Lennart Poettering
bb970e5774
update TODO
2020-08-17 09:12:02 +02:00
Michael Scherer
bcf08acbff
Newer Glibc use faccessat2 to implement faccessat
...
cf https://repo.or.cz/glibc.git/commit/3d3ab573a5f3071992cbc4f57d50d1d29d55bde2
This cause breakage on Fedora Rawhide: https://bugzilla.redhat.com/show_bug.cgi?id=1869030
2020-08-16 15:10:13 +02:00
Lennart Poettering
61c8b73a35
Merge pull request #16705 from bluca/verity_udev_wait
...
Verity: use udev to wait for symlink creation on concurrent activations
2020-08-14 20:14:57 +02:00
Luca Boccassi
ce5eef6530
shared/udev-util: fix sd_device leak in device_wait_for_initialization
...
If the caller doesn't pass a return pointer, or if sd_event_loop fails
after the device was found and referenced, it never gets dereferenced.
2020-08-14 15:26:04 +01:00
Luca Boccassi
efc3b12fdb
tree-wide: enable/disable libcrypsetup debug output depending on our level
...
Avoid always setting to debug, as it will incur in many more callbacks from
libcrypsetup that then get discarded, wasting resources.
2020-08-14 15:26:04 +01:00
Luca Boccassi
ecab4c470c
dissect: yield for 2ms when a verity device cannot be opened before retrying
...
If we don't succeed on the first try it's because another process is
opening the same device. Do a microsleep for 2ms to increase the
chances it has completed the next time around the loop.
2020-08-14 15:26:04 +01:00
Luca Boccassi
9ecb5c10fd
dissect: account for EBUSY when verity device already exists
...
In some cases, libdevmapper/libcrypsetup might return EBUSY instead of
EEXIST when opening a shared device. Treat it in the same way.
2020-08-14 15:26:04 +01:00
Luca Boccassi
c419b6f0cf
dissect: wait for udev event if verity device not yet available
...
The symlink /dev/mapper/dm_name is created by udev after a mapper
device is set up. So libdevmapper/libcrypsetup might tell us that
a verity device exists, but the symlink we use as the source for
the mount operation might not be there yet.
Instead of falling back to a new unique device set up, wait for
the udev event matching on the expected devlink for at least 100ms
(after which the benefits of sharing a device in terms of setup
time start to disappear - on my production machines, opening a new
verity device seems to take between 150ms and 300ms)
2020-08-14 15:26:04 +01:00
Luca Boccassi
030a0d79ff
udev-util: add device_wait_for_devlink
...
Allows to wait for an event by matching on the devlink that gets
created.
2020-08-14 15:26:04 +01:00
Lennart Poettering
3f181262f4
namespace: fix minor memory leak
2020-08-14 15:33:04 +02:00
Lennart Poettering
830171936c
Merge pull request #16612 from poettering/dissect-copy
...
teach systemd-dissect file copying, and make it officially supported, move to /usr/bin + man page
2020-08-13 11:26:49 +02:00
Lennart Poettering
1af83e7c37
update TODO
2020-08-12 22:39:43 +02:00
Lennart Poettering
35afe47abe
test: update tests to use new JSON output instead of human readable output
2020-08-12 22:39:43 +02:00
Lennart Poettering
de8231b007
dissect: add support for outputting JSON
2020-08-12 22:39:43 +02:00
Lennart Poettering
0b9481cf2e
json: add helpers for dealing with id128 + strv
2020-08-12 22:39:43 +02:00
Lennart Poettering
61f403a14f
man: document systemd-dissect
2020-08-11 22:29:50 +02:00
Lennart Poettering
5a151082d7
meson: move systemd-dissect to /usr/bin
2020-08-11 22:29:50 +02:00
Lennart Poettering
af8219d562
dissect: show proper error strings for more errors
...
Also, make inability to decrypt and EBUSY a non-fatal issue, since we
still are able to display the mount table then.
2020-08-11 22:29:50 +02:00
Lennart Poettering
af187ab237
dissect: introduce new helper dissected_image_mount_and_warn() and use it everywhere
2020-08-11 22:26:48 +02:00
Lennart Poettering
fa45d12c1c
dissect: use recognizable error if we are supposed to mount an encrypted fs
...
Also, document EBUSY
2020-08-11 22:26:48 +02:00
Lennart Poettering
37e44c3f95
dissect: immediately close pipes when we determined we have no data for them
...
This effectively makes little difference because we exit soon later
anyway, which will close the fds, too. However, it's still useful since
it means the parent will get EOF events on them in the order we process
things and isn't delayed to process the data from the pipes until the
child dies.
2020-08-11 22:26:48 +02:00
Lennart Poettering
f5ea63a5e1
dissect: properly propagate some relevant dissection errors
...
Let's send some specific error codes from helper process to parent via
the return value, and convert them back there.
2020-08-11 22:26:48 +02:00
Lennart Poettering
89d00f2e3f
dissect: beef up dissection output
...
Let's use a proper table for outputting partition information. Let's
also put the general information about the image first, and the table
after that.
Moreover, dissect the image before showing any output, so that we can
early on return an error if the image is not valid.
2020-08-11 22:26:48 +02:00
Lennart Poettering
e3659eb236
dissect: load verity metadata earlier
...
That way we can turn off kernel partition scanning if verity data is
available (as we don't support verity for full GPT images, only for
simple file system images).
2020-08-11 22:26:48 +02:00
Lennart Poettering
16b7459280
dissect: show more information in output
...
Let's show size and image filename.
2020-08-11 22:26:48 +02:00
Lennart Poettering
33973b841d
dissect: add support for copying files in/out of image
2020-08-11 22:26:48 +02:00
Lennart Poettering
bacf21e9e9
copy: add copy_access() helper for copying access mode
2020-08-11 22:26:48 +02:00
Lennart Poettering
5c05f06264
dissect: optionally mkdir directory to overmount
2020-08-11 22:26:48 +02:00
Lennart Poettering
1ffd93683b
mkdir: handle mkdir_p() of simple filename gracefully
2020-08-11 22:26:48 +02:00
Lennart Poettering
140788f75f
dissect: support --discard=list
2020-08-11 22:26:48 +02:00
Lennart Poettering
ee72df1c7b
firstboot: move --image= logic into common code
...
That way we can reuse it in tmpfiles/sysusers/journalctl and so on.
2020-08-11 22:26:48 +02:00
Lennart Poettering
c53da7ed02
Merge pull request #16678 from poettering/loop-configure
...
loop-util: use new LOOP_CONFIGURE ioctl added in kernel 5.8
2020-08-11 22:22:27 +02:00
Lennart Poettering
6b49257f6b
man: fix incorrectly placed full stop
2020-08-11 19:36:04 +01:00
Lennart Poettering
d8857af4d0
update TODO
2020-08-11 15:24:18 +02:00
Lennart Poettering
86c1c1f345
loop-util: use new LOOP_CONFIGURE ioctl
...
LOOP_CONFIGURE allows us to configure a loopback device in one ioctl
instead of two, which is not just faster but also removes the race that
udev might start probing the device before we adjusted things properly.
Unfortunately LOOP_CONFIGURE is broken in regards to LO_FLAGS_PARTSCAN
as of kernel 5.8.0. This patch contains a work-around for that, to
fallback to old behaviour if partition scanning is requested but does
not work. Sucks a bit.
Proposed upstream fix for that issue:
https://lkml.org/lkml/2020/8/6/97
2020-08-11 15:24:18 +02:00
Lennart Poettering
834c15ec38
dissect: use new blockdev_partscan_enabled() API where appropriate
2020-08-11 10:30:19 +02:00
Lennart Poettering
e8467cd31c
blockdev-util: add correct API for detecting if block device has partition scanning enabled
...
Instead of checking the loopback ioctls, let's check sysfs, so that we
catch all kinds of block devices, not just loopback block devices.
2020-08-11 10:29:43 +02:00
Anita Zhang
96a4ce9f1d
Merge pull request #16690 from poettering/userdb-group-desc
...
description field for group records
2020-08-11 00:27:54 -07:00
Lennart Poettering
7e31e90e58
units: order volatile-root after repart
...
Let's make sure systemd-repart can still see the real device before we
replace its mount with an overlay mount, and thus order repart before
volatile-root.
See: https://lists.freedesktop.org/archives/systemd-devel/2020-July/044896.html
2020-08-11 09:12:56 +02:00
Lennart Poettering
3f64046cda
Merge pull request #16697 from yuwata/network-fix-suspend-issue
...
network: fix suspend issue
2020-08-10 20:09:36 +02:00
Lennart Poettering
721bb6ed08
Merge pull request #16684 from keszybz/assorted-cleanups
...
Assorted cleanups
2020-08-10 19:28:05 +02:00
Nicholas Narsing
a2af7e5c7e
hwdb: Add ACCEL_MOUNT_MATRIX quirk for Asus M80TA
2020-08-10 17:31:58 +02:00
Yu Watanabe
9b966cee43
network: wait for previous address removal before configuring static addresses
...
Fixes #16696 .
2020-08-08 12:41:03 +09:00
Yu Watanabe
b6766fb114
network: drop unnecessary bracket
2020-08-08 12:31:59 +09:00
Yu Watanabe
fb282d4e25
network: only process non-error message
2020-08-08 12:31:12 +09:00
Lennart Poettering
a8c9824d2a
Merge pull request #16682 from poettering/userdb-gecos-fix
...
userdb: mangle GECOS field if necessary
2020-08-07 22:57:41 +02:00
Lennart Poettering
5cd12abaa0
user-record: deal with invalid GECOS fields gracefully
...
Let's fix up invalid GECOS fields both when we convert from NSS to JSON
and the other way round.
Kinda sucks we have to do that, but NSS does it when writing data to
/etc/passwd, so let's do the same.
Fixes : #16668
2020-08-07 17:36:27 +02:00
Lennart Poettering
b10fd796f5
user-util: add mangle_gecos() call for turning strings into fields suitable as GECOS fields
2020-08-07 17:36:11 +02:00
Matt Fenwick
c1c28fe2f7
fix typo in systemctl help
2020-08-07 16:57:28 +02:00
Zbigniew Jędrzejewski-Szmek
992aa67231
Merge pull request #16604 from poettering/tmpfiles-image
...
add --image= switch to tmpfiles, sysusers, journalctl
2020-08-07 10:08:42 +02:00