Merge pull request #12877 from poettering/dynamic-user-re-migrate2
DynamicUser=1 → = 0 migration follow-up
This commit is contained in:
commit
12a9fbe649
|
@ -71,12 +71,13 @@
|
||||||
<term><option>--test</option></term>
|
<term><option>--test</option></term>
|
||||||
|
|
||||||
<listitem><para>Determine the initial start-up transaction (i.e. the list of jobs enqueued at
|
<listitem><para>Determine the initial start-up transaction (i.e. the list of jobs enqueued at
|
||||||
start-up), dump it and exit. This option is useful for debugging only. Note that during regular
|
start-up), dump it and exit — without actually executing any of the determined jobs. This option is
|
||||||
service manager start-up further units might be started than this operation shows, because hardware,
|
useful for debugging only. Note that during regular service manager start-up additional units not
|
||||||
socket, bus or other kinds of activation might add additional jobs. Use <option>--system</option> to
|
shown by this operation may be started, because hardware, socket, bus or other kinds of activation
|
||||||
request the initial transaction of the system service manager (this is also the implied default),
|
might add additional jobs as the transaction is executed. Use <option>--system</option> to request
|
||||||
combine with <option>--user</option> to request the initial transaction of the per-user service
|
the initial transaction of the system service manager (this is also the implied default), combine
|
||||||
manager instead.</para></listitem>
|
with <option>--user</option> to request the initial transaction of the per-user service manager
|
||||||
|
instead.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><option>--dump-configuration-items</option></term>
|
<term><option>--dump-configuration-items</option></term>
|
||||||
|
@ -88,9 +89,8 @@
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><option>--dump-bus-properties</option></term>
|
<term><option>--dump-bus-properties</option></term>
|
||||||
|
|
||||||
<listitem><para>Dump exposed bus properties. This outputs
|
<listitem><para>Dump exposed bus properties. This outputs a terse but complete list of properties
|
||||||
a terse but complete list of properties exposed to dbus.
|
exposed on D-Bus.</para></listitem>
|
||||||
</para></listitem>
|
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><option>--unit=</option></term>
|
<term><option>--unit=</option></term>
|
||||||
|
|
|
@ -2153,6 +2153,10 @@ static int setup_exec_directory(
|
||||||
* it over. Most likely the service has been upgraded from one that didn't use
|
* it over. Most likely the service has been upgraded from one that didn't use
|
||||||
* DynamicUser=1, to one that does. */
|
* DynamicUser=1, to one that does. */
|
||||||
|
|
||||||
|
log_info("Found pre-existing public %s= directory %s, migrating to %s.\n"
|
||||||
|
"Apparently, service previously had DynamicUser= turned off, and has now turned it on.",
|
||||||
|
exec_directory_type_to_string(type), p, pp);
|
||||||
|
|
||||||
if (rename(p, pp) < 0) {
|
if (rename(p, pp) < 0) {
|
||||||
r = -errno;
|
r = -errno;
|
||||||
goto fail;
|
goto fail;
|
||||||
|
@ -2178,7 +2182,11 @@ static int setup_exec_directory(
|
||||||
_cleanup_free_ char *q = NULL;
|
_cleanup_free_ char *q = NULL;
|
||||||
|
|
||||||
/* This already exists and is a symlink? Interesting. Maybe it's one created
|
/* This already exists and is a symlink? Interesting. Maybe it's one created
|
||||||
* by DynamicUser=1 (see above)? */
|
* by DynamicUser=1 (see above)?
|
||||||
|
*
|
||||||
|
* We do this for all directory types except for ConfigurationDirectory=,
|
||||||
|
* since they all support the private/ symlink logic at least in some
|
||||||
|
* configurations, see above. */
|
||||||
|
|
||||||
q = path_join(params->prefix[type], "private", *rt);
|
q = path_join(params->prefix[type], "private", *rt);
|
||||||
if (!q) {
|
if (!q) {
|
||||||
|
@ -2191,6 +2199,10 @@ static int setup_exec_directory(
|
||||||
/* Hmm, apparently DynamicUser= was once turned on for this service,
|
/* Hmm, apparently DynamicUser= was once turned on for this service,
|
||||||
* but is no longer. Let's move the directory back up. */
|
* but is no longer. Let's move the directory back up. */
|
||||||
|
|
||||||
|
log_info("Found pre-existing private %s= directory %s, migrating to %s.\n"
|
||||||
|
"Apparently, service previously had DynamicUser= turned on, and has now turned it off.",
|
||||||
|
exec_directory_type_to_string(type), q, p);
|
||||||
|
|
||||||
if (unlink(p) < 0) {
|
if (unlink(p) < 0) {
|
||||||
r = -errno;
|
r = -errno;
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
1
test/TEST-34-DYNAMICUSERMIGRATE/Makefile
Symbolic link
1
test/TEST-34-DYNAMICUSERMIGRATE/Makefile
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
../TEST-01-BASIC/Makefile
|
48
test/TEST-34-DYNAMICUSERMIGRATE/test.sh
Executable file
48
test/TEST-34-DYNAMICUSERMIGRATE/test.sh
Executable file
|
@ -0,0 +1,48 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -e
|
||||||
|
TEST_DESCRIPTION="test migrating state directory from DynamicUser=1 to DynamicUser=0 and back"
|
||||||
|
|
||||||
|
. $TEST_BASE_DIR/test-functions
|
||||||
|
|
||||||
|
test_setup() {
|
||||||
|
create_empty_image
|
||||||
|
mkdir -p $TESTDIR/root
|
||||||
|
mount ${LOOPDEV}p1 $TESTDIR/root
|
||||||
|
|
||||||
|
(
|
||||||
|
LOG_LEVEL=5
|
||||||
|
eval $(udevadm info --export --query=env --name=${LOOPDEV}p2)
|
||||||
|
|
||||||
|
setup_basic_environment
|
||||||
|
|
||||||
|
# mask some services that we do not want to run in these tests
|
||||||
|
ln -fs /dev/null $initdir/etc/systemd/system/systemd-hwdb-update.service
|
||||||
|
ln -fs /dev/null $initdir/etc/systemd/system/systemd-journal-catalog-update.service
|
||||||
|
ln -fs /dev/null $initdir/etc/systemd/system/systemd-networkd.service
|
||||||
|
ln -fs /dev/null $initdir/etc/systemd/system/systemd-networkd.socket
|
||||||
|
ln -fs /dev/null $initdir/etc/systemd/system/systemd-resolved.service
|
||||||
|
ln -fs /dev/null $initdir/etc/systemd/system/systemd-machined.service
|
||||||
|
|
||||||
|
# setup the testsuite service
|
||||||
|
cat >$initdir/etc/systemd/system/testsuite.service <<EOF
|
||||||
|
[Unit]
|
||||||
|
Description=Testsuite service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
ExecStart=/bin/bash -x /testsuite.sh
|
||||||
|
Type=oneshot
|
||||||
|
StandardOutput=tty
|
||||||
|
StandardError=tty
|
||||||
|
NotifyAccess=all
|
||||||
|
EOF
|
||||||
|
cp testsuite.sh $initdir/
|
||||||
|
|
||||||
|
setup_testsuite
|
||||||
|
) || return 1
|
||||||
|
setup_nspawn_root
|
||||||
|
|
||||||
|
ddebug "umount $TESTDIR/root"
|
||||||
|
umount $TESTDIR/root
|
||||||
|
}
|
||||||
|
|
||||||
|
do_test "$@"
|
46
test/TEST-34-DYNAMICUSERMIGRATE/testsuite.sh
Executable file
46
test/TEST-34-DYNAMICUSERMIGRATE/testsuite.sh
Executable file
|
@ -0,0 +1,46 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -ex
|
||||||
|
set -o pipefail
|
||||||
|
|
||||||
|
systemd-analyze log-level debug
|
||||||
|
systemd-analyze log-target console
|
||||||
|
|
||||||
|
# Set everything up without DynamicUser=1
|
||||||
|
|
||||||
|
systemd-run --wait -p DynamicUser=0 -p StateDirectory=zzz touch /var/lib/zzz/test
|
||||||
|
systemd-run --wait -p DynamicUser=0 -p StateDirectory=zzz test -f /var/lib/zzz/test
|
||||||
|
! systemd-run --wait -p DynamicUser=0 -p StateDirectory=zzz test -f /var/lib/zzz/test-missing
|
||||||
|
|
||||||
|
test -d /var/lib/zzz
|
||||||
|
! test -L /var/lib/zzz
|
||||||
|
! test -e /var/lib/private/zzz
|
||||||
|
test -f /var/lib/zzz/test
|
||||||
|
! test -f /var/lib/zzz/test-missing
|
||||||
|
|
||||||
|
# Convert to DynamicUser=1
|
||||||
|
|
||||||
|
systemd-run --wait -p DynamicUser=1 -p StateDirectory=zzz test -f /var/lib/zzz/test
|
||||||
|
! systemd-run --wait -p DynamicUser=1 -p StateDirectory=zzz test -f /var/lib/zzz/test-missing
|
||||||
|
|
||||||
|
test -L /var/lib/zzz
|
||||||
|
test -d /var/lib/private/zzz
|
||||||
|
|
||||||
|
test -f /var/lib/zzz/test
|
||||||
|
! test -f /var/lib/zzz/test-missing
|
||||||
|
|
||||||
|
# Convert back
|
||||||
|
|
||||||
|
systemd-run --wait -p DynamicUser=0 -p StateDirectory=zzz test -f /var/lib/zzz/test
|
||||||
|
! systemd-run --wait -p DynamicUser=0 -p StateDirectory=zzz test -f /var/lib/zzz/test-missing
|
||||||
|
|
||||||
|
test -d /var/lib/zzz
|
||||||
|
! test -L /var/lib/zzz
|
||||||
|
! test -e /var/lib/private/zzz
|
||||||
|
test -f /var/lib/zzz/test
|
||||||
|
! test -f /var/lib/zzz/test-missing
|
||||||
|
|
||||||
|
systemd-analyze log-level info
|
||||||
|
|
||||||
|
echo OK > /testok
|
||||||
|
|
||||||
|
exit 0
|
Loading…
Reference in a new issue