system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-07-21 18:24:38 +00:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Merge pull request #31919 from YHNdnzj/analyze-verify

Browse source 
Some fixes/improvements for analyze
This commit is contained in:
Luca Boccassi 2024-03-24 11:50:44 +00:00 committed by GitHub
parent 7591ae713f ac97053618
commit a2369b8be4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 34 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
man/systemd-analyze.xml
View file

@ -1018,16 +1018,12 @@ x86-64 native</programlisting>
<term><option>--order</option></term>
<term><option>--require</option></term>
<listitem><para>When used in conjunction with the
<command>dot</command> command (see above), selects which
dependencies are shown in the dependency graph. If
<option>--order</option> is passed, only dependencies of type
<varname>After=</varname> or <varname>Before=</varname> are
shown. If <option>--require</option> is passed, only
dependencies of type <varname>Requires=</varname>,
<varname>Requisite=</varname>,
<varname>Wants=</varname> and <varname>Conflicts=</varname>
are shown. If neither is passed, this shows dependencies of
<listitem><para>When used in conjunction with the <command>dot</command> command (see above),
selects which dependencies are shown in the dependency graph. If <option>--order</option> is passed,
only dependencies of type <varname>After=</varname> or <varname>Before=</varname> are shown.
If <option>--require</option> is passed, only dependencies of type <varname>Requires=</varname>,
<varname>Requisite=</varname>, <varname>BindsTo=</varname>, <varname>Wants=</varname>, and
<varname>Conflicts=</varname> are shown. If neither is passed, this shows dependencies of
all these types.</para>
<xi:include href="version-info.xml" xpointer="v198"/></listitem>

31
src/analyze/analyze-dot.c
View file

@ -13,14 +13,15 @@ static int graph_one_property(
const UnitInfo *u,
const char *prop,
const char *color,
char *patterns[],
char *from_patterns[],
char *to_patterns[]) {
char **patterns,
char **from_patterns,
char **to_patterns) {
_cleanup_strv_free_ char **units = NULL;
bool match_patterns;
int r;
assert(bus);
assert(u);
assert(prop);
assert(color);
@ -51,7 +52,13 @@ static int graph_one_property(
return 0;
}
static int graph_one(sd_bus *bus, const UnitInfo *u, char *patterns[], char *from_patterns[], char *to_patterns[]) {
static int graph_one(
sd_bus *bus,
const UnitInfo *u,
char **patterns,
char **from_patterns,
char **to_patterns) {
int r;
assert(bus);
@ -67,12 +74,19 @@ static int graph_one(sd_bus *bus, const UnitInfo *u, char *patterns[], char *fro
r = graph_one_property(bus, u, "Requires", "black", patterns, from_patterns, to_patterns);
if (r < 0)
return r;
r = graph_one_property(bus, u, "Requisite", "darkblue", patterns, from_patterns, to_patterns);
if (r < 0)
return r;
r = graph_one_property(bus, u, "BindsTo", "gold", patterns, from_patterns, to_patterns);
if (r < 0)
return r;
r = graph_one_property(bus, u, "Wants", "grey66", patterns, from_patterns, to_patterns);
if (r < 0)
return r;
r = graph_one_property(bus, u, "Conflicts", "red", patterns, from_patterns, to_patterns);
if (r < 0)
return r;
@ -85,6 +99,9 @@ static int expand_patterns(sd_bus *bus, char **patterns, char ***ret) {
_cleanup_strv_free_ char **expanded_patterns = NULL;
int r;
assert(bus);
assert(ret);
STRV_FOREACH(pattern, patterns) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_free_ char *unit = NULL, *unit_id = NULL;
@ -110,10 +127,9 @@ static int expand_patterns(sd_bus *bus, char **patterns, char ***ret) {
if (r < 0)
return log_error_errno(r, "Failed to get ID: %s", bus_error_message(&error, r));
if (!streq(*pattern, unit_id)) {
if (!streq(*pattern, unit_id))
if (strv_extend(&expanded_patterns, unit_id) < 0)
return log_oom();
}
}
*ret = TAKE_PTR(expanded_patterns); /* do not free */
@ -128,8 +144,8 @@ int verb_dot(int argc, char *argv[], void *userdata) {
_cleanup_strv_free_ char **expanded_patterns = NULL;
_cleanup_strv_free_ char **expanded_from_patterns = NULL;
_cleanup_strv_free_ char **expanded_to_patterns = NULL;
int r;
UnitInfo u;
int r;
r = acquire_bus(&bus, NULL);
if (r < 0)
@ -170,6 +186,7 @@ int verb_dot(int argc, char *argv[], void *userdata) {
log_info(" Color legend: black = Requires\n"
" dark blue = Requisite\n"
" gold = BindsTo\n"
" dark grey = Wants\n"
" red = Conflicts\n"
" green = After\n");

5
src/analyze/analyze-security.c
View file

@ -1756,15 +1756,14 @@ static int assess(const SecurityInfo *info,
(void) table_set_display(details_table, (size_t) 0, (size_t) 1, (size_t) 2, (size_t) 3, (size_t) 7);
}
for (i = 0; i < ELEMENTSOF(security_assessor_table); i++) {
const struct security_assessor *a = security_assessor_table + i;
FOREACH_ARRAY(a, security_assessor_table, ELEMENTSOF(security_assessor_table)) {
_cleanup_free_ char *d = NULL;
uint64_t badness;
void *data;
uint64_t weight = access_weight(a, policy);
uint64_t range = access_range(a, policy);
data = (uint8_t *) info + a->offset;
data = (uint8_t*) info + a->offset;
if (a->default_dependencies_only && !info->default_dependencies) {
badness = UINT64_MAX;

5
src/analyze/analyze.c
View file

@ -572,10 +572,9 @@ static int parse_argv(int argc, char *argv[]) {
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Option --threshold= is only supported for security right now.");
if (arg_runtime_scope == RUNTIME_SCOPE_GLOBAL &&
!STR_IN_SET(argv[optind] ?: "time", "dot", "unit-paths", "verify"))
if (arg_runtime_scope == RUNTIME_SCOPE_GLOBAL && !streq_ptr(argv[optind], "unit-paths"))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Option --global only makes sense with verbs dot, unit-paths, verify.");
"Option --global only makes sense with verb unit-paths.");
if (streq_ptr(argv[optind], "cat-config") && arg_runtime_scope == RUNTIME_SCOPE_USER)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),