Making use of the fd storage capability of the previous commit, allow
restarting journald by serilizing stream state to /run, and pushing open
fds to PID 1.
With this change it is possible to send file descriptors to PID 1, via
sd_pid_notify_with_fds() which PID 1 will store individually for each
service, and pass via the usual fd passing logic on next invocation.
This is useful for enable daemon reload schemes where daemons serialize
their state to /run, push their fds into PID 1 and terminate, restoring
their state on next start from the data in /run and passed in from PID
1.
The fds are kept by PID 1 as long as no POLLHUP or POLLERR is seen on
them, and the service they belong to are either not dead or failed, or
have a job queued.
When systemd starts a service, it first opened /run/systemd/journal/stdout
socket, and only later switched to the right user.group (if they are
specified). Later on, journald looked at the credentials, and saw
root.root, because credentials are stored at the time the socket is
opened. As a result, all messages passed over _TRANSPORT=stdout were
logged with _UID=0, _GID=0.
Drop real uid and gid temporarily to fix the issue.
Let's unify the code that counts the running jobs a bit, in order to
make sure we are less likely to miss one.
This is related to this bug:
https://bugs.freedesktop.org/show_bug.cgi?id=87349
However, it probably won't fix it fully, and I cannot reproduce the issue.
The change also adds an explicit assert change when the counter is off.
Commit 003dffde2c ("machined: Move image discovery logic into src/shared,
so that we can make use of it from nspawn") moved some definitions from
machine.h to a new machine-dbus.h, but did not include it in Makefile.am
Tested that `make distcheck` works after this fix.
Catch up with latest changes in kdbus.ko:
* Signals can be sent as unicast now, hence they need to be marked as
such with the KDBUS_MSG_SIGNAL in the message flags.
* Follow ioctl number change for KDBUS_CMD_FREE
When setting up a namespace, mount flags like noexec, nosuid and
nodev are cleared, so the mounts always have exec, suid and dev
flags enabled.
Copy source directory mount flags to target mount when remounting
the bind mounts.
We always should use the same checks when deciding whether swap support
and mounting of devices is supported. Hence, let's make
fstab-generator's logic more similar to the usual logic we follow:
a) Look for /proc/swaps and no container support before activating
swaps.
b) Look for /sys being writable befire supporting device mounts.
Regression introduced by ed757c0cb0
Mirror the implementation of columns(), since the fd_columns()
functions returns a negative integer for errors.
Also fix columns() to return the unsigned variable instead of the
signed intermediary (they're the same, but better to be explicit).
Since the file headers might be replaced by zeroed pages now due to
sigbus we should make sure we don't end up dividing by zero because we
don't check values read from journal file headers for changes.
This makes them robust regarding truncation. Ideally, we'd export this
as an API, but given how messy SIGBUS handling is, and the uncertain
ownership logic of signal handlers we should not do this (unless libc
one day invents a scheme how to sanely install SIGBUS handlers for
specific memory areas only). However, for now we can still make all our
own tools robust.
Note that external tools will only have read-access to the journal
anyway, where SIGBUS is much more unlikely, given that only writes are
subject to disk full problems.
Even though we use fallocate() it appears that file systems like btrfs
will trigger SIGBUS on certain low-disk-space situation. We should
handle that, hence catch the signal, add it to a list of invalidated
pages, and replace the page with an empty memory area. After each write
check if SIGBUS was triggered, and consider the write invalid if it was.
This should make journald a lot more robust with file systems where
fallocate() is not reliable, for example all CoW file systems
(btrfs...), where changing written data can fail with disk full errors.
https://bugzilla.redhat.com/show_bug.cgi?id=1045810
Reporter says he incorrectly measured the data but the device is not available
anymore to correct it. We'll have to wait for someone else to submit the data.
https://bugs.freedesktop.org/show_bug.cgi?id=87343
-n is only allowed for root. /etc/mtab is nowadays almost always a link to /proc/,
so in practice this does not really matter too much, but should allow .mount units
to work in --user mode.
https://bugs.freedesktop.org/show_bug.cgi?id=87602
Those values are based on a file we read from disk, so we should
verify everything we receive, and make sure everything we print
is sensible.
Also, print fractional seconds for TTL.
systemd.pc contains "libdir" which can be architecture specific. Thus it needs
to be installed into libdir/pkgconfig/ instead of datadir/pkgconfig.
As nothing else is using pkgconfigdata any more, remove it entirely.
Note that udev.pc does not contain architecture specific values and thus can be
kept in /usr/share/pkgconfig/.
Lennart Poettering