[systemd-devel] systemctl show environment quoting
Hi, I stumbled on this: $ systemctl cat cron-crontab-pi-0 | grep Environment Environment=A=a a MAILTO=system-c...@mailinator.com B=b b C=c c $ systemctl show cron-crontab-pi-0 -p Environment Environment=A=a a MAILTO=system-c...@mailinator.com B=b b C=c c - the quotes are gone. Is this done by design, or a bug in systemctl show ? My simple parser could be abused if someone hid a MAILTO= inside an other env variable. https://github.com/systemd-cron/systemd-cron/blob/master/src/bin/mail_on_failure Here this won't hurt, but this may causes security problems elsewhere. Alexandre Detiste ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] tmpfiles: only change device permissions if mknod succeeded
Tom Gundersen t...@jklm.no writes: On Mon, Oct 27, 2014 at 4:53 PM, Tom Gundersen t...@jklm.no wrote: On Mon, Oct 27, 2014 at 4:48 PM, Lennart Poettering mzerq...@0pointer.de wrote: On Sat, 25.10.14 01:36, Tom Gundersen (t...@jklm.no) wrote: On Mon, Oct 20, 2014 at 9:32 PM, Lennart Poettering lenn...@poettering.net wrote: On Tue, 14.10.14 16:19, Jan Synacek (jsyna...@redhat.com) wrote: https://bugzilla.redhat.com/show_bug.cgi?id=1147248 Hmm, so far tmpfiles always adjust access modes, for all types of lines, if that's possible. I think this makes sense. The bug referenced above seems to suggest though that the access mode of the /dev/fuse file node is specified differently in two places though. This sounds like something to fix first? Well, the /run/tmpfiles.d/kmod.conf one is what the kernel exposes, and then the udev rules overrides this. We could surely fix this case, but in general I think we should expect that these may differ. To me it seems that we should not create devices nodes at all, except in systemd-tmpfiles-setup-dev.service, the reason being that udev rules are only applied to static nodes at udev startup, so any device nodes created (or changed) after that may end up with the wrong permissions (as seen here). Hmm, so does this mean that the kmod tmpfiles converter really should suffixits lines with the exclamation mark? That way, only invocation of tmpfiles with --boot would honour those files, which are the ones we start at boot. Does that make sense? Yes, indeed, this is precisely what we want. I had missed that feature. I'll do a patch. And done: http://permalink.gmane.org/gmane.linux.kernel.modules/1402. Jan, does this look like it solves the original problem? Cheers, Tom On my current rawhide (updated today, systemd-216-11.fc22.x86_64), with kmod patched using the patch you've provided, /dev/fuse is not created, not even on boot. However, invoking systemd-tmpfiles.d --create --boot correctly creates the node. # cat /run/tmpfiles.d/kmod.conf c! /dev/fuse 0600 - - - 10:229 c! /dev/btrfs-control 0600 - - - 10:234 c! /dev/loop-control 0600 - - - 10:237 d /dev/net 0755 - - - c! /dev/net/tun 0600 - - - 10:200 c! /dev/ppp 0600 - - - 108:0 c! /dev/uinput 0600 - - - 10:223 c! /dev/uhid 0600 - - - 10:239 d /dev/vfio 0755 - - - c! /dev/vfio/vfio 0600 - - - 10:196 c! /dev/vhci 0600 - - - 10:137 c! /dev/vhost-net 0600 - - - 10:238 d /dev/snd 0755 - - - c! /dev/snd/timer 0600 - - - 116:33 d /dev/snd 0755 - - - c! /dev/snd/seq 0600 - - - 116:1 Is that how it should work? Cheers, -- Jan Synacek Software Engineer, Red Hat signature.asc Description: PGP signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] tmpfiles: only change device permissions if mknod succeeded
On Wed, Oct 29, 2014 at 10:37 AM, Jan Synacek jsyna...@redhat.com wrote: Tom Gundersen t...@jklm.no writes: On Mon, Oct 27, 2014 at 4:53 PM, Tom Gundersen t...@jklm.no wrote: On Mon, Oct 27, 2014 at 4:48 PM, Lennart Poettering mzerq...@0pointer.de wrote: On Sat, 25.10.14 01:36, Tom Gundersen (t...@jklm.no) wrote: On Mon, Oct 20, 2014 at 9:32 PM, Lennart Poettering lenn...@poettering.net wrote: On Tue, 14.10.14 16:19, Jan Synacek (jsyna...@redhat.com) wrote: https://bugzilla.redhat.com/show_bug.cgi?id=1147248 Hmm, so far tmpfiles always adjust access modes, for all types of lines, if that's possible. I think this makes sense. The bug referenced above seems to suggest though that the access mode of the /dev/fuse file node is specified differently in two places though. This sounds like something to fix first? Well, the /run/tmpfiles.d/kmod.conf one is what the kernel exposes, and then the udev rules overrides this. We could surely fix this case, but in general I think we should expect that these may differ. To me it seems that we should not create devices nodes at all, except in systemd-tmpfiles-setup-dev.service, the reason being that udev rules are only applied to static nodes at udev startup, so any device nodes created (or changed) after that may end up with the wrong permissions (as seen here). Hmm, so does this mean that the kmod tmpfiles converter really should suffixits lines with the exclamation mark? That way, only invocation of tmpfiles with --boot would honour those files, which are the ones we start at boot. Does that make sense? Yes, indeed, this is precisely what we want. I had missed that feature. I'll do a patch. And done: http://permalink.gmane.org/gmane.linux.kernel.modules/1402. Jan, does this look like it solves the original problem? Cheers, Tom On my current rawhide (updated today, systemd-216-11.fc22.x86_64), with kmod patched using the patch you've provided, /dev/fuse is not created, not even on boot. However, invoking systemd-tmpfiles.d --create --boot correctly creates the node. # cat /run/tmpfiles.d/kmod.conf c! /dev/fuse 0600 - - - 10:229 c! /dev/btrfs-control 0600 - - - 10:234 c! /dev/loop-control 0600 - - - 10:237 d /dev/net 0755 - - - c! /dev/net/tun 0600 - - - 10:200 c! /dev/ppp 0600 - - - 108:0 c! /dev/uinput 0600 - - - 10:223 c! /dev/uhid 0600 - - - 10:239 d /dev/vfio 0755 - - - c! /dev/vfio/vfio 0600 - - - 10:196 c! /dev/vhci 0600 - - - 10:137 c! /dev/vhost-net 0600 - - - 10:238 d /dev/snd 0755 - - - c! /dev/snd/timer 0600 - - - 116:33 d /dev/snd 0755 - - - c! /dev/snd/seq 0600 - - - 116:1 Is that how it should work? Yes, you also need systemd v217, as that adds the --boot argument to systemd-tmpfiles-setup-dev.service. Cheers, Tom ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] man: explain journalctl --flush correctly
--- NEWS | 4 man/journalctl.xml | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/NEWS b/NEWS index 82a1948..d8770a0 100644 --- a/NEWS +++ b/NEWS @@ -7,6 +7,10 @@ CHANGES WITH 217: show log timestamps in the UTC timezone. journalctl now also accepts -n/--lines=all to disable line capping in a pager. +* journalctl gained a new switch, --flush, that flushes + logs from /run/log/journal to /var/log/journal if + persistent storage is enabled. + * Services can notify the manager before they start a reload (by sending RELOADING=1) or shutdown (by sending STOPPING=1). This allows the manager to track and show the diff --git a/man/journalctl.xml b/man/journalctl.xml index db2a1e1..0ed3ca3 100644 --- a/man/journalctl.xml +++ b/man/journalctl.xml @@ -883,9 +883,9 @@ listitemparaAsks the Journal daemon to flush any log data stored in -filename/run/systemd/log/filename +filename/run/log/journal/filename into -filename/var/systemd/log/filename, +filename/var/log/journal/filename, if persistent storage is enabled. This call does not return until the operation is -- 2.1.1 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] swap: rework discard
Lennart Poettering lenn...@poettering.net writes: On Tue, 28.10.14 13:14, Lennart Poettering (lenn...@poettering.net) wrote: On Thu, 23.10.14 16:39, Lennart Poettering (lenn...@poettering.net) wrote: Heya, Hmm, I think the generator should already treat the option fields the same way as I want it to work in the long run, i.e. just read it from fstab and write it 1:1 into the unit's Options= string. I am hacking up a patch for this now, since I really want to get the new release out of the door soon. OK, landed that patch now. Didn't test it much though. Please test! Lennart Works well on my system. Thanks again! -- Jan Synacek Software Engineer, Red Hat signature.asc Description: PGP signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 1/2] Introduce CONF_DIRS_NULSTR helper to define standard conf dirs
Several different systemd tools define a nulstr containing a standard
series of configuration file directories, in /etc, /run, /usr/local/lib,
/usr/lib, and (#ifdef HAVE_SPLIT_USR) /lib. Factor that logic out into
a new helper macro, CONF_DIRS_NULSTR.
---
Realized when defining the Nth instance of this for logind.conf.d that
it really ought to have a common definition.
src/binfmt/binfmt.c | 10 +-
src/modules-load/modules-load.c | 10 +-
src/shared/macro.h | 15 +++
src/sysctl/sysctl.c | 10 +-
src/sysusers/sysusers.c | 10 +-
src/tmpfiles/tmpfiles.c | 10 +-
6 files changed, 20 insertions(+), 45 deletions(-)
diff --git a/src/binfmt/binfmt.c b/src/binfmt/binfmt.c
index c1c1522..0a15faf 100644
--- a/src/binfmt/binfmt.c
+++ b/src/binfmt/binfmt.c
@@ -36,15 +36,7 @@
#include fileio.h
#include build.h
-static const char conf_file_dirs[] =
-/etc/binfmt.d\0
-/run/binfmt.d\0
-/usr/local/lib/binfmt.d\0
-/usr/lib/binfmt.d\0
-#ifdef HAVE_SPLIT_USR
-/lib/binfmt.d\0
-#endif
-;
+static const char conf_file_dirs[] = CONF_DIRS_NULSTR(binfmt);
static int delete_rule(const char *rule) {
_cleanup_free_ char *x = NULL, *fn = NULL;
diff --git a/src/modules-load/modules-load.c b/src/modules-load/modules-load.c
index c77b092..84ae337 100644
--- a/src/modules-load/modules-load.c
+++ b/src/modules-load/modules-load.c
@@ -38,15 +38,7 @@
static char **arg_proc_cmdline_modules = NULL;
-static const char conf_file_dirs[] =
-/etc/modules-load.d\0
-/run/modules-load.d\0
-/usr/local/lib/modules-load.d\0
-/usr/lib/modules-load.d\0
-#ifdef HAVE_SPLIT_USR
-/lib/modules-load.d\0
-#endif
-;
+static const char conf_file_dirs[] = CONF_DIRS_NULSTR(modules-load);
static void systemd_kmod_log(void *data, int priority, const char *file, int
line,
const char *fn, const char *format, va_list args)
{
diff --git a/src/shared/macro.h b/src/shared/macro.h
index 9ee332c..6d4712c 100644
--- a/src/shared/macro.h
+++ b/src/shared/macro.h
@@ -384,6 +384,21 @@ do {
\
_found; \
})
+/* Return a nulstr for a standard cascade of configuration directories,
+ * suitable to pass to conf_files_list_nulstr or config_parse_many. */
+#define CONF_DIRS_NULSTR(n) \
+/etc/ n .d\0 \
+/run/ n .d\0 \
+/usr/local/lib/ n .d\0 \
+/usr/lib/ n .d\0 \
+CONF_DIR_SPLIT_USR(n)
+
+#ifdef HAVE_SPLIT_USR
+#define CONF_DIR_SPLIT_USR(n) /lib/ n .d\0
+#else
+#define CONF_DIR_SPLIT_USR(n)
+#endif
+
/* Define C11 thread_local attribute even on older gcc compiler
* version */
#ifndef thread_local
diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c
index 809e59b..edebe50 100644
--- a/src/sysctl/sysctl.c
+++ b/src/sysctl/sysctl.c
@@ -38,15 +38,7 @@
static char **arg_prefixes = NULL;
-static const char conf_file_dirs[] =
-/etc/sysctl.d\0
-/run/sysctl.d\0
-/usr/local/lib/sysctl.d\0
-/usr/lib/sysctl.d\0
-#ifdef HAVE_SPLIT_USR
-/lib/sysctl.d\0
-#endif
-;
+static const char conf_file_dirs[] = CONF_DIRS_NULSTR(sysctl);
static char* normalize_sysctl(char *s) {
char *n;
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index 9b9be96..df585c1 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -67,15 +67,7 @@ typedef struct Item {
static char *arg_root = NULL;
-static const char conf_file_dirs[] =
-/etc/sysusers.d\0
-/run/sysusers.d\0
-/usr/local/lib/sysusers.d\0
-/usr/lib/sysusers.d\0
-#ifdef HAVE_SPLIT_USR
-/lib/sysusers.d\0
-#endif
-;
+static const char conf_file_dirs[] = CONF_DIRS_NULSTR(sysusers);
static Hashmap *users = NULL, *groups = NULL;
static Hashmap *todo_uids = NULL, *todo_gids = NULL;
diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c
index 1e4675f..23fd6ca 100644
--- a/src/tmpfiles/tmpfiles.c
+++ b/src/tmpfiles/tmpfiles.c
@@ -117,15 +117,7 @@ static char **arg_include_prefixes = NULL;
static char **arg_exclude_prefixes = NULL;
static char *arg_root = NULL;
-static const char conf_file_dirs[] =
-/etc/tmpfiles.d\0
-/run/tmpfiles.d\0
-/usr/local/lib/tmpfiles.d\0
-/usr/lib/tmpfiles.d\0
-#ifdef HAVE_SPLIT_USR
-/lib/tmpfiles.d\0
-#endif
-;
+static const char conf_file_dirs[] = CONF_DIRS_NULSTR(tmpfiles);
#define MAX_DEPTH 256
--
2.1.1
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 2/2] logind: Support logind.conf.d directories in the usual search paths
This makes it possible to drop in logind configuration snippets from a
package or other configuration management mechanism.
Add documentation to the header of /etc/logind.conf pointing the user at
/etc/logind.conf.d/*.conf.
Introduce a new helper, conf_parse_many, to parse configuration files in
a search path.
---
Revised to keep /etc/systemd/logind.conf around, and to prefer the
entire series of conf.d directories over /etc/systemd/logind.conf, as
suggested by Lennart at
http://lists.freedesktop.org/archives/systemd-devel/2014-October/024122.html
If this approach looks sensible, I'll send further patches for various
other tools with configuration files, such as journald and timesyncd;
however, I wanted to establish the pattern and the common helper
function first. With the config_parse_many helper, further changes like
this should only require a one-line change to the actual tools, plus
documentation.
man/logind.conf.xml | 29 ++---
src/login/logind.c | 9 +
src/login/logind.conf| 3 +++
src/shared/conf-parser.c | 32
src/shared/conf-parser.h | 8
5 files changed, 74 insertions(+), 7 deletions(-)
diff --git a/man/logind.conf.xml b/man/logind.conf.xml
index d245bf4..70ca837 100644
--- a/man/logind.conf.xml
+++ b/man/logind.conf.xml
@@ -44,18 +44,41 @@
refnamediv
refnamelogind.conf/refname
-refpurposeLogin manager configuration file/refpurpose
+refpurposeLogin manager configuration files/refpurpose
/refnamediv
refsynopsisdiv
parafilename/etc/systemd/logind.conf/filename/para
+
parafilename/etc/systemd/logind.conf.d/*.conf/filename/para
+
parafilename/run/systemd/logind.conf.d/*.conf/filename/para
+
parafilename/usr/lib/systemd/logind.conf.d/*.conf/filename/para
/refsynopsisdiv
refsect1
titleDescription/title
-paraThis file configures various parameters of the systemd
login manager,
citerefentryrefentrytitlesystemd-logind.service/refentrytitlemanvolnum8/manvolnum/citerefentry./para
-
+paraThese files configure various parameters of the systemd
login manager,
citerefentryrefentrytitlesystemd-logind.service/refentrytitlemanvolnum8/manvolnum/citerefentry./para
+
+paraEach configuration file shall be named in the style of
+filenamereplaceablefilename/replaceable.conf/filename.
+Files in filename/etc//filename override files with the
+same name in filename/usr/lib//filename and
+filename/run//filename. Files in
+filename/run//filename override files with the same name in
+filename/usr/lib//filename. Packages should install their
+configuration files in filename/usr/lib//filename. Files in
+filename/etc//filename are reserved for the local
+administrator, who may use this logic to override the
+configuration files installed by vendor packages. All
+configuration files are sorted by their filename in
+lexicographic order, regardless of which of the directories
+they reside in. If multiple files specify the same option, the
+entry in the file with the lexicographically latest name will
+be applied; entries in any filenamelogind.conf.d/filename
+file override entries in
+filename/etc/systemd/logind.conf/filename. It is
+recommended to prefix all filenames with a two-digit number and
+a dash, to simplify the ordering of the files./para
/refsect1
refsect1
diff --git a/src/login/logind.c b/src/login/logind.c
index 8f00c46..69b219d 100644
--- a/src/login/logind.c
+++ b/src/login/logind.c
@@ -1171,10 +1171,11 @@ int manager_run(Manager *m) {
static int manager_parse_config_file(Manager *m) {
assert(m);
-return config_parse(NULL, /etc/systemd/logind.conf, NULL,
-Login\0,
-config_item_perf_lookup, logind_gperf_lookup,
-false, false, true, m);
+return config_parse_many(/etc/systemd/logind.conf,
+ CONF_DIRS_NULSTR(systemd/logind.conf),
+ Login\0,
+ config_item_perf_lookup, logind_gperf_lookup,
+ false, m);
}
int main(int argc, char *argv[]) {
diff --git a/src/login/logind.conf b/src/login/logind.conf
index 4608a2c..6b1943a 100644
--- a/src/login/logind.conf
+++ b/src/login/logind.conf
@@ -5,6 +5,9 @@
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
+# You can override the
Re: [systemd-devel] systemctl show environment quoting
On Wed, Oct 29, 2014 at 09:40:19AM +0100, Alexandre Detiste wrote: Hi, I stumbled on this: $ systemctl cat cron-crontab-pi-0 | grep Environment Environment=A=a a MAILTO=system-c...@mailinator.com B=b b C=c c $ systemctl show cron-crontab-pi-0 -p Environment Environment=A=a a MAILTO=system-c...@mailinator.com B=b b C=c c - the quotes are gone. Is this done by design, or a bug in systemctl show ? Yep, a bug. The same code is used in various places, so probably not only there. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH v2] Bootchart: allow parse LABEL, UUID, PARTUUID for svg info
Why then developers use cmdline before?
Maybe cmdline allow determine disk when bootchart working from or in initrd?
2014-10-28 15:37 GMT+03:00 Zbigniew Jędrzejewski-Szmek zbys...@in.waw.pl:
On Tue, Oct 28, 2014 at 07:56:32AM +0300, Timofey Titovets wrote:
Good time of day, list.
I try to fix Fixme in svg.c:
/* FIXME: this works only in the simple case */
By default function try to get only root=/dev/*
I also attach patch. Thanks.
v2:
Rewrited with use fstab_node_to_udev_node() and
canonicalize_file_name() functions.
There's infrastracture to do this properly: see
parse_proc_cmdline_item, e.g. in cryptsetup-generator.c.
Nevertheless, I'm wondering if this couldn't be done better by checking
what is mounted on /. Seems that it would work in more cases.
Zbyszek
From 4d14e78977df92e010ea488f97acd6a5e8e30e97 Mon Sep 17 00:00:00 2001
From: Timofey Titovets nefelim...@gmail.com
Date: Tue, 28 Oct 2014 07:42:26 +0300
Subject: [PATCH] Bootchart: allow parse LABEL, UUID, PARTUUID for svg info
---
src/bootchart/svg.c | 24
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/src/bootchart/svg.c b/src/bootchart/svg.c
index faf377e..81d3da9 100644
--- a/src/bootchart/svg.c
+++ b/src/bootchart/svg.c
@@ -151,6 +151,24 @@ static void svg_header(void) {
svg(]]\n /style\n/defs\n\n);
}
+static void get_root_disk(const char *cmdline, char *rootbdev) {
+char *ptr = strstr(cmdline, root=);
+
+if (!ptr)
+return;
+
+ptr = ptr[5];
+ptr = strtok(ptr, );
+
+if (ptr[0] != '/') {
+ptr = fstab_node_to_udev_node(ptr);
+ptr = canonicalize_file_name(ptr);
+}
+
+strncpy(rootbdev, ptr[5], 3);
+rootbdev[3] = '\0';
+}
+
static void svg_title(const char *build) {
char cmdline[256] = ;
char filename[PATH_MAX];
@@ -175,11 +193,9 @@ static void svg_title(const char *build) {
}
/* extract root fs so we can find disk model name in sysfs */
-/* FIXME: this works only in the simple case */
-c = strstr(cmdline, root=/dev/);
+c = strstr(cmdline, root=);
if (c) {
-strncpy(rootbdev, c[10], 3);
-rootbdev[3] = '\0';
+get_root_disk(cmdline, rootbdev);
sprintf(filename, block/%s/device/model, rootbdev);
fd = openat(sysfd, filename, O_RDONLY);
f = fdopen(fd, r);
--
2.1.2
From 4d14e78977df92e010ea488f97acd6a5e8e30e97 Mon Sep 17 00:00:00 2001
From: Timofey Titovets nefelim...@gmail.com
Date: Tue, 28 Oct 2014 07:42:26 +0300
Subject: [PATCH] Bootchart: allow parse LABEL, UUID, PARTUUID for svg info
---
src/bootchart/svg.c | 24
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/src/bootchart/svg.c b/src/bootchart/svg.c
index faf377e..81d3da9 100644
--- a/src/bootchart/svg.c
+++ b/src/bootchart/svg.c
@@ -151,6 +151,24 @@ static void svg_header(void) {
svg(]]\n /style\n/defs\n\n);
}
+static void get_root_disk(const char *cmdline, char *rootbdev) {
+char *ptr = strstr(cmdline, root=);
+
+if (!ptr)
+return;
+
+ptr = ptr[5];
+ptr = strtok(ptr, );
+
+if (ptr[0] != '/') {
+ptr = fstab_node_to_udev_node(ptr);
+ptr = canonicalize_file_name(ptr);
+}
+
+strncpy(rootbdev, ptr[5], 3);
+rootbdev[3] = '\0';
+}
+
static void svg_title(const char *build) {
char cmdline[256] = ;
char filename[PATH_MAX];
@@ -175,11 +193,9 @@ static void svg_title(const char *build) {
}
/* extract root fs so we can find disk model name in sysfs */
-/* FIXME: this works only in the simple case */
-c = strstr(cmdline, root=/dev/);
+c = strstr(cmdline, root=);
if (c) {
-strncpy(rootbdev, c[10], 3);
-rootbdev[3] = '\0';
+get_root_disk(cmdline, rootbdev);
sprintf(filename, block/%s/device/model, rootbdev);
fd = openat(sysfd, filename, O_RDONLY);
f = fdopen(fd, r);
--
2.1.2
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
Have a nice day,
Timofey.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH v2] Bootchart: allow parse LABEL, UUID, PARTUUID for svg info
On Wed, Oct 29, 2014 at 04:16:22PM +0300, Timofey Titovets wrote: Why then developers use cmdline before? Maybe cmdline allow determine disk when bootchart working from or in initrd? bootchart was merged into systemd after being developed in separate and often does not follow the same conventions. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] systemctl: add edit verb
It helps editing units by either creating a drop-in file, like /etc/systemd/system/my.service.d/override.conf, or by copying the original unit from /usr/lib/systemd/ to /etc/systemd/ if the --full option is specified. It invokes an editor on temporary files related to the unit files and if the editor exited successfully, then it renames the temporary files to their original names (e.g. my.service or override.conf) and daemon-reload is invoked. If the temporary file is empty the modification is canceled. See https://bugzilla.redhat.com/show_bug.cgi?id=906824 --- changes: * --runtime is handled * changes are made atomically by creating temporary files * man page improved * no heap allocation for execlp editor * arg_root is handled properly TODO | 4 +- man/less-variables.xml| 4 +- man/systemctl.xml | 64 +- src/systemctl/systemctl.c | 525 +- 4 files changed, 587 insertions(+), 10 deletions(-) diff --git a/TODO b/TODO index abe89b7..1cbedd4 100644 --- a/TODO +++ b/TODO @@ -84,7 +84,7 @@ Features: * systemctl: if it fails, show log output? -* maybe add systemctl edit that copies unit files from /usr/lib/systemd/system to /etc/systemd/system and invokes vim on them +* systemctl edit: add commented help text to the end, like git commit * maybe introduce AssertXYZ= similar to ConditionXYZ= that causes a unit to fail (instead of skipping it) if some condition is not true... @@ -776,7 +776,7 @@ External: * zsh shell completion: - command verb -TAB should complete options, but currently does not - - systemctl add-wants,add-requires + - systemctl add-wants,add-requires, edit Regularly: diff --git a/man/less-variables.xml b/man/less-variables.xml index 09cbd42..0fb4d7f 100644 --- a/man/less-variables.xml +++ b/man/less-variables.xml @@ -6,7 +6,7 @@ titleEnvironment/title variablelist class='environment-variables' -varlistentry +varlistentry id='pager' termvarname$SYSTEMD_PAGER/varname/term listitemparaPager to use when @@ -17,7 +17,7 @@ option--no-pager/option./para/listitem /varlistentry -varlistentry +varlistentry id='less' termvarname$SYSTEMD_LESS/varname/term listitemparaOverride the default diff --git a/man/systemctl.xml b/man/systemctl.xml index 7cbaa6c..26f5235 100644 --- a/man/systemctl.xml +++ b/man/systemctl.xml @@ -465,7 +465,7 @@ along with systemd; If not, see http://www.gnu.org/licenses/. listitem paraWhen used with commandenable/command, - commanddisable/command, + commanddisable/command, commandedit/command, (and related commands), make changes only temporarily, so that they are lost on the next reboot. This will have the effect that changes are not made in subdirectories of @@ -1150,6 +1150,43 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service filenamedefault.target/filename to the given unit./para /listitem /varlistentry + +varlistentry + termcommandedit replaceableNAME/replaceable.../command/term + + listitem +paraEdit a drop-in snippet or a whole replacement file if +option--full/option is specified, to extend or override the +specified unit./para + +paraDepending on whether option--system/option (the default), +option--user/option, or option--global/option is specified, +this create a drop-in file for each units either for the system, +for the calling user or for all futures logins of all users. Then +the editor (see section Environment below) is invoked on temporary +files which will be saved as their corresponding files if the editor +exited successfully./para + +paraIf option--full/option is specified, this will copy the +original units instead of creating drop-in files./para + +paraIf option--runtime/option is specified, the changes will +be made temporarily in filename/run/filename and they will be +lost on the next reboot./para + +paraIf the temporary file is empty the modification of the related +unit is canceled/para + +paraAfter the units have been edited, the systemd configuration is +reloaded (in a way that is equivalent to commanddaemon-reload/command), +but it does not restart or reload the units./para + +paraNote that this command cannot be used to remotely edit units +and that you cannot temporarily edit units which are in +filename/etc/filename since they take precedence over +
[systemd-devel] [PATCH] remove references of readahead
--- .gitignore | 1 - README | 1 - TODO | 7 --- 3 files changed, 9 deletions(-) diff --git a/.gitignore b/.gitignore index 0b71f09..14f1691 100644 --- a/.gitignore +++ b/.gitignore @@ -101,7 +101,6 @@ /systemd-quotacheck /systemd-random-seed /systemd-rc-local-generator -/systemd-readahead /systemd-remount-api-vfs /systemd-remount-fs /systemd-reply-password diff --git a/README b/README index 99b66a8..1440367 100644 --- a/README +++ b/README @@ -30,7 +30,6 @@ AUTHOR: LICENSE: LGPLv2.1+ for all code -- except sd-readahead.[ch] which is MIT - except src/shared/MurmurHash2.c which is Public Domain - except src/shared/siphash24.c which is CC0 Public Domain - except src/journal/lookup3.c which is Public Domain diff --git a/TODO b/TODO index b07d664..abe89b7 100644 --- a/TODO +++ b/TODO @@ -646,13 +646,6 @@ Features: * and a dbus call to generate target from current state -* readahead: - - drop /.readahead on bigger upgrades with yum - - move readahead files into /var (look for them with .path units?) - - readahead: use BTRFS_IOC_DEFRAG_RANGE instead of BTRFS_IOC_DEFRAG ioctl, with START_IO - - readahead: when bumping /sys readahead variable save mtime and compare later to detect changes - - readahead: make use of EXT4_IOC_MOVE_EXT, as used by http://e4rat.sourceforge.net/ - * GC unreferenced jobs (such as .device jobs) * write blog stories about: -- 2.1.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Possible documentation problems
Lennart Poettering lenn...@poettering.net writes: On Wed, 15.10.14 11:07, Jan Synacek (jsyna...@redhat.com) wrote: Hello, in the documentation for systemd.service, under Type= option, it reads: Behavior of oneshot is similar to simple; however, it is expected that the process has to exit before systemd starts follow-up unit RemainAfterExit= is particularly useful for this type of service. This is the implied default if neither Type= or ExecStart= are specified. I don't think that the part about not specifying ExecStart is correct. If there is no ExecStart in the service file, I get an error. As pointed out by Mantas this limitation has been removed a while back. Also, under Sockets= option: ... Also note that a different service may be activated on incoming traffic than that which inherits the sockets. ... I had to reread that sentence about 10 times to actually get it. I'd say that rewording it would be benefitial. I tried to reword it a bit now in git. Not sure it's a ton more understandable though... Lennart It's a bit better, at least for me, thank you. -- Jan Synacek Software Engineer, Red Hat signature.asc Description: PGP signature ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] sysusers: Unconditional chown on /etc/{passwd, group, shadow, gshadow}? Is it sane?
Simon McVittie wrote on 28/10/14 16:54:
On 28/10/14 16:34, Colin Guthrie wrote:
It seems we have different permissions for /etc/{g}shadow than fedora.
We don't package it as ,root,root but rather 0440,root,shadow.
Who is we? Mageia? FYI, Debian uses 0640 root:shadow for the same files.
Yeah in this case, I meant we=Mageia, but I figured we wouldn't be alone.
We can then run some tools that need direct access as setgid rather than
full blown setuid. I'm not totally convinced of the security benefits
here (and I think actually 0440 is buggy for a setgid tool like chage -
I'd have thought it would need to be 0660 to actually change the age,
but I digress).
In Debian, the policy is that members of group shadow may read the
shadow password files (so that, given a typed-in password, they may
check whether it matches the stored hashed password) but only uid 0 may
write those files. Your file permissions seem consistent with that
policy; your distro is probably relying on setuid-root tools being able
to ignore the lack of read permission because they also get
CAP_DAC_OVERRIDE.
That seems to fit in with what I'm seeing yes.
I'll send a patch in a moment that looks as if it would address this
issue (untested but looks safe enough - could be made a bit more
streamlined if needs be but just left it verbose for now)
Col
--
Colin Guthrie
gmane(at)colin.guthr.ie
http://colin.guthr.ie/
Day Job:
Tribalogic Limited http://www.tribalogic.net/
Open Source:
Mageia Contributor http://www.mageia.org/
PulseAudio Hacker http://www.pulseaudio.org/
Trac Hacker http://trac.edgewall.org/
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] sysusers: Preserve ownership and mode on /etc/passwd and friends
When running sysusers we would clobber file ownership and permissions
on the files /etc/passwd, /etc/group and /etc/[g]shadow.
This simply preserves the ownership and mode if existing files are
found.
---
src/sysusers/sysusers.c | 93 ++---
1 file changed, 73 insertions(+), 20 deletions(-)
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index 9b9be96..1935993 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -358,6 +358,7 @@ static int write_files(void) {
_cleanup_fclose_ FILE *passwd = NULL, *group = NULL, *shadow = NULL,
*gshadow = NULL;
_cleanup_free_ char *passwd_tmp = NULL, *group_tmp = NULL, *shadow_tmp
= NULL, *gshadow_tmp = NULL;
const char *passwd_path = NULL, *group_path = NULL, *shadow_path =
NULL, *gshadow_path = NULL;
+struct stat st;
bool group_changed = false;
Iterator iterator;
Item *i;
@@ -372,15 +373,25 @@ static int write_files(void) {
if (r 0)
goto finish;
-if (fchmod(fileno(group), 0644) 0) {
-r = -errno;
-goto finish;
-}
-
original = fopen(group_path, re);
if (original) {
struct group *gr;
+if (fstat(fileno(original), st) 0) {
+r = -errno;
+goto finish;
+}
+
+if (fchmod(fileno(group), st.st_mode 0) 0) {
+r = -errno;
+goto finish;
+}
+
+if (fchown(fileno(group), st.st_uid, st.st_gid) 0) {
+r = -errno;
+goto finish;
+}
+
errno = 0;
while ((gr = fgetgrent(original))) {
/* Safety checks against name and GID
@@ -418,6 +429,9 @@ static int write_files(void) {
} else if (errno != ENOENT) {
r = -errno;
goto finish;
+} else if (fchmod(fileno(group), 0644) 0) {
+r = -errno;
+goto finish;
}
HASHMAP_FOREACH(i, todo_gids, iterator) {
@@ -449,15 +463,25 @@ static int write_files(void) {
if (r 0)
goto finish;
-if (fchmod(fileno(gshadow), ) 0) {
-r = -errno;
-goto finish;
-}
-
original = fopen(gshadow_path, re);
if (original) {
struct sgrp *sg;
+if (fstat(fileno(original), st) 0) {
+r = -errno;
+goto finish;
+}
+
+if (fchmod(fileno(gshadow), st.st_mode 0) 0) {
+r = -errno;
+goto finish;
+}
+
+if (fchown(fileno(gshadow), st.st_uid, st.st_gid) 0)
{
+r = -errno;
+goto finish;
+}
+
errno = 0;
while ((sg = fgetsgent(original))) {
@@ -483,6 +507,9 @@ static int write_files(void) {
} else if (errno != ENOENT) {
r = -errno;
goto finish;
+} else if (fchmod(fileno(gshadow), ) 0) {
+r = -errno;
+goto finish;
}
HASHMAP_FOREACH(i, todo_gids, iterator) {
@@ -513,15 +540,25 @@ static int write_files(void) {
if (r 0)
goto finish;
-if (fchmod(fileno(passwd), 0644) 0) {
-r = -errno;
-goto finish;
-}
-
original = fopen(passwd_path, re);
if (original) {
struct passwd *pw;
+if (fstat(fileno(original), st) 0) {
+r = -errno;
+goto finish;
+}
+
+if (fchmod(fileno(passwd), st.st_mode 0) 0) {
+r = -errno;
+goto finish;
+}
+
+if (fchown(fileno(passwd), st.st_uid, st.st_gid) 0) {
+r = -errno;
+goto finish;
+}
+
errno = 0;
Re: [systemd-devel] sysusers: Unconditional chown on /etc/{passwd, group, shadow, gshadow}? Is it sane?
Colin Guthrie wrote on 29/10/14 14:19: I'll send a patch in a moment that looks as if it would address this issue (untested but looks safe enough - could be made a bit more streamlined if needs be but just left it verbose for now) And here is another that is more verbose... whichever coding style is considered more correct. Again untested, but looks sane to me... -- Colin Guthrie gmane(at)colin.guthr.ie http://colin.guthr.ie/ Day Job: Tribalogic Limited http://www.tribalogic.net/ Open Source: Mageia Contributor http://www.mageia.org/ PulseAudio Hacker http://www.pulseaudio.org/ Trac Hacker http://trac.edgewall.org/ ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] sysusers: Preserve ownership and mode on /etc/passwd and friends
When running sysusers we would clobber file ownership and permissions
on the files /etc/passwd, /etc/group and /etc/[g]shadow.
This simply preserves the ownership and mode if existing files are
found.
---
src/sysusers/sysusers.c | 61 +
1 file changed, 41 insertions(+), 20 deletions(-)
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index 9b9be96..c133dc5 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -358,6 +358,7 @@ static int write_files(void) {
_cleanup_fclose_ FILE *passwd = NULL, *group = NULL, *shadow = NULL,
*gshadow = NULL;
_cleanup_free_ char *passwd_tmp = NULL, *group_tmp = NULL, *shadow_tmp
= NULL, *gshadow_tmp = NULL;
const char *passwd_path = NULL, *group_path = NULL, *shadow_path =
NULL, *gshadow_path = NULL;
+struct stat st;
bool group_changed = false;
Iterator iterator;
Item *i;
@@ -372,15 +373,17 @@ static int write_files(void) {
if (r 0)
goto finish;
-if (fchmod(fileno(group), 0644) 0) {
-r = -errno;
-goto finish;
-}
-
original = fopen(group_path, re);
if (original) {
struct group *gr;
+if (fstat(fileno(original), st) 0 ||
+fchmod(fileno(group), st.st_mode 0) 0 ||
+fchown(fileno(group), st.st_uid, st.st_gid) 0) {
+r = -errno;
+goto finish;
+}
+
errno = 0;
while ((gr = fgetgrent(original))) {
/* Safety checks against name and GID
@@ -418,6 +421,9 @@ static int write_files(void) {
} else if (errno != ENOENT) {
r = -errno;
goto finish;
+} else if (fchmod(fileno(group), 0644) 0) {
+r = -errno;
+goto finish;
}
HASHMAP_FOREACH(i, todo_gids, iterator) {
@@ -449,15 +455,17 @@ static int write_files(void) {
if (r 0)
goto finish;
-if (fchmod(fileno(gshadow), ) 0) {
-r = -errno;
-goto finish;
-}
-
original = fopen(gshadow_path, re);
if (original) {
struct sgrp *sg;
+if (fstat(fileno(original), st) 0 ||
+fchmod(fileno(gshadow), st.st_mode 0) 0 ||
+fchown(fileno(gshadow), st.st_uid, st.st_gid) 0)
{
+r = -errno;
+goto finish;
+}
+
errno = 0;
while ((sg = fgetsgent(original))) {
@@ -483,6 +491,9 @@ static int write_files(void) {
} else if (errno != ENOENT) {
r = -errno;
goto finish;
+} else if (fchmod(fileno(gshadow), ) 0) {
+r = -errno;
+goto finish;
}
HASHMAP_FOREACH(i, todo_gids, iterator) {
@@ -513,15 +524,17 @@ static int write_files(void) {
if (r 0)
goto finish;
-if (fchmod(fileno(passwd), 0644) 0) {
-r = -errno;
-goto finish;
-}
-
original = fopen(passwd_path, re);
if (original) {
struct passwd *pw;
+if (fstat(fileno(original), st) 0 ||
+fchmod(fileno(passwd), st.st_mode 0) 0 ||
+fchown(fileno(passwd), st.st_uid, st.st_gid) 0) {
+r = -errno;
+goto finish;
+}
+
errno = 0;
while ((pw = fgetpwent(original))) {
@@ -552,6 +565,9 @@ static int write_files(void) {
} else if (errno != ENOENT) {
r = -errno;
goto finish;
+} else if (fchmod(fileno(passwd), 0644) 0) {
+r = -errno;
+goto finish;
}
HASHMAP_FOREACH(i, todo_uids, iterator) {
@@ -596,15 +612,17 @@ static int write_files(void) {
if (r 0)
goto finish;
-if (fchmod(fileno(shadow), ) 0) {
-r = -errno;
-goto finish;
-
[systemd-devel] Detecting inactive sessions
For a very specific definition of inactive. I'm looking at a way for the iio-sensor-proxy at: https://github.com/hadess/iio-sensor-proxy to suspend reading from accelerometers (or maybe to turn them off), when all the sessions are locked and the screens turned off. This would usually mean that I would enable reading from the sensor if one session is active and stop reading if none are active. Is this correct? Is it up to the session manager (eg. gnome-session) to tell us whether a session is active or not, or do I have this backwards? Cheers ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] systemctl: add edit verb
It helps editing units by either creating a drop-in file, like /etc/systemd/system/my.service.d/override.conf, or by copying the original unit from /usr/lib/systemd/ to /etc/systemd/ if the --full option is specified. It invokes an editor on temporary files related to the unit files and if the editor exited successfully, then it renames the temporary files to their original names (e.g. my.service or override.conf) and daemon-reload is invoked. If the temporary file is empty the modification is canceled. See https://bugzilla.redhat.com/show_bug.cgi?id=906824 --- lookup_paths_init does not concatenate root_dir, so I added a path_join with arg_root TODO | 4 +- man/less-variables.xml| 4 +- man/systemctl.xml | 64 +- src/systemctl/systemctl.c | 525 +- 4 files changed, 587 insertions(+), 10 deletions(-) diff --git a/TODO b/TODO index abe89b7..1cbedd4 100644 --- a/TODO +++ b/TODO @@ -84,7 +84,7 @@ Features: * systemctl: if it fails, show log output? -* maybe add systemctl edit that copies unit files from /usr/lib/systemd/system to /etc/systemd/system and invokes vim on them +* systemctl edit: add commented help text to the end, like git commit * maybe introduce AssertXYZ= similar to ConditionXYZ= that causes a unit to fail (instead of skipping it) if some condition is not true... @@ -776,7 +776,7 @@ External: * zsh shell completion: - command verb -TAB should complete options, but currently does not - - systemctl add-wants,add-requires + - systemctl add-wants,add-requires, edit Regularly: diff --git a/man/less-variables.xml b/man/less-variables.xml index 09cbd42..0fb4d7f 100644 --- a/man/less-variables.xml +++ b/man/less-variables.xml @@ -6,7 +6,7 @@ titleEnvironment/title variablelist class='environment-variables' -varlistentry +varlistentry id='pager' termvarname$SYSTEMD_PAGER/varname/term listitemparaPager to use when @@ -17,7 +17,7 @@ option--no-pager/option./para/listitem /varlistentry -varlistentry +varlistentry id='less' termvarname$SYSTEMD_LESS/varname/term listitemparaOverride the default diff --git a/man/systemctl.xml b/man/systemctl.xml index 7cbaa6c..26f5235 100644 --- a/man/systemctl.xml +++ b/man/systemctl.xml @@ -465,7 +465,7 @@ along with systemd; If not, see http://www.gnu.org/licenses/. listitem paraWhen used with commandenable/command, - commanddisable/command, + commanddisable/command, commandedit/command, (and related commands), make changes only temporarily, so that they are lost on the next reboot. This will have the effect that changes are not made in subdirectories of @@ -1150,6 +1150,43 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service filenamedefault.target/filename to the given unit./para /listitem /varlistentry + +varlistentry + termcommandedit replaceableNAME/replaceable.../command/term + + listitem +paraEdit a drop-in snippet or a whole replacement file if +option--full/option is specified, to extend or override the +specified unit./para + +paraDepending on whether option--system/option (the default), +option--user/option, or option--global/option is specified, +this create a drop-in file for each units either for the system, +for the calling user or for all futures logins of all users. Then +the editor (see section Environment below) is invoked on temporary +files which will be saved as their corresponding files if the editor +exited successfully./para + +paraIf option--full/option is specified, this will copy the +original units instead of creating drop-in files./para + +paraIf option--runtime/option is specified, the changes will +be made temporarily in filename/run/filename and they will be +lost on the next reboot./para + +paraIf the temporary file is empty the modification of the related +unit is canceled/para + +paraAfter the units have been edited, the systemd configuration is +reloaded (in a way that is equivalent to commanddaemon-reload/command), +but it does not restart or reload the units./para + +paraNote that this command cannot be used to remotely edit units +and that you cannot temporarily edit units which are in +filename/etc/filename since they take precedence over +filename/run/filename./para + /listitem +/varlistentry /variablelist /refsect2 @@
Re: [systemd-devel] [PATCH] Add timesync-wait tool
On 27.10.2014 15:12, Lennart Poettering wrote:
On Fri, 24.10.14 23:13, Lukasz Stelmach (stl...@poczta.fm) wrote:
On 24.10.2014 00:28, Lennart Poettering wrote:
On Thu, 23.10.14 21:24, Łukasz Stelmach (stl...@poczta.fm) wrote:
+int main(int argc, char *argv[]) {
+struct timex tbuf;
+int r;
+
+memset(tbuf, 0, sizeof(tbuf));
Please initialize this with = {} while declaring, instead of using
memset() here.
+r = adjtimex(tbuf);
+
+while (r != TIME_OK) {
This check looks wrong. Should check for tbuf.status STA_UNSYNC, no?
Also, we already have the ntp_synced() call for doing this.
Indeed. I can replace most of the code here with ntp_synced() leaving an
if with a break and the sleep();
+sleep(1);
+/* Unfortunately there seem to be no other way than
+polling to get this information. */
+memset(tbuf, 0, sizeof(tbuf));
In this case, use zero(), it's nicer, simpler and less error prone.
+r = adjtimex(tbuf);
+}
Implementing this with a sleep loop is really ugly. Can't we at least
calculate the expected sync time from the data returned by adjtimex()?
I don't know how to do it exactly (yet). But my guess is that when the
system starts the information you refer are not good enough to predict
anything?
Hmm, thinking about this some more: is STA_UNSYNC actually really what
we should be looking for?
I can image users who would.
I mean, what is the tool supposed to be
waiting on: that the time is set as accurately as possible (in that
case watching STA_UNSYNC sounds good, plus waiting for
TFD_CANCEL_ON_SET for big jumps and guessing sleep times from
adjtimex()'s return values for smaller jumps)?
There is no point in guessing. Clearing STA_UNSYNC takes one
timesynced cycle (32s, see below).
Or that the time is set
accurately enough for adjtimex() to be used for the remaining accuracy
(In that case, we'd actually have to make timesyncd report this
information to us, maybe using a flag file to watch via inotify)?
This is probably what satisfies most users.
Or
that the time set accurately enough to be monotonic, but not more (in
that case just ordering after systemd-timesyncd.service should be
enough, no need for any other tool)?
timesyncd sends READY=1 quite early. I think it is before it tries to
contact time servers.
Of these three options, I think the first one is not necessarily a
good idea, since adjtimex() is really about making time corrections
smooth and hence slow. Making this slow, and trying to wait for it is
kinda contradictory, no?
Not really, that is it isn't that slow. I measured it. First I set the
current time off by less than a minute then waited
date $(date +%m%d%H%M%Y) sleep 2 time ./systemd-timesync-wait
and it always took one timesyncd cycle (32 seconds) to clear STA_UNSYNC.
How about waiting for either a flag-file which timesyncd creates after
a few seconds timesynced is started or, if a user chooses so, for the
real synchronisation?
The third one is not a good idea either, since we already have
functionality covering that.
But if the second option is the relevant one, then I figure neither
adjtimex() nor TFP_CANCEL_ON_SET will be useful to us, and instead we
need to teach systemd-timesyncd some flag file stuff.
Yes, like hey I've already received the time from an NTP server and fed
it to the kernel.
Create /run/systemd/timesyncd/synchronised here:
http://cgit.freedesktop.org/systemd/systemd/tree/src/timesync/timesyncd-manager.c?id=v217#n389
and unlink it here
http://cgit.freedesktop.org/systemd/systemd/tree/src/timesync/timesyncd-manager.c?id=v217#n293
and of upon exit. An erroneous one too.
The same way as network-wait-online has a timeout this tool should
probably have one too.
If the timeout is reached the tool exits with a non-zero code. Right?
That makes sense. Is three minutes OK?
I'd use the same default timeout as for systemd-network-wait-online,
for whatever that is.
Are you sure there is a timeout? The service type is oneshot (timeout is
disabled according to systemd.service(5)) without any Timeout* set. Two
calls to sd_event_exit() in the code depend manager_all_configured() and
no sign of any timer.
--
Było mi bardzo miło. Twoje oczy lubią mnie
Łukasz i to mnie zgubi (c)SNL
REKLAMA: http://ars-fabrica.eu/ sklep z rękodziełem
signature.asc
Description: OpenPGP digital signature
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd and power management
On Wed, Oct 29, 2014 at 01:00:42PM -0400, Daniel Hollocher wrote: Hey folks, I'm a not expert here, so please forgive the low quality/interest of my question. I'm curious what the ideal systemd way is to set various power management settings in the /sys tree. For me personally, I'm looking to set sampling_down_factor as without it, ondemand has terrible performance on my particular computer (a 10-30% loss compared to performance or conservative). Currently, Ubuntu uses a sysv init script to set ondemand after boot, and I could edit that. It would be cool to know the ideal systemd way, that could also be aware of power saving stuff. From googling, it seems that tempfiles or sysctrl is not the way to go, since those only happen at boot. Udev? The examples I've found seem to make basic usage of udev to detect power changes, and then drop to a script to do the bulk of the work. Is that it? See sysctl.d(5). Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd and power management
On Wednesday 29 October 2014 at 13:00:42, Daniel Hollocher wrote: Hey folks, I'm a not expert here, so please forgive the low quality/interest of my question. I'm curious what the ideal systemd way is to set various power management settings in the /sys tree. For me personally, I'm looking to set sampling_down_factor as without it, ondemand has terrible performance on my particular computer (a 10-30% loss compared to performance or conservative). Currently, Ubuntu uses a sysv init script to set ondemand after boot, and I could edit that. It would be cool to know the ideal systemd way, that could also be aware of power saving stuff. From googling, it seems that tempfiles or sysctrl is not the way to go, since those only happen at boot. Udev? The examples I've found seem to make basic usage of udev to detect power changes, and then drop to a script to do the bulk of the work. Is that it? You could write a bunch of units pulled in by a target... well, two targets, one for power-saving and second for performance mode. And then just start the targets from an udev rule. Just remember to use `--no-block` as udev kills workers after some time. I've already done something along these lines for my own purposes, see https://github.com/intelfx/power-management However, I still want to know if I this is OK wrt systemd spirit. -- Ivan Shapovalov / intelfx / signature.asc Description: This is a digitally signed message part. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] sysusers: Preserve ownership and mode on /etc/passwd and friends
FWIW, I tested this now and it seems to have worked fine and properly
preserved both mode and ownership of the files in question.
OK to push this one?
Col
Colin Guthrie wrote on 29/10/14 14:34:
When running sysusers we would clobber file ownership and permissions
on the files /etc/passwd, /etc/group and /etc/[g]shadow.
This simply preserves the ownership and mode if existing files are
found.
---
src/sysusers/sysusers.c | 61
+
1 file changed, 41 insertions(+), 20 deletions(-)
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index 9b9be96..c133dc5 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -358,6 +358,7 @@ static int write_files(void) {
_cleanup_fclose_ FILE *passwd = NULL, *group = NULL, *shadow = NULL,
*gshadow = NULL;
_cleanup_free_ char *passwd_tmp = NULL, *group_tmp = NULL,
*shadow_tmp = NULL, *gshadow_tmp = NULL;
const char *passwd_path = NULL, *group_path = NULL, *shadow_path =
NULL, *gshadow_path = NULL;
+struct stat st;
bool group_changed = false;
Iterator iterator;
Item *i;
@@ -372,15 +373,17 @@ static int write_files(void) {
if (r 0)
goto finish;
-if (fchmod(fileno(group), 0644) 0) {
-r = -errno;
-goto finish;
-}
-
original = fopen(group_path, re);
if (original) {
struct group *gr;
+if (fstat(fileno(original), st) 0 ||
+fchmod(fileno(group), st.st_mode 0) 0 ||
+fchown(fileno(group), st.st_uid, st.st_gid) 0)
{
+r = -errno;
+goto finish;
+}
+
errno = 0;
while ((gr = fgetgrent(original))) {
/* Safety checks against name and GID
@@ -418,6 +421,9 @@ static int write_files(void) {
} else if (errno != ENOENT) {
r = -errno;
goto finish;
+} else if (fchmod(fileno(group), 0644) 0) {
+r = -errno;
+goto finish;
}
HASHMAP_FOREACH(i, todo_gids, iterator) {
@@ -449,15 +455,17 @@ static int write_files(void) {
if (r 0)
goto finish;
-if (fchmod(fileno(gshadow), ) 0) {
-r = -errno;
-goto finish;
-}
-
original = fopen(gshadow_path, re);
if (original) {
struct sgrp *sg;
+if (fstat(fileno(original), st) 0 ||
+fchmod(fileno(gshadow), st.st_mode 0) 0
||
+fchown(fileno(gshadow), st.st_uid, st.st_gid)
0) {
+r = -errno;
+goto finish;
+}
+
errno = 0;
while ((sg = fgetsgent(original))) {
@@ -483,6 +491,9 @@ static int write_files(void) {
} else if (errno != ENOENT) {
r = -errno;
goto finish;
+} else if (fchmod(fileno(gshadow), ) 0) {
+r = -errno;
+goto finish;
}
HASHMAP_FOREACH(i, todo_gids, iterator) {
@@ -513,15 +524,17 @@ static int write_files(void) {
if (r 0)
goto finish;
-if (fchmod(fileno(passwd), 0644) 0) {
-r = -errno;
-goto finish;
-}
-
original = fopen(passwd_path, re);
if (original) {
struct passwd *pw;
+if (fstat(fileno(original), st) 0 ||
+fchmod(fileno(passwd), st.st_mode 0) 0 ||
+fchown(fileno(passwd), st.st_uid, st.st_gid)
0) {
+r = -errno;
+goto finish;
+}
+
errno = 0;
while ((pw = fgetpwent(original))) {
@@ -552,6 +565,9 @@ static int write_files(void) {
} else if (errno != ENOENT) {
r = -errno;
goto finish;
+} else if (fchmod(fileno(passwd), 0644) 0) {
+r = -errno;
+goto finish;
}
[systemd-devel] [PATCH] missing: Correct and extend getrandom syscall defines
Add syscall numbers for 32 bit x86 and arm and Correct
the system call number for x86_64 (it is 318 not 278)
---
src/shared/missing.h | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/shared/missing.h b/src/shared/missing.h
index 00e0287..7fd259a 100644
--- a/src/shared/missing.h
+++ b/src/shared/missing.h
@@ -136,7 +136,11 @@ static inline int memfd_create(const char *name, unsigned
int flags) {
#ifndef __NR_getrandom
# if defined __x86_64__
-#define __NR_getrandom 278
+#define __NR_getrandom 318
+# elif defined __i386__
+#define __NR_getrandom 355
+# elif defined __arm__
+#define __NR_getrandom (__NR_SYSCALL_BASE+384)
# else
#warning __NR_getrandom unknown for your architecture
#define __NR_getrandom 0x
--
2.1.2
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd and power management
Yeah, it's tricky. I don't think sysctl is the answer as that doesn't work with /sys On Wed, Oct 29, 2014 at 1:06 PM, Ivan Shapovalov intelfx...@gmail.com wrote: On Wednesday 29 October 2014 at 13:00:42, Daniel Hollocher wrote: Hey folks, I'm a not expert here, so please forgive the low quality/interest of my question. I'm curious what the ideal systemd way is to set various power management settings in the /sys tree. For me personally, I'm looking to set sampling_down_factor as without it, ondemand has terrible performance on my particular computer (a 10-30% loss compared to performance or conservative). Currently, Ubuntu uses a sysv init script to set ondemand after boot, and I could edit that. It would be cool to know the ideal systemd way, that could also be aware of power saving stuff. From googling, it seems that tempfiles or sysctrl is not the way to go, since those only happen at boot. Udev? The examples I've found seem to make basic usage of udev to detect power changes, and then drop to a script to do the bulk of the work. Is that it? You could write a bunch of units pulled in by a target... well, two targets, one for power-saving and second for performance mode. And then just start the targets from an udev rule. Just remember to use `--no-block` as udev kills workers after some time. I've already done something along these lines for my own purposes, see https://github.com/intelfx/power-management However, I still want to know if I this is OK wrt systemd spirit. -- Ivan Shapovalov / intelfx / ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] Move apparmor code before the namespace setup
On Mon, Oct 27, 2014 at 11:20:53PM +0100, Lennart Poettering wrote: On Mon, 27.10.14 20:16, Michael Scherer (m...@zarb.org) wrote: On Mon, Oct 27, 2014 at 03:38:37PM +0100, Lennart Poettering wrote: On Sat, 11.10.14 21:57, m...@zarb.org (m...@zarb.org) wrote: From: Michael Scherer m...@zarb.org Since apparmor need to access /proc to communicate with the kernel, any unit setting / as readonly will be unable to also use the AppArmorProfile setting, as found on debian bug 760526. A unit that sets /proc to read-only is broken anyway, I don't think we should work around that. or am I missing something here? When a unit set / as readonly, /proc seems to become readonly too. Yes, it ReadOnlyDirectories= is recursive. People doing that should use ReadWriteDirectories=/proc to open up /proc again. Note that ReadOnlyDirectories= and ReadWriteDirectories= are low-level functionality. If you use it you really should know what you do. This is different from ProtectSystem= which is a lot more high-level and doesn't require you to think about all the details. Of course, but that do not seems a reason to be forced to have a workaround in every unit doing that. And I would count setting /proc as readonly ( or unreadable ) as a hardening measure to reduce the attack surface. Well, people can do whatever they want, but write access to /proc is part of the Linux API, there's ton of functionality that processes need access to that is only available via writes to /proc. You cannot really take this away, except for trivial programs. systemd is really not the place to push for read-only /proc/self/... The APIs in /proc are generally useful APIs, you cannot just declare them unnecessary, take them away and assume things to still work. They are useful, but in the context of the original bug report on Debian, the goal is to secure tor and reduce potential information leaks on a explictely hardened distribution ( tails ) whose aim is to increase privacy. So that would be a explicit decision of the downstream to restrict it using systemd. If that's not done with systemd, that would be with selinux/apparmor anyway, but it is better to have a defense in depth, in case of a apparmor policy oversight or anything similar. So in order to make it maintainable and secure, the easiest way is to start by restricting everything, and then whitelisting, like we do for firewalling and selinux policy. No one want to assume things will just work, but on the other hand, if we can make it just work at the systemd level, that's IMHO better. So I do not really understand your concern. If the concern is that fixing the bug do not change anything because this is broken anyway, this is something that will be fixed with finer grained whitelisting and/or fixed in the daemon if possible. While not all daemons will work, far from it, I am quite sure some will without any trouble. On the patch itself, I do not really see a problem : - it doesn't change anything besides the location of the code coming from a patch I submitted 9 months ago. It would surely have been accepted if I did it right away. So I do not see any increased maintainance nor migration headaches. - it solve a corner case, which is not documented, nor really expected, and hard to debug to a less expert developper. So if the problem is that the reason of the patch to be merged aren't sound, I see: - there is a demand for it ( cf bug ) - if the patch is not merged, that mean that we will : - have to had 1 work around in the unit ( as said in the initial bug already ) - still restrict it dpwnstream with apparmor - have apparmor policy to do the restriction anyway. I think we both prefer to favor having the right fix at the right place rather than a work around everywhere, and I think that patch is that. -- Michael Scherer ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH v2] Bootchart: allow parse LABEL, UUID, PARTUUID for svg info
2014-10-29 16:20 GMT+03:00 Zbigniew Jędrzejewski-Szmek zbys...@in.waw.pl: On Wed, Oct 29, 2014 at 04:16:22PM +0300, Timofey Titovets wrote: Why then developers use cmdline before? Maybe cmdline allow determine disk when bootchart working from or in initrd? bootchart was merged into systemd after being developed in separate and often does not follow the same conventions. Zbyszek Hm.. okay. I did short search in systemd and can't find function to extract values from /proc/mounts It's needed to rework patch for use /proc/mounts and implement function to parse? I miss something? -- Have a nice day, Timofey. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] Commands started after su - username do not obey systemctl set-property user.slice MemoryLimit=...
Hi, I configured a CentOS 7 to limit the amount of memory any single interactive user can use by setting: systemctl set-property user.slice MemoryLimit=60G and excepted root to use a less strict limit: systemctl set-property user-0.slice MemoryLimit=120G Works so far, but there's a catch: Some times, root wants to impersonate some user to interactively start some software on behalf of that user. Yet, when root uses su - username to change the user, no user-xxx.slice is created, not even a new session below user-0.slice is created, causing the wrong MemoryLimit to be applied: systemd-cgls └─user.slice ├─user-0.slice ... │ └─session-18.scope │ ├─17570 sshd: root@pts/1 │ ├─17572 -bash │ ├─19514 bash │ ├─19884 su - johndoe │ ├─19885 -bash │ ├─20395 ./memory_hog ... How can I configure that processes started as a certain user honor the user.slice limit, regardless of whether the user used ssh to log in, or whether just root was using su to become that user? Regards, Lutz Vieweg ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] udev: Add hidraw_id and a rule file to invoke it
On Tue, Oct 28, 2014 at 3:46 PM, Andy Lutomirski l...@amacapital.net wrote:
So far, hidraw_id detects U2F tokens and sets:
ID_U2F_TOKEN=1
ID_SECURITY_TOKEN=1
This causes the uaccess rules to apply to U2F devices.
This works for the Plug-up security key, too.
--Andy
---
I've never written any udev code before. Feedback welcome.
If you think this doesn't belong in udev, I can try to find it another home.
.gitignore | 1 +
Makefile.am| 11
rules/60-hidraw.rules | 7 ++
src/udev/hidraw_id/Makefile| 1 +
src/udev/hidraw_id/hidraw_id.c | 144
+
5 files changed, 164 insertions(+)
create mode 100644 rules/60-hidraw.rules
create mode 12 src/udev/hidraw_id/Makefile
create mode 100644 src/udev/hidraw_id/hidraw_id.c
diff --git a/.gitignore b/.gitignore
index f119b574c777..4bd3cdf08f0d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -34,6 +34,7 @@
/exported
/exported-*
/gtk-doc.make
+/hidraw_id
/hostnamectl
/install-tree
/journalctl
diff --git a/Makefile.am b/Makefile.am
index fae946a388af..9f64687d32b1 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -3542,6 +3542,17 @@ udevlibexec_PROGRAMS += \
ata_id
#
--
+hidraw_id_SOURCES = \
+ src/udev/hidraw_id/hidraw_id.c
+
+hidraw_id_LDADD = \
+ libudev-internal.la \
+ libsystemd-shared.la
+
+udevlibexec_PROGRAMS += \
+ hidraw_id
+
+#
--
cdrom_id_SOURCES = \
src/udev/cdrom_id/cdrom_id.c
diff --git a/rules/60-hidraw.rules b/rules/60-hidraw.rules
new file mode 100644
index ..1ee9c812f711
--- /dev/null
+++ b/rules/60-hidraw.rules
@@ -0,0 +1,7 @@
+# do not edit this file, it will be overwritten on update
+
+ACTION==remove, GOTO=hidraw_end
+
+SUBSYSTEM==hidraw, IMPORT{program}=hidraw_id --udev
+
+LABEL=keyboard_end
diff --git a/src/udev/hidraw_id/Makefile b/src/udev/hidraw_id/Makefile
new file mode 12
index ..d0b0e8e0086f
--- /dev/null
+++ b/src/udev/hidraw_id/Makefile
@@ -0,0 +1 @@
+../Makefile
\ No newline at end of file
diff --git a/src/udev/hidraw_id/hidraw_id.c b/src/udev/hidraw_id/hidraw_id.c
new file mode 100644
index ..e32f222f22f9
--- /dev/null
+++ b/src/udev/hidraw_id/hidraw_id.c
@@ -0,0 +1,144 @@
+/*
+ * Copyright (c) Andrew Lutomirski, 2014
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see http://www.gnu.org/licenses/.
+ */
+
+#include stdio.h
+#include string.h
+#include sys/types.h
+#include sys/stat.h
+#include fcntl.h
+#include unistd.h
+
+#include libudev.h
+#include libudev-private.h
+
+_printf_(6,0)
+static void log_fn(struct udev *udev, int priority,
+ const char *file, int line, const char *fn,
+ const char *format, va_list args)
+{
+log_metav(priority, file, line, fn, format, args);
+}
+
+int main(int argc, char **argv)
+{
+struct udev *udev;
+struct udev_device *dev, *hiddev;
+char path[4096];
+unsigned char desc[4096];
+int desclen;
+int fd = -1;
+int i;
+int ret = 1;
+unsigned int usage_page = 0;
+int is_u2f_token = 0;
+
+if (argc != 2) {
+fprintf(stderr, Usage: hidraw_id SYSFS_PATH|--udev\n);
+return 1;
+}
+
+log_parse_environment();
+log_open();
+
+udev = udev_new();
+
+udev_set_log_fn(udev, log_fn);
+
+if (!strcmp(argv[1], --udev))
+dev = udev_device_new_from_environment(udev);
+else
+dev = udev_device_new_from_syspath(udev, argv[1]);
+
+if (!dev)
+goto out;
+
+hiddev = udev_device_get_parent(dev);
+if (!hiddev)
+goto out;
+
+if (snprintf(path, sizeof(path), %s/report_descriptor,
+ udev_device_get_syspath(hiddev)) (int)sizeof(path))
+return 1;
+
+fd = open(path, O_RDONLY | O_NOFOLLOW);
+if (fd == -1)
+goto out;
+
+desclen = read(fd, desc, sizeof(desc));
+if (desclen = 0)
+
Re: [systemd-devel] [PATCH] missing: Correct and extend getrandom syscall defines
On Wed, 29.10.14 14:29, Cristian Rodríguez (crrodrig...@opensuse.org) wrote: Add syscall numbers for 32 bit x86 and arm and Correct the system call number for x86_64 (it is 318 not 278) Hmm? I did my testing on x86_64 3.18rc2, 278 is what worked here... Did you test 318? Where does that number come from? Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd-cron: retrigger generator after /var is mounted
Le mercredi 22 octobre 2014, 13:07:39 Lennart Poettering a écrit : So, I thought myself a couple of times about adding a cron generator upstream, but always came to the conclusion that having to load the configuration **twice** during boot-up would be suboptimal. Well, you can order your reload service After=local-fs.target, which should do the trick. As /var might be subdivided into more submounts you really want to order after local-fs.target, and nothing earlier. Ok, thanks, I have it mostly solved now. I have my generator check for /var/spool... and writing a service in /run to call itself again **only** if needed. On the second run of the generator, this service is not generated again, it just vanish; it acts like a transient unit. So, on systems with /var in /, it run once; and on systems with a separate /var, it run twice. It is set to run After=local-fs.target and Before=cron.target The only remaining problem is that the added timer is not started. Is systemctl daemon-reload really synchronous, or does it return before the reload if effectively done ? (I saw the --no-block argument that make me fear this) ● cron-after-var.service Loaded: not-found (Reason: No such file or directory) Active: inactive (dead) since jeu 2014-10-30 00:00:39 CET; 13min ago Main PID: 370 (code=exited, status=0/SUCCESS) ● cron-tchet-tchet-0.timer - [Cron] 40 8 * * * /home/tchet/.ben/ben.sh Loaded: loaded (/var/spool/cron/crontabs/tchet) Active: inactive (dead) Docs: man:systemd-crontab-generator(8) https://github.com/systemd-cron/systemd-cron/blob/master/src/bin/systemd-crontab-generator#L405 Alexandre Detiste___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] missing: Correct and extend getrandom syscall defines
On Wed, Oct 29, 2014 at 11:55:29PM +0100, Lennart Poettering wrote: On Wed, 29.10.14 14:29, Cristian Rodríguez (crrodrig...@opensuse.org) wrote: Add syscall numbers for 32 bit x86 and arm and Correct the system call number for x86_64 (it is 318 not 278) Hmm? I did my testing on x86_64 3.18rc2, 278 is what worked here... Did you test 318? Where does that number come from? I didn't see Cristian's patch and committed this: http://cgit.freedesktop.org/systemd/systemd/commit/?id=74a550c Is there a reason to avoid the syscall on i386? d ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] 'systemctl poweroff' no longer shuts down system -- instead, reboots ?
I'm running on kernel uname -a Linux desk0107 3.17.1-2.g5c4d099-desktop #1 SMP PREEMPT Sat Oct 18 23:36:23 UTC 2014 (5c4d099) x86_64 x86_64 x86_64 GNU/Linux with systemctl --version systemd 210 +PAM +LIBWRAP +AUDIT +SELINUX -IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ +SECCOMP +APPARMOR shutdown/reboot are handled by systemd ls -l /sbin/shutdown /sbin/reboot lrwxrwxrwx 1 root root 18 Oct 26 11:36 /sbin/reboot - /usr/bin/systemctl* lrwxrwxrwx 1 root root 18 Oct 26 11:36 /sbin/shutdown - /usr/bin/systemctl* when I exec either systemctl reboot shutdown -r now the system reboots as always. but, when if I try to shutdown with either systemctl poweroff shutdown -h now the system does NOT shutdown -- it reboots. this is not a universal problem -- it's limited to just a few machines; each of them _had_ been shutting down reliably previously. I don't yet know what upgrade in the interim, if any, has affected this. So far I've not managed to find a source of the problem. What specific systemd troubleshooting info can I dig out that might shed some light? ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] missing: Correct and extend getrandom syscall defines
El 29/10/14 a las #4, Lennart Poettering escribió:
On Wed, 29.10.14 14:29, Cristian Rodríguez (crrodrig...@opensuse.org) wrote:
Add syscall numbers for 32 bit x86 and arm and Correct
the system call number for x86_64 (it is 318 not 278)
Hmm? I did my testing on x86_64 3.18rc2, 278 is what worked
here... Did you test 318? Where does that number come from?
#include stdio.h
#include sys/syscall.h
int main(void)
{
printf(%d, __NR_getrandom);
return 0;
}
that's with kernel headers from 3.17 in x86_64.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] missing: Correct and extend getrandom syscall defines
El 30/10/14 a las #4, Cristian Rodríguez escribió:
El 29/10/14 a las #4, Lennart Poettering escribió:
On Wed, 29.10.14 14:29, Cristian Rodríguez (crrodrig...@opensuse.org)
wrote:
Add syscall numbers for 32 bit x86 and arm and Correct
the system call number for x86_64 (it is 318 not 278)
Hmm? I did my testing on x86_64 3.18rc2, 278 is what worked
here... Did you test 318? Where does that number come from?
#include stdio.h
#include sys/syscall.h
int main(void)
{
printf(%d, __NR_getrandom);
return 0;
}
that's with kernel headers from 3.17 in x86_64.
and the kernel sources confirm it is 318 in x86_64
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/arch/x86/syscalls/syscall_64.tbl
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] 'systemctl poweroff' no longer shuts down system -- instead, reboots ?
journalctl across the failed shutdown procedure shows the systemd Power-Off process starting, the journal stopping, then, a --Reboot-- ... Oct 29 21:02:12 desk0107 systemd[1]: Starting Power-Off... Oct 29 21:02:12 desk0107 systemd-shutdown[1]: Sending SIGTERM to remaining processes... Oct 29 21:02:12 desk0107 sshd[3987]: Exiting on signal 15 Oct 29 21:02:12 desk0107 sshd[2603]: Exiting on signal 15 Oct 29 21:02:12 desk0107 systemd-journal[634]: Journal stopped -- Reboot -- ... Here's the complete output, ... Oct 29 21:00:01 desk0107 systemd[1]: Starting Session 5 of user root. systemctl poweroff exec'd here Oct 29 21:02:02 desk0107 systemd[1]: Deactivating swap /dev/dm-1... Oct 29 21:02:02 desk0107 systemd[1]: Deactivating swap /dev/dm-1... Oct 29 21:02:02 desk0107 systemd[1]: Deactivating swap /dev/dm-1... Oct 29 21:02:02 desk0107 systemd[1]: Stopped target Sound Card. Oct 29 21:02:02 desk0107 systemd[1]: Stopped target Bluetooth. Oct 29 21:02:02 desk0107 systemd[1]: Removed slice system-systemd\x2dfsck.slice. Oct 29 21:02:02 desk0107 systemd[1]: Removed slice system-wol.slice. Oct 29 21:02:02 desk0107 systemd[1]: Stopped Stop Read-Ahead Data Collection 10s After Completed Startup. Oct 29 21:02:02 desk0107 systemd[1]: Stopped target System Time Synchronized. Oct 29 21:02:02 desk0107 systemd[1]: Stopping Manage, Install and Generate Color Profiles... Oct 29 21:02:02 desk0107 bluetoothd[1110]: Terminating Oct 29 21:02:02 desk0107 bluetoothd[1110]: Stopping SDP server Oct 29 21:02:02 desk0107 bluetoothd[1110]: Exit Oct 29 21:02:02 desk0107 systemd[1]: Stopping ifup managed network interface eth0... Oct 29 21:02:02 desk0107 systemd[1]: Stopping Graphical Interface. Oct 29 21:02:02 desk0107 systemd[1]: Stopping Multi-User System. Oct 29 21:02:02 desk0107 systemd[1]: Stopping LSB: ha_logd logging daemon... Oct 29 21:02:02 desk0107 systemd[1]: Stopping LSB: VirtualBox web service API... Oct 29 21:02:02 desk0107 systemd[1]: Stopping LSB: irqbalance daemon providing irq balancing on MP-machines... Oct 29 21:02:02 desk0107 systemd[1]: Stopping LSB: VirtualBox watchdog daemon... Oct 29 21:02:02 desk0107 systemd[2150]: Stopping Basic System. Oct 29 21:02:02 desk0107 systemd[2150]: Stopped target Basic System. Oct 29 21:02:02 desk0107 systemd[2150]: Stopping Paths. Oct 29 21:02:02 desk0107 systemd[2150]: Stopped target Paths. Oct 29 21:02:02 desk0107 systemd[2150]: Stopping Timers. Oct 29 21:02:02 desk0107 systemd[2150]: Stopped target Timers. Oct 29 21:02:02 desk0107 systemd[2150]: Stopping Sockets. Oct 29 21:02:02 desk0107 systemd[2150]: Stopped target Sockets. Oct 29 21:02:02 desk0107 systemd[2150]: Starting Shutdown. Oct 29 21:02:02 desk0107 systemd[2150]: Reached target Shutdown. Oct 29 21:02:02 desk0107 systemd[2150]: Starting Exit the Session... Oct 29 21:02:02 desk0107 logd[5027]: [5027]: debug: Stopping ha_logd with pid 2123 Oct 29 21:02:02 desk0107 logd[5027]: [5027]: info: Waiting for pid=2123 to exit Oct 29 21:02:02 desk0107 logd[2123]: [2123]: debug: logd_term_action: received SIGTERM Oct 29 21:02:02 desk0107 logd[2123]: [2123]: debug: logd_term_action: waiting for 0 messages to be read by write process Oct 29 21:02:02 desk0107 logd[2123]: [2123]: debug: logd_term_action: sending SIGTERM to write process Oct 29 21:02:02 desk0107 logd[2166]: [2166]: info: logd_term_write_action: received SIGTERM Oct 29 21:02:02 desk0107 logd[2166]: [2166]: debug: Writing out 0 messages then quitting Oct 29 21:02:02 desk0107 logd[2166]: [2166]: info: Exiting write process Oct 29 21:02:02 desk0107 systemd[1]: Stopping LSB: Supports the direct execution of binary formats Oct 29 21:02:02 desk0107 systemd[2150]: Received SIGRTMIN+24 from PID 5023 (kill). Oct 29 21:02:02 desk0107 systemd[1]: Stopping Login Prompts. Oct 29 21:02:02 desk0107 systemd[1]: Stopped target Login Prompts. Oct 29 21:02:02 desk0107 systemd[1]: Stopping Serial Getty on ttyS0... Oct 29 21:02:02 desk0107 systemd[1]: Stopping RPC Bind... Oct 29 21:02:02 desk0107 systemd[1]: Stopping CUPS Printing Service... Oct 29 21:02:02 desk0107 systemd[1]: Stopping Command Scheduler... Oct 29 21:02:02 desk0107 systemd[1]: Stopping MariaDB database server... Oct 29 21:02:03 desk0107 systemd[1]: Stopping System Logging Service... Oct 29 21:02:03 desk0107 systemd[1]: Stopping Postfix MTA Daemon... Oct 29 21:02:03 desk0107 systemd[1]: Stopping Login Service... Oct 29 21:02:03 desk0107 jexec[5034]: Stopping jexec services Oct 29 21:02:03
