packages/systemd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sync patch from systemd community

Browse Source
This commit is contained in:
zhangyao 2024-12-11 11:43:53 +08:00
parent 9f8ae498fb
commit 7258b63df0
12 changed files with 656 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
backport-core-Fix-file-descriptor-leak.patch Normal file
View File

@ -0,0 +1,30 @@
From 400f0785e92866e5d8fd31ade6ae07a605d0df25 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Wed, 1 May 2024 03:14:45 +0200
Subject: [PATCH] core: Fix file descriptor leak
(cherry picked from commit 5bcf0881a322a72c38d518be3e3ae8bff95de5f6)
(cherry picked from commit 844bb02e48be98f4ae594e043c965588be3b138c)
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/400f0785e92866e5d8fd31ade6ae07a605d0df25
---
src/core/service.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/service.c b/src/core/service.c
index f0763a59eb..e9466ed928 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -414,7 +414,7 @@ static void service_release_fd_store(Service *s) {
static void service_release_stdio_fd(Service *s) {
assert(s);
- if (s->stdin_fd < 0 && s->stdout_fd < 0 && s->stdout_fd < 0)
+ if (s->stdin_fd < 0 && s->stdout_fd < 0 && s->stderr_fd < 0)
return;
log_unit_debug(UNIT(s), "Releasing stdin/stdout/stderr file descriptors.");
--
2.33.0

48
backport-core-fix-NULL-pointer-dereference-during-deserializa.patch Normal file
View File

@ -0,0 +1,48 @@
From 45b1017488cef2a5bacdf82028ce900a311c9a1c Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Tue, 2 May 2023 22:36:36 +0200
Subject: [PATCH] core: fix NULL pointer dereference during deserialization
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/45b1017488cef2a5bacdf82028ce900a311c9a1c
---
src/core/service.c | 5 +++++
.../crash-9eec6b7ef6fd5c9568189f9259e6ce0546752085 | 10 ++++++++++
2 files changed, 15 insertions(+)
create mode 100644 test/fuzz/fuzz-manager-serialize/crash-9eec6b7ef6fd5c9568189f9259e6ce0546752085
diff --git a/src/core/service.c b/src/core/service.c
index c035f4c24e..2ba7511ad2 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -3219,6 +3219,11 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,
} else if (streq(key, "accept-socket")) {
Unit *socket;
+ if (u->type != UNIT_SOCKET) {
+ log_unit_debug(u, "Failed to deserialize accept-socket: unit is not a socket");
+ return 0;
+ }
+
r = manager_load_unit(u->manager, value, NULL, NULL, &socket);
if (r < 0)
log_unit_debug_errno(u, r, "Failed to load accept-socket unit '%s': %m", value);
diff --git a/test/fuzz/fuzz-manager-serialize/crash-9eec6b7ef6fd5c9568189f9259e6ce0546752085 b/test/fuzz/fuzz-manager-serialize/crash-9eec6b7ef6fd5c9568189f9259e6ce0546752085
new file mode 100644
index 0000000000..8bafbb0bc6
--- /dev/null
+++ b/test/fuzz/fuzz-manager-serialize/crash-9eec6b7ef6fd5c9568189f9259e6ce0546752085
@@ -0,0 +1,10 @@
+current-job-tmp-dir=/niliclrd,ng
+
+plymo-.sliceuth-quiwt-dir=/niliclrd,ng
+
+plymo-.sliceuth-quiwt-ait.service
+srd2043d7818E@96s
+8582967570742745a94
+accept-socket=runn2043ait.service
+srd2043d7818E@96s
+8582967570742745a94
--
2.33.0

52
backport-core-service-fix-accept-socket-deserialization.patch Normal file
View File

@ -0,0 +1,52 @@
From 8f280216e052c9b9937ba77fad6659fb727535d9 Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Mon, 17 Jun 2024 07:47:20 +0200
Subject: [PATCH] core/service: fix accept-socket deserialization
Follow-up for 45b1017488cef2a5bacdf82028ce900a311c9a1c
(cherry picked from commit 9f5d8c3da4f505346bd1edfae907a2abcdbdc578)
(cherry picked from commit f7d55cc801611781fbff2817f2fd4a16ec96ca85)
(cherry picked from commit 8ead2545bf86bd0fe00b344506e071390ffaa99f)
Conflict:there is no macro definition ASSERT_PTR, so we use the assert function instead
Reference:https://github.com/systemd/systemd-stable/commit/8f280216e052c9b9937ba77fad6659fb727535d9
---
src/core/service.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/core/service.c b/src/core/service.c
index de07cde..64bfe17 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -1237,7 +1237,7 @@ static int service_coldplug(Unit *u) {
service_start_watchdog(s);
if (UNIT_ISSET(s->accept_socket)) {
- Socket* socket = SOCKET(UNIT_DEREF(s->accept_socket));
+ Socket *socket = SOCKET(UNIT_DEREF(s->accept_socket));
if (socket->max_connections_per_source > 0) {
SocketPeer *peer;
@@ -2948,8 +2948,8 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,
} else if (streq(key, "accept-socket")) {
Unit *socket;
- if (u->type != UNIT_SOCKET) {
- log_unit_debug(u, "Failed to deserialize accept-socket: unit is not a socket");
+ if (unit_name_to_type(value) != UNIT_SOCKET) {
+ log_unit_debug(u, "Deserialized accept-socket is not a socket unit, ignoring: %s", value);
return 0;
}
@@ -2958,6 +2958,7 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value,
log_unit_debug_errno(u, r, "Failed to load accept-socket unit '%s': %m", value);
else {
unit_ref_set(&s->accept_socket, u, socket);
+ assert(SOCKET(socket));
SOCKET(socket)->n_connections++;
}
--
2.33.0

64
backport-coredump-correctly-take-tmpfs-size-into-account-for-.patch Normal file
View File

@ -0,0 +1,64 @@
From 523f91c0bb2b5f509fa2aa0c22c8ba0734498780 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <bluca@debian.org>
Date: Tue, 2 Jul 2024 15:28:47 +0100
Subject: [PATCH] coredump: correctly take tmpfs size into account for
compression
We calculate the amount of uncompressed data we can write by taking the limits
into account and halving it to ensure there's room for switching to compression
on the fly when storing cores on a tmpfs (eg: due read-only rootfs).
But the logic is flawed, as taking into account the size of the tmpfs storage
was applied after the halving, so in practice when an uncompressed core file
was larger than the tmpfs, we fill it and then fail.
Rearrange the logic so that the halving is done after taking into account
the tmpfs size.
(cherry picked from commit e6b2508275aac2951aedfc842735d8ebc29850bb)
(cherry picked from commit a946258e9df627c675d13b2041ae186babf269dc)
(cherry picked from commit 3dacca114bde3a216605ab51d2f5203c4a6b9707)
Conflict:code context adaptation
Reference:https://github.com/systemd/systemd-stable/commit/523f91c0bb2b5f509fa2aa0c22c8ba0734498780
---
src/coredump/coredump.c | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index 2d7ac8bd1e..117b84f9f3 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -507,17 +507,21 @@ static int save_external_coredump(
bus_error_message(&error, r));
}
+ /* First, ensure we are not going to go over the cgroup limit */
max_size = MIN(cgroup_limit, max_size);
- max_size = LESS_BY(max_size, 1024U) / 2; /* Account for 1KB metadata overhead for compressing */
- max_size = MAX(PROCESS_SIZE_MIN, max_size); /* Impose a lower minimum */
-
- /* tmpfs might get full quickly, so check the available space too.
- * But don't worry about errors here, failing to access the storage
- * location will be better logged when writing to it. */
+ /* tmpfs might get full quickly, so check the available space too. But don't worry about
+ * errors here, failing to access the storage location will be better logged when writing to
+ * it. */
if (statvfs("/var/lib/systemd/coredump/", &sv) >= 0)
max_size = MIN((uint64_t)sv.f_frsize * (uint64_t)sv.f_bfree, max_size);
-
- log_debug("Limiting core file size to %" PRIu64 " bytes due to cgroup memory limits.", max_size);
+ /* Impose a lower minimum, otherwise we will miss the basic headers. */
+ max_size = MAX(PROCESS_SIZE_MIN, max_size);
+ /* Ensure we can always switch to compressing on the fly in case we are running out of space
+ * by keeping half of the space/memory available, plus 1KB metadata overhead from the
+ * compression algorithm. */
+ max_size = LESS_BY(max_size, 1024U) / 2;
+
+ log_debug("Limiting core file size to %" PRIu64 " bytes due to cgroup and/or filesystem limits.", max_size);
}
r = copy_bytes(input_fd, fd, max_size, 0);
--
2.33.0

45
backport-exec-invoke-correct-dont_close-size.patch Normal file
View File

@ -0,0 +1,45 @@
From 57500859121e207b78f92452de80fb341f1776f2 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 23 Apr 2024 21:49:12 +0200
Subject: [PATCH] exec-invoke: correct dont_close[] size
THis needs 15 entries as far as I can count, not just 14.
Follow-up for: 5686391b006ee82d8a4559067ad9818e3e631247
Sniff.
(cherry picked from commit 07296542d636dcac43f6c9ee45a638fca8c5f3dd)
(cherry picked from commit 8f4dab049074d31c31af2bb9eb76f9f4f08e3711)
Conflict:in the current version, the length of the array is actually 13.
Reference:https://github.com/systemd/systemd-stable/commit/57500859121e207b78f92452de80fb341f1776f2
---
src/core/execute.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index f4700c1b0b..7d69572ce4 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -4402,7 +4402,7 @@ static int close_remaining_fds(
const int *fds, size_t n_fds) {
size_t n_dont_close = 0;
- int dont_close[n_fds + 12];
+ int dont_close[n_fds + 13];
assert(params);
@@ -4438,6 +4438,8 @@ static int close_remaining_fds(
if (user_lookup_fd >= 0)
dont_close[n_dont_close++] = user_lookup_fd;
+ assert(n_dont_close <= ELEMENTSOF(dont_close));
+
return close_all_fds(dont_close, n_dont_close);
}
--
2.33.0

51
backport-fs-util-readlinkat-supports-an-empty-string.patch Normal file
View File

@ -0,0 +1,51 @@
From 7a2349072e165c27ed0655934b05530c19d23779 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 15 Feb 2024 07:01:17 +0900
Subject: [PATCH] fs-util: readlinkat() supports an empty string
From readlinkat(2):
Since Linux 2.6.39, pathname can be an empty string, in which case the
call operates on the symbolic link referred to by dirfd (which should
have been obtained using open(2) with the O_PATH and O_NOFOLLOW flags).
(cherry picked from commit e4c094c05543410ba05a16f757d1e11652f4f6bd)
(cherry picked from commit 30142e781d7afcfa93185d2543f59e9cf90dc882)
Conflict:due to the absence of mkdtemp_open, the test case related content will not be included
Reference:https://github.com/systemd/systemd-stable/commit/7a2349072e165c27ed0655934b05530c19d23779
---
src/basic/fs-util.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c
index 8f0834f..287fc29 100644
--- a/src/basic/fs-util.c
+++ b/src/basic/fs-util.c
@@ -137,9 +137,14 @@ int rename_noreplace(int olddirfd, const char *oldpath, int newdirfd, const char
int readlinkat_malloc(int fd, const char *p, char **ret) {
size_t l = PATH_MAX;
- assert(p);
assert(ret);
+ assert(fd >= 0 || fd == AT_FDCWD);
+
+ if (fd < 0 && isempty(p))
+ return -EISDIR; /* In this case, the fd points to the current working directory, and is
+ * definitely not a symlink. Let's return earlier. */
+
for (;;) {
_cleanup_free_ char *c = NULL;
ssize_t n;
@@ -148,7 +153,7 @@ int readlinkat_malloc(int fd, const char *p, char **ret) {
if (!c)
return -ENOMEM;
- n = readlinkat(fd, p, c, l);
+ n = readlinkat(fd, strempty(p), c, l);
if (n < 0)
return -errno;
--
2.33.0

64
backport-logind-give-better-error-messages-when-failing-to-at.patch Normal file
View File

@ -0,0 +1,64 @@
From 3126a5a5aa7b9b242c247e1595b60ac244ee2241 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 5 Sep 2023 13:57:42 +0200
Subject: [PATCH] logind: give better error messages when failing to attach
devices to seats
When the user tries to attach a device lacking ID_FOR_SEAT they
currently get a very cryptic error message. Let's improve the situation
a bit. Still a bit cryptic maybe, but much less so.
Inspired-by: https://lists.freedesktop.org/archives/systemd-devel/2023-September/049469.html
Inspired-by: https://lists.freedesktop.org/archives/systemd-devel/2023-September/049484.html
Also-see: https://lists.freedesktop.org/archives/systemd-devel/2023-September/049470.html
Also-see: https://lists.freedesktop.org/archives/systemd-devel/2023-September/049489.html
(cherry picked from commit 08237f062e9a2020c6d457a4112e363ee9ff879d)
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/3126a5a5aa7b9b242c247e1595b60ac244ee2241
---
src/login/logind-dbus.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
index b3a36d0d05..2d1af602c0 100644
--- a/src/login/logind-dbus.c
+++ b/src/login/logind-dbus.c
@@ -1325,7 +1325,7 @@ static int trigger_device(Manager *m, sd_device *parent) {
return 0;
}
-static int attach_device(Manager *m, const char *seat, const char *sysfs) {
+static int attach_device(Manager *m, const char *seat, const char *sysfs, sd_bus_error *error) {
_cleanup_(sd_device_unrefp) sd_device *d = NULL;
_cleanup_free_ char *rule = NULL, *file = NULL;
const char *id_for_seat;
@@ -1337,13 +1337,13 @@ static int attach_device(Manager *m, const char *seat, const char *sysfs) {
r = sd_device_new_from_syspath(&d, sysfs);
if (r < 0)
- return r;
+ return sd_bus_error_set_errnof(error, r, "Failed to open device '%s': %m", sysfs);
if (sd_device_has_current_tag(d, "seat") <= 0)
- return -ENODEV;
+ return sd_bus_error_set_errnof(error, ENODEV, "Device '%s' lacks 'seat' udev tag.", sysfs);
if (sd_device_get_property_value(d, "ID_FOR_SEAT", &id_for_seat) < 0)
- return -ENODEV;
+ return sd_bus_error_set_errnof(error, ENODEV, "Device '%s' lacks 'ID_FOR_SEAT' udev property.", sysfs);
if (asprintf(&file, "/etc/udev/rules.d/72-seat-%s.rules", id_for_seat) < 0)
return -ENOMEM;
@@ -1428,7 +1428,7 @@ static int method_attach_device(sd_bus_message *message, void *userdata, sd_bus_
if (r == 0)
return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
- r = attach_device(m, seat, sysfs);
+ r = attach_device(m, seat, sysfs, error);
if (r < 0)
return r;
--
2.33.0

52
backport-resolved-correct-parsing-of-OPT-extended-RCODEs.patch Normal file
View File

@ -0,0 +1,52 @@
From 7a9d6fd9b6564b0bf54b62cb05242964a9763f9e Mon Sep 17 00:00:00 2001
From: James Coglan <james@neighbourhood.ie>
Date: Fri, 28 Jun 2024 13:58:22 +0100
Subject: [PATCH] resolved: correct parsing of OPT extended RCODEs
The DNS_PACKET_RCODE() function works out the full RCODE by taking the
first octet from the OPT record TTL field and bitwise-OR-ing this with
the basic RCODE from the packet header. This results in RCODE values
being lower than they should be.
For example, if the first TTL octet is 0x7a and the basic RCODE is 3,
this function currently returns `0x7a | 3` = 123, rather than 0x7a3 =
1955.
The first TTL octet is supposed to form the upper 8 bits of a 12-bit
value, whereas the current implementation constraints the value to 8
bits and results in mis-interpreted RCODEs.
This fixes things by shifting the TTL 20 places instead of 24 and
masking off the low nibble that comes from the upper bits of the version
octet.
Note that dns_packet_append_opt() correctly converts the input RCODE
into the high octet of the OPT TTL field; this problem only affects
parsing of incoming packets.
(cherry picked from commit c40f3714c9a4d1f2bcd308625c9c835892e3d41c)
(cherry picked from commit 7ee60a86140ebe3e60858ef3c4e749dcd2e7fd21)
(cherry picked from commit c572f1ed2b7565263007b26a10872fb047526d73)
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/7a9d6fd9b6564b0bf54b62cb05242964a9763f9e
---
src/resolve/resolved-dns-packet.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/resolve/resolved-dns-packet.h b/src/resolve/resolved-dns-packet.h
index a6af44c6ec..5a5ef13c8d 100644
--- a/src/resolve/resolved-dns-packet.h
+++ b/src/resolve/resolved-dns-packet.h
@@ -117,7 +117,7 @@ static inline uint16_t DNS_PACKET_RCODE(DnsPacket *p) {
uint16_t rcode;
if (p->opt)
- rcode = (uint16_t) (p->opt->ttl >> 24);
+ rcode = (uint16_t) ((p->opt->ttl >> 20) & 0xFF0);
else
rcode = 0;
--
2.33.0

39
backport-sd-journal-refuse-entry-objects-with-an-empty-boot-I.patch Normal file
View File

@ -0,0 +1,39 @@
From 26ac516fd197b2c7a0867472e826290a641de9ac Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 22 Sep 2023 05:08:12 +0900
Subject: [PATCH] sd-journal: refuse entry objects with an empty boot ID
Otherwise, e.g. sd_journal_get_monotonic_usec() return an empty boot ID
when called for such a broken entry object.
Such a broken object may be stored when the system was not cleanly shutdown.
Fixes #29167.
(cherry picked from commit c650d4cdef5c1b87237193995f08d7e2d1be0c44)
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/26ac516fd197b2c7a0867472e826290a641de9ac
---
src/libsystemd/sd-journal/journal-file.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/libsystemd/sd-journal/journal-file.c b/src/libsystemd/sd-journal/journal-file.c
index 67819e880f..ab1d3ca04d 100644
--- a/src/libsystemd/sd-journal/journal-file.c
+++ b/src/libsystemd/sd-journal/journal-file.c
@@ -993,6 +993,11 @@ static int check_object(JournalFile *f, Object *o, uint64_t offset) {
le64toh(o->entry.monotonic),
offset);
+ if (sd_id128_is_null(o->entry.boot_id))
+ return log_debug_errno(SYNTHETIC_ERRNO(EBADMSG),
+ "Invalid object entry with an empty boot ID: %" PRIu64,
+ offset);
+
break;
}
--
2.33.0

67
backport-shared-log-error-when-execve-fail.patch Normal file
View File

@ -0,0 +1,67 @@
From 084b91100c8a139514382a0f2a6bb2beaa811963 Mon Sep 17 00:00:00 2001
From: Mauri de Souza Meneguzzo <mauri870@gmail.com>
Date: Mon, 24 Jun 2024 23:47:15 -0300
Subject: [PATCH] shared: log error when execve fail
If there is an error with the execv call in fork_agent the
program exits without any meaningful log message. Log the
command and errno so the user gets more information about
the failure.
Fixes: #33418
Signed-off-by: Mauri de Souza Meneguzzo <mauri870@gmail.com>
(cherry picked from commit a408d4453145621902b9a3ef78a552f83b09bd8d)
(cherry picked from commit 7fcfb73d71ed1d4230f58de1a94790e0c28719ea)
(cherry picked from commit 76fe6ebee84c22c96f1c9a96707c7e72706989fd)
Conflict:code context adaptation and the fork_agent function is in process-util.c, not in exec_util.c
Reference:https://github.com/systemd/systemd-stable/commit/084b91100c8a139514382a0f2a6bb2beaa811963
---
src/basic/process-util.c | 1 +
src/shared/spawn-polkit-agent.c | 11 ++++++++---
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/basic/process-util.c b/src/basic/process-util.c
index 5da613bc17..849fd9191b 100644
--- a/src/basic/process-util.c
+++ b/src/basic/process-util.c
@@ -601,5 +601,6 @@ int fork_agent(const char *name, const int except[], size_t n_except, pid_t *ret
va_end(ap);
execv(path, l);
+ log_error_errno(errno, "Failed to execute %s: %m", path);
_exit(EXIT_FAILURE);
}
diff --git a/src/shared/spawn-polkit-agent.c b/src/shared/spawn-polkit-agent.c
index ce3c5fb948..fd91bd636f 100644
--- a/src/shared/spawn-polkit-agent.c
+++ b/src/shared/spawn-polkit-agent.c
@@ -43,16 +43,21 @@ int polkit_agent_open(void) {
xsprintf(notify_fd, "%i", pipe_fd[1]);
r = fork_agent("(polkit-agent)",
- &pipe_fd[1], 1,
+ &pipe_fd[1],
+ 1,
&agent_pid,
POLKIT_AGENT_BINARY_PATH,
- POLKIT_AGENT_BINARY_PATH, "--notify-fd", notify_fd, "--fallback", NULL);
+ POLKIT_AGENT_BINARY_PATH,
+ "--notify-fd",
+ notify_fd,
+ "--fallback",
+ NULL);
/* Close the writing side, because that's the one for the agent */
safe_close(pipe_fd[1]);
if (r < 0)
- log_error_errno(r, "Failed to fork TTY ask password agent: %m");
+ log_error_errno(r, "Failed to fork polkit agent: %m");
else
/* Wait until the agent closes the fd */
fd_wait_for_event(pipe_fd[0], POLLHUP, USEC_INFINITY);
--
2.33.0

119
backport-sysusers-handle-NSS-errors-gracefully.patch Normal file
View File

@ -0,0 +1,119 @@
From dffa62c85fb644c649f68b2c8f02b1d8440d2a9d Mon Sep 17 00:00:00 2001
From: Luca Boccassi <bluca@debian.org>
Date: Thu, 4 Jul 2024 10:23:04 +0100
Subject: [PATCH] sysusers: handle NSS errors gracefully
If the io.systemd.DynamicUser or io.systemd.Machine files exist,
but nothing is listening on them, the nss-systemd module returns
ECONNREFUSED and systemd-sysusers fails to creat the user/group.
This is problematic when ran by packaging scripts, as the package
assumes that after this has run, the user/group exist and can
be used. adduser does not fail in the same situation.
Change sysusers to print a loud warning but otherwise continue
when NSS returns an error.
(cherry picked from commit fc9938d6f8e7081df5420bf88bf98f683b1391c0)
(cherry picked from commit abba1e6bc29b7e07354ca23906c6f485ba245a1a)
(cherry picked from commit 0f518750a44dc4b2987ecc0cea4b3d848ac46ee9)
Conflict:code context adaptation
Reference:https://github.com/systemd/systemd-stable/commit/dffa62c85fb644c649f68b2c8f02b1d8440d2a9d
---
src/sysusers/sysusers.c | 12 ++++++------
test/units/TEST-74-AUX-UTILS.sysusers.sh | 24 ++++++++++++++++++++++++
2 files changed, 30 insertions(+), 6 deletions(-)
create mode 100755 test/units/TEST-74-AUX-UTILS.sysusers.sh
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index 0cad2f1e4a..c21d561bfd 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -995,7 +995,7 @@ static int uid_is_ok(uid_t uid, const char *name, bool check_with_gid) {
if (p)
return 0;
if (!IN_SET(errno, 0, ENOENT))
- return -errno;
+ log_warning_errno(errno, "Unexpected failure while looking up UID '" UID_FMT "' via NSS, assuming it doesn't exist: %m", uid);
if (check_with_gid) {
errno = 0;
@@ -1004,7 +1004,7 @@ static int uid_is_ok(uid_t uid, const char *name, bool check_with_gid) {
if (!streq(g->gr_name, name))
return 0;
} else if (!IN_SET(errno, 0, ENOENT))
- return -errno;
+ log_warning_errno(errno, "Unexpected failure while looking up GID '" GID_FMT "' via NSS, assuming it doesn't exist: %m", uid);
}
}
@@ -1109,7 +1109,7 @@ static int add_user(Item *i) {
return 0;
}
if (!errno_is_not_exists(errno))
- return log_error_errno(errno, "Failed to check if user %s already exists: %m", i->name);
+ log_warning_errno(errno, "Unexpected failure while looking up user '%s' via NSS, assuming it doesn't exist: %m", i->name);
}
/* Try to use the suggested numeric uid */
@@ -1225,7 +1225,7 @@ static int gid_is_ok(gid_t gid, const char *groupname, bool check_with_uid) {
if (g)
return 0;
if (!IN_SET(errno, 0, ENOENT))
- return -errno;
+ log_warning_errno(errno, "Unexpected failure while looking up GID '" GID_FMT "' via NSS, assuming it doesn't exist: %m", gid);
errno = 0;
p = getpwuid((uid_t) gid);
@@ -1233,7 +1233,7 @@ static int gid_is_ok(gid_t gid, const char *groupname, bool check_with_uid) {
if (p)
return 0;
if (!IN_SET(errno, 0, ENOENT))
- return -errno;
+ log_warning_errno(errno, "Unexpected failure while looking up GID '" GID_FMT "' via NSS, assuming it doesn't exist: %m", gid);
}
return 1;
@@ -1263,7 +1263,7 @@ static int get_gid_by_name(const char *name, gid_t *gid) {
return 0;
}
if (!errno_is_not_exists(errno))
- return log_error_errno(errno, "Failed to check if group %s already exists: %m", name);
+ log_warning_errno(errno, "Unexpected failure while looking up group '%s' via NSS, assuming it doesn't exist: %m", name);
}
return -ENOENT;
diff --git a/test/units/TEST-74-AUX-UTILS.sysusers.sh b/test/units/TEST-74-AUX-UTILS.sysusers.sh
new file mode 100755
index 0000000000..dcd29938b5
--- /dev/null
+++ b/test/units/TEST-74-AUX-UTILS.sysusers.sh
@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+# SPDX-License-Identifier: LGPL-2.1-or-later
+set -eux
+set -o pipefail
+
+# shellcheck source=test/units/util.sh
+. "$(dirname "$0")"/util.sh
+
+at_exit() {
+ set +e
+ userdel -r foobarbaz
+ umount /run/systemd/userdb/
+}
+
+# Check that we indeed run under root to make the rest of the test work
+[[ "$(id -u)" -eq 0 ]]
+
+trap at_exit EXIT
+
+# Ensure that a non-responsive NSS socket doesn't make sysusers fail
+mount -t tmpfs tmpfs /run/systemd/userdb/
+touch /run/systemd/userdb/io.systemd.DynamicUser
+echo 'u foobarbaz' | SYSTEMD_LOG_LEVEL=debug systemd-sysusers -
+grep -q foobarbaz /etc/passwd
--
2.33.0

26
systemd.spec
View File

@ -25,7 +25,7 @@
Name: systemd Name: systemd
Url: https://systemd.io/ Url: https://systemd.io/
Version: 249 Version: 249
Release: 96 Release: 97
License: MIT and LGPLv2+ and GPLv2+ License: MIT and LGPLv2+ and GPLv2+
Summary: System and Service Manager Summary: System and Service Manager
@ -702,6 +702,17 @@ Patch6649: backport-core-execute-warn-when-threaded-mode-is-detected.patch
Patch6650: backport-shutdown-clean-up-sync_with_progress-a-bit.patch Patch6650: backport-shutdown-clean-up-sync_with_progress-a-bit.patch
Patch6651: backport-shutdown-teach-sync_with_progress-to-optionally-sync.patch Patch6651: backport-shutdown-teach-sync_with_progress-to-optionally-sync.patch
Patch6652: backport-shutdown-replace-unbounded-fsync-with-bounded-sync_w.patch Patch6652: backport-shutdown-replace-unbounded-fsync-with-bounded-sync_w.patch
Patch6653: backport-logind-give-better-error-messages-when-failing-to-at.patch
Patch6654: backport-sd-journal-refuse-entry-objects-with-an-empty-boot-I.patch
Patch6655: backport-fs-util-readlinkat-supports-an-empty-string.patch
Patch6656: backport-exec-invoke-correct-dont_close-size.patch
Patch6657: backport-core-Fix-file-descriptor-leak.patch
Patch6658: backport-core-fix-NULL-pointer-dereference-during-deserializa.patch
Patch6659: backport-core-service-fix-accept-socket-deserialization.patch
Patch6660: backport-resolved-correct-parsing-of-OPT-extended-RCODEs.patch
Patch6661: backport-coredump-correctly-take-tmpfs-size-into-account-for-.patch
Patch6662: backport-sysusers-handle-NSS-errors-gracefully.patch
Patch6663: backport-shared-log-error-when-execve-fail.patch
Patch9001: update-rtc-with-system-clock-when-shutdown.patch Patch9001: update-rtc-with-system-clock-when-shutdown.patch
Patch9002: udev-add-actions-while-rename-netif-failed.patch Patch9002: udev-add-actions-while-rename-netif-failed.patch
@ -2216,6 +2227,19 @@ grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null &&
/usr/bin/systemd-cryptenroll /usr/bin/systemd-cryptenroll
%changelog %changelog
* Wed Dec 11 2024 zhangyao <zhangyao108@huawei.com> - 249-97
- add backport-logind-give-better-error-messages-when-failing-to-at.patch
backport-sd-journal-refuse-entry-objects-with-an-empty-boot-I.patch
backport-fs-util-readlinkat-supports-an-empty-string.patch
backport-exec-invoke-correct-dont_close-size.patch
backport-core-Fix-file-descriptor-leak.patch
backport-core-fix-NULL-pointer-dereference-during-deserializa.patch
backport-core-service-fix-accept-socket-deserialization.patch
backport-resolved-correct-parsing-of-OPT-extended-RCODEs.patch
backport-coredump-correctly-take-tmpfs-size-into-account-for-.patch
backport-sysusers-handle-NSS-errors-gracefully.patch
backport-shared-log-error-when-execve-fail.patch
* Tue Dec 10 2024 zhangyao <zhangyao108@huawei.com> - 249-96 * Tue Dec 10 2024 zhangyao <zhangyao108@huawei.com> - 249-96
- backport upstream patch to solve systemd-shutdown hang all the time caused by fsync blocked by absence of DM mapping table - backport upstream patch to solve systemd-shutdown hang all the time caused by fsync blocked by absence of DM mapping table