Let's include netinet/in.h instead of linux/in6.h, as the former is the
official libc location for these definitions, and the latter is a
linux-specific version that conflicts.
This hopefully makes systemd compile on current Semaphore again.
This takes e410b07d2a into consideration,
but makes us use glibc rather than kernel headers.
While we are at it, let's also sort our #include lines. Since kernel
headers are notoriously crappy we won't strictly order them globally,
but first include non-kernel headers in a sorted way, and then include
kernel headers in a somewhat sorted way (i.e. generic stuff first and
somewhat alphabetical, and specific stuff last)
By default systemd-shutdown will wait for 90s after SIGTERM was sent
for all processes to exit. This is way too long and effectively defeats
an emergency watchdog reboot via "reboot-force" actions. Instead now
use DefaultTimeoutStopSec which is configurable.
First, let's rename it to disable_coredumps(), as in the rest of our
codebase we spell it "coredump" rather than "core_dump", so let's stick
to that.
However, also log about failures to turn off core dumpling on LOG_DEBUG,
because debug logging is always a good idea.
Let's rename it manager_sanitize_environment() which is a more precise
name. Moreover, sort the environment implicitly inside it, as all our
callers do that anyway afterwards and we can save some code this way.
Also, update the list of env vars to drop, i.e. the env vars we manage
ourselves and don't want user code to interfear with. Also sort this
list to make it easier to update later on.
This is quite ugly, but provides us with an avenue for moving
distributions to define the "nobody" user properly without breaking legacy
systems that us the name for other stuff.
The idea is basically, that the distribution adopts the new definition
of "nobody" (and thus recompiles systemd with it) and then touches
/etc/systemd/dont-synthesize-nobody on legacy systems to turn off
possibly conflicting synthesizing of the nobody name by systemd.
We should be careful with errno in cleanup functions, and not alter it
under any circumstances. In the safe_close cleanup handlers we are
already safe in that regard, but let's add similar protections on other
cleanup handlers that invoke system calls.
Why bother? Cleanup handlers insert code at function return in
non-obvious ways. Hence, code that sets errno and returns should not be
confused by us overrding the errno from a cleanup handler.
This is a paranoia fix only, I am not aware where this actually mattered
in real-life situations.
Both netinet/icmp6.h and linux/in6.h will define struct in6_addr, and in
user space we want to use the netinet/icmp6.h variant.
Fixes build problem:
In file included from src/libsystemd-network/sd-radv.c:23:0:
/home/hegtvedt/work/os/product/sunrise/root/_build/v2/include/linux/in6.h:30:8:
error: redefinition of 'struct in6_addr'
If the system is finally shutting down it makes no sense to write core
dumps as the last remaining processes are terminated / killed. This is
especially significant in case of a "force reboot" where all processes
are hit concurrently with a SIGTERM and no orderly shutdown of
processes takes place.
This also adds the ability to incorporate arrays into netlink messages
and to determine when a netlink message is too big, used by some generic
netlink protocols.
commit 7715629 (networkd: Fix race condition in [RoutingPolicyRule] handling (#7615)).
Does not fix race. Still there is a race in case of bride because the
bride goes down and up .
calling route_configure then link_set_routing_policy_rule and the
link_check_ready makes a race between routing_policy_rule_messages and route_messages.
While bride comes up and we call the call again route_configure if finds
it self in the callback function LINK_STATE_CONFIGURED networkd dies.
Let's handle first routing policy rules then route_configure. This fixes
the crash.
Closes#7797
On s390x and ppc64, the permissions of the /dev/kvm device are currently
not right as long as the kvm kernel module has not been loaded yet. The
kernel module is using MODULE_ALIAS("devname:kvm") there, so the module
will be loaded on the first access to /dev/kvm. In that case, udev needs
to apply the permission to the static node already (which was created via
devtmpfs), i.e. we have to specify the option "static_node=kvm" in the
udev rule.
Note that on x86, the kvm kernel modules are loaded early instead (via the
MODULE_DEVICE_TABLE(x86cpu, ...) feature checking), so that the right module
is loaded for the Intel or AMD hypervisor extensions right from the start.
Thus the "static_node=kvm" is not required on x86 - but it also should not
hurt here (and using it here even might be more future proof in case the
module loading is also done delayed there one day), so we just add the new
option to the rule here unconditionally.
When /sys is a symlink to the sysfs mountpoint, e.g. /path/to/sysfs.
Then, device->syspath was set to like /path/to/sysfs/devices/foo/baz.
This converts the path to /sys/devices/foo/baz.
Fixes#7676.
Currently, if there are two /proc/self/mountinfo entries with the same
mount point path, the mount setup flags computed for the second of
these two entries will overwrite the mount setup flags computed for
the first of these two entries. This is the root cause of issue #7798.
This patch changes mount_setup_existing_unit to prevent the
just_mounted mount setup flag from being overwritten if it is set to
true. This will allow all mount units created from /proc/self/mountinfo
entries to be initialized properly.
Fixes: #7798
When loading .netdev files we parse them twice: first we do one parsing
iteration to figure out their "kind", and then we do it again to parse
out the kind's parameters. The first iteration is run with a "short"
NetDev structure, that only covers the generic NetDev properties. Which
should be enough, as we don't parse the per-kind properties. However,
before this patch we'd still try to destruct the per-kind properties
which resulted in memory corruption. With this change we distuingish the
two iterations by the state field, so that the destruction only happens
when the state signals we are running with a full NetDev structure.
Since this is not obvious, let's add a lot of comments.
This is unused since kdbus is gone, hence remove this too. This permits
us to get rid of sd_bus_send_internal() and just implement sd_bus_send()
directly.
This way, clients can install the very same match on direct and broker
connections as in both cases the messages will originate from the o.f.s1
service.
This is useful on direct connections to generate messages with valid
sender fields.
This is particularly useful for services that are accessible both
through direct connections and the broker, as it allows clients to
install matches on the sender service name, and they work the same in
both cases.
This way sd_bus_call_method_async() (which is just a wrapper around
sd_bus_call_async()) can be used to put method calls together that
expect no reply.