This makes DEPTH_MAX lower value, as test-json fails with stack
overflow.
Note that the test can pass with 8k, but for safety, here set to 4k.
Fixes#10738.
My logs are full of:
systemd-udevd[6586]: seq 13515 queued, 'add' 'block'
systemd-udevd[6586]: seq 13516 queued, 'change' 'block'
systemd-udevd[6586]: seq 13517 queued, 'change' 'block'
systemd-udevd[6586]: seq 13518 queued, 'remove' 'bdi'
systemd-udevd[6586]: seq 13519 queued, 'remove' 'block'
systemd-udevd[9865]: seq 13514 processed
systemd-udevd[9865]: seq 13515 running
systemd-udevd[9865]: GROUP 6 /usr/lib/udev/rules.d/50-udev-default.rules:59
systemd-udevd[9865]: IMPORT builtin 'blkid' /usr/lib/udev/rules.d/60-persistent-storage.rules:95
systemd-udevd[9865]: IMPORT builtin 'blkid' fails: No such file or directory
systemd-udevd[9865]: loop4: Failed to add device '/dev/loop4' to watch: No such file or directory
(the last line is at error level).
If we are too slow to set up a watch and the device is already gone by the time
we try, this is not an error.
Rebooting to set change the kernel command line to set some udev parameters is
inconvenient. Let's allow setting more stuff in the config file.
Also drop quotes from around "info" in udev.conf. We need to accept them for
compatibility, but there is no reason to use them.
The current code has multiple issues and it should never be done like
that. If someone updates list of allowed devices we should attach new
program before we remove the old one for two reasons:
1. It takes some time to attach new program so there is a period of time
when all devices are allowed.
2. BPF programs have limit for number of instructions (4096) and if user
adds a lot of devices we might hit the instruction limit and the new
program will not be accepted which will result in allow all devices
because the old program was already removed.
In order to attach the new program before we remove the old one we need
to use BPF_F_ALLOW_MULTI flag every time.
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
It was always set to one third of timeout_usec, so let's simplify things by
calculating it using a helper function right before it is used.
Before 9d9264ba39, udevd.c would avoid setting
timeout_warn_usec to 0, using 1 instead. This wasn't necessary, because when
timeout_warn_usec is finally used in spawn_wait(), it is ignored if
timeout_usec is 0 or timeout_warn_usec is 0. So there was no need to handle
this case specially.
From #10526:
$ sudo systemd-nspawn -i image
Spawning container image on /home/zbyszek/src/mkosi/image.
Press ^] three times within 1s to kill container.
Short read while reading cgroup mode.
This is required for /proc/self/fd/xyz to work, but that's what we need
to convert the O_PATH fd returned by chase_symlinks() back to a regular
file fd. Hence, let's do the joining of the namespaces fully and
correctly, by doing fork()+setns()+fork() with the PID and fs
namespaces.
This makes use of the new namespace_fork() helper we just added.
Fixes: #10549
This helper is useful to ensure pidns/userns joining is properly
executed (as that requires a fork after the setns()). This is
particularly important when it comes to /proc/self/ access or
SCM_CREDENTIALS, but is generally the safer mode of operation.
The previous code did htole64() followed by unaligned_write_be32() (the
XOR and shift in between is endianness agnostic). That means, on every
architeture there is always exactly one byte swap and the iaid is
dependent on endianness.
Since dhcp_identifier_set_iaid() is part of the DUID generation
algorithm, this cannot be fixed without changing the client-id.
In particular, as the client-id already depends on the machine-id (and
is thus inherrently host-specific), it is better to stick to the current
behavior.
However, add a parameter to switch between old and new behaviour.
Since the new behavior is unused, the only real purpose of this
change is to self-document the oddity of the function.
Fixes: 933f9caeeb
Add unit name in StartLimitAction=, FailureAction= and SuccessAction=
emergency_action() reason messages, so that the problematic unit is
easily visible, for example:
"unit dbus.service failed"
The function util_log_priority() is almost same as
log_level_from_string(). The difference between them is only that
util_log_priority() accepts such that '3 hogehoge'.
- Do not allocate NetworkConfigSection when filename == NULL
- set .network element before calling hashmap_put()
- Always free NetworkConfigSection in each object.
The commit dcfbde3a43 changes
sd_device_get_ifindex() returns -ENOENT instead of zero if the device
does not have ifindex.
Let's keep the original behavior of udev_device_get_ifindex().
Fixes#10699.
In a way this is a follow-up for
a2d1fb882c, but adds a similar warning for
PIDFile=.
There's a much stronger case for doing this kind of notification in
tmpfiles.d (since it helps relating lines to each other for the purpose
of merging them). Doing this for PIDFile= is mostly about being
systematic and copying tmpfiles.d/ behaviour here.
While we are at it, let's also support relative filenames in PIDFile=
now, and prefix them with /run, to make them absolute.
Fixes: #10657
Rename rdrand64 to rdrand, and switch from uint64_t to unsigned long.
This produces code that will compile/assemble on both x86-64 and x86-32.
This could be useful when running a 32-bit copy of systemd on a modern
Intel processor.
RDRAND is inherently arch-specific, so relying on the compiler-defined
'long' type seems reasonable.
This is useful for debugging client-side ref counting of units: for each
ref taken on a unit the client's sender name is listed. If a client has
multiple refs on the same unit it is listed multiple times.
When a machine scope is registered by machined, let's add a reference to
it, and change the GC mode so that the unit is cleaned up as soon as
machined drops the reference, regardless of the fail state.
Fixes: #2809
We have the machine name anyway, let's use TerminateMachine() on
machined's Manager object directly with it. That way it's a single
method call only, instead of two, to terminate the machine.
This adds a new pair of API calls sd_bus_set_close_on_exit() and
sd_bus_get_close_on_exit(). They control whether an sd_bus object
attached to a an sd-event loop shall automatically be flushed/closed
when the event loop goes down. Usually that's a good thing, except for
very few cases where the bus connection is longer living than the event
loop it is attached on. Specifically, this is the case for nspawn, where
we run the event loop only while the container is up, but afterwards
still want to be able to use the bus connection.
This is the same as Abandon() on the Scope object, but saves clients
from first translating a unit name into a unit object path. This logic
matches how all the other unit methods have counterparts on the Manager
object too (e.g. StopUnit() on the Manager object matching Stop() on the
Unit object), this one was simply forgotten so far.