This is useful for debugging client-side ref counting of units: for each
ref taken on a unit the client's sender name is listed. If a client has
multiple refs on the same unit it is listed multiple times.
When a machine scope is registered by machined, let's add a reference to
it, and change the GC mode so that the unit is cleaned up as soon as
machined drops the reference, regardless of the fail state.
Fixes: #2809
We have the machine name anyway, let's use TerminateMachine() on
machined's Manager object directly with it. That way it's a single
method call only, instead of two, to terminate the machine.
This adds a new pair of API calls sd_bus_set_close_on_exit() and
sd_bus_get_close_on_exit(). They control whether an sd_bus object
attached to a an sd-event loop shall automatically be flushed/closed
when the event loop goes down. Usually that's a good thing, except for
very few cases where the bus connection is longer living than the event
loop it is attached on. Specifically, this is the case for nspawn, where
we run the event loop only while the container is up, but afterwards
still want to be able to use the bus connection.
This is the same as Abandon() on the Scope object, but saves clients
from first translating a unit name into a unit object path. This logic
matches how all the other unit methods have counterparts on the Manager
object too (e.g. StopUnit() on the Manager object matching Stop() on the
Unit object), this one was simply forgotten so far.
Behaviour is prett ymuch the same, but there's some additional type
checking done on the input parameters.
(In the case of UNIT_WRITE_FLAGS_NOOP() the C compiler won't actually do
the type checking necessarily, but static chckers at least could)
The test is currently failing when run under ASan in a docker container:
```
--- command ---
SYSTEMD_KBD_MODEL_MAP='/build/src/locale/kbd-model-map' PATH='/build/build:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' SYSTEMD_LANGUAGE_FALLBACK_MAP='/build/src/locale/language-fallback-map' /build/build/test-capability
--- stderr ---
have ambient caps: yes
Capabilities:= cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,cap_wake_alarm,cap_block_suspend,cap_audit_read+eip
Capabilities:= cap_dac_override,cap_net_raw+ep
==7021==LeakSanitizer has encountered a fatal error.
==7021==HINT: For debugging, try setting environment variable LSAN_OPTIONS=verbosity=1:log_threads=1
==7021==HINT: LeakSanitizer does not work under ptrace (strace, gdb, etc)
Assertion 'WIFEXITED(status) && WEXITSTATUS(status) == 0' failed at ../src/test/test-capability.c:71, function fork_test(). Aborting.
-------
```
https://api.travis-ci.org/v3/job/452349948/log.txt
Docker's default capability set has the inherited flag already
set - that breaks tests which expect otherwise. Let's just
drop the check and run the test anyway.
Fixes#10663
We only use this when we don't require the best randomness. The primary
usecase for this is UUID generation, as this means we don't drain
randomness from the kernel pool for them. Since UUIDs are usually not
secrets RDRAND should be goot enough for them to avoid real-life
collisions.
Originally, the high_quality_required boolean argument controlled two
things: whether to extend any random data we successfully read with
pseudo-random data, and whether to return -ENODATA if we couldn't read
any data at all.
The boolean got replaced by RANDOM_EXTEND_WITH_PSEUDO, but this name
doesn't really cover the second part nicely. Moreover hiding both
changes of behaviour under a single flag is confusing. Hence, let's
split this part off under a new flag, and use it from random_bytes().
This should normally not happen, but given that the man page suggests
something about this in the context of interruption, let's handle this
and propagate an I/O error.
It's more descriptive, since we also have a function random_bytes()
which sounds very similar.
Also rename pseudorandom_bytes() to pseudo_random_bytes(). This way the
two functions are nicely systematic, one returning genuine random bytes
and the other pseudo random ones.
This reorganizes the systemd.timer man page so that it doesn't claim
there are no implicit dependencies right after specifying the implicit
dependencies, and so that it matches the other man pages for units. This
fixes a mistake introduced by commit aed5cb03db.
Lennart Poettering