Takes a single /sys/fs/bpf/pinned_prog string as argument, but may be
specified multiple times. An empty assignment resets all previous filters.
Closes https://github.com/systemd/systemd/issues/10227
I have an .efi image with embedded newlinews. Now I don't even remember if it
was created for testing or by accident, but it doesn't really matter. We should
display such files correctly.
(This isn't a problem with normal BLS entries, because input is split into lines
so newlines are consumed.)
Because it's not a device path and (slightly) bad things happen if it
gets confused with one:
$ udevadm info /sys/
Assertion 'device->devpath[0] == '/'' failed at
../src/libsystemd/sd-device/sd-device.c:958,
function sd_device_get_devpath(). Aborting.
Aborted (core dumped)
# udevadm control --property=HELLO=WORLD
Received udev control message (ENV), unsetting 'HELLO'
# udevadm control --property=HELLO=
Received udev control message (ENV), setting 'HELLO='
Oh no, it's busted. Let's try removing this one little negation real quick
to see if it helps...
# udevadm control --property=HELLO=WORLD
Received udev control message (ENV), setting 'HELLO=WORLD'
# udevadm control --property=HELLO=
Received udev control message (ENV), unsetting 'HELLO'
Feels much better now.
Those messages were quite confusing. In particular "adding address" suggests
that we are assiging a new address to an interface, but in fact we're just
reacting to a notification about an addition. So let's call that "remembering"
and "forgetting". It's not fully gramatically correct, but I think it's much
clearer than "adding"/"removing" in this context.
And "received address without address" is too cryptic, let's say "address
message" to distinguish the message from its content.
Also, make failure to format address non-fatal, and print more details in
various places.
For some reason, systemd-logind is trying to handle idle action in one of my containers:
Jun 07 10:28:08 rawhide systemd-logind[42]: System idle. Taking action.
Jun 07 10:28:08 rawhide systemd-logind[42]: Requested operation not supported, ignoring.
But we didn't log what exactly was being done. Let's put the name of the action in messages.
All callers pass either a fixed action, or HANDLE_IGNORE is explicitly filtered
out. Let's remove this case here, because we cannot properly log what opreation
we are ignoring.
Make possible to set NUMA allocation policy for manager. Manager's
policy is by default inherited to all forked off processes. However, it
is possible to override the policy on per-service basis. Currently we
support, these policies: default, prefer, bind, interleave, local.
See man 2 set_mempolicy for details on each policy.
Overall NUMA policy actually consists of two parts. Policy itself and
bitmask representing NUMA nodes where is policy effective. Node mask can
be specified using related option, NUMAMask. Default mask can be
overwritten on per-service level.
These options are pretty much equivalent to "journal" and
"journal+console" anyway, let's simplify things, and drop them from the
documentation hence.
For compat reasons let's keep them in the code.
(Note that they are not 100% identical to 'journal', but I doubt the
distinction in behaviour is really relevant to keep this in the docs.
And we should probably should drop 'syslog' entirely from our codebase
eventually, but it's problematic as long as we semi-support udev on
non-systemd systems still.)
This is a workaround to make IPAddressDeny=any/IPAddressAllow=any work
for non-root users that have CAP_NET_ADMIN. "any" was chosen since
all or nothing network access is one of the most common use cases for
isolation.
Allocating BPF LPM TRIE maps require CAP_SYS_ADMIN while BPF_PROG_TYPE_CGROUP_SKB
only needs CAP_NET_ADMIN. In the case of IPAddressXYZ="any" we can just
consistently return false/true to avoid allocating the map and limit the user
to having CAP_NET_ADMIN.
It's possible for a zombie process to have live threads. These are not listed
in /sys in "cgroup.procs" for cgroupsv2, but they show up in
"cgroup.threads" (cgroupv2) or "tasks" (cgroupv1) nodes. When killing a
cgroup (v2 only) with SIGKILL, let's also kill threads after killing processes,
so the live threads of a zombie get killed too.
Closes#12262.
prefix_root() is equivalent to path_join() in almost all ways, hence
let's remove it.
There are subtle differences though: prefix_root() will try shorten
multiple "/" before and after the prefix. path_join() doesn't do that.
This means prefix_root() might return a string shorter than both its
inputs combined, while path_join() never does that. I like the
path_join() semantics better, hence I think dropping prefix_root() is
totally OK. In the end the strings generated by both functon should
always be identical in terms of path_equal() if not streq().
This leaves prefix_roota() in place. Ideally we'd have path_joina(), but
I don't think we can reasonably implement that as a macro. or maybe we
can? (if so, sounds like something for a later PR)
Also add in a few missing OOM checks
The OCI changes in #9762 broke a use case in which we use nspawn from
inside a container that has dropped capabilities from the bounding set
that nspawn expected to retain. In an attempt to keep OCI compliance
and support our use case, I made hard failing on setting capabilities
not in the bounding set optional (hard fail if using OCI and log only
if using nspawn cmdline).
Fixes#12539
