packages/systemd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:c4ece76a16a1c9f71400649644ccfc130960c68f
Branches Tags
packages:main
..
compare: packages:feb0e800c2b6777eb74ba8aade57eacf39324249
Branches Tags
packages:main

10 Commits
c4ece76a16 ... feb0e800c2

Author SHA1 Message Date
openeuler-ci-bot
feb0e800c2
!846 sync patch from systemd community 
From: @hugel 
Reviewed-by: @xujing99 
Signed-off-by: @xujing99
 2025-03-31 12:29:40 +00:00
hugel
bfd14392ba sync patch from systemd community 2025-03-31 16:14:25 +08:00
openeuler-ci-bot
e8599f6a86
!839 [sync] PR-838: sysctl: improve performance for applying glob pattern 
From: @openeuler-sync-bot 
Reviewed-by: @xujing99 
Signed-off-by: @xujing99
 2025-02-24 02:35:07 +00:00
zhangyao
63e96e76b3 sysctl: improve performance for applying glob pattern 
(cherry picked from commit 691299304a7430f5259f934f97434e0ac1cdec93)
 2025-02-17 14:09:57 +08:00
openeuler-ci-bot
23d376a117
!824 [sync] PR-819: add DefaultEnableMemswLimit support 
From: @openeuler-sync-bot 
Reviewed-by: @jiayi0118 
Signed-off-by: @jiayi0118
 2024-12-25 03:00:11 +00:00
xujing
b1db9eb581 add DefaultEnableMemswLimit support 
(cherry picked from commit 56a2d693758acea46cc7d40533f642b0661108f9)
 2024-12-25 10:14:32 +08:00
openeuler-ci-bot
b31ca4577c
!814 systemd-logind button_dispatch add log to display devices that triggered the button 
From: @huyubiao 
Reviewed-by: @xujing99 
Signed-off-by: @xujing99
 2024-12-24 08:53:17 +00:00
h30032433
e4e7f3689d systemd-logind button_dispatch add log to display devices that triggered the button 2024-12-24 15:08:20 +08:00
openeuler-ci-bot
deacc7e6e0
!805 sync patch from systemd community 
From: @wangyuhang27 
Reviewed-by: @xujing99, @protkhn 
Signed-off-by: @xujing99
 2024-12-14 06:27:19 +00:00
wangyuhang
2d7f3c912a sync patch from systemd community 2024-12-13 16:06:53 +08:00
30 changed files with 2186 additions and 1 deletions
Show Stats Expand all files Collapse all files

112
add-DefaultEnableMemswLimit-support.patch Normal file
View File

@ -0,0 +1,112 @@
From 4e150d944763459fd8c070d6f53a3ab02d2883f4 Mon Sep 17 00:00:00 2001
From: xujing <xujing125@huawei.com>
Date: Tue, 24 Dec 2024 16:12:11 +0800
Subject: [PATCH] add DefaultEnableMemswLimit support
---
src/core/cgroup.c | 12 +++++++-----
src/core/main.c | 4 ++++
src/core/manager.c | 1 +
src/core/manager.h | 2 ++
src/core/system.conf.in | 1 +
5 files changed, 15 insertions(+), 5 deletions(-)
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
index 47c5bb0..8d386c0 100644
--- a/src/core/cgroup.c
+++ b/src/core/cgroup.c
@@ -1539,11 +1539,13 @@ static void cgroup_context_apply(
(void) set_attribute_and_warn(u, "memory", "memory.limit_in_bytes", buf);
- if (sw_val == CGROUP_LIMIT_MAX)
- strncpy(buf, "-1\n", sizeof(buf));
- else
- xsprintf(buf, "%" PRIu64 "\n", sw_val);
- (void) set_attribute_and_warn(u, "memory", "memory.memsw.limit_in_bytes", buf);
+ if (u->manager->default_enable_memsw_limit) {
+ if (sw_val == CGROUP_LIMIT_MAX)
+ strncpy(buf, "-1\n", sizeof(buf));
+ else
+ xsprintf(buf, "%" PRIu64 "\n", sw_val);
+ (void) set_attribute_and_warn(u, "memory", "memory.memsw.limit_in_bytes", buf);
+ }
}
}
diff --git a/src/core/main.c b/src/core/main.c
index 7b3e6c4..e43dc2d 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -154,6 +154,7 @@ static bool arg_default_memory_accounting;
static bool arg_default_cpuset_accounting;
static bool arg_default_freezer_accounting;
static bool arg_default_tasks_accounting;
+static bool arg_default_enable_memsw_limit;
static TasksMax arg_default_tasks_max;
static bool arg_default_invalidate_cgroup;
static sd_id128_t arg_machine_id;
@@ -715,6 +716,7 @@ static int parse_config_file(void) {
{ "Manager", "DefaultCpusetAccounting", config_parse_bool, 0, &arg_default_cpuset_accounting },
{ "Manager", "DefaultFreezerAccounting", config_parse_bool, 0, &arg_default_freezer_accounting },
{ "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting },
+ { "Manager", "DefaultEnableMemswLimit", config_parse_bool, 0, &arg_default_enable_memsw_limit },
{ "Manager", "DefaultTasksMax", config_parse_tasks_max, 0, &arg_default_tasks_max },
{ "Manager", "DefaultInvalidateCgroup", config_parse_bool, 0, &arg_default_invalidate_cgroup },
{ "Manager", "CtrlAltDelBurstAction", config_parse_emergency_action, 0, &arg_cad_burst_action },
@@ -796,6 +798,7 @@ static void set_manager_defaults(Manager *m) {
m->default_cpuset_accounting = arg_default_cpuset_accounting;
m->default_freezer_accounting = arg_default_freezer_accounting;
m->default_tasks_accounting = arg_default_tasks_accounting;
+ m->default_enable_memsw_limit = arg_default_enable_memsw_limit;
m->default_tasks_max = arg_default_tasks_max;
m->default_invalidate_cgroup = arg_default_invalidate_cgroup;
m->default_oom_policy = arg_default_oom_policy;
@@ -2466,6 +2469,7 @@ static void reset_arguments(void) {
arg_default_cpuset_accounting = false;
arg_default_freezer_accounting = false;
arg_default_tasks_accounting = true;
+ arg_default_enable_memsw_limit = true;
arg_default_tasks_max = DEFAULT_TASKS_MAX;
arg_default_invalidate_cgroup = true;
arg_machine_id = (sd_id128_t) {};
diff --git a/src/core/manager.c b/src/core/manager.c
index 4b60927..ddd5c2d 100644
--- a/src/core/manager.c
+++ b/src/core/manager.c
@@ -748,6 +748,7 @@ int manager_new(UnitFileScope scope, ManagerTestRunFlags test_run_flags, Manager
.default_memory_accounting = MEMORY_ACCOUNTING_DEFAULT,
.default_cpuset_accounting = false,
.default_tasks_accounting = true,
+ .default_enable_memsw_limit = true,
.default_tasks_max = TASKS_MAX_UNSET,
.default_invalidate_cgroup = true,
.default_timeout_start_usec = DEFAULT_TIMEOUT_USEC,
diff --git a/src/core/manager.h b/src/core/manager.h
index 9334429..40f7c7e 100644
--- a/src/core/manager.h
+++ b/src/core/manager.h
@@ -376,6 +376,8 @@ struct Manager {
bool default_tasks_accounting;
bool default_ip_accounting;
+ bool default_enable_memsw_limit;
+
TasksMax default_tasks_max;
usec_t default_timer_accuracy_usec;
bool default_invalidate_cgroup;
diff --git a/src/core/system.conf.in b/src/core/system.conf.in
index 2fe6f60..062a1fc 100644
--- a/src/core/system.conf.in
+++ b/src/core/system.conf.in
@@ -58,6 +58,7 @@
#DefaultCpusetAccounting=
#DefaultFreezerAccounting=no
#DefaultTasksAccounting=yes
+#DefaultEnableMemswLimit=yes
#DefaultTasksMax=80%
#DefaultLimitCPU=
#DefaultLimitFSIZE=
--
2.33.0

65
backport-Manager-also-log-caller-of-daemon-reexec.patch Normal file
View File

@ -0,0 +1,65 @@
From 4895bacccb1bf607ecfd341027399c6f924bdf07 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <bluca@debian.org>
Date: Thu, 15 Dec 2022 12:20:28 +0000
Subject: [PATCH] Manager: also log caller of daemon-reexec
Conflict:Conflict:code context adaptation
Reference:https://github.com/systemd/systemd/commit/4895bacccb1bf607ecfd341027399c6f924bdf07
---
src/core/dbus-manager.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 79e96f948c..f01c67ecf1 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1451,7 +1451,7 @@ int verify_run_space_and_log(const char *message) {
return 0;
}
-static void log_reload_caller(sd_bus_message *message, Manager *manager) {
+static void log_caller(sd_bus_message *message, Manager *manager, const char *method) {
_cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
const char *comm = NULL;
Unit *caller;
@@ -1459,6 +1459,7 @@ static void log_reload_caller(sd_bus_message *message, Manager *manager) {
assert(message);
assert(manager);
+ assert(method);
if (sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID|SD_BUS_CREDS_AUGMENT|SD_BUS_CREDS_COMM, &creds) < 0)
return;
@@ -1470,8 +1471,8 @@ static void log_reload_caller(sd_bus_message *message, Manager *manager) {
(void) sd_bus_creds_get_comm(creds, &comm);
caller = manager_get_unit_by_pid(manager, pid);
- log_info("Reloading requested from client PID " PID_FMT " ('%s') (from unit '%s')...",
- pid, strna(comm), strna(caller ? caller->id : NULL));
+ log_info("%s requested from client PID " PID_FMT " ('%s') (from unit '%s')...",
+ method, pid, strna(comm), strna(caller ? caller->id : NULL));
}
static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
@@ -1495,7 +1496,7 @@ static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *
return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
/* Write a log message noting the unit or process who requested the Reload() */
- log_reload_caller(message, m);
+ log_caller(message, m, "Reloading");
/* Instead of sending the reply back right away, we just
* remember that we need to and then send it after the reload
@@ -1540,6 +1541,9 @@ static int method_reexecute(sd_bus_message *message, void *userdata, sd_bus_erro
if (r == 0)
return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
+ /* Write a log message noting the unit or process who requested the Reexecute() */
+ log_caller(message, m, "Reexecuting");
+
/* We don't send a reply back here, the client should
* just wait for us disconnecting. */
--
2.33.0

78
backport-basic-log-do-not-treat-all-negative-errnos-as-synthe.patch Normal file
View File

@ -0,0 +1,78 @@
From 9463b376bcbb1a177bf46d64845b52eae79af739 Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Wed, 24 Jul 2024 16:28:48 +0200
Subject: [PATCH] basic/log: do not treat all negative errnos as synthetic
Currently, IS_SYNTHETIC_ERRNO() evaluates to true for all negative errnos,
because of the two's-complement negative value representation.
Subsequently, ERRNO= is not logged for most of our own code.
Let's fix this, by formatting all synthetic errnos as positive.
Then, treat all negative values as non-synthetic.
While at it, mark the evaluation order explicitly, and remove
unneeded comment.
Fixes #33800
(cherry picked from commit 268f58076f7e0258dce75f521d08199092279853)
(cherry picked from commit 4ad6b2631d73a574859a62d33715a7bdef810bcf)
(cherry picked from commit 1fc7e3473c2fec27bdc0b19753e4ea84cd39644f)
Conflict:code context adaptation
Reference:https://github.com/systemd/systemd/commit/268f58076f7e0258dce75f521d08199092279853
---
src/basic/log.h | 5 ++---
src/test/test-log.c | 14 +++++++++-----
2 files changed, 11 insertions(+), 8 deletions(-)
diff --git a/src/basic/log.h b/src/basic/log.h
index 9008d47390..12b310575e 100644
--- a/src/basic/log.h
+++ b/src/basic/log.h
@@ -34,9 +34,8 @@ typedef enum LogTarget{
_LOG_TARGET_INVALID = -EINVAL,
} LogTarget;
-/* Note to readers: << and >> have lower precedence (are evaluated earlier) than & and | */
-#define SYNTHETIC_ERRNO(num) (1 << 30 | (num))
-#define IS_SYNTHETIC_ERRNO(val) ((val) >> 30 & 1)
+#define SYNTHETIC_ERRNO(num) (abs(num) | (1 << 30))
+#define IS_SYNTHETIC_ERRNO(val) (((val) >> 30) == 1)
#define ERRNO_VALUE(val) (abs(val) & ~(1 << 30))
const char *log_target_to_string(LogTarget target) _const_;
diff --git a/src/test/test-log.c b/src/test/test-log.c
index e337a3c7df..e8c004681b 100644
--- a/src/test/test-log.c
+++ b/src/test/test-log.c
@@ -10,11 +10,6 @@
#include "string-util.h"
#include "util.h"
-assert_cc(IS_SYNTHETIC_ERRNO(SYNTHETIC_ERRNO(EINVAL)));
-assert_cc(!IS_SYNTHETIC_ERRNO(EINVAL));
-assert_cc(IS_SYNTHETIC_ERRNO(SYNTHETIC_ERRNO(0)));
-assert_cc(!IS_SYNTHETIC_ERRNO(0));
-
#define X10(x) x x x x x x x x x x
#define X100(x) X10(X10(x))
#define X1000(x) X100(X10(x))
@@ -68,6 +63,15 @@ static void test_log_syntax(void) {
int main(int argc, char* argv[]) {
int target;
+ assert_se(IS_SYNTHETIC_ERRNO(SYNTHETIC_ERRNO(EINVAL)));
+ assert_se(IS_SYNTHETIC_ERRNO(SYNTHETIC_ERRNO(-EINVAL)));
+ assert_cc(!IS_SYNTHETIC_ERRNO(EINVAL));
+ assert_cc(!IS_SYNTHETIC_ERRNO(-EINVAL));
+ assert_se(IS_SYNTHETIC_ERRNO(SYNTHETIC_ERRNO(0)));
+ assert_cc(!IS_SYNTHETIC_ERRNO(0));
+ assert_se(ERRNO_VALUE(EINVAL) == EINVAL);
+ assert_se(ERRNO_VALUE(SYNTHETIC_ERRNO(-EINVAL)) == EINVAL);
+
test_file();
for (target = 0; target < _LOG_TARGET_MAX; target++) {
--
2.33.0

40
backport-core-Bump-log-level-of-reexecute-request-to-notice.patch Normal file
View File

@ -0,0 +1,40 @@
From 50e3bc139fc750c7b15bda55807fcb9209787319 Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 8 Oct 2024 16:25:52 +0200
Subject: [PATCH] core: Bump log level of reexecute request to notice
A daemon-reload is important enough to deserve logging at notice
level.
(cherry picked from commit 4ee41be82507348fbbc9d3ab28aae6330eb51663)
(cherry picked from commit 31e38b55b2e4bb1aa42fe106ea14df8e82758303)
(cherry picked from commit 79dc77a7ffed671a16c44369df2552cf733dbbef)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/50e3bc139fc750c7b15bda55807fcb9209787319
---
src/core/dbus-manager.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 33984f6f0e..90c1daf995 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1614,10 +1614,10 @@ static void log_caller(sd_bus_message *message, Manager *manager, const char *me
(void) sd_bus_creds_get_comm(creds, &comm);
caller = manager_get_unit_by_pid(manager, pid);
- log_info("%s requested from client PID " PID_FMT "%s%s%s%s%s%s...",
- method, pid,
- comm ? " ('" : "", strempty(comm), comm ? "')" : "",
- caller ? " (unit " : "", caller ? caller->id : "", caller ? ")" : "");
+ log_notice("%s requested from client PID " PID_FMT "%s%s%s%s%s%s...",
+ method, pid,
+ comm ? " ('" : "", strempty(comm), comm ? "')" : "",
+ caller ? " (unit " : "", caller ? caller->id : "", caller ? ")" : "");
}
static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
--
2.33.0

71
backport-core-Log-in-more-scenarios-about-which-process-initi.patch Normal file
View File

@ -0,0 +1,71 @@
From 4389fea50bbb0810ed9193522c487257ca0b5d2d Mon Sep 17 00:00:00 2001
From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Tue, 8 Oct 2024 16:28:25 +0200
Subject: [PATCH] core: Log in more scenarios about which process initiated an
operation
Exit/Reboot/Poweroff and similar operations are invasive enough that
logging about who initiated them is very useful to debug issues.
(cherry picked from commit acb0f501f4291efce82bcf89d4ad92b6a895f4fa)
(cherry picked from commit 814be7116dda14074749253d94b83387ceff0ff1)
(cherry picked from commit 4ce745446386bae450114c6fc2278577a7cf46f4)
Conflict:the current code does not have the method_soft_reboot function, so the related code is not combined
Reference:https://github.com/systemd/systemd/commit/acb0f501f4291efce82bcf89d4ad92b6a895f4fa
---
src/core/dbus-manager.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 90c1daf995..856dd3b5dc 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1706,6 +1706,8 @@ static int method_exit(sd_bus_message *message, void *userdata, sd_bus_error *er
if (r < 0)
return r;
+ log_caller(message, m, "Exit");
+
/* Exit() (in contrast to SetExitCode()) is actually allowed even if
* we are running on the host. It will fall back on reboot() in
* systemd-shutdown if it cannot do the exit() because it isn't a
@@ -1730,6 +1732,8 @@ static int method_reboot(sd_bus_message *message, void *userdata, sd_bus_error *
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
"Reboot is only supported for system managers.");
+ log_caller(message, m, "Reboot");
+
m->objective = MANAGER_REBOOT;
return sd_bus_reply_method_return(message, NULL);
@@ -1792,6 +1798,8 @@ static int method_poweroff(sd_bus_message *message, void *userdata, sd_bus_error
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
"Powering off is only supported for system managers.");
+ log_caller(message, m, "Poweroff");
+
m->objective = MANAGER_POWEROFF;
return sd_bus_reply_method_return(message, NULL);
@@ -1811,6 +1819,8 @@ static int method_halt(sd_bus_message *message, void *userdata, sd_bus_error *er
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
"Halt is only supported for system managers.");
+ log_caller(message, m, "Halt");
+
m->objective = MANAGER_HALT;
return sd_bus_reply_method_return(message, NULL);
@@ -1830,6 +1840,8 @@ static int method_kexec(sd_bus_message *message, void *userdata, sd_bus_error *e
return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED,
"KExec is only supported for system managers.");
+ log_caller(message, m, "Kexec");
+
m->objective = MANAGER_KEXEC;
return sd_bus_reply_method_return(message, NULL);
--
2.33.0

45
backport-core-fix-assert-when-AddDependencyUnitFiles-is-calle.patch Normal file
View File

@ -0,0 +1,45 @@
From 71efbe69b6b7a0d6a663b8dbe6fe4d8f5655848a Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Mon, 6 Jan 2025 18:16:29 +0000
Subject: [PATCH] core: fix assert when AddDependencyUnitFiles is called with
invalid parameter
unit_file_add_dependency() asserts, so check before calling it that the
type is expected, or return EINVAL to the caller.
root@localhost:~# busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager AddDependencyUnitFiles "asssbb" 0 uwhatm8 After 1 1
Broadcast message from systemd-journald@localhost (Mon 2025-01-06 18:12:14 UTC):
systemd[1]: Caught <ABRT>, from our own process.
Fixes https://github.com/systemd/systemd/issues/35882
(cherry picked from commit d87dc74e8f1a30d72a0f202e411400bab34ab55a)
(cherry picked from commit b6792202f31c4e83d23a944b845e1f17fc14f619)
(cherry picked from commit c65056e1318fe20cf9b62771ffa589abe2c21a76)
(cherry picked from commit 4d47117b05f2bd836c465c3efdee69c5a573e8d6)
Conflict:context adaptation
Reference:https://github.com/systemd/systemd-stable/commit/71efbe69b6b7a0d6a663b8dbe6fe4d8f5655848a
---
src/core/dbus-manager.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 856dd3b5dc..dea69bb6e2 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -2820,7 +2820,7 @@ static int method_add_dependency_unit_files(sd_bus_message *message, void *userd
flags = unit_file_bools_to_flags(runtime, force);
dep = unit_dependency_from_string(type);
- if (dep < 0)
+ if (dep < 0 || !IN_SET(dep, UNIT_WANTS, UNIT_REQUIRES))
return -EINVAL;
r = unit_file_add_dependency(m->unit_file_scope, flags, NULL, l, target, dep, &changes, &n_changes);
--
2.33.0

30
backport-core-fix-null-in-output.patch Normal file
View File

@ -0,0 +1,30 @@
From add74820b72be58f57722000a343ee3b63195eff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Tue, 14 Mar 2023 22:56:42 +0100
Subject: [PATCH] core: fix "(null)" in output
We want an empty string, not NULL. I made some brainfart here.
Fixup for 1980a25dc03aa500d4ee2725d696f68d265cd4ca.
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/add74820b72be58f57722000a343ee3b63195eff
---
src/core/dbus-manager.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 242a662bca..6d2ed62f94 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1530,7 +1530,7 @@ static void log_caller(sd_bus_message *message, Manager *manager, const char *me
log_info("%s requested from client PID " PID_FMT "%s%s%s%s%s%s...",
method, pid,
comm ? " ('" : "", strempty(comm), comm ? "')" : "",
- caller ? " (unit " : "", caller ? caller->id : NULL, caller ? ")" : "");
+ caller ? " (unit " : "", caller ? caller->id : "", caller ? ")" : "");
}
static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
--
2.33.0

49
backport-core-service-use-log_unit_-where-appropriate.patch Normal file
View File

@ -0,0 +1,49 @@
From 12b7b9e50cc19081c328e31937f7ddd764e16b41 Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Sat, 26 Oct 2024 17:38:06 +0200
Subject: [PATCH] core/service: use log_unit_* where appropriate
(cherry picked from commit 1e8f0beee4272ddc8b25dfa9af8e54bafc4c061a)
(cherry picked from commit b9ff85ece7a6bd9eca158aa0a8af46055ffb6142)
(cherry picked from commit e575661da99de81bf0f07d7efdcf8b4c5d9b779e)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/1e8f0beee4272ddc8b25dfa9af8e54bafc4c061a
---
src/core/service.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/core/service.c b/src/core/service.c
index 5650550203..44e7ce5785 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -4654,7 +4654,7 @@ static int bus_name_pid_lookup_callback(sd_bus_message *reply, void *userdata, s
e = sd_bus_message_get_error(reply);
if (e) {
r = sd_bus_error_get_errno(e);
- log_warning_errno(r, "GetConnectionUnixProcessID() failed: %s", bus_error_message(e, r));
+ log_unit_warning_errno(UNIT(s), r, "GetConnectionUnixProcessID() failed: %s", bus_error_message(e, r));
return 1;
}
@@ -4665,7 +4665,7 @@ static int bus_name_pid_lookup_callback(sd_bus_message *reply, void *userdata, s
}
if (!pid_is_valid(pid)) {
- log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "GetConnectionUnixProcessID() returned invalid PID");
+ log_unit_debug_errno(UNIT(s), SYNTHETIC_ERRNO(EINVAL), "GetConnectionUnixProcessID() returned invalid PID");
return 1;
}
@@ -4724,7 +4724,7 @@ static void service_bus_name_owner_change(Unit *u, const char *new_owner) {
"s",
s->bus_name);
if (r < 0)
- log_debug_errno(r, "Failed to request owner PID of service name, ignoring: %m");
+ log_unit_debug_errno(u, r, "Failed to request owner PID of service name, ignoring: %m");
}
}
--
2.33.0

33
backport-execute-free-syscall_log-hashmap-when-done.patch Normal file
View File

@ -0,0 +1,33 @@
From 742f3232bcddbbb47bfad3ad22e2de15c49f0325 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Thu, 28 Nov 2024 13:33:55 +0100
Subject: [PATCH] execute: free syscall_log hashmap when done
Fixes #35394
(cherry picked from commit c3dc460b6c3f062af540e4233c65ac12c01077fa)
(cherry picked from commit f15fd96efd5ebdfb18746acb0cbb35a4331b4d8b)
(cherry picked from commit a9c650b207369d047ac9c0f21d6d70590173df45)
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/742f3232bcddbbb47bfad3ad22e2de15c49f0325
---
src/core/execute.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/core/execute.c b/src/core/execute.c
index e6fcb115b7..7b7b97ae9c 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -6225,6 +6225,7 @@ void exec_context_done(ExecContext *c) {
c->syscall_filter = hashmap_free(c->syscall_filter);
c->syscall_archs = set_free(c->syscall_archs);
+ c->syscall_log = hashmap_free(c->syscall_log);
c->address_families = set_free(c->address_families);
for (ExecDirectoryType t = 0; t < _EXEC_DIRECTORY_TYPE_MAX; t++)
--
2.33.0

40
backport-journalctl-erase-verify-key-before-free.patch Normal file
View File

@ -0,0 +1,40 @@
From b115781317b6a8c649ae2b92c7839ce8872fdffb Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 16 Oct 2024 19:27:36 +0900
Subject: [PATCH] journalctl: erase verify key before free
Even optarg is erased, copied string was not erased.
Let's erase the copied key for safety.
(cherry picked from commit d0ad4e88d4e6b5e312c359a6505125f7e088f3e3)
(cherry picked from commit 28f7c958fb799887cb67528a85ca59f0ccd9261e)
(cherry picked from commit 6b13398c220a01e2eff5bb25da7d457f445c82e9)
Conflict:the current code does not use STATIC_DESTRUCTOR_REGISTER instead of free, so the related code is not combined
Reference:https://github.com/systemd/systemd/commit/d0ad4e88d4e6b5e312c359a6505125f7e088f3e3
---
src/journal/journalctl.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index decdf14..327e035 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -791,9 +791,11 @@ static int parse_argv(int argc, char *argv[]) {
break;
case ARG_VERIFY_KEY:
- r = free_and_strdup(&arg_verify_key, optarg);
- if (r < 0)
- return r;
+ erase_and_free(arg_verify_key);
+ arg_verify_key = strdup(optarg);
+ if (!arg_verify_key)
+ return log_oom();
+
/* Use memset not explicit_bzero() or similar so this doesn't look confusing
* in ps or htop output. */
memset(optarg, 'x', strlen(optarg));
--
2.33.0

126
backport-log-add-common-helper-log_set_target_and_open.patch Normal file
View File

@ -0,0 +1,126 @@
From 1e344c1dc79d93976d019dfa0dbe6d24b28d64d7 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 14 Feb 2023 16:10:58 +0100
Subject: [PATCH] log: add common helper log_set_target_and_open()
quite often we want to set a log target and immediately open it. Add a
common helper for that.
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/1e344c1dc79d93976d019dfa0dbe6d24b28d64d7
---
src/basic/log.c | 5 +++++
src/basic/log.h | 1 +
src/core/main.c | 9 +++------
src/coredump/coredump.c | 9 +++------
src/shared/bus-log-control-api.c | 3 +--
5 files changed, 13 insertions(+), 14 deletions(-)
diff --git a/src/basic/log.c b/src/basic/log.c
index fc5793139..6a4373101 100644
--- a/src/basic/log.c
+++ b/src/basic/log.c
@@ -347,6 +347,11 @@ void log_set_target(LogTarget target) {
log_target = target;
}
+void log_set_target_and_open(LogTarget target) {
+ log_set_target(target);
+ log_open();
+}
+
void log_close(void) {
/* Do not call from library code. */
diff --git a/src/basic/log.h b/src/basic/log.h
index f73d4c415..0d4956e6b 100644
--- a/src/basic/log.h
+++ b/src/basic/log.h
@@ -51,6 +51,7 @@ static inline void clear_log_syntax_callback(dummy_t *dummy) {
const char *log_target_to_string(LogTarget target) _const_;
LogTarget log_target_from_string(const char *s) _pure_;
void log_set_target(LogTarget target);
+void log_set_target_and_open(LogTarget target);
int log_set_target_from_string(const char *e);
LogTarget log_get_target(void) _pure_;
diff --git a/src/core/main.c b/src/core/main.c
index c0b8126d9..f28448f9e 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -2787,8 +2787,7 @@ int main(int argc, char *argv[]) {
if (detect_container() <= 0) {
/* Running outside of a container as PID 1 */
- log_set_target(LOG_TARGET_KMSG);
- log_open();
+ log_set_target_and_open(LOG_TARGET_KMSG);
if (in_initrd())
initrd_timestamp = userspace_timestamp;
@@ -2832,8 +2831,7 @@ int main(int argc, char *argv[]) {
} else {
/* Running inside a container, as PID 1 */
- log_set_target(LOG_TARGET_CONSOLE);
- log_open();
+ log_set_target_and_open(LOG_TARGET_CONSOLE);
/* For later on, see above... */
log_set_target(LOG_TARGET_JOURNAL);
@@ -2880,8 +2878,7 @@ int main(int argc, char *argv[]) {
/* Running as user instance */
arg_system = false;
log_set_always_reopen_console(true);
- log_set_target(LOG_TARGET_AUTO);
- log_open();
+ log_set_target_and_open(LOG_TARGET_AUTO);
/* clear the kernel timestamp, because we are not PID 1 */
kernel_timestamp = DUAL_TIMESTAMP_NULL;
diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index 013ebb4c2..d9db98bf3 100644
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -1486,11 +1486,9 @@ static int process_kernel(int argc, char* argv[]) {
if (r < 0)
goto finish;
- if (!context.is_journald) {
+ if (!context.is_journald)
/* OK, now we know it's not the journal, hence we can make use of it now. */
- log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
- log_open();
- }
+ log_set_target_and_open(LOG_TARGET_JOURNAL_OR_KMSG);
/* If this is PID 1 disable coredump collection, we'll unlikely be able to process
* it later on.
@@ -1589,8 +1587,7 @@ static int run(int argc, char *argv[]) {
/* First, log to a safe place, since we don't know what crashed and it might
* be journald which we'd rather not log to then. */
- log_set_target(LOG_TARGET_KMSG);
- log_open();
+ log_set_target_and_open(LOG_TARGET_KMSG);
/* Make sure we never enter a loop */
(void) prctl(PR_SET_DUMPABLE, 0);
diff --git a/src/shared/bus-log-control-api.c b/src/shared/bus-log-control-api.c
index 06e6697a3..40f99ac2b 100644
--- a/src/shared/bus-log-control-api.c
+++ b/src/shared/bus-log-control-api.c
@@ -86,8 +86,7 @@ int bus_property_set_log_target(
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid log target '%s'", t);
log_info("Setting log target to %s.", log_target_to_string(target));
- log_set_target(target);
- log_open();
+ log_set_target_and_open(target);
return 0;
}
--
2.33.0

77
backport-logind-let-system-wide-idle-begin-at-the-time-logind.patch Normal file
View File

@ -0,0 +1,77 @@
From dcb86edde5ef3b70f68abb7ed8bb0be63f28485b Mon Sep 17 00:00:00 2001
From: Florian Schmaus <flo@geekplace.eu>
Date: Sat, 16 Nov 2024 10:29:35 +0100
Subject: [PATCH] logind: let system-wide idle begin at the time logind was
initialized
Initialize the start of the system-wide idle time with the time logind was
initialized and not with the start of the Unix epoch. This means that systemd
will not repport a unreasonable long idle time (around 54 years at the time of
writing this), especially at in the early boot, while no login manager session,
e.g,. gdm, had a chance to provide a more accurate start of the idle period.
Fixes #35163
(cherry picked from commit 718b31138b9a93f262259f297ad6b521454decc6)
(cherry picked from commit 9d36809256c6d92c6d8358769479ad2c2b695664)
(cherry picked from commit 77b963c31712ef81786fcc6623fe1b10a46b62e0)
(cherry picked from commit cd6f07effafdcb9e1c903589a8cf398cd46b8acd)
Conflict:NA
Reference:https://github.com/systemd/systemd-stable/commit/dcb86edde5ef3b70f68abb7ed8bb0be63f28485b
---
src/login/logind-core.c | 6 +++++-
src/login/logind.c | 2 ++
src/login/logind.h | 2 ++
3 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/login/logind-core.c b/src/login/logind-core.c
index af86e92c01..fe95f90f74 100644
--- a/src/login/logind-core.c
+++ b/src/login/logind-core.c
@@ -395,10 +395,14 @@ int manager_get_user_by_pid(Manager *m, pid_t pid, User **ret) {
int manager_get_idle_hint(Manager *m, dual_timestamp *t) {
Session *s;
bool idle_hint;
- dual_timestamp ts = DUAL_TIMESTAMP_NULL;
+ dual_timestamp ts;
assert(m);
+ /* Initialize the baseline timestamp with the time the manager got initialized to avoid reporting
+ * unreasonable large idle periods starting with the Unix epoch. */
+ ts = m->init_ts;
+
idle_hint = !manager_is_inhibited(m, INHIBIT_IDLE, INHIBIT_BLOCK, t, false, false, 0, NULL);
HASHMAP_FOREACH(s, m->sessions) {
diff --git a/src/login/logind.c b/src/login/logind.c
index f30f7f9370..75474e2c08 100644
--- a/src/login/logind.c
+++ b/src/login/logind.c
@@ -96,6 +96,8 @@ static int manager_new(Manager **ret) {
(void) sd_event_set_watchdog(m->event, true);
+ dual_timestamp_get(&m->init_ts);
+
manager_reset_config(m);
*ret = TAKE_PTR(m);
diff --git a/src/login/logind.h b/src/login/logind.h
index e6a04e0834..787406adac 100644
--- a/src/login/logind.h
+++ b/src/login/logind.h
@@ -139,6 +139,8 @@ struct Manager {
char *efi_loader_entry_one_shot;
struct stat efi_loader_entry_one_shot_stat;
+
+ dual_timestamp init_ts;
};
void manager_reset_config(Manager *m);
--
2.33.0

30
backport-main-reopen-dev-console-for-user-service-manager.patch Normal file
View File

@ -0,0 +1,30 @@
From 2a646b1d624e510a79785e1268b55a9c3a441db5 Mon Sep 17 00:00:00 2001
From: Einsler Lee <shenxiaogll@163.com>
Date: Tue, 2 Mar 2021 20:21:21 +0800
Subject: [PATCH] main: reopen /dev/console for user service manager
Now the console_fd of user service manager is 2. Even if LogTarget=console is set in /etc/systemd/user.conf,there is no log in the console.
This reopen the /dev/console, so the log of user service can be output in the console.
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/2a646b1d624e510a79785e1268b55a9c3a441db5
---
src/core/main.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/core/main.c b/src/core/main.c
index 55f5481eb2..fbbfd71ac8 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -2819,6 +2819,7 @@ int main(int argc, char *argv[]) {
} else {
/* Running as user instance */
arg_system = false;
+ log_set_always_reopen_console(true);
log_set_target(LOG_TARGET_AUTO);
log_open();
--
2.33.0

40
backport-manager-improve-message-about-Reload-Reexec-requests.patch Normal file
View File

@ -0,0 +1,40 @@
From 1980a25dc03aa500d4ee2725d696f68d265cd4ca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Wed, 8 Feb 2023 11:36:22 +0100
Subject: [PATCH] manager: improve message about Reload/Reexec requests
If we fail to get the necessary information, let's just not print that
part of the message. 'n/a' looks pretty ugly.
I used a bunch of ternary operators instead of seperate log lines because
with two components that might or might not be there, we need four different
combinations.
Also, the unit name doesn't need to be quoted, it's always printable.
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/1980a25dc03aa500d4ee2725d696f68d265cd4ca
---
src/core/dbus-manager.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 53121fa1a6..c4f205bc42 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1527,8 +1527,10 @@ static void log_caller(sd_bus_message *message, Manager *manager, const char *me
(void) sd_bus_creds_get_comm(creds, &comm);
caller = manager_get_unit_by_pid(manager, pid);
- log_info("%s requested from client PID " PID_FMT " ('%s') (from unit '%s')...",
- method, pid, strna(comm), strna(caller ? caller->id : NULL));
+ log_info("%s requested from client PID " PID_FMT "%s%s%s%s%s%s...",
+ method, pid,
+ comm ? " ('" : "", strempty(comm), comm ? "')" : "",
+ caller ? " (unit " : "", caller ? caller->id : NULL, caller ? ")" : "");
}
static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
--
2.33.0

63
backport-manager-log-unit-pid-of-sender-when-Reload-is-called.patch Normal file
View File

@ -0,0 +1,63 @@
From 9524c2fd43aa3b76719cc21eb7093a5b90997fd9 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <bluca@debian.org>
Date: Mon, 12 Dec 2022 15:34:43 +0000
Subject: [PATCH] manager: log unit/pid of sender when Reload() is called
Reloading is a heavy-weight operation, and currently it is not
possible to figure out who/what requested it, even at debug level
logging.
Check the sender of the D-Bus message and print it out at info level.
Conflict:code context adaptation
Reference:https://github.com/systemd/systemd/commit/9524c2fd43aa3b76719cc21eb7093a5b90997fd9
---
src/core/dbus-manager.c | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 8d7b1f60da..5c8a7d410f 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1451,6 +1451,29 @@ int verify_run_space_and_log(const char *message) {
return 0;
}
+static void log_reload_caller(sd_bus_message *message, Manager *manager) {
+ _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
+ const char *comm = NULL;
+ Unit *caller;
+ pid_t pid;
+
+ assert(message);
+ assert(manager);
+
+ if (sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID|SD_BUS_CREDS_AUGMENT|SD_BUS_CREDS_COMM, &creds) < 0)
+ return;
+
+ /* We need at least the PID, otherwise there's nothing to log, the rest is optional */
+ if (sd_bus_creds_get_pid(creds, &pid) < 0)
+ return;
+
+ (void) sd_bus_creds_get_comm(creds, &comm);
+ caller = manager_get_unit_by_pid(manager, pid);
+
+ log_info("Reloading requested from client PID " PID_FMT " ('%s') (from unit '%s')...",
+ pid, strna(comm), strna(caller ? caller->id : NULL));
+}
+
static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
Manager *m = userdata;
int r;
@@ -1471,6 +1494,9 @@ static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *
if (r == 0)
return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
+ /* Write a log message noting the unit or process who requested the Reload() */
+ log_reload_caller(message, m);
+
/* Instead of sending the reply back right away, we just
* remember that we need to and then send it after the reload
* is finished. That way the caller knows when the reload
--
2.33.0

99
backport-path-util-introduce-path_glob_can_match.patch Normal file
View File

@ -0,0 +1,99 @@
From 3b703fe269a4a34f1b5ad1c3ce219c8c407e6fe1 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 17 Aug 2022 06:43:37 +0900
Subject: [PATCH] path-util: introduce path_glob_can_match()
---
src/basic/path-util.c | 61 +++++++++++++++++++++++++++++++++++++++++++
src/basic/path-util.h | 2 ++
2 files changed, 63 insertions(+)
diff --git a/src/basic/path-util.c b/src/basic/path-util.c
index 13d71ed..bec930f 100644
--- a/src/basic/path-util.c
+++ b/src/basic/path-util.c
@@ -1,6 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include <errno.h>
+#include <fnmatch.h>
#include <limits.h>
#include <stdio.h>
#include <stdlib.h>
@@ -1395,3 +1396,63 @@ bool prefixed_path_strv_contains(char **l, const char *path) {
return false;
}
+
+int path_glob_can_match(const char *pattern, const char *prefix, char **ret) {
+ assert(pattern);
+ assert(prefix);
+
+ for (const char *a = pattern, *b = prefix;;) {
+ _cleanup_free_ char *g = NULL, *h = NULL;
+ const char *p, *q;
+ int r, s;
+
+ r = path_find_first_component(&a, /* accept_dot_dot = */ false, &p);
+ if (r < 0)
+ return r;
+
+ s = path_find_first_component(&b, /* accept_dot_dot = */ false, &q);
+ if (s < 0)
+ return s;
+
+ if (s == 0) {
+ /* The pattern matches the prefix. */
+ if (ret) {
+ char *t;
+
+ t = path_join(prefix, p);
+ if (!t)
+ return -ENOMEM;
+
+ *ret = t;
+ }
+ return true;
+ }
+
+ if (r == 0)
+ break;
+
+ if (r == s && strneq(p, q, r))
+ continue; /* common component. Check next. */
+
+ g = strndup(p, r);
+ if (!g)
+ return -ENOMEM;
+
+ if (!string_is_glob(g))
+ break;
+
+ /* We found a glob component. Check if the glob pattern matches the prefix component. */
+
+ h = strndup(q, s);
+ if (!h)
+ return -ENOMEM;
+
+ if (fnmatch(g, h, 0) != 0)
+ break;
+ }
+
+ /* The pattern does not match the prefix. */
+ if (ret)
+ *ret = NULL;
+ return false;
+}
diff --git a/src/basic/path-util.h b/src/basic/path-util.h
index 26e7362..c374a77 100644
--- a/src/basic/path-util.h
+++ b/src/basic/path-util.h
@@ -202,3 +202,5 @@ static inline const char *empty_to_root(const char *path) {
bool path_strv_contains(char **l, const char *path);
bool prefixed_path_strv_contains(char **l, const char *path);
+
+int path_glob_can_match(const char *pattern, const char *prefix, char **ret);
--
2.33.0

74
backport-resolved-log-error-messages-for-openssl-gnutls-conte.patch Normal file
View File

@ -0,0 +1,74 @@
From 17a3a8e91be80c93347458a1a6508bc19646607d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sun, 3 Nov 2024 12:58:12 +0100
Subject: [PATCH] resolved: log error messages for openssl/gnutls context
creation
In https://bugzilla.redhat.com/show_bug.cgi?id=2322937 we're getting
an error message:
Okt 29 22:21:03 fedora systemd-resolved[29311]: Could not create manager: Cannot allocate memory
I expect that this actually comes from dnstls_manager_init(), the
openssl version. But without real logs it's hard to know for sure.
Use EIO instead of ENOMEM, because the problem is unlikely to be actually
related to memory.
(cherry picked from commit ee95e86ae163e436384f1b782a77a7e18deba890)
(cherry picked from commit abd1e408203d5d445b05f4dc0ac07e35114532d1)
(cherry picked from commit 67954b455473b29f8a41be14f5b778044b7cfafa)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/ee95e86ae163e436384f1b782a77a7e18deba890
---
src/resolve/resolved-dnstls-gnutls.c | 4 +++-
src/resolve/resolved-dnstls-openssl.c | 9 ++++++---
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/resolve/resolved-dnstls-gnutls.c b/src/resolve/resolved-dnstls-gnutls.c
index acdad6fa91..c086e2c198 100644
--- a/src/resolve/resolved-dnstls-gnutls.c
+++ b/src/resolve/resolved-dnstls-gnutls.c
@@ -236,7 +236,9 @@ int dnstls_manager_init(Manager *manager) {
r = gnutls_certificate_allocate_credentials(&manager->dnstls_data.cert_cred);
if (r < 0)
- return -ENOMEM;
+ return log_warning_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+ "Failed to allocate SSL credentials: %s",
+ gnutls_strerror(r));
r = gnutls_certificate_set_x509_system_trust(manager->dnstls_data.cert_cred);
if (r < 0)
diff --git a/src/resolve/resolved-dnstls-openssl.c b/src/resolve/resolved-dnstls-openssl.c
index 4a0132ad3d..74fb79e58d 100644
--- a/src/resolve/resolved-dnstls-openssl.c
+++ b/src/resolve/resolved-dnstls-openssl.c
@@ -397,11 +397,15 @@ int dnstls_manager_init(Manager *manager) {
manager->dnstls_data.ctx = SSL_CTX_new(TLS_client_method());
if (!manager->dnstls_data.ctx)
- return -ENOMEM;
+ return log_warning_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+ "Failed to create SSL context: %s",
+ ERR_error_string(ERR_get_error(), NULL));
r = SSL_CTX_set_min_proto_version(manager->dnstls_data.ctx, TLS1_2_VERSION);
if (r == 0)
- return -EIO;
+ return log_warning_errno(SYNTHETIC_ERRNO(ENOTRECOVERABLE),
+ "Failed to set protocol version on SSL context: %s",
+ ERR_error_string(ERR_get_error(), NULL));
(void) SSL_CTX_set_options(manager->dnstls_data.ctx, SSL_OP_NO_COMPRESSION);
@@ -410,7 +414,6 @@ int dnstls_manager_init(Manager *manager) {
return log_warning_errno(SYNTHETIC_ERRNO(EIO),
"Failed to load system trust store: %s",
ERR_error_string(ERR_get_error(), NULL));
-
return 0;
}
--
2.33.0

153
backport-run-do-not-pass-the-pty-slave-fd-to-transient-servic.patch Normal file
View File

@ -0,0 +1,153 @@
From e2d6762fa3fca4bf265d13b724476fa70b5c3a3e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Thu, 6 Jun 2024 13:30:09 +0200
Subject: [PATCH] run: do not pass the pty slave fd to transient service in a
machine
Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045
The pty path returned by OpenMachinePTY() cannot be opened from outside
the machine, hence let's use the plain Standard{Input,Output,Error}=tty
in such a case. This means if --machine= is specified, #32916 would occur.
A comprehensive fix requires a new dbus method in machined, which shall
be material for v257.
See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429
Replaces #33216
Co-authored-by: Mike Yuan <me@yhndnzj.com>
(cherry picked from commit ddef3ec87c1f63fed868f769d246b0b3d6877f88)
(cherry picked from commit 639c922ede94852f83ccd930b28a382075f1da8f)
Conflict:code context adaptation
Reference:https://github.com/systemd/systemd/commit/ddef3ec87c1f63fed868f769d246b0b3d6877f88
---
src/run/run.c | 48 +++++++++++++++++++++++++++++++-----------------
1 file changed, 31 insertions(+), 17 deletions(-)
diff --git a/src/run/run.c b/src/run/run.c
index 9c175a9..807b22f 100644
--- a/src/run/run.c
+++ b/src/run/run.c
@@ -704,11 +704,12 @@ static int transient_kill_set_properties(sd_bus_message *m) {
return 0;
}
-static int transient_service_set_properties(sd_bus_message *m, const char *pty_path) {
+static int transient_service_set_properties(sd_bus_message *m, const char *pty_path, int pty_fd) {
bool send_term = false;
int r;
assert(m);
+ assert(pty_path || pty_fd < 0);
r = transient_unit_set_properties(m, UNIT_SERVICE, arg_property);
if (r < 0)
@@ -804,18 +805,22 @@ static int transient_service_set_properties(sd_bus_message *m, const char *pty_p
}
if (pty_path) {
- _cleanup_close_ int pty_slave = -EBADF;
-
- pty_slave = open_terminal(pty_path, O_RDWR|O_NOCTTY|O_CLOEXEC);
- if (pty_slave < 0)
- return pty_slave;
+ r = sd_bus_message_append(m, "(sv)", "TTYPath", "s", pty_path);
+ if (r < 0)
+ return bus_log_create_error(r);
- r = sd_bus_message_append(m,
- "(sv)(sv)(sv)(sv)",
- "StandardInputFileDescriptor", "h", pty_slave,
- "StandardOutputFileDescriptor", "h", pty_slave,
- "StandardErrorFileDescriptor", "h", pty_slave,
- "TTYPath", "s", pty_path);
+ if (pty_fd >= 0)
+ r = sd_bus_message_append(m,
+ "(sv)(sv)(sv)",
+ "StandardInputFileDescriptor", "h", pty_fd,
+ "StandardOutputFileDescriptor", "h", pty_fd,
+ "StandardErrorFileDescriptor", "h", pty_fd);
+ else
+ r = sd_bus_message_append(m,
+ "(sv)(sv)(sv)",
+ "StandardInput", "s", "tty",
+ "StandardOutput", "s", "tty",
+ "StandardError", "s", "tty");
if (r < 0)
return bus_log_create_error(r);
@@ -1166,7 +1171,8 @@ static int make_transient_service_unit(
sd_bus *bus,
sd_bus_message **message,
const char *service,
- const char *pty_path) {
+ const char *pty_path,
+ int pty_fd) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
int r;
@@ -1193,7 +1199,7 @@ static int make_transient_service_unit(
if (r < 0)
return bus_log_create_error(r);
- r = transient_service_set_properties(m, pty_path);
+ r = transient_service_set_properties(m, pty_path, pty_fd);
if (r < 0)
return r;
@@ -1238,7 +1244,7 @@ static int start_transient_service(sd_bus *bus) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL;
_cleanup_free_ char *service = NULL, *pty_path = NULL;
- _cleanup_close_ int master = -1;
+ _cleanup_close_ int master = -EBADF, slave = -EBADF;
int r;
assert(bus);
@@ -1257,6 +1263,10 @@ static int start_transient_service(sd_bus *bus) {
if (unlockpt(master) < 0)
return log_error_errno(errno, "Failed to unlock tty: %m");
+ slave = open_terminal(pty_path, O_RDWR|O_NOCTTY|O_CLOEXEC);
+ if (slave < 0)
+ return log_error_errno(slave, "Failed to open pty slave: %m");
+
} else if (arg_transport == BUS_TRANSPORT_MACHINE) {
_cleanup_(sd_bus_unrefp) sd_bus *system_bus = NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *pty_reply = NULL;
@@ -1286,6 +1296,9 @@ static int start_transient_service(sd_bus *bus) {
pty_path = strdup(s);
if (!pty_path)
return log_oom();
+
+ // FIXME: Introduce OpenMachinePTYEx() that accepts ownership/permission as param
+ // and additionally returns the pty fd, for #33216 and #32999
} else
assert_not_reached("Can't allocate tty via ssh");
}
@@ -1312,9 +1325,10 @@ static int start_transient_service(sd_bus *bus) {
return r;
}
- r = make_transient_service_unit(bus, &m, service, pty_path);
+ r = make_transient_service_unit(bus, &m, service, pty_path, slave);
if (r < 0)
return r;
+ slave = safe_close(slave);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
@@ -1731,7 +1745,7 @@ static int make_transient_trigger_unit(
if (r < 0)
return bus_log_create_error(r);
- r = transient_service_set_properties(m, NULL);
+ r = transient_service_set_properties(m, /* pty_path = */ NULL, /* pty_fd = */ -EBADF);
if (r < 0)
return r;
--
2.33.0

58
backport-run-pass-the-pty-slave-fd-to-transient-service.patch Normal file
View File

@ -0,0 +1,58 @@
From 903c71befc93c5443f70720c6e98ecca704da692 Mon Sep 17 00:00:00 2001
From: Mike Yuan <me@yhndnzj.com>
Date: Sun, 19 May 2024 09:07:21 +0800
Subject: [PATCH] run: pass the pty slave fd to transient service
The rationale is similar to 40e1f4ea7458a0a80eaf1ef356e52bfe0835412e.
Currently, we only pass TTYPath=/dev/pts/... to
the transient service spawned by systemd-run.
This is a bit problematic though, when ExecStartPre=
or ExecStopPost= is used. Since when these control
processes get to run, the main process is not yet
started/has already exited, hence the slave suffers
from the same vhangup problem as the mentioned commit.
By passing the slave fd in, the service manager will
hold the fd open as long as the service is alive.
Fixes #32916
(cherry picked from commit 28459ba1f4df824d5ef7f7d1a9acb6953ea24045)
(cherry picked from commit 182b80bede28ef6e9c0d0edd34c56a467d22dee5)
(cherry picked from commit 369d7d4083a835e654ae02f92d559293bde66919)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/28459ba1f4df824d5ef7f7d1a9acb6953ea24045
---
src/run/run.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/run/run.c b/src/run/run.c
index 645a1fee4c..8bb061e62c 100644
--- a/src/run/run.c
+++ b/src/run/run.c
@@ -773,11 +773,17 @@ static int transient_service_set_properties(sd_bus_message *m, const char *pty_p
}
if (pty_path) {
+ _cleanup_close_ int pty_slave = -EBADF;
+
+ pty_slave = open_terminal(pty_path, O_RDWR|O_NOCTTY|O_CLOEXEC);
+ if (pty_slave < 0)
+ return pty_slave;
+
r = sd_bus_message_append(m,
"(sv)(sv)(sv)(sv)",
- "StandardInput", "s", "tty",
- "StandardOutput", "s", "tty",
- "StandardError", "s", "tty",
+ "StandardInputFileDescriptor", "h", pty_slave,
+ "StandardOutputFileDescriptor", "h", pty_slave,
+ "StandardErrorFileDescriptor", "h", pty_slave,
"TTYPath", "s", pty_path);
if (r < 0)
return bus_log_create_error(r);
--
2.33.0

281
backport-run-split-out-creation-of-unit-creation-messages.patch Normal file
View File

@ -0,0 +1,281 @@
From b58026bddce8cc418c10e1c69f96de34b0dffcbf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sun, 2 Apr 2023 22:27:58 +0200
Subject: [PATCH] run: split out creation of unit creation messages
Just refactoring, in preparation for future changes.
(Though I think it'd be reasonable to do anyway, those functions were
awfully long.)
'git diff' displays this badly. The middle part of start_transient_service()
is moved to make_transient_service_unit(), and the middle part of
start_transient_trigger() is moved to make_transient_trigger_unit().
Conflict:code context adaptation
Reference:https://github.com/systemd/systemd/commit/b58026bddce8cc418c10e1c69f96de34b0dffcbf
---
src/run/run.c | 218 ++++++++++++++++++++++++++++++--------------------
1 file changed, 132 insertions(+), 86 deletions(-)
diff --git a/src/run/run.c b/src/run/run.c
index ad8cd82d8f..409212cbfa 100644
--- a/src/run/run.c
+++ b/src/run/run.c
@@ -1109,6 +1109,54 @@ static int pty_forward_handler(PTYForward *f, int rcode, void *userdata) {
return 0;
}
+static int make_transient_service_unit(
+ sd_bus *bus,
+ sd_bus_message **message,
+ const char *service,
+ const char *pty_path) {
+
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
+ int r;
+
+ assert(bus);
+ assert(message);
+ assert(service);
+
+ r = bus_message_new_method_call(bus, &m, bus_systemd_mgr, "StartTransientUnit");
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ r = sd_bus_message_set_allow_interactive_authorization(m, arg_ask_password);
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ /* Name and mode */
+ r = sd_bus_message_append(m, "ss", service, "fail");
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ /* Properties */
+ r = sd_bus_message_open_container(m, 'a', "(sv)");
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ r = transient_service_set_properties(m, pty_path);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_message_close_container(m);
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ /* Auxiliary units */
+ r = sd_bus_message_append(m, "a(sa(sv))", 0);
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ *message = TAKE_PTR(m);
+ return 0;
+}
+
static int start_transient_service(
sd_bus *bus,
int *retval) {
@@ -1190,37 +1238,10 @@ static int start_transient_service(sd_bus *bus) {
return r;
}
- r = bus_message_new_method_call(bus, &m, bus_systemd_mgr, "StartTransientUnit");
- if (r < 0)
- return bus_log_create_error(r);
-
- r = sd_bus_message_set_allow_interactive_authorization(m, arg_ask_password);
- if (r < 0)
- return bus_log_create_error(r);
-
- /* Name and mode */
- r = sd_bus_message_append(m, "ss", service, "fail");
- if (r < 0)
- return bus_log_create_error(r);
-
- /* Properties */
- r = sd_bus_message_open_container(m, 'a', "(sv)");
- if (r < 0)
- return bus_log_create_error(r);
-
- r = transient_service_set_properties(m, pty_path);
+ r = make_transient_service_unit(bus, &m, service, pty_path);
if (r < 0)
return r;
- r = sd_bus_message_close_container(m);
- if (r < 0)
- return bus_log_create_error(r);
-
- /* Auxiliary units */
- r = sd_bus_message_append(m, "a(sa(sv))", 0);
- if (r < 0)
- return bus_log_create_error(r);
-
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = sd_bus_call(bus, m, 0, &error, &reply);
@@ -1550,70 +1571,21 @@ static int start_transient_scope(sd_bus *bus) {
return log_error_errno(errno, "Failed to execute: %m");
}
-static int start_transient_trigger(
- sd_bus *bus,
- const char *suffix) {
-
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
- _cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL;
- _cleanup_free_ char *trigger = NULL, *service = NULL;
- const char *object = NULL;
+static int make_transient_trigger_unit(
+ sd_bus *bus,
+ sd_bus_message **message,
+ const char *suffix,
+ const char *trigger,
+ const char *service) {
+
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
int r;
assert(bus);
-
- r = bus_wait_for_jobs_new(bus, &w);
- if (r < 0)
- return log_oom();
-
- if (arg_unit) {
- switch (unit_name_to_type(arg_unit)) {
-
- case UNIT_SERVICE:
- service = strdup(arg_unit);
- if (!service)
- return log_oom();
-
- r = unit_name_change_suffix(service, suffix, &trigger);
- if (r < 0)
- return log_error_errno(r, "Failed to change unit suffix: %m");
- break;
-
- case UNIT_TIMER:
- trigger = strdup(arg_unit);
- if (!trigger)
- return log_oom();
-
- r = unit_name_change_suffix(trigger, ".service", &service);
- if (r < 0)
- return log_error_errno(r, "Failed to change unit suffix: %m");
- break;
-
- default:
- r = unit_name_mangle_with_suffix(arg_unit, "as unit",
- arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN,
- ".service", &service);
- if (r < 0)
- return log_error_errno(r, "Failed to mangle unit name: %m");
-
- r = unit_name_mangle_with_suffix(arg_unit, "as trigger",
- arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN,
- suffix, &trigger);
- if (r < 0)
- return log_error_errno(r, "Failed to mangle unit name: %m");
-
- break;
- }
- } else {
- r = make_unit_name(bus, UNIT_SERVICE, &service);
- if (r < 0)
- return r;
-
- r = unit_name_change_suffix(service, suffix, &trigger);
- if (r < 0)
- return log_error_errno(r, "Failed to change unit suffix: %m");
- }
+ assert(message);
+ assert(suffix);
+ assert(trigger);
+ assert(service);
r = bus_message_new_method_call(bus, &m, bus_systemd_mgr, "StartTransientUnit");
if (r < 0)
@@ -1679,6 +1654,77 @@ static int start_transient_trigger(sd_bus *bus, const char *suffix) {
if (r < 0)
return bus_log_create_error(r);
+ *message = TAKE_PTR(m);
+ return 0;
+}
+
+static int start_transient_trigger(sd_bus *bus, const char *suffix) {
+ _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
+ _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
+ _cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL;
+ _cleanup_free_ char *trigger = NULL, *service = NULL;
+ const char *object = NULL;
+ int r;
+
+ assert(bus);
+ assert(suffix);
+
+ r = bus_wait_for_jobs_new(bus, &w);
+ if (r < 0)
+ return log_oom();
+
+ if (arg_unit) {
+ switch (unit_name_to_type(arg_unit)) {
+
+ case UNIT_SERVICE:
+ service = strdup(arg_unit);
+ if (!service)
+ return log_oom();
+
+ r = unit_name_change_suffix(service, suffix, &trigger);
+ if (r < 0)
+ return log_error_errno(r, "Failed to change unit suffix: %m");
+ break;
+
+ case UNIT_TIMER:
+ trigger = strdup(arg_unit);
+ if (!trigger)
+ return log_oom();
+
+ r = unit_name_change_suffix(trigger, ".service", &service);
+ if (r < 0)
+ return log_error_errno(r, "Failed to change unit suffix: %m");
+ break;
+
+ default:
+ r = unit_name_mangle_with_suffix(arg_unit, "as unit",
+ arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN,
+ ".service", &service);
+ if (r < 0)
+ return log_error_errno(r, "Failed to mangle unit name: %m");
+
+ r = unit_name_mangle_with_suffix(arg_unit, "as trigger",
+ arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN,
+ suffix, &trigger);
+ if (r < 0)
+ return log_error_errno(r, "Failed to mangle unit name: %m");
+
+ break;
+ }
+ } else {
+ r = make_unit_name(bus, UNIT_SERVICE, &service);
+ if (r < 0)
+ return r;
+
+ r = unit_name_change_suffix(service, suffix, &trigger);
+ if (r < 0)
+ return log_error_errno(r, "Failed to change unit suffix: %m");
+ }
+
+ r = make_transient_trigger_unit(bus, &m, suffix, trigger, service);
+ if (r < 0)
+ return r;
+
polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = sd_bus_call(bus, m, 0, &error, &reply);
--
2.33.0

36
backport-sd-event-change-error-code-EINVAL-EIO.patch Normal file
View File

@ -0,0 +1,36 @@
From 42885ab01726b5937390704f1d6ec33f0321fd53 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sun, 4 Aug 2024 11:29:03 +0900
Subject: [PATCH] sd-event: change error code -EINVAL -> -EIO
EINVAL should be used when a function is called with an invalid
argument. Here, the signal is not a function argument.
Follow-up for 7a64c5f23efbb51fe4f1229c1a8aed6dd858a0a9.
(cherry picked from commit ab9af70edb23f2a66e93e2e16f87cd98873885b7)
(cherry picked from commit 84f0eda3781f49ff7f3035861b02fe247b89d65e)
(cherry picked from commit da81ee2f78526f78b3c57661a59de681d208e35e)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/ab9af70edb23f2a66e93e2e16f87cd98873885b7
---
src/libsystemd/sd-event/sd-event.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c
index 97678a4b5e..cd78d39eb4 100644
--- a/src/libsystemd/sd-event/sd-event.c
+++ b/src/libsystemd/sd-event/sd-event.c
@@ -3831,7 +3831,7 @@ static int process_signal(sd_event *e, struct signal_data *d, uint32_t events, i
return -EIO;
if (_unlikely_(!SIGNAL_VALID(si.ssi_signo)))
- return -EINVAL;
+ return -EIO;
if (e->signal_sources)
s = e->signal_sources[si.ssi_signo];
--
2.33.0

36
backport-sd-event-do-not-assert-on-invalid-signal.patch Normal file
View File

@ -0,0 +1,36 @@
From 74fa56ebc3d323bd6cd2315eb8b1057f0ea359a8 Mon Sep 17 00:00:00 2001
From: David Tardon <dtardon@redhat.com>
Date: Thu, 25 Jul 2024 10:06:34 +0200
Subject: [PATCH] sd-event: do not assert on invalid signal
The signalfd_siginfo struct is received from outside via a FD, hence
assert() is not appropriate way to check it. Just do a normal runtime
check.
(cherry picked from commit 7a64c5f23efbb51fe4f1229c1a8aed6dd858a0a9)
(cherry picked from commit 7a48ea958bf146a45cb4a3b7ff7aeb5885469196)
(cherry picked from commit 5fa8b5d74aa81e884613ba68c6f765834e6dd02c)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/7a64c5f23efbb51fe4f1229c1a8aed6dd858a0a9
---
src/libsystemd/sd-event/sd-event.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c
index 3cc37371b6..97678a4b5e 100644
--- a/src/libsystemd/sd-event/sd-event.c
+++ b/src/libsystemd/sd-event/sd-event.c
@@ -3830,7 +3830,8 @@ static int process_signal(sd_event *e, struct signal_data *d, uint32_t events, i
if (_unlikely_(n != sizeof(si)))
return -EIO;
- assert(SIGNAL_VALID(si.ssi_signo));
+ if (_unlikely_(!SIGNAL_VALID(si.ssi_signo)))
+ return -EINVAL;
if (e->signal_sources)
s = e->signal_sources[si.ssi_signo];
--
2.33.0

36
backport-sd-ipv4acd-fix-assertion-triggered-when-an-ARP-recei.patch Normal file
View File

@ -0,0 +1,36 @@
From 8ed0c0bc4899f73934f3fc1c55c5cbb58b789a4d Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Fri, 20 Sep 2024 09:58:12 +0900
Subject: [PATCH] sd-ipv4acd: fix assertion triggered when an ARP received in
STARTED state
When a network is busy, an ARP may be received before the timer event
source triggered first time.
Fixes #34489.
(cherry picked from commit 146b44d0a0001712ced2f22ca76d242eedac26ad)
(cherry picked from commit 06eb9b14829f3a5819f6daefb09fdb855cd868f4)
(cherry picked from commit b054898f12f1987d5c6fae91e664cd7f57f7fdaa)
Conflict:NA
Reference:https://github.com/systemd/systemd/commit/146b44d0a0001712ced2f22ca76d242eedac26ad
---
src/libsystemd-network/sd-ipv4acd.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/libsystemd-network/sd-ipv4acd.c b/src/libsystemd-network/sd-ipv4acd.c
index d34c63e854..c7102cc4f6 100644
--- a/src/libsystemd-network/sd-ipv4acd.c
+++ b/src/libsystemd-network/sd-ipv4acd.c
@@ -396,6 +396,7 @@ static int ipv4acd_on_packet(
}
break;
+ case IPV4ACD_STATE_STARTED:
case IPV4ACD_STATE_WAITING_PROBE:
case IPV4ACD_STATE_PROBING:
case IPV4ACD_STATE_WAITING_ANNOUNCE:
--
2.33.0

54
backport-shutdown-close-DM-block-device-before-issuing-DM_DEV.patch Normal file
View File

@ -0,0 +1,54 @@
From c7689286f631b1dc6b4d7a56c9f056eb1d2eead1 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Sat, 23 Nov 2024 05:47:40 +0900
Subject: [PATCH] shutdown: close DM block device before issuing DM_DEV_REMOVE
ioctl
Otherwise, the ioctl() may fail with EBUSY.
Follow-up for b4b66b26620bfaf5818c95d5cffafd85207694e7.
Hopefully fixes #35243.
(cherry picked from commit b76730f3fe0e824db001b38c8ea848302be786ee)
(cherry picked from commit b30364a0378881c6f0d0ff3124f56f4da989d91c)
(cherry picked from commit bb1823d3ffcf432b5175ef24049b65e7b348705b)
Conflict:the delete_dm() function is located in src/shutdown/umount.c rather than src/shutdown/detach-dm.c
Reference:https://github.com/systemd/systemd-stable/commit/c7689286f631b1dc6b4d7a56c9f056eb1d2eead1
---
src/shutdown/umount.c | 16 +++++++++-------
1 file changed, 9 insertions(+), 7 deletions(-)
diff --git a/src/shutdown/umount.c b/src/shutdown/umount.c
index 0d1b0fc451..d6bc78df41 100644
--- a/src/shutdown/umount.c
+++ b/src/shutdown/umount.c
@@ -98,15 +98,17 @@ static int delete_dm(MountPoint *m) {
assert(major(m->devnum) != 0);
assert(m->path);
- fd = open("/dev/mapper/control", O_RDWR|O_CLOEXEC);
+ fd = open(m->path, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
if (fd < 0)
- return -errno;
-
- _cleanup_close_ int block_fd = open(m->path, O_RDONLY|O_CLOEXEC|O_NONBLOCK);
- if (block_fd < 0)
log_debug_errno(errno, "Failed to open DM block device %s for syncing, ignoring: %m", m->path);
- else
- (void) sync_with_progress(block_fd);
+ else {
+ (void) sync_with_progress(fd);
+ fd = safe_close(fd);
+ }
+
+ fd = open("/dev/mapper/control", O_RDWR|O_CLOEXEC);
+ if (fd < 0)
+ return log_debug_errno(errno, "Failed to open /dev/mapper/control: %m");
if (ioctl(fd, DM_DEV_REMOVE, &(struct dm_ioctl) {
.version = {
--
2.33.0

121
backport-sysctl-apply-prefix-before-calling-glob.patch Normal file
View File

@ -0,0 +1,121 @@
From 9ec8c82b8c836f7632ba0a075c296e6ddc53f643 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 17 Aug 2022 04:54:06 +0900
Subject: [PATCH] sysctl: apply prefix before calling glob()
Otherwise, if there exist million of network interfaces,
calling glob() for network properties takes much time.
Fixes #24031.
---
src/sysctl/sysctl.c | 61 +++++++++++++++++++++++++++++++++++++++------
1 file changed, 53 insertions(+), 8 deletions(-)
diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c
index fc13529..499ddde 100644
--- a/src/sysctl/sysctl.c
+++ b/src/sysctl/sysctl.c
@@ -86,7 +86,7 @@ static Option *option_new(
return TAKE_PTR(o);
}
-static int sysctl_write_or_warn(const char *key, const char *value, bool ignore_failure) {
+static int sysctl_write_or_warn(const char *key, const char *value, bool ignore_failure, bool ignore_enoent) {
int r;
r = sysctl_write(key, value);
@@ -106,7 +106,7 @@ static int sysctl_write_or_warn(const char *key, const char *value, bool ignore_
return 0;
}
-static int apply_glob_option(OrderedHashmap *sysctl_options, Option *option) {
+static int apply_glob_option_with_prefix(OrderedHashmap *sysctl_options, Option *option, const char *prefix) {
_cleanup_strv_free_ char **paths = NULL;
_cleanup_free_ char *pattern = NULL;
int r, k;
@@ -115,7 +115,35 @@ static int apply_glob_option(OrderedHashmap *sysctl_options, Option *option) {
assert(sysctl_options);
assert(option);
- pattern = path_join("/proc/sys", option->key);
+ if (prefix) {
+ _cleanup_free_ char *key = NULL;
+
+ r = path_glob_can_match(option->key, prefix, &key);
+ if (r < 0)
+ return log_error_errno(r, "Failed to check if the glob '%s' matches prefix '%s': %m",
+ option->key, prefix);
+ if (r == 0) {
+ log_debug("The glob '%s' does not match prefix '%s'.", option->key, prefix);
+ return 0;
+ }
+
+ log_debug("The glob '%s' is prefixed with '%s': '%s'", option->key, prefix, key);
+
+ if (!string_is_glob(key)) {
+ /* The prefixed pattern is not glob anymore. Let's skip to call glob(). */
+ if (ordered_hashmap_contains(sysctl_options, key)) {
+ log_debug("Not setting %s (explicit setting exists).", key);
+ return 0;
+ }
+
+ return sysctl_write_or_warn(key, option->value,
+ /* ignore_failure = */ option->ignore_failure,
+ /* ignore_enoent = */ true);
+ }
+
+ pattern = path_join("/proc/sys", key);
+ } else
+ pattern = path_join("/proc/sys", option->key);
if (!pattern)
return log_oom();
@@ -137,15 +165,30 @@ static int apply_glob_option(OrderedHashmap *sysctl_options, Option *option) {
assert_se(key = path_startswith(*s, "/proc/sys"));
- if (!test_prefix(key))
- continue;
-
if (ordered_hashmap_contains(sysctl_options, key)) {
log_debug("Not setting %s (explicit setting exists).", key);
continue;
}
- k = sysctl_write_or_warn(key, option->value, option->ignore_failure);
+ k = sysctl_write_or_warn(key, option->value,
+ /* ignore_failure = */ option->ignore_failure,
+ /* ignore_enoent = */ false);
+ if (k < 0 && r >= 0)
+ r = k;
+ }
+
+ return r;
+}
+
+static int apply_glob_option(OrderedHashmap *sysctl_options, Option *option) {
+ int r = 0, k;
+ char **i;
+
+ if (strv_isempty(arg_prefixes))
+ return apply_glob_option_with_prefix(sysctl_options, option, NULL);
+
+ STRV_FOREACH(i, arg_prefixes) {
+ k = apply_glob_option_with_prefix(sysctl_options, option, *i);
if (k < 0 && r >= 0)
r = k;
}
@@ -167,7 +210,9 @@ static int apply_all(OrderedHashmap *sysctl_options) {
if (string_is_glob(option->key))
k = apply_glob_option(sysctl_options, option);
else
- k = sysctl_write_or_warn(option->key, option->value, option->ignore_failure);
+ k = sysctl_write_or_warn(option->key, option->value,
+ /* ignore_failure = */ option->ignore_failure,
+ /* ignore_enoent = */ false);
if (k < 0 && r >= 0)
r = k;
}
--
2.33.0

57
backport-sysctl-drop-proc-sys-in-prefix.patch Normal file
View File

@ -0,0 +1,57 @@
From c01404fdf100b03dafa8a366d07f74f3c30d5330 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 17 Aug 2022 03:11:00 +0900
Subject: [PATCH] sysctl: drop /proc/sys/ in prefix
---
src/sysctl/sysctl.c | 20 ++++----------------
1 file changed, 4 insertions(+), 16 deletions(-)
diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c
index dda112f45..ae079b7a7 100644
--- a/src/sysctl/sysctl.c
+++ b/src/sysctl/sysctl.c
@@ -56,18 +56,7 @@ static bool test_prefix(const char *p) {
if (strv_isempty(arg_prefixes))
return true;
- STRV_FOREACH(i, arg_prefixes) {
- const char *t;
-
- t = path_startswith(*i, "/proc/sys/");
- if (!t)
- t = *i;
-
- if (path_startswith(p, t))
- return true;
- }
-
- return false;
+ return path_startswith_strv(p, arg_prefixes);
}
static Option *option_new(
@@ -360,6 +349,7 @@ static int parse_argv(int argc, char *argv[]) {
break;
case ARG_PREFIX: {
+ const char *s;
char *p;
/* We used to require people to specify absolute paths
@@ -368,10 +358,8 @@ static int parse_argv(int argc, char *argv[]) {
* sysctl name available. */
sysctl_normalize(optarg);
- if (path_startswith(optarg, "/proc/sys"))
- p = strdup(optarg);
- else
- p = path_join("/proc/sys", optarg);
+ s = path_startswith(optarg, "/proc/sys");
+ p = strdup(s ?: optarg);
if (!p)
return log_oom();
--
2.33.0

132
backport-sysctl-split-out-code-for-applying-glob-option.patch Normal file
View File

@ -0,0 +1,132 @@
From 7177ac45723a2d716d34b66fb5d8691df5f2c6c8 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 17 Aug 2022 04:10:30 +0900
Subject: [PATCH] sysctl: split out code for applying glob option
---
src/sysctl/sysctl.c | 96 ++++++++++++++++++++++++---------------------
1 file changed, 51 insertions(+), 45 deletions(-)
diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c
index 642535b..df02771 100644
--- a/src/sysctl/sysctl.c
+++ b/src/sysctl/sysctl.c
@@ -106,64 +106,70 @@ static int sysctl_write_or_warn(const char *key, const char *value, bool ignore_
return 0;
}
-static int apply_all(OrderedHashmap *sysctl_options) {
- Option *option;
- int r = 0;
+static int apply_glob_option(OrderedHashmap *sysctl_options, Option *option) {
+ _cleanup_strv_free_ char **paths = NULL;
+ _cleanup_free_ char *pattern = NULL;
+ int r, k;
+ char **s;
- ORDERED_HASHMAP_FOREACH(option, sysctl_options) {
- int k;
+ assert(sysctl_options);
+ assert(option);
- /* Ignore "negative match" options, they are there only to exclude stuff from globs. */
- if (!option->value)
- continue;
+ pattern = path_join("/proc/sys", option->key);
+ if (!pattern)
+ return log_oom();
- if (string_is_glob(option->key)) {
- _cleanup_strv_free_ char **paths = NULL;
- _cleanup_free_ char *pattern = NULL;
- char **s;
+ r = glob_extend(&paths, pattern, GLOB_NOCHECK);
+ if (r < 0) {
+ if (r == -ENOENT) {
+ log_debug("No match for glob: %s", option->key);
+ return 0;
+ }
+ if (option->ignore_failure || ERRNO_IS_PRIVILEGE(r)) {
+ log_debug_errno(r, "Failed to resolve glob '%s', ignoring: %m", option->key);
+ return 0;
+ } else
+ return log_error_errno(r, "Couldn't resolve glob '%s': %m", option->key);
+ }
- pattern = path_join("/proc/sys", option->key);
- if (!pattern)
- return log_oom();
+ STRV_FOREACH(s, paths) {
+ const char *key;
- k = glob_extend(&paths, pattern, GLOB_NOCHECK);
- if (k < 0) {
- if (option->ignore_failure || ERRNO_IS_PRIVILEGE(k))
- log_debug_errno(k, "Failed to resolve glob '%s', ignoring: %m",
- option->key);
- else {
- log_error_errno(k, "Couldn't resolve glob '%s': %m",
- option->key);
- if (r == 0)
- r = k;
- }
+ assert_se(key = path_startswith(*s, "/proc/sys"));
- } else if (strv_isempty(paths))
- log_debug("No match for glob: %s", option->key);
+ if (!test_prefix(key))
+ continue;
- STRV_FOREACH(s, paths) {
- const char *key;
+ if (ordered_hashmap_contains(sysctl_options, key)) {
+ log_debug("Not setting %s (explicit setting exists).", key);
+ continue;
+ }
- assert_se(key = path_startswith(*s, "/proc/sys"));
+ k = sysctl_write_or_warn(key, option->value, option->ignore_failure);
+ if (k < 0 && r >= 0)
+ r = k;
+ }
- if (!test_prefix(key))
- continue;
+ return r;
+}
- if (ordered_hashmap_contains(sysctl_options, key)) {
- log_debug("Not setting %s (explicit setting exists).", key);
- continue;
- }
+static int apply_all(OrderedHashmap *sysctl_options) {
+ Option *option;
+ int r = 0;
- k = sysctl_write_or_warn(key, option->value, option->ignore_failure);
- if (r == 0)
- r = k;
- }
+ ORDERED_HASHMAP_FOREACH(option, sysctl_options) {
+ int k;
- } else {
+ /* Ignore "negative match" options, they are there only to exclude stuff from globs. */
+ if (!option->value)
+ continue;
+
+ if (string_is_glob(option->key))
+ k = apply_glob_option(sysctl_options, option);
+ else
k = sysctl_write_or_warn(option->key, option->value, option->ignore_failure);
- if (r == 0)
- r = k;
- }
+ if (k < 0 && r >= 0)
+ r = k;
}
return r;
--
2.33.0

35
backport-sysctl-use-ordered_hashmap_ensure_put.patch Normal file
View File

@ -0,0 +1,35 @@
From 350ffa9749f2ce5d62e4b66cc7418e25e6829963 Mon Sep 17 00:00:00 2001
From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Wed, 17 Aug 2022 14:29:26 +0900
Subject: [PATCH] sysctl: use ordered_hashmap_ensure_put()
---
src/sysctl/sysctl.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c
index de0e03ec9..dda112f45 100644
--- a/src/sysctl/sysctl.c
+++ b/src/sysctl/sysctl.c
@@ -254,9 +254,6 @@ static int parse_file(OrderedHashmap **sysctl_options, const char *path, bool ig
!test_prefix(p))
continue;
- if (ordered_hashmap_ensure_allocated(sysctl_options, &option_hash_ops) < 0)
- return log_oom();
-
existing = ordered_hashmap_get(*sysctl_options, p);
if (existing) {
if (streq_ptr(value, existing->value)) {
@@ -272,7 +269,7 @@ static int parse_file(OrderedHashmap **sysctl_options, const char *path, bool ig
if (!new_option)
return log_oom();
- k = ordered_hashmap_put(*sysctl_options, new_option->key, new_option);
+ k = ordered_hashmap_ensure_put(sysctl_options, &option_hash_ops, new_option->key, new_option);
if (k < 0)
return log_error_errno(k, "Failed to add sysctl variable %s to hashmap: %m", p);
--
2.33.0

49
systemd-logind-add-log-to-display-devices.patch Normal file
View File

@ -0,0 +1,49 @@
From daebc1a8c4ef28c8a52f7549f18d42702abd7cdc Mon Sep 17 00:00:00 2001
From: huyubiao <huyubiao@huawei.com>
Date: Tue, 12 Nov 2024 15:36:21 +0800
Subject: [PATCH] systemd-logind button_dispatch add log to display devices that triggered the button
---
src/login/logind-action.c | 7 +++++++
src/login/logind-button.c | 7 +++++++
2 files changed, 14 insertions(+)
diff --git a/src/login/logind-action.c b/src/login/logind-action.c
index 8ed066c..5bc4d6f 100644
--- a/src/login/logind-action.c
+++ b/src/login/logind-action.c
@@ -158,6 +158,13 @@ int manager_handle_action(
return is_edge ? -EPERM : 0;
}
+ // Extra log to console
+ LogTarget old_target = log_get_target();
+ log_set_always_reopen_console(true);
+ log_set_target_and_open(LOG_TARGET_CONSOLE);
+ log_info("%s", message_table[handle]);
+ log_set_always_reopen_console(false);
+ log_set_target_and_open(old_target);
log_info("%s", message_table[handle]);
r = bus_manager_shutdown_or_sleep_now_or_later(m, target, inhibit_operation, &error);
diff --git a/src/login/logind-button.c b/src/login/logind-button.c
index 0ee6702..70e379c 100644
--- a/src/login/logind-button.c
+++ b/src/login/logind-button.c
@@ -126,6 +126,13 @@ static int button_dispatch(sd_event_source *s, int fd, uint32_t revents, void *u
assert(fd == b->fd);
assert(b);
+ LogTarget old_target = log_get_target();
+ log_set_always_reopen_console(true);
+ log_set_target_and_open(LOG_TARGET_CONSOLE);
+ log_info("button:%s event", b->name);
+ log_set_always_reopen_console(false);
+ log_set_target_and_open(old_target);
+
l = read(b->fd, &ev, sizeof(ev));
if (l < 0)
return errno != EAGAIN ? -errno : 0;
--
2.33.0

67
systemd.spec
View File

@ -25,7 +25,7 @@
Name: systemd
Url: https://systemd.io/
Version: 249
Release: 97
Release: 102
License: MIT and LGPLv2+ and GPLv2+
Summary: System and Service Manager
@ -713,6 +713,33 @@ Patch6660: backport-resolved-correct-parsing-of-OPT-extended-RCODEs.patch
Patch6661: backport-coredump-correctly-take-tmpfs-size-into-account-for-.patch
Patch6662: backport-sysusers-handle-NSS-errors-gracefully.patch
Patch6663: backport-shared-log-error-when-execve-fail.patch
Patch6664: backport-run-split-out-creation-of-unit-creation-messages.patch
Patch6665: backport-run-pass-the-pty-slave-fd-to-transient-service.patch
Patch6666: backport-run-do-not-pass-the-pty-slave-fd-to-transient-servic.patch
Patch6667: backport-sd-event-do-not-assert-on-invalid-signal.patch
Patch6668: backport-sd-event-change-error-code-EINVAL-EIO.patch
Patch6669: backport-basic-log-do-not-treat-all-negative-errnos-as-synthe.patch
Patch6670: backport-sd-ipv4acd-fix-assertion-triggered-when-an-ARP-recei.patch
Patch6671: backport-main-reopen-dev-console-for-user-service-manager.patch
Patch6672: backport-log-add-common-helper-log_set_target_and_open.patch
Patch6673: backport-resolved-log-error-messages-for-openssl-gnutls-conte.patch
Patch6674: backport-journalctl-erase-verify-key-before-free.patch
Patch6675: backport-core-service-use-log_unit_-where-appropriate.patch
Patch6676: backport-manager-log-unit-pid-of-sender-when-Reload-is-called.patch
Patch6677: backport-Manager-also-log-caller-of-daemon-reexec.patch
Patch6678: backport-manager-improve-message-about-Reload-Reexec-requests.patch
Patch6679: backport-core-fix-null-in-output.patch
Patch6680: backport-core-Bump-log-level-of-reexecute-request-to-notice.patch
Patch6681: backport-core-Log-in-more-scenarios-about-which-process-initi.patch
Patch6682: backport-sysctl-use-ordered_hashmap_ensure_put.patch
Patch6683: backport-sysctl-drop-proc-sys-in-prefix.patch
Patch6684: backport-sysctl-split-out-code-for-applying-glob-option.patch
Patch6685: backport-path-util-introduce-path_glob_can_match.patch
Patch6686: backport-sysctl-apply-prefix-before-calling-glob.patch
Patch6687: backport-shutdown-close-DM-block-device-before-issuing-DM_DEV.patch
Patch6688: backport-execute-free-syscall_log-hashmap-when-done.patch
Patch6689: backport-logind-let-system-wide-idle-begin-at-the-time-logind.patch
Patch6690: backport-core-fix-assert-when-AddDependencyUnitFiles-is-calle.patch
Patch9001: update-rtc-with-system-clock-when-shutdown.patch
Patch9002: udev-add-actions-while-rename-netif-failed.patch
@ -773,6 +800,8 @@ Patch9057: add-support-to-relabel-systemd-process-for-embedded.patch
Patch9058: embedded-add-noexec-mount-option-to-strenthen-tmp-pa.patch
Patch9059: embedded-use-yocto-configs.patch
Patch9060: embedded-add-cpuset-cgv1-and-freezer-cgv1-option.patch
Patch9061: systemd-logind-add-log-to-display-devices.patch
Patch9062: add-DefaultEnableMemswLimit-support.patch
Patch9801: Systemd-Add-sw64-architecture.patch
Patch9802: 0029-Add-support-for-the-LoongArch-architecture.patch
@ -2227,6 +2256,42 @@ grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null &&
/usr/bin/systemd-cryptenroll
%changelog
* Mon Mar 31 2025 hugel <gengqihu2@h-partners.com> - 249-102
- sync patch from systemd community
- add backport-shutdown-close-DM-block-device-before-issuing-DM_DEV.patch
backport-execute-free-syscall_log-hashmap-when-done.patch
backport-logind-let-system-wide-idle-begin-at-the-time-logind.patch
backport-core-fix-assert-when-AddDependencyUnitFiles-is-calle.patch
* Mon Feb 17 2025 zhangyao <zhangyao108@huawei.com> - 249-101
- sysctl: improve performance for applying glob pattern
* Tue Dec 24 2024 xujing <xujing125@huawei.com> - 249-100
- add DefaultEnableMemswLimit support
* Tue Dec 24 2024 huyubiao <huyubiao@huawei.com> - 249-99
- systemd-logind button_dispatch add log to display devices that triggered the button
* Fri Dec 13 2024 wangyuhang <wangyuhang27@huawei.com> - 249-98
- add backport-run-split-out-creation-of-unit-creation-messages.patch
backport-run-pass-the-pty-slave-fd-to-transient-service.patch
backport-run-do-not-pass-the-pty-slave-fd-to-transient-servic.patch
backport-sd-event-do-not-assert-on-invalid-signal.patch
backport-sd-event-change-error-code-EINVAL-EIO.patch
backport-basic-log-do-not-treat-all-negative-errnos-as-synthe.patch
backport-sd-ipv4acd-fix-assertion-triggered-when-an-ARP-recei.patch
backport-main-reopen-dev-console-for-user-service-manager.patch
backport-log-add-common-helper-log_set_target_and_open.patch
backport-resolved-log-error-messages-for-openssl-gnutls-conte.patch
backport-journalctl-erase-verify-key-before-free.patch
backport-core-service-use-log_unit_-where-appropriate.patch
backport-manager-log-unit-pid-of-sender-when-Reload-is-called.patch
backport-Manager-also-log-caller-of-daemon-reexec.patch
backport-manager-improve-message-about-Reload-Reexec-requests.patch
backport-core-fix-null-in-output.patch
backport-core-Bump-log-level-of-reexecute-request-to-notice.patch
backport-core-Log-in-more-scenarios-about-which-process-initi.patch
* Wed Dec 11 2024 zhangyao <zhangyao108@huawei.com> - 249-97
- add backport-logind-give-better-error-messages-when-failing-to-at.patch
backport-sd-journal-refuse-entry-objects-with-an-empty-boot-I.patch