Some kernel modules may be loaded if the hardware does not exist
(usually when the hardware is hot-pluggable), while others fail with
ENODEV. Let's make those two cases more similar, and simply log
modules which cannot be loaded because of missing hardware without
failing systemd-modules-load.service.
For modules which don't exist, let's warn, but not fail the whole
service. I think a warning is appropriate because it's likely that
a typo was made.
More specifically, it should return > 0 only for conditions specified in
probe_flags. We only set KMOD_PROBE_APPLY_BLACKLIST in probe_flags, so the
code was correct, but add an assert to clarify this.
tmpfiles: remove old ICE and X11 sockets at boot
When not using tmpfs based /tmp, leftover sockets
might prevent X startup. Ensure directory is clean at boot time.
This change noticeably increases completion performance at the expense
of preventing possible _correct, _approximate or any matcher-list rules.
Still, responsiveness increase so huge seems to make it worth the price.
This adds "systemd-resolve --reset-server-features" for explicitly
forgetting what we learnt. This might be useful for debugging
purposes, and to force systemd-resolved to restart its learning logic
for all DNS servers.
When the network configuration changes we should relearn everything
there is to know about the configured DNS servers, because we might talk
to the same addresses, but there might be different servers behind them.
After the discussions around #7003 I think we should restore the
User=systemd-journal-gateway line for systemd-journal-gatewayd.service,
too, so that we continue to use the state user if it exists, and create
it as dynamic user only when it does not.
Note that undoes part of a change made after 234, i.e. a never released
change.
The gettid syscall is one of the most basic syscalls, it never fails and
it operates on current thread. Most applications are not suposed to use
it, however even if it is used there is no much justification on blocking
it. This patch removes it from '@process' set so if users blacklist this
set to block setns or clone syscalls, the gettid syscall will still be
available. Of course they can always block gettid explicitly.
Note that the gettid is already in the '@default' set.
We added JobRunningTimeoutSec= late, and Dracut configured only
JobTimeoutSec= to turn of root device timeouts before. With this change
we'll propagate a reset of JobTimeoutSec= into JobRunningTimeoutSec=,
but only if the latter wasn't set explicitly.
This should restore compatibility with older systemd versions.
Fixes: #6402
When we a reply message gets longer than the client supports we need to
truncate the response and set the TC bit, and we already do that.
However, we are not supposed to send incomplete RRs in that case, but
instead truncate right at a record boundary. Do that.
This fixes the "Message parser reports malformed message packet."
warning the venerable "host" tool outputs when a very large response is
requested.
See: #6520
System calls might exist on some archs but not on others, or might be
multiplexed but not on others. Ignore such errors when putting together
a filter at this location like we already do it on all others.
Unfortunately libseccomp doesn't return (nor document) clean error
codes, hence until then only check for specific error codes that we
propagate, but ignore (but debug log) all others. Do this at one more
place, we are already doing that at all others.
When a libseccomp implementation doesn't know a syscall yet, that's no
reason for us to fail completely. Instead, debug log, and proceed.
This hopefully fixes the preadv2/pwritev2 issues pointed out here:
https://github.com/systemd/systemd/pull/6952#issuecomment-334302923
Also, move prlimit64() out of @resources.
prlimit64() may be used both for getting and setting resource limits, and
is implicitly called by glibc at various places, on some archs, the same
was as getrlimit(). SImilar, igetrlimit() is an arch-specific
replacement for getrlimit(), and hence should be whitelisted at the same
place as getrlimit() and prlimit64().
Also see: https://lists.freedesktop.org/archives/systemd-devel/2017-September/039543.html
This fixes a mostly theoretical potential security hole: if for some
reason we failed to remove IPC objects created for a dynamic user (maybe
because a MAC/SElinux erronously prohibited), then we should not hand
out the same UID again until they are successfully removed.
With this commit we'll enumerate the IPC objects currently existing, and
step away from using a UID for the dynamic UID logic if there are any
matching it.
Michal Sekletar