: No virtualization found in DMI
systemd-detect-virt[21172]: No virtualization found in CPUID
systemd-detect-virt[21172]: Virtualization XEN not found, /proc/xen does not exist
systemd-detect-virt[21172]: This platform does not support /proc/device-tree
systemd-detect-virt[21172]: /proc/cpuinfo not found, assuming no UML virtualization.
systemd-detect-virt[21172]: This platform does not support /proc/sysinfo
systemd-detect-virt[21172]: Found VM virtualization none
systemd-detect-virt[21172]: none
We do more checks, which is good too.
|
| |
|
|
|
|
| |
Then it can be used in the asserts in logging functions without causing
infinite recursion. The error is just printed to stderr, it should be
good enough for the common case.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gcc-8 throws an error if it knows snprintf might truncate output and the
return value is ignored:
../src/udev/udev-builtin-net_id.c: In function 'dev_pci_slot':
../src/udev/udev-builtin-net_id.c:297:47: error: '%s' directive output may be truncated writing up to 255 bytes into a region of size between 0 and 4095 [-Werror=format-truncation=]
snprintf(str, sizeof str, "%s/%s/address", slots, dent->d_name);
^~
../src/udev/udev-builtin-net_id.c:297:17: note: 'snprintf' output between 10 and 4360 bytes into a destination of size 4096
snprintf(str, sizeof str, "%s/%s/address", slots, dent->d_name);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
Let's check all return values. This actually makes the code better, because there's
no point in trying to open a file when the name has been truncated, etc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If log_do_header() was called with overly long parameters, it'd generate
improper output. Essentially, it'd be truncated at random point, in particular
missing a newline at the end, so it'd run with the next field, usually MESSAGE=.
log_do_header is called with parameters from compiled code (file name, lien
nubmer, etc), so in practice this was unlikely to ever be a problem, but it is
possible. In particular, if systemd was compiled from sources in some deeply
nested directory (which happens for example in mock and other build roots), the
filename could be very long.
As a safety measure, let's truncate all parameters to 256 bytes. So we have
5 fields which are 256 bytes (plus the field name prefix), and a few other
fields with fixed width. This must always fit in the 2048 byte buffer.
I don't think there's much gain in calculating the required length precisely,
since it's a lot of fields and a few bytes allocated on the stack don't matter.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
log_dispatch_internal has only one caller where the extra_field/extra
params are not null: log_unit_full. When log_unit_full() was called,
when we got to log_dispatch_internal, our header would look like this:
PRIORITY=7
SYSLOG_FACILITY=3
CODE_FILE=../src/core/manager.c
CODE_LINE=2145
CODE_FUNC=manager_invoke_sigchld_event
USER_UNIT=gnome-terminal-server.service
65dffa7a3b984a6d9a46f0b8fb57710bUSER_INVOCATION_ID=
SYSLOG_IDENTIFIER=systemd
It took me a while to understand why I'm not seeing mangled messages in the
journal (after all, "" is a valid rvalue for log messages). The answer is that
journald rejects any field name which starts with a digit, and the MESSAGE_ID
that was used here starts with a digit. Hence, those lines would be silently
filtered out.
|
| |
|
|
|
| |
It makes the code easier to read, because it's obvious that the function
cannot be called from elsewhere.
|
| |
|
|
|
| |
The buffers are fixed size, so the message may not fit, but we don't
particularly care.
|
| |
|
|
|
|
|
|
| |
This reverts commit a7419dbc59da5c8cc9e90b3d96bc947cad91ae16.
_All_ changes in that commit were wrong.
Fixes #8211.
|
