Re: [systemd-devel] [PATCH 1/5] calendar: semesterly alias for semi-annually
I am still not convinced that semesterly is really a good addition. See previous comments about that: I am a bit conservative about that. Semester has a very academic touch to it, and at least in germany the semester usually starts in october, not in january. I'd rather stay away from this word hence, since at least to me it appears to suggest something different than *-1,7-1... And we do have semi-annually already that covers this nicely. I know, you're a bit conservative. This is why anually is still there for backward compatibility, although is wrong. But IMHO the semesterly alias is a reasonable word that sound like the other cases with -ly at the end. And a semester also exists outside of the University. It's your decision. We can also survive without this (useful) alias :) ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [gummiboot][RFC] Add trusted boot (tboot) support to gummiboot
On Mon, 2014-11-10 at 14:20 +0500, Alexander E. Patrakov wrote: 10.11.2014 14:10, Minchev, Todor wrote: Hello guys, I have been working on adding trusted boot (tboot) support to gummiboot and since this requires quite a bit of new code to be added to the gummiboot code base I wanted to send it out for review and comments. This is the new functionality that these patches add to the gummiboot master branch: - trusted boot support via the tboot module and Intel's Trusted Execution Technology (TXT) - partial multiboot2 support for passing data to the trusted boot module - booting non efi_stub kernels via tboot - no impact on the existing gummiboot functionality I have not looked at the code, but looked at the list of commit messages. In particular: gummiboot: load the loadable segments of the ELF binary and jump to its entry point address As far as I understand, this goes against the design goals of gummiboot of being a simple wrapper that is able to execute EFI binaries and only them. Would it be feasible to convert tboot into an EFI binary instead, and measure/validate it as such, using the API provided by UEFI for that? Yes, this is what I will be looking at next - adding PE/COFF header to tboot so that gummiboot can launch it as an EFI application. BTW, are there any plans to add multiboot2 support to gummiboot in the future? smime.p7s Description: S/MIME cryptographic signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/5] man: reorganization of calendar specs
+ programlisting + minutely → *-*-* *:*:00 +hourly → *-*-* *:00:00 + daily → *-*-* 00:00:00 +weekly → Mon *-*-* 00:00:00 + monthly → *-*-01 00:00:00 + quarterly → *-01,04,07,10-01 00:00:00 +semesterly → *-01,07-01 00:00:00 + semiannually → *-01,07-01 00:00:00 +yearly → *-01-01 00:00:00 + annually → *-01-01 00:00:00 +/programlisting I'd think turning this into a proper docbook table would make a ton of sense! Would love to take a patch for that! These are the existing conventions already used in that file. Do what you seems right :) ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 5/5] calendar: parse months's names
I am totally onboard with allowing a syntax where month names are used, but this really should be translated into the normal chain stuff internally, to avoid a redundant structure in memory! If you already know how to achieve the best solution for this need, lets do it! The use of month names with OnCalendar= could be an useful feature. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] udevadm: Use correct debug logging function
Hello all,
while debugging a curious build failure of umockdev on our ARM
machines [1] I noticed a weird behaviour of udevadm wrt. debug logging
[2].
This patch fixes this (details are in the commit log). Kay, OK to
push?
Thanks,
Martin
[1] https://bugs.debian.org/767909
[2] https://bugs.debian.org/769228
--
Martin Pitt| http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
From f860a812b16e0e2f5e5bf99d59197d25f99f Mon Sep 17 00:00:00 2001
From: Martin Pitt martin.p...@ubuntu.com
Date: Wed, 12 Nov 2014 10:55:28 +0100
Subject: [PATCH] udevadm: Use correct debug logging function
For debugging which command gets called in udevadm we want the udev debug
logging, not the systemd one. Otherwise we get rather unexpected udevadm
debugging output (like calling: info) when booting with debug in the kernel
command line, and conversely UDEV_LOG=debug doesn't enable the udevadm
debugging.
https://bugs.debian.org/769228
---
src/udev/udevadm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/udev/udevadm.c b/src/udev/udevadm.c
index 7026c50..9060abd 100644
--- a/src/udev/udevadm.c
+++ b/src/udev/udevadm.c
@@ -76,7 +76,7 @@ static int adm_help(struct udev *udev, int argc, char *argv[]) {
static int run_command(struct udev *udev, const struct udevadm_cmd *cmd, int argc, char *argv[]) {
if (cmd-debug)
log_set_max_level(LOG_DEBUG);
-log_debug(calling: %s, cmd-name);
+udev_dbg(udev, calling: %s, cmd-name);
return cmd-cmd(udev, argc, argv);
}
--
2.1.3
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH v2 2/2] bootchart: escape non printable process name
---
src/bootchart/svg.c | 10 +++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/bootchart/svg.c b/src/bootchart/svg.c
index faf377e..e5569e1 100644
--- a/src/bootchart/svg.c
+++ b/src/bootchart/svg.c
@@ -39,6 +39,7 @@
#include svg.h
#include bootchart.h
#include list.h
+#include utf8.h
#define time_to_graph(t) ((t) * arg_scale_x)
#define ps_to_graph(n) ((n) * arg_scale_y)
@@ -1006,12 +1007,15 @@ static void svg_ps_bars(void) {
/* pass 2 - ps boxes */
ps = ps_first;
while ((ps = get_next_ps(ps))) {
-_cleanup_free_ char *enc_name = NULL;
+_cleanup_free_ char *enc_name = NULL, *escaped = NULL;
double endtime;
double starttime;
int t;
-enc_name = xml_comment_encode(ps-name);
+if (!utf8_is_printable(ps-name, strlen(ps-name)))
+escaped = utf8_escape_non_printable(ps-name);
+
+enc_name = xml_comment_encode(escaped ? escaped : ps-name);
if (!enc_name)
continue;
@@ -1100,7 +1104,7 @@ static void svg_ps_bars(void) {
svg( text x=\%.03f\ y=\%.03f\![CDATA[%s]] [%i]tspan
class=\run\%.03fs/tspan %s/text\n,
time_to_graph(w - graph_start) + 5.0,
ps_to_graph(j) + 14.0,
-ps-name,
+escaped ? escaped : ps-name,
ps-pid,
(ps-last-runtime - ps-first-runtime) / 10.0,
arg_show_cgroup ? ps-cgroup : );
--
1.9.3
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH v2 1/2] utf8: intruduce utf8_escape_non_printable
---
src/shared/utf8.c| 39 +++
src/shared/utf8.h| 1 +
src/test/test-utf8.c | 25 +
3 files changed, 65 insertions(+)
diff --git a/src/shared/utf8.c b/src/shared/utf8.c
index 8702ceb..0b6c38e 100644
--- a/src/shared/utf8.c
+++ b/src/shared/utf8.c
@@ -212,6 +212,45 @@ char *utf8_escape_invalid(const char *str) {
return p;
}
+char *utf8_escape_non_printable(const char *str) {
+char *p, *s;
+
+assert(str);
+
+p = s = malloc(strlen(str) * 4 + 1);
+if (!p)
+return NULL;
+
+while (*str) {
+int len;
+
+len = utf8_encoded_valid_unichar(str);
+if (len 0) {
+if (utf8_is_printable(str, len)) {
+s = mempcpy(s, str, len);
+str += len;
+} else {
+if ((*str ' ') || (*str = 127)) {
+*(s++) = '\\';
+*(s++) = 'x';
+*(s++) = hexchar((int) *str 4);
+*(s++) = hexchar((int) *str);
+} else
+*(s++) = *str;
+
+str += 1;
+}
+} else {
+s = mempcpy(s, UTF8_REPLACEMENT_CHARACTER,
strlen(UTF8_REPLACEMENT_CHARACTER));
+str += 1;
+}
+}
+
+*s = '\0';
+
+return p;
+}
+
char *ascii_is_valid(const char *str) {
const char *p;
diff --git a/src/shared/utf8.h b/src/shared/utf8.h
index c087995..1fe1a35 100644
--- a/src/shared/utf8.h
+++ b/src/shared/utf8.h
@@ -30,6 +30,7 @@
const char *utf8_is_valid(const char *s) _pure_;
char *ascii_is_valid(const char *s) _pure_;
char *utf8_escape_invalid(const char *s);
+char *utf8_escape_non_printable(const char *str);
bool utf8_is_printable_newline(const char* str, size_t length, bool newline)
_pure_;
_pure_ static inline bool utf8_is_printable(const char* str, size_t length) {
diff --git a/src/test/test-utf8.c b/src/test/test-utf8.c
index b7d988f..6dde63c 100644
--- a/src/test/test-utf8.c
+++ b/src/test/test-utf8.c
@@ -66,12 +66,37 @@ static void test_utf8_escaping(void) {
assert_se(utf8_is_valid(p3));
}
+static void test_utf8_escaping_printable(void) {
+_cleanup_free_ char *p1, *p2, *p3, *p4, *p5;
+
+p1 = utf8_escape_non_printable(goo goo goo);
+puts(p1);
+assert_se(utf8_is_valid(p1));
+
+p2 = utf8_escape_non_printable(\341\204\341\204);
+puts(p2);
+assert_se(utf8_is_valid(p2));
+
+p3 = utf8_escape_non_printable(\341\204);
+puts(p3);
+assert_se(utf8_is_valid(p3));
+
+p4 = utf8_escape_non_printable(ąę\n가너도루\n1234\n\341\204\341\204\n\001
\019\20\a);
+puts(p4);
+assert_se(utf8_is_valid(p4));
+
+p5 = utf8_escape_non_printable(\001 \019\20\a);
+puts(p5);
+assert_se(utf8_is_valid(p5));
+}
+
int main(int argc, char *argv[]) {
test_utf8_is_valid();
test_utf8_is_printable();
test_ascii_is_valid();
test_utf8_encoded_valid_unichar();
test_utf8_escaping();
+test_utf8_escaping_printable();
return 0;
}
--
1.9.3
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Should systemd-logind provide a DM-independent mechanism for handling guest accounts?
2014-11-11 20:56 GMT-02:00 Daniel J Walsh dwa...@redhat.com: The problems would be in having multiple users get access to the machine at the same time. For this you need something that generates a UID on the fly for the user. I would expect a fairly simple pam module could be done for this. One problem with this though would be a user might log in as guest user but endup getting the guest134 user account. This means you would want some kind of sssd interaction, so a user executing id or ls -lZ ~/ Would see all of his files and processes running as guest. This is more or less what LightDM currently does in its built-in guest account support. There's no user 'guest' previously created. Instead, login as guest is a special entry in LightDM. Whenever a user logs in as guest, a new temporary user is added with username 'guest-XX' (with XX replaced with a random character sequence) and GECOS Guest, and a temporary home folder is created. When guest user logs out, this temporary user is deleted along with its home folder. With this implementation, LightDM on-the-fly guest accounts are completely multi-seat compliant. The downside is that normal and guest users need to be treated differently in lightdm.conf. For example, there are distinct options for autologin as normal user and autologin as guest. -- *Laércio de Sousa* *Orientador de Informática* *Escola Municipal Professor Eulálio Gruppi* *Rua Ismael da Silva Mello, 559, Mogi Moderno* *Mogi das Cruzes - SPCEP 08717-390* Telefone: (11) 4726-8313 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] selinux: figure out selinux context applied on exec() before closing all fds
We need original socket_fd around otherwise mac_selinux_get_child_mls_label
fails with -EINVAL return code. Also don't call setexeccon twice but rather pass
context value of SELinuxContext option as an extra argument.
---
src/core/execute.c| 31 ++-
src/shared/selinux-util.c | 8 ++--
src/shared/selinux-util.h | 2 +-
3 files changed, 17 insertions(+), 24 deletions(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index 5cfd4a1..e8ee0e7 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -1236,6 +1236,7 @@ static int exec_child(ExecCommand *command,
int *error) {
_cleanup_strv_free_ char **our_env = NULL, **pam_env = NULL,
**final_env = NULL, **final_argv = NULL;
+_cleanup_free_ char *mac_selinux_context_net = NULL;
const char *username = NULL, *home = NULL, *shell = NULL;
unsigned n_dont_close = 0;
int dont_close[n_fds + 4];
@@ -1582,6 +1583,16 @@ static int exec_child(ExecCommand *command,
}
}
+#ifdef HAVE_SELINUX
+if (params-apply_permissions mac_selinux_use()
params-selinux_context_net socket_fd = 0) {
+err = mac_selinux_get_child_mls_label(socket_fd,
command-path, context-selinux_context, mac_selinux_context_net);
+if (err 0) {
+*error = EXIT_SELINUX_CONTEXT;
+return err;
+}
+}
+#endif
+
/* We repeat the fd closing here, to make sure that
* nothing is leaked from the PAM modules. Note that
* we are more aggressive this time since socket_fd
@@ -1671,24 +1682,10 @@ static int exec_child(ExecCommand *command,
#ifdef HAVE_SELINUX
if (mac_selinux_use()) {
-if (context-selinux_context) {
-err = setexeccon(context-selinux_context);
-if (err 0
!context-selinux_context_ignore) {
-*error = EXIT_SELINUX_CONTEXT;
-return err;
-}
-}
-
-if (params-selinux_context_net socket_fd = 0) {
-_cleanup_free_ char *label = NULL;
-
-err =
mac_selinux_get_child_mls_label(socket_fd, command-path, label);
-if (err 0) {
-*error = EXIT_SELINUX_CONTEXT;
-return err;
-}
+char *exec_context = mac_selinux_context_net ?:
context-selinux_context;
-err = setexeccon(label);
+if (exec_context) {
+err = setexeccon(exec_context);
if (err 0) {
*error = EXIT_SELINUX_CONTEXT;
return err;
diff --git a/src/shared/selinux-util.c b/src/shared/selinux-util.c
index 6bd3bf1..a2233e0 100644
--- a/src/shared/selinux-util.c
+++ b/src/shared/selinux-util.c
@@ -233,7 +233,7 @@ int mac_selinux_get_our_label(char **label) {
return r;
}
-int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, char
**label) {
+int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char
*exec_label, char **label) {
int r = -EOPNOTSUPP;
#ifdef HAVE_SELINUX
@@ -257,11 +257,7 @@ int mac_selinux_get_child_mls_label(int socket_fd, const
char *exe, char **label
if (r 0)
return -errno;
-r = getexeccon(fcon);
-if (r 0)
-return -errno;
-
-if (!fcon) {
+if (!exec_label) {
/* If there is no context set for next exec let's use context
of target executable */
r = getfilecon(exe, fcon);
diff --git a/src/shared/selinux-util.h b/src/shared/selinux-util.h
index 7ff8c60..a694441 100644
--- a/src/shared/selinux-util.h
+++ b/src/shared/selinux-util.h
@@ -36,7 +36,7 @@ int mac_selinux_apply(const char *path, const char *label);
int mac_selinux_get_create_label_from_exe(const char *exe, char **label);
int mac_selinux_get_our_label(char **label);
-int mac_selinux_get_child_mls_label(int socket_fd, const char *exec, char
**label);
+int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char
*exec_label, char **label);
void mac_selinux_free(char *label);
int mac_selinux_create_file_prepare(const char *path, mode_t mode);
--
1.8.3.1
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCHv6] tmpfiles, man: Add xattr support to tmpfiles
10.11.2014 at 23:55 Lennart Poettering lenn...@poettering.net wrote:
On Thu, 30.10.14 12:21, Maciej Wereski (m.were...@partner.samsung.com)
wrote:
+static int get_xattrs_from_arg(Item *i) {
+_cleanup_free_ char *xattr = NULL;
+const char *p;
+int n;
+
+assert(i);
+if (i-type != SET_XATTR)
+return 0;
+
+if (!i-argument) {
+log_error(%s: Argument can't be empty!, i-path);
+return -EBADMSG;
+}
+p = i-argument;
+
+while ((n = unquote_first_word(p, xattr)) 0) {
+if (strv_extend(i-xattrs, xattr) 0)
+return log_oom();
+free(xattr);
+xattr = NULL;
+}
Please use strv_consume() or strv_push() here, to make the additional
copy unnecessary. Also please, generate a parse failure if
unquote_first_workd() fails due to parse errors.
What does it mean parse failure? I'm passing return value of
unquote_first_word(). Should it be something else?
+r = get_xattrs_from_arg(i);
+if (r 0)
+return r;
+
+if (strv_isempty(i-xattrs))
+return 0;
+
+STRV_FOREACH(x, i-xattrs) {
+_cleanup_free_ char *name = NULL, *value = NULL, *tmp
= NULL;
+n = split_pair(*x, =, name, value);
+if (n 0)
+return n;
+tmp = unquote(value, \);
+if (!tmp)
+return log_oom();
+free(value);
+value = cunescape(tmp);
+if (!value)
+return log_oom();
+n = strlen(value);
+if (i-type == CREATE_SYMLINK) {
+if (lsetxattr(path, name, value, n+1, 0) 0) {
+log_error(Setting extended attribute
%s=%s on symlink %s failed: %m, name, value, path);
+return -errno;
+}
+}
+else if (setxattr(path, name, value, n+1, 0) 0) {
+log_error(Setting extended attribute %s=%s on
%s failed: %m, name, value, path);
+return -errno;
+}
The indentation is wrong.
[cut]
Hmm? I'm using systemd .vimrc, so what is wrong with indentation here
precisely?
@@ -894,6 +983,12 @@ static int create_item(Item *i) {
r = glob_item(i, item_set_perms);
if (r 0)
return r;
+
+if (i-xattrs) {
+r = glob_item(i, item_set_xattrs);
+if (r 0)
+return r;
+}
break;
Hmm, ths would mean we resolve the globbing twice. Once for
item_set_perms() and once for item_set_xattr(). I think it would be
better to do this in one call.
I've removed this completely. item_set_perms already calls label_fix,
which calls SMACK function.
regards,
--
Maciej Wereski
Samsung RD Institute Poland
Samsung Electronics
m.were...@partner.samsung.com
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCHv6] tmpfiles, man: Add xattr support to tmpfiles
On Wed, 12.11.14 14:01, Maciej Wereski (m.were...@partner.samsung.com) wrote:
+p = i-argument;
+
+while ((n = unquote_first_word(p, xattr)) 0) {
+if (strv_extend(i-xattrs, xattr) 0)
+return log_oom();
+free(xattr);
+xattr = NULL;
+}
Please use strv_consume() or strv_push() here, to make the additional
copy unnecessary. Also please, generate a parse failure if
unquote_first_workd() fails due to parse errors.
What does it mean parse failure? I'm passing return value of
unquote_first_word(). Should it be something else?
No just the return value, that is all. I missed that you already
handle this. Sorry for the confusion!
+if (i-type == CREATE_SYMLINK) {
+if (lsetxattr(path, name, value, n+1, 0) 0) {
+log_error(Setting extended attribute
%s=%s on symlink %s failed: %m, name, value, path);
+return -errno;
+}
+}
+else if (setxattr(path, name, value, n+1, 0) 0) {
+log_error(Setting extended attribute %s=%s on
%s failed: %m, name, value, path);
+return -errno;
+}
The indentation is wrong.
[cut]
Hmm? I'm using systemd .vimrc, so what is wrong with indentation here
precisely?
this is correct:
if (...) {
} else if (...) {
}
this is not:
if (...) {
}
else if (...) {
}
according to our CODING_STYLE guideliness.
Lennart
--
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd-machined sigterm, cgroups trimmed
On Nov 6, 2014, at 11:24 AM, Lennart Poettering lenn...@poettering.net wrote: Right after the machine was started, but before machined dies, do you see the machine's scope registered in systemctl list-units? Do you see the machine show up in machinectl's output? Hey Lennart, I can see the details about the machine via systemctl list-units and machinectl before systemd-machined exits. Also, even after systemd-machined exits, running machinectl will start it up again. If I keep machinectl running in a loop in tmux every 5-10 seconds, systemd-machined stays up indefinitely. I'll also take a look at Zbigniew's suggestion in the thread about disabling watchdog for systemd-machined temporarily. — Major Hayden ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] units: skip mounting /dev/hugepages if we don't have CAP_SYS_ADMIN
--- units/dev-hugepages.mount | 1 + 1 file changed, 1 insertion(+) diff --git a/units/dev-hugepages.mount b/units/dev-hugepages.mount index d711fae..882adb4 100644 --- a/units/dev-hugepages.mount +++ b/units/dev-hugepages.mount @@ -12,6 +12,7 @@ Documentation=http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems DefaultDependencies=no Before=sysinit.target ConditionPathExists=/sys/kernel/mm/hugepages +ConditionCapability=CAP_SYS_ADMIN [Mount] What=hugetlbfs -- 1.8.3.1 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH v7] tmpfiles, man: Add xattr support to tmpfiles
This patch makes it possible to set extended attributes on files created by tmpfiles. This can be especially used to set SMACK security labels on volatile files and directories. It is done by adding new line of type t. Such line should contain attributes in Argument field, using following format: name=value All other fields are ignored. If value contains spaces, then it must be surrounded by quotation marks. User can also put quotation mark in value by escaping it with backslash. Example: D /var/run/cups - - - - t /var/run/cups - - - - security.SMACK64=printing --- v7: * use strv_consume() instead of strv_extend() * use only lsetxattr() * do not label in 'z' option * style fixes and cleanup v6: * rebase * man fixes * use glibc xattr * use unquote_first_word() instead of own parsing logic v5: * fixes for HAVE_XATTR undefined * use cunescape() instead of strreplace() * cache result of strv_length() * fix typo in manpage v4: * grammar fix in man * style fix v3: * may be used instead of should be used in manpage * use strv_isempty() instead of != NULL * rework item_set_xattrs() with split_pair() * remove copy_item_contents() * use hashmap_replace() instead of removed copy_item_contents() * use strv_extend() instead of strv_append() * cleanup --- man/tmpfiles.d.xml | 32 +-- src/tmpfiles/tmpfiles.c | 145 2 files changed, 159 insertions(+), 18 deletions(-) diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml index 1b14d69..acf87cf 100644 --- a/man/tmpfiles.d.xml +++ b/man/tmpfiles.d.xml @@ -343,6 +343,25 @@ L/tmp/foobar ---- /dev/null/programlisting normal path names./para/listitem /varlistentry + +varlistentry +termvarnamet/varname/term +listitemparaSet extended +attributes on item. It may be +used in conjunction with other +types (only varnamed/varname, +varnameD/varname, varnamef/varname, +varnameF/varname, varnameL/varname, +varnamep/varname, varnamec/varname, +varnameb/varname, varnamez/varname +makes sense). If used as a standalone +line, then commandsystemd-tmpfiles +/command will try to set extended +attributes on specified path. +This can be especially used to set +SMACK labels. +/para/listitem +/varlistentry /variablelist paraIf the exclamation mark is used, this @@ -430,7 +449,7 @@ r! /tmp/.X[0-9]*-lock/programlisting will not be modified. This parameter is ignored for varnamex/varname, varnamer/varname, varnameR/varname, -varnameL/varname lines./para +varnameL/varname, varnamet/varname lines./para paraOptionally, if prefixed with literal~/literal, the access mode is masked @@ -462,8 +481,8 @@ r! /tmp/.X[0-9]*-lock/programlisting ownership will not be modified. These parameters are ignored for varnamex/varname, varnamer/varname, -varnameR/varname, varnameL/varname -lines./para +varnameR/varname, varnameL/varname, +varnamet/varname lines./para /refsect2 refsect2 @@ -527,8 +546,8 @@ r! /tmp/.X[0-9]*-lock/programlisting specify a short string that is written to the file, suffixed by a newline. For varnameC/varname, specifies the source file -or directory. Ignored for all other -lines./para +or directory. For varnamet/varname determines +extended attributes to be set. Ignored for all other lines./para /refsect2 /refsect1 @@ -540,7 +559,8 @@ r! /tmp/.X[0-9]*-lock/programlisting paracommandscreen/command needs two directories created at boot with specific modes and ownership./para programlistingd /run/screens 1777 root root 10d -d
[systemd-devel] [PATCH v3 3/4] unit: add UnitMask enum and get unit scope(mask) api from property
---
Makefile.am | 7 ++
src/shared/.gitignore| 1 +
src/shared/unit-name.c | 22
src/shared/unit-name.h | 26 +
src/shared/unit-property-scope.gperf | 202 +++
5 files changed, 258 insertions(+)
create mode 100644 src/shared/unit-property-scope.gperf
diff --git a/Makefile.am b/Makefile.am
index 0b32639..a221a69 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -819,6 +819,7 @@ libsystemd_shared_la_SOURCES = \
src/shared/cgroup-show.h \
src/shared/unit-name.c \
src/shared/unit-name.h \
+ src/shared/unit-property-scope.c \
src/shared/utmp-wtmp.h \
src/shared/watchdog.c \
src/shared/watchdog.h \
@@ -907,6 +908,12 @@ libsystemd_shared_la_CFLAGS = \
$(SECCOMP_CFLAGS) \
-pthread
+EXTRA_DIST += \
+ src/shared/unit-property-scope.gperf
+
+CLEANFILES += \
+ src/shared/unit-property-scope.c
+
libsystemd_shared_la_LIBADD = \
$(CAP_LIBS)
diff --git a/src/shared/.gitignore b/src/shared/.gitignore
index 61709e8..e7faa23 100644
--- a/src/shared/.gitignore
+++ b/src/shared/.gitignore
@@ -10,3 +10,4 @@
/arphrd-from-name.h
/arphrd-list.txt
/arphrd-to-name.h
+/unit-property-scope.c
diff --git a/src/shared/unit-name.c b/src/shared/unit-name.c
index 2ef8545..e4669dd 100644
--- a/src/shared/unit-name.c
+++ b/src/shared/unit-name.c
@@ -621,3 +621,25 @@ static const char* const
unit_dependency_table[_UNIT_DEPENDENCY_MAX] = {
};
DEFINE_STRING_TABLE_LOOKUP(unit_dependency, UnitDependency);
+
+static UnitMask unit_get_mask_from_property(const char *property) {
+const unit_property_scope_mapping *m;
+
+assert(property);
+
+m = unit_property_scope_mapping_lookup(property, strlen(property));
+if (m)
+return m-scope;
+
+return _UNIT_MASK_MAX;
+
+}
+
+bool unit_can_have_property(UnitType t, const char *property) {
+UnitMask m;
+
+assert(property);
+
+m = unit_get_mask_from_property(property);
+return !!((1ULL t) m);
+}
diff --git a/src/shared/unit-name.h b/src/shared/unit-name.h
index daeb56a..e1d4e27 100644
--- a/src/shared/unit-name.h
+++ b/src/shared/unit-name.h
@@ -28,6 +28,7 @@
#define UNIT_NAME_MAX 256
typedef enum UnitType UnitType;
+typedef enum UnitMask UnitMask;
typedef enum UnitLoadState UnitLoadState;
typedef enum UnitDependency UnitDependency;
@@ -49,6 +50,23 @@ enum UnitType {
_UNIT_TYPE_INVALID = -1
};
+enum UnitMask {
+UNIT_MASK_SERVICE = 1ULL UNIT_SERVICE,
+UNIT_MASK_SOCKET= 1ULL UNIT_SOCKET,
+UNIT_MASK_BUSNAME = 1ULL UNIT_BUSNAME,
+UNIT_MASK_TARGET= 1ULL UNIT_TARGET,
+UNIT_MASK_SNAPSHOT = 1ULL UNIT_SNAPSHOT,
+UNIT_MASK_DEVICE= 1ULL UNIT_DEVICE,
+UNIT_MASK_MOUNT = 1ULL UNIT_MOUNT,
+UNIT_MASK_AUTOMOUNT = 1ULL UNIT_AUTOMOUNT,
+UNIT_MASK_SWAP = 1ULL UNIT_SWAP,
+UNIT_MASK_TIMER = 1ULL UNIT_TIMER,
+UNIT_MASK_PATH = 1ULL UNIT_PATH,
+UNIT_MASK_SLICE = 1ULL UNIT_SLICE,
+UNIT_MASK_SCOPE = 1ULL UNIT_SCOPE,
+_UNIT_MASK_MAX = 1ULL _UNIT_TYPE_MAX,
+};
+
enum UnitLoadState {
UNIT_STUB = 0,
UNIT_LOADED,
@@ -163,3 +181,11 @@ int build_subslice(const char *slice, const char*name,
char **subslice);
const char *unit_dependency_to_string(UnitDependency i) _const_;
UnitDependency unit_dependency_from_string(const char *s) _pure_;
+
+struct unit_property_scope_mapping {
+const char* property;
+UnitMask scope;
+};
+typedef struct unit_property_scope_mapping unit_property_scope_mapping;
+const unit_property_scope_mapping* unit_property_scope_mapping_lookup
(register const char *str, register unsigned int len);
+bool unit_can_have_property(UnitType t, const char *property);
diff --git a/src/shared/unit-property-scope.gperf
b/src/shared/unit-property-scope.gperf
new file mode 100644
index 000..bbcfcba
--- /dev/null
+++ b/src/shared/unit-property-scope.gperf
@@ -0,0 +1,202 @@
+%{
+#include unit-name.h
+#include bus-util.h
+%}
+unit_property_scope_mapping;
+%null_strings
+%language=ANSI-C
+%define slot-name property
+%define hash-function-name bus_property_scope_mapping_hash
+%define lookup-function-name unit_property_scope_mapping_lookup
+%readonly-tables
+%omit-struct-type
+%struct-type
+%includes
+%%
+Description,
UNIT_MASK_SERVICE|UNIT_MASK_SOCKET|UNIT_MASK_DEVICE|UNIT_MASK_MOUNT|UNIT_MASK_AUTOMOUNT|UNIT_MASK_SWAP|UNIT_MASK_TARGET|UNIT_MASK_PATH|UNIT_MASK_TIMER|UNIT_MASK_SNAPSHOT|UNIT_MASK_SLICE|UNIT_MASK_SCOPE
+Documentation,
[systemd-devel] [PATCH v3 1/4] bus: StartTransientUnit can have aux unit
---
src/core/dbus-manager.c | 123 +---
1 file changed, 105 insertions(+), 18 deletions(-)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index c54abd3..bba4b27 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -615,6 +615,93 @@ static int method_set_unit_properties(sd_bus *bus,
sd_bus_message *message, void
return bus_unit_method_set_properties(bus, message, u, error);
}
+static int transient_unit_from_message(
+Manager *m,
+sd_bus_message *message,
+const char *name,
+Unit **unit,
+sd_bus_error *error) {
+
+Unit *u;
+int r;
+
+assert(m);
+assert(message);
+assert(name);
+
+r = manager_load_unit(m, name, NULL, error, u);
+if (r 0)
+return r;
+
+if (u-load_state != UNIT_NOT_FOUND ||
+set_size(u-dependencies[UNIT_REFERENCED_BY]) 0)
+return sd_bus_error_setf(error,
+ BUS_ERROR_UNIT_EXISTS,
+ Unit %s already exists.,
+ name);
+
+/* OK, the unit failed to load and is unreferenced, now let's
+ * fill in the transient data instead */
+r = unit_make_transient(u);
+if (r 0)
+return r;
+
+/* Set our properties */
+r = bus_unit_set_properties(u, message, UNIT_RUNTIME, false, error);
+if (r 0)
+return r;
+
+*unit = u;
+
+return 0;
+}
+
+static int try_aux_units_in_message(
+Manager *m,
+sd_bus_message *message,
+sd_bus_error *error) {
+
+Unit *u;
+char *name = NULL;
+int r;
+
+assert(m);
+assert(message);
+
+r = sd_bus_message_enter_container(message, 'a', (sa(sv)));
+if (r 0)
+return r;
+
+while ((r = sd_bus_message_enter_container(message, 'r', sa(sv)))
0) {
+if (r = 0)
+return r;
+
+r = sd_bus_message_read(message, s, name);
+if (r 0)
+return r;
+
+r = transient_unit_from_message(m, message, name, u, error);
+if (r 0 r != -EEXIST)
+return r;
+
+r = sd_bus_message_exit_container(message);
+if (r 0)
+return r;
+
+r = unit_load(u);
+if (r 0)
+return r;
+}
+if (r 0)
+return r;
+
+r = sd_bus_message_exit_container(message);
+if (r 0)
+return r;
+
+return 0;
+}
+
static int method_start_transient_unit(sd_bus *bus, sd_bus_message *message,
void *userdata, sd_bus_error *error) {
const char *name, *smode;
Manager *m = userdata;
@@ -631,7 +718,9 @@ static int method_start_transient_unit(sd_bus *bus,
sd_bus_message *message, voi
if (r 0)
return r;
if (r == 0)
-return 1; /* No authorization for now, but the async polkit
stuff will call us again when it has it */
+/* No authorization for now, but the async polkit
+ * stuff will call us again when it has it */
+return 1;
r = sd_bus_message_read(message, ss, name, smode);
if (r 0)
@@ -639,34 +728,32 @@ static int method_start_transient_unit(sd_bus *bus,
sd_bus_message *message, voi
t = unit_name_to_type(name);
if (t 0)
-return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
Invalid unit type.);
+return sd_bus_error_setf(error,
+ SD_BUS_ERROR_INVALID_ARGS,
+ Invalid unit type.);
if (!unit_vtable[t]-can_transient)
-return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
Unit type %s does not support transient units., unit_type_to_string(t));
-
-mode = job_mode_from_string(smode);
-if (mode 0)
-return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS,
Job mode %s is invalid., smode);
+return sd_bus_error_setf(error,
+ SD_BUS_ERROR_INVALID_ARGS,
+ Unit type %s does not support
transient units.,
+ unit_type_to_string(t));
r = mac_selinux_access_check(message, start, error);
if (r 0)
return r;
-r = manager_load_unit(m, name, NULL, error, u);
-if (r 0)
-return r;
-
-if (u-load_state != UNIT_NOT_FOUND ||
set_size(u-dependencies[UNIT_REFERENCED_BY]) 0)
-
[systemd-devel] [PATCH v3 2/4] timer: timer can be a transient unit
---
src/core/dbus-timer.c | 159 ++
src/core/dbus-timer.h | 3 +
src/core/timer.c | 4 ++
3 files changed, 166 insertions(+)
diff --git a/src/core/dbus-timer.c b/src/core/dbus-timer.c
index f1f8c54..e916f5a 100644
--- a/src/core/dbus-timer.c
+++ b/src/core/dbus-timer.c
@@ -24,6 +24,8 @@
#include dbus-unit.h
#include dbus-timer.h
#include bus-util.h
+#include errno-list.h
+#include strv.h
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, timer_result,
TimerResult);
@@ -183,3 +185,160 @@ const sd_bus_vtable bus_timer_vtable[] = {
SD_BUS_PROPERTY(WakeSystem, b, bus_property_get_bool,
offsetof(Timer, wake_system), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_VTABLE_END
};
+
+static int bus_timer_set_transient_property(
+Timer *t,
+const char *name,
+sd_bus_message *message,
+UnitSetPropertiesMode mode,
+sd_bus_error *error) {
+
+const char *str;
+int r;
+
+assert(t);
+assert(name);
+assert(message);
+
+if (STR_IN_SET(name,
+ OnActiveSec,
+ OnBootSec,
+ OnStartupSec,
+ OnUnitActiveSec,
+ OnUnitInactiveSec)) {
+
+TimerValue *v;
+TimerBase b = _TIMER_BASE_INVALID;
+usec_t u = 0;
+
+b = timer_base_from_string(name);
+if (b 0)
+return 0;
+
+r = sd_bus_message_read(message, t, u);
+if (r 0)
+return r;
+
+if (mode != UNIT_CHECK) {
+unit_write_drop_in_private_format(UNIT(t),
+ mode,
+ name,
+ %s=%lu\n,
+ name,
+ u);
+
+v = new0(TimerValue, 1);
+if (!v)
+return -ENOMEM;
+
+v-base = b;
+v-value = u;
+
+LIST_PREPEND(value, t-values, v);
+}
+
+return 1;
+
+} else if (streq(name, OnCalendar)) {
+
+TimerValue *v;
+CalendarSpec *c = NULL;
+
+r = sd_bus_message_read(message, s, str);
+if (r 0)
+return r;
+
+if (mode != UNIT_CHECK) {
+r = calendar_spec_from_string(str, c);
+if (r 0)
+return r;
+
+unit_write_drop_in_private_format(UNIT(t),
+ mode,
+ name,
+ %s=%s\n,
+ name,
+ str);
+
+v = new0(TimerValue, 1);
+if (!v) {
+if (c)
+calendar_spec_free(c);
+return -ENOMEM;
+}
+
+v-base = TIMER_CALENDAR;
+v-calendar_spec = c;
+
+LIST_PREPEND(value, t-values, v);
+}
+
+return 1;
+
+} else if (streq(name, AccuracySec)) {
+
+usec_t u = 0;
+
+r = sd_bus_message_read(message, t, u);
+if (r 0)
+return r;
+
+if (mode != UNIT_CHECK) {
+t-accuracy_usec = u;
+unit_write_drop_in_private_format(UNIT(t),
+ mode,
+ name,
+ %s=%lu\n,
+ name,
+ u);
+}
+
+return 1;
+
+} else if (streq(name, WakeSystem)) {
+
+int b;
+
+r = sd_bus_message_read(message, b, b);
+if (r 0)
+return r;
+
+if (mode != UNIT_CHECK) {
+t-wake_system = b;
+unit_write_drop_in_private_format(UNIT(t),
+ mode,
+ name,
+
[systemd-devel] [PATCH v3 4/4] run: introduce timer support option
Supported timer options --on-active=, --on-boot=, --on-startup=,
--on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options
corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=,
OnUnitActiveSec=, OnUnitInactiveSec= of timer respectively.
---
man/systemd-run.xml | 42 +++
src/libsystemd/sd-bus/bus-util.c | 14 +-
src/run/run.c| 634 +++
3 files changed, 571 insertions(+), 119 deletions(-)
diff --git a/man/systemd-run.xml b/man/systemd-run.xml
index c92c324..c9d5c46 100644
--- a/man/systemd-run.xml
+++ b/man/systemd-run.xml
@@ -210,6 +210,37 @@ along with systemd; If not, see
http://www.gnu.org/licenses/.
xi:include href=user-system-options.xml xpointer=host /
xi:include href=user-system-options.xml xpointer=machine /
+ varlistentry
+termoption--on-active=/option/term
+termoption--on-boot=/option/term
+termoption--on-startup=/option/term
+termoption--on-unit-active=/option/term
+termoption--on-unit-inactive=/option/term
+
+listitemparaDefines monotonic timers relative to different
+starting points. Also see varnameOnActiveSec=/varname,
+varnameOnBootSec=/varname,
+varnameOnStartupSec=/varname,
+varnameOnUnitActiveSec=/varname and
+varnameOnUnitInactiveSec=/varname in
+
citerefentryrefentrytitlesystemd.timer/refentrytitlemanvolnum5/manvolnum/citerefentry.
This
+option has no effect in conjunction with
+option--scope/option./para
+/listitem
+ /varlistentry
+
+ varlistentry
+termoption--on-calendar=/option/term
+
+listitemparaDefines realtime (i.e. wallclock) timers with
+calendar event expressions. Also see
+varnameOnCalendar=/varname in
+
citerefentryrefentrytitlesystemd.timer/refentrytitlemanvolnum5/manvolnum/citerefentry.
This
+option has no effect in conjunction with
+option--scope/option./para
+/listitem
+ /varlistentry
+
xi:include href=standard-options.xml xpointer=help /
xi:include href=standard-options.xml xpointer=version /
/variablelist
@@ -250,6 +281,16 @@ Sep 08 07:37:21 bupkis env[19948]:
BOOT_IMAGE=/vmlinuz-3.11.0-0.rc5.git6.2.fc20.
property./para
programlisting# systemd-run -p BlockIOWeight=10 updatedb/programlisting
+
+paraThe following command will touch a file after 10 seconds./para
+
+programlisting# date; systemd-run --on-active=10 touch /tmp/hello
+Mon Oct 27 20:02:57 KST 2014
+Running as unit run-66.timer.
+# journalctl -u run-115.service
+-- Logs begin at Mon 2014-10-27 19:44:57 KST, end at Mon 2014-10-27 20:03:15
KST. --
+Oct 27 20:03:15 container systemd[1]: Starting /bin/touch /tmp/hello...
+Oct 27 20:03:15 container systemd[1]: Started /bin/touch
/tmp/hello./programlisting
/refsect1
refsect1
@@ -263,6 +304,7 @@ Sep 08 07:37:21 bupkis env[19948]:
BOOT_IMAGE=/vmlinuz-3.11.0-0.rc5.git6.2.fc20.
citerefentryrefentrytitlesystemd.slice/refentrytitlemanvolnum5/manvolnum/citerefentry,
citerefentryrefentrytitlesystemd.exec/refentrytitlemanvolnum5/manvolnum/citerefentry,
citerefentryrefentrytitlesystemd.resource-control/refentrytitlemanvolnum5/manvolnum/citerefentry,
+
citerefentryrefentrytitlesystemd.timer/refentrytitlemanvolnum5/manvolnum/citerefentry,
citerefentryrefentrytitlemachinectl/refentrytitlemanvolnum1/manvolnum/citerefentry
/para
/refsect1
diff --git a/src/libsystemd/sd-bus/bus-util.c b/src/libsystemd/sd-bus/bus-util.c
index 5345526..f4cef5e 100644
--- a/src/libsystemd/sd-bus/bus-util.c
+++ b/src/libsystemd/sd-bus/bus-util.c
@@ -1374,7 +1374,8 @@ int bus_append_unit_property_assignment(sd_bus_message
*m, const char *assignmen
if (STR_IN_SET(field,
CPUAccounting, MemoryAccounting,
BlockIOAccounting,
- SendSIGHUP, SendSIGKILL)) {
+ SendSIGHUP, SendSIGKILL,
+ WakeSystem)) {
r = parse_boolean(eq);
if (r 0) {
@@ -1535,6 +1536,17 @@ int bus_append_unit_property_assignment(sd_bus_message
*m, const char *assignmen
r = sd_bus_message_append(m, v, i, sig);
+} else if (streq(field, AccuracySec)) {
+usec_t u;
+
+r = parse_sec(eq, u);
+if (r 0) {
+log_error(Failed to parse %s value %s, field, eq);
+return -EINVAL;
+}
+
+r = sd_bus_message_append(m, v, t, u);
+
} else {
log_error(Unknown assignment %s., assignment);
return -EINVAL;
diff --git a/src/run/run.c b/src/run/run.c
index e3b6293..12b5280 100644
--- a/src/run/run.c
+++ b/src/run/run.c
@@ -30,6 +30,7 @@
#include env-util.h
#include path-util.h
#include bus-error.h
+#include calendarspec.h
static
Re: [systemd-devel] [gummiboot][RFC] Add trusted boot (tboot) support to gummiboot
On Wed, Nov 12, 2014 at 10:30 AM, Minchev, Todor todor.minc...@intel.com wrote: On Mon, 2014-11-10 at 14:20 +0500, Alexander E. Patrakov wrote: 10.11.2014 14:10, Minchev, Todor wrote: Hello guys, I have been working on adding trusted boot (tboot) support to gummiboot and since this requires quite a bit of new code to be added to the gummiboot code base I wanted to send it out for review and comments. May I ask what the use case for this is? Are there any plans to deploy such a gummiboot in future products? This is the new functionality that these patches add to the gummiboot master branch: - trusted boot support via the tboot module and Intel's Trusted Execution Technology (TXT) - partial multiboot2 support for passing data to the trusted boot module - booting non efi_stub kernels via tboot - no impact on the existing gummiboot functionality I have not looked at the code, but looked at the list of commit messages. In particular: gummiboot: load the loadable segments of the ELF binary and jump to its entry point address As far as I understand, this goes against the design goals of gummiboot of being a simple wrapper that is able to execute EFI binaries and only them. Would it be feasible to convert tboot into an EFI binary instead, and measure/validate it as such, using the API provided by UEFI for that? Yes, this is what I will be looking at next - adding PE/COFF header to tboot so that gummiboot can launch it as an EFI application. BTW, are there any plans to add multiboot2 support to gummiboot in the future? There are no such plans so far. What actual problem would multiboot2 support solve and where would it be actively used? Kay ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd-service for each user
On 11/11/2014 08:35 PM, Mantas Mikulėnas wrote: Anyway, there is no command to scan each user. To start multiple units at once, make the target want all of them individually: mailserver.target.wants/fetchmail@user1.service, and so on. That is inconvenient for 5 and really annoying if you've got 1000 users. I, too, miss a well-defined feature in systemd that allows to start some per-user-service without requiring individual configuration files for each single named user. Regards, Lutz Vieweg ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] udevadm: Use correct debug logging function
On Wed, Nov 12, 2014 at 10:59 AM, Martin Pitt martin.p...@ubuntu.com wrote: Hello all, while debugging a curious build failure of umockdev on our ARM machines [1] I noticed a weird behaviour of udevadm wrt. debug logging [2]. This patch fixes this (details are in the commit log). Kay, OK to push? No, all systemd tools do that, and it is expected behavior to follow the kernel cmdline. The udev_dbg() is for libudev only and should not be used in any other tools. Kay ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd-service for each user
On Wed, Nov 12, 2014 at 7:13 PM, Lutz Vieweg l...@5t9.de wrote: On 11/11/2014 08:35 PM, Mantas Mikulėnas wrote: Anyway, there is no command to scan each user. To start multiple units at once, make the target want all of them individually: mailserver.target.wants/fetchmail@user1.service, and so on. That is inconvenient for 5 and really annoying if you've got 1000 users. I, too, miss a well-defined feature in systemd that allows to start some per-user-service without requiring individual configuration files for each single named user. Normally those would be stored in /etc/systemd/user and handled by each user's own `systemd --user` instance, so that they could be managed without root privileges, etc. -- Mantas Mikulėnas graw...@gmail.com ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] job_type_lookup_merge assertion failure in systemd
Forgot to explain my setup a bit: Arch Linux, x86_64, systemd 217 On Wed, Nov 12, 2014 at 9:57 AM, Steven Noonan ste...@uplinklabs.net wrote: Hi all, I've been seeing this happen every now and then on a couple machines. When I wake up in the morning and go to log in, I find X11 stopped, and when I try to log in to the VT it hangs when trying to create a session. I am forced to reset the box and then dig through logs on the next boot. This is the cause: Nov 12 08:01:01 dispater crond[12331]: pam_unix(crond:session): session opened for user root by (uid=0) Nov 12 08:01:01 dispater CROND[12332]: (root) CMD (run-parts /etc/cron.hourly) Nov 12 08:01:01 dispater CROND[12331]: pam_unix(crond:session): session closed for user root Nov 12 08:03:37 dispater dhcpcd[1075]: br0: fe80::2472:37ff:fea0:49d2 is unreachable, expiring it Nov 12 08:05:03 dispater dhcpcd[1075]: br0: Router Advertisement from fe80::9844:a4ff:fe69:acd5 Nov 12 08:05:03 dispater dhcpcd[1075]: br0: adding address 2002:6898:6b85:beef:6a05:caff:fe0a:6ec2/64 Nov 12 08:05:03 dispater systemd[1]: Cannot add dependency job for unit cups.socket, ignoring: Unit cups.socket failed to load: No such file or directory. Nov 12 08:05:03 dispater systemd[1]: Stopping Name Service Cache Daemon... Nov 12 08:05:03 dispater systemd[1]: Assertion 'a = 0 a _JOB_TYPE_MAX_MERGING' failed at src/core/job.c:314, function job_type_lookup_merge(). Aborting. Nov 12 08:05:03 dispater systemd[1]: Caught ABRT, dumped core as pid 12419. Nov 12 08:05:03 dispater systemd[1]: Freezing execution. Nov 12 08:05:03 dispater systemd-coredump[12420]: Process 12419 (systemd) of user 0 dumped core. Nov 12 08:05:08 dispater acpid[554]: client 608[0:0] has disconnected Nov 12 08:05:08 dispater acpid[554]: client connected from 653[82:82] Nov 12 08:05:08 dispater acpid[554]: 1 client rule loaded I get an IPv6 router advertisement, then dhcpcd (which is spawned by Arch's netctl for the connection) appears to trigger an nscd restart somehow, although I can't find a hook responsible for doing that. When the nscd restart is attempted, an assertion failure is hit in systemd. systemd-coredump did pick up on it, but I'm not certain how useful the dump actually is. Most of the variable contents are optimized out, the best we can get cleanly seems to just be the stack trace, which is this: (gdb) bt #0 0x7f1fa89260c9 in raise () from /usr/lib/libpthread.so.0 #1 0x7f1fa9a5b3c8 in crash.lto_priv.222 (sig=6) at src/core/main.c:168 #2 signal handler called #3 0x7f1fa85a6967 in raise () from /usr/lib/libc.so.6 #4 0x7f1fa85a7d3a in abort () from /usr/lib/libc.so.6 #5 0x7f1fa9a90012 in log_assert_failed (text=text@entry=0x7f1fa9aa78b8 a = 0 a _JOB_TYPE_MAX_MERGING, file=file@entry=0x7f1fa9a9a212 src/core/job.c, line=line@entry=314, func=func@entry=0x7f1fa9ab8370 __PRETTY_FUNCTION__.15000 job_type_lookup_merge) at src/shared/log.c:718 #6 0x7f1fa99e943f in job_type_lookup_merge (a=optimized out, b=optimized out) at src/core/job.c:314 #7 0x7f1fa9a330a5 in job_type_is_superset () at src/core/job.h:198 #8 transaction_is_destructive (e=optimized out, mode=optimized out, tr=optimized out) at src/core/transaction.c:516 #9 transaction_activate (e=optimized out, mode=optimized out, m=optimized out, tr=optimized out) at src/core/transaction.c:722 #10 manager_add_job (m=0x7f1fab518380, type=_JOB_TYPE_MAX_MERGING, unit=0x6, mode=_JOB_MODE_INVALID, override=false, e=0x7f1fa9b07180 buffer, _ret=0x7fff46a422b0) at src/core/manager.c:1224 #11 0x7f1fa9a1bbc5 in bus_unit_queue_job (bus=0x7f1fab5f9090, message=0x7f1fab66dd20, u=0x7f1fab5b5820, type=_JOB_TYPE_MAX_IN_TRANSACTION, mode=JOB_FAIL, reload_if_possible=128, error=0x7fff46a42440) at src/core/dbus-unit.c:777 #12 0x7f1fa9a1bfe6 in bus_unit_method_start_generic (bus=0x7f1fab5f9090, message=0x7f1fab66dd20, u=0x7f1fab5b5820, job_type=_JOB_TYPE_MAX_IN_TRANSACTION, reload_if_possible=reload_if_possible@entry=false, error=0x7fff46a42440) at src/core/dbus-unit.c:383 #13 0x7f1fa9a756c6 in method_start_unit_generic (bus=0x7f1fab5f9090, message=0x7f1fab66dd20, m=0x7f1fab518380, job_type=_JOB_TYPE_MAX_IN_TRANSACTION, reload_if_possible=optimized out, error=0x7fff46a42440) at src/core/dbus-manager.c:478 #14 0x7f1fa9a6b3ee in method_callbacks_run (found_object=optimized out, require_fallback=optimized out, c=optimized out, m=optimized out, bus=optimized out) at src/libsystemd/sd-bus/bus-objects.c:400 #15 object_find_and_run.lto_priv.239 (bus=0x7f1fab5f9090, m=0x7f1fab66dd20, p=0x6 error: Cannot access memory at address 0x6, require_fallback=false, found_object=0x7fff46a425b0) at src/libsystemd/sd-bus/bus-objects.c:1224 #16 0x7f1fa9a85ace in bus_process_object (m=optimized out, bus=0x7f1fab5f9090) at src/libsystemd/sd-bus/bus-objects.c:1340 #17 process_message (m=optimized out, bus=0x7f1fab5f9090) at
Re: [systemd-devel] job_type_lookup_merge assertion failure in systemd
On 11/12/2014 07:00 PM, Steven Noonan wrote: What's the best way to approach debugging this issue? Should I do a debug build to get a better core dump and wait for this to happen again? Looks like a regression or dupe of [1] not sure why this bug has not been reopen since there is a recent comment there. Add your info and coredump there 1. https://bugs.freedesktop.org/show_bug.cgi?format=multipleid=67427 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] job_type_lookup_merge assertion failure in systemd
On Wed, Nov 12, 2014 at 11:22 AM, Jóhann B. Guðmundsson johan...@gmail.com wrote: On 11/12/2014 07:00 PM, Steven Noonan wrote: What's the best way to approach debugging this issue? Should I do a debug build to get a better core dump and wait for this to happen again? Looks like a regression or dupe of [1] not sure why this bug has not been reopen since there is a recent comment there. Add your info and coredump there Thanks, I've done so. I'd like to understand in general how one debugs issues like this with systemd. Given that it's /sbin/init, it's not easy to just attach a debugger to it and poke around. Do people operate primarily on core dumps of -O0 -g builds or something? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 1/2] keymap: Add support for IBM ThinkPad X41 Tablet
Scancode taken from: http://www.thinkwiki.org/wiki/Tablet_Hardware_Buttons#Linux_Support William Jon McCann provided the DMI match. IBM seems to have swapped the version and model of the system: Manufacturer: IBM Product Name: 18666TU Version: ThinkPad X41 Tablet --- hwdb/60-keyboard.hwdb | 7 +++ 1 file changed, 7 insertions(+) diff --git a/hwdb/60-keyboard.hwdb b/hwdb/60-keyboard.hwdb index d2ca965..56a4009 100644 --- a/hwdb/60-keyboard.hwdb +++ b/hwdb/60-keyboard.hwdb @@ -594,6 +594,13 @@ keyboard:dmi:bvn*:bvr*:bd*:svnLENOVO*:pnThinkPad*X6*:pvr* KEYBOARD_KEY_6f=down # down on d-pad KEYBOARD_KEY_69=enter # enter on d-pad +# ThinkPad X41 Tablet +keyboard:dmi:bvn*:bvr*:bd*:svnIBM*:pn18666TU:pvr* + KEYBOARD_KEY_6c=direction # rotate + KEYBOARD_KEY_68=f13# toolbox + KEYBOARD_KEY_6b=esc# escape + KEYBOARD_KEY_69=enter # enter on d-pad + # IdeaPad keyboard:name:Ideapad extra buttons:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn* KEYBOARD_KEY_42=f23 -- 2.1.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 2/2] keymap: Fix special keys on ThinkPad X60/X61 Tablet
KEY_DIRECTION is mapped to XF86RotateWindows, to rotate the display: http://cgit.freedesktop.org/xkeyboard-config/commit/symbols/inet?id=ec875f6f9b7c4028e11d32b071989c682e6502bd And F13 is mapped to XF86Tools, which is closest to the original toolbox usage: http://cgit.freedesktop.org/xkeyboard-config/tree/symbols/inet?id=7a2c4bed212ebbcc05f3c959aef659ce7dd31fd8#n221 --- hwdb/60-keyboard.hwdb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hwdb/60-keyboard.hwdb b/hwdb/60-keyboard.hwdb index 56a4009..533ad5b 100644 --- a/hwdb/60-keyboard.hwdb +++ b/hwdb/60-keyboard.hwdb @@ -585,8 +585,8 @@ keyboard:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*:pvrThinkPad*X2*Tablet* # ThinkPad X6 Tablet keyboard:dmi:bvn*:bvr*:bd*:svnLENOVO*:pnThinkPad*X6*:pvr* - KEYBOARD_KEY_6c=f21# rotate - KEYBOARD_KEY_68=screenlock # screenlock + KEYBOARD_KEY_6c=direction # rotate + KEYBOARD_KEY_68=f13# toolbox KEYBOARD_KEY_6b=esc# escape KEYBOARD_KEY_6d=right # right on d-pad KEYBOARD_KEY_6e=left # left on d-pad -- 2.1.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Detecting inactive sessions
On Tue, 2014-11-11 at 16:46 +0100, Lennart Poettering wrote: On Wed, 29.10.14 15:45, Bastien Nocera (had...@hadess.net) wrote: For a very specific definition of inactive. I'm looking at a way for the iio-sensor-proxy at: https://github.com/hadess/iio-sensor-proxy to suspend reading from accelerometers (or maybe to turn them off), when all the sessions are locked and the screens turned off. This would usually mean that I would enable reading from the sensor if one session is active and stop reading if none are active. Is this correct? Is it up to the session manager (eg. gnome-session) to tell us whether a session is active or not, or do I have this backwards? logind knows when sessions are active and not. Note that access control to such devices should really not be per-session, but per-user. Meaning that a user should get access to the device as long as he has at least one session active. That said, I am not sure I really grok what iio-sensor-proxy is doing, and whether doing it involving both uinput and uevents is really such a great idea. I am tempted to say that we should probably add support for the orientation sensors to logind, and abstract them away in logind so that only simple high-level rotation change events are sent out. Which is already what the code in the iio-sensor-proxy tries to do. iio-sensor-proxy's code means that we can have an accelerometer device showing up in udev, with the orientation updated only when the orientation of the device changes in a major way. I am pretty sure that orientation is something pretty much all desktop environments really want to know about, and as logind is really a system service these days that only exists for the purpose of making writing of desktop environments easy I think adding the orientation stuff to logind wouldn't be too far off. And I figure we need it for the userspace console too in one way or another... Orientation is pretty much a property of a seat anyway, and I figure it should be exposed as one, too. It's not a seat property. It's a property of the display itself. If you connected a tablet to a TV and rotated the tablet, you're not rotating the TV as well. Also, we really should figure out a logic where the desktop subscribes to orientation changes and we only in that case even do the IIO access, rather than pushing the IIO events up the stack even when nobody is listening. Which is what my original request was all about. I am willing to take a patch for this, but then again, as I own a Yoga I might look into this myself too one day. I need to figure out how to make the IIO code not suck first though. Cheers ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] VLAN's not coming up systemd-networkd.service loaded failed + systemd-networkd seg fault
Hi, I am trying configure VLAN sub interfaces with networkd. When the machine boots the physical interface never seems to come UP. Thus all the sub interface VLAN's also do not get activated. I also notice systemd-networkd seg faults during boot, example message : [7.036581] systemd-network[677]: segfault at 255 ip 7f88955634c9 sp 7fffb34fd8b0 error 4 in systemd-networkd[7f8895559000+86000] [7.093289] systemd-network[682]: segfault at 255 ip 7f3cd632e4c9 sp 7fff25936ed0 error 4 in systemd-networkd[7f3cd6324000+86000] If I then manually bring up my physical interface the VLAN sub interfaces get created. I am not sure what I am doing wrong and what is causing systemd-networkd to seg fault. My configs are as follows : :: :: 20-physical-int1.network :: [Match] MACAddress=XX:XX:XX:XX:XX:XX [Network] VLAN=PI-vlan.8 VLAN=PI-vlan.76 VLAN=PI-vlan.86 VLAN=PI-vlan.243 :: 30-PI-vlan-8.netdev :: [NetDev] Name=PI-vlan.8 Kind=vlan [VLAN] Id=8 :: 31-PI-vlan-76.netdev :: [NetDev] Name=PI-vlan.76 Kind=vlan [VLAN] Id=76 :: 32-PI-vlan-86.netdev :: [NetDev] Name=PI-vlan.86 Kind=vlan [VLAN] Id=86 :: 33-PI-vlan-243.netdev :: [NetDev] Name=PI-vlan.243 Kind=vlan [VLAN] Id=243 :: 40-PI-vlan-8.network :: [Match] Name=PI-vlan.8 [Network] Address=xxx.xxx.xxx.xxx/24 [Route] Gateway=xxx.xxx.xxx.xxx :: 41-PI-vlan-76.network :: [Match] Name=PI-vlan.76 [Network] Address=xxx.xxx.xxx.xxx/24 [Route] Gateway=xxx.xxx.xxx.xxx :: 42-PI-vlan-86.network :: [Match] Name=PI-vlan.86 [Network] Address=xxx.xxx.xxx.xxx/24 [Route] Gateway=xxx.xxx.xxx.xxx :: 43-PI-vlan-.243.network :: [Match] Name=PI-vlan.243 [Network] Address=xxx.xxx.xxx.xxx/24 [Route] Gateway=xxx.xxx.xxx.xxx :: :: If you need more info I am happy to try provide it. Thank you, (and thanks for systemd!) ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] job_type_lookup_merge assertion failure in systemd
On Wed, Nov 12, 2014 at 1:55 PM, Steven Noonan ste...@uplinklabs.net wrote: On Wed, Nov 12, 2014 at 11:22 AM, Jóhann B. Guðmundsson johan...@gmail.com wrote: On 11/12/2014 07:00 PM, Steven Noonan wrote: What's the best way to approach debugging this issue? Should I do a debug build to get a better core dump and wait for this to happen again? Looks like a regression or dupe of [1] not sure why this bug has not been reopen since there is a recent comment there. Add your info and coredump there Thanks, I've done so. I'd like to understand in general how one debugs issues like this with systemd. Given that it's /sbin/init, it's not easy to just attach a debugger to it and poke around. Do people operate primarily on core dumps of -O0 -g builds or something? Well I've worked out some of the logic that leads to this assertion failure: https://bugs.freedesktop.org/show_bug.cgi?id=67427#c21 I also attached a patch. It does stop the reproducible systemd assertion failure as intended, but I'm not sure I'm doing this change in the right place. The comments around JOB_NOP's declaration suggest that since it's not a mergeable job, it's special-cased in a few places. Perhaps this is just one of those places where special-casing was missed? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
