diff options
Diffstat (limited to 'src/core')
| -rw-r--r-- | src/core/dbus-cgroup.c | 2 | ||||
| -rw-r--r-- | src/core/dbus-execute.c | 4 | ||||
| -rw-r--r-- | src/core/execute.c | 12 | ||||
| -rw-r--r-- | src/core/kmod-setup.c | 36 | ||||
| -rw-r--r-- | src/core/load-fragment.c | 2 | ||||
| -rw-r--r-- | src/core/service.c | 3 |
6 files changed, 45 insertions, 14 deletions
diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c index a57b7e8..ee4002f 100644 --- a/src/core/dbus-cgroup.c +++ b/src/core/dbus-cgroup.c @@ -519,7 +519,7 @@ static int bus_cgroup_set_transient_property( if (!UNIT_WRITE_FLAGS_NOOP(flags)) { c->delegate = b; - c->delegate_controllers = b ? _CGROUP_MASK_ALL : 0; + c->delegate_controllers = b ? CGROUP_MASK_DELEGATE : 0; unit_write_settingf(u, flags, name, "Delegate=%s", yes_no(b)); } diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c index b4c4cd9..479e784 100644 --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@ -728,7 +728,7 @@ static int property_get_bind_paths( c->bind_mounts[i].source, c->bind_mounts[i].destination, c->bind_mounts[i].ignore_enoent, - c->bind_mounts[i].recursive ? (uint64_t) MS_REC : (uint64_t) 0); + c->bind_mounts[i].recursive ? (uint64_t) MS_REC : UINT64_C(0)); if (r < 0) return r; } @@ -1100,7 +1100,7 @@ static int bus_property_get_exec_dir_symlink( for (size_t i = 0; i < d->n_items; i++) STRV_FOREACH(dst, d->items[i].symlinks) { - r = sd_bus_message_append(reply, "(sst)", d->items[i].path, *dst, 0 /* flags, unused for now */); + r = sd_bus_message_append(reply, "(sst)", d->items[i].path, *dst, UINT64_C(0) /* flags, unused for now */); if (r < 0) return r; } diff --git a/src/core/execute.c b/src/core/execute.c index 9715d02..2c1dda1 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -4512,6 +4512,16 @@ static int exec_child( } if (context->utmp_id) { + _cleanup_free_ char *username_alloc = NULL; + + if (!username && context->utmp_mode == EXEC_UTMP_USER) { + username_alloc = uid_to_name(uid_is_valid(uid) ? uid : saved_uid); + if (!username_alloc) { + *exit_status = EXIT_USER; + return log_oom(); + } + } + const char *line = context->tty_path ? (path_startswith(context->tty_path, "/dev/") ?: context->tty_path) : NULL; @@ -4520,7 +4530,7 @@ static int exec_child( context->utmp_mode == EXEC_UTMP_INIT ? INIT_PROCESS : context->utmp_mode == EXEC_UTMP_LOGIN ? LOGIN_PROCESS : USER_PROCESS, - username); + username ?: username_alloc); } if (uid_is_valid(uid)) { diff --git a/src/core/kmod-setup.c b/src/core/kmod-setup.c index 15337d0..ea01fd7 100644 --- a/src/core/kmod-setup.c +++ b/src/core/kmod-setup.c @@ -30,7 +30,7 @@ static void systemd_kmod_log( REENABLE_WARNING; } -static int has_virtio_rng_recurse_dir_cb( +static int match_modalias_recurse_dir_cb( RecurseDirEvent event, const char *path, int dir_fd, @@ -40,6 +40,7 @@ static int has_virtio_rng_recurse_dir_cb( void *userdata) { _cleanup_free_ char *alias = NULL; + char **modaliases = ASSERT_PTR(userdata); int r; if (event != RECURSE_DIR_ENTRY) @@ -57,13 +58,13 @@ static int has_virtio_rng_recurse_dir_cb( return RECURSE_DIR_LEAVE_DIRECTORY; } - if (STARTSWITH_SET(alias, "pci:v00001AF4d00001005", "pci:v00001AF4d00001044")) + if (startswith_strv(alias, modaliases)) return 1; return RECURSE_DIR_LEAVE_DIRECTORY; } -static bool has_virtio_rng(void) { +static bool has_virtio_feature(const char *name, char **modaliases) { int r; /* Directory traversal might be slow, hence let's do a cheap check first if it's even worth it */ @@ -74,16 +75,28 @@ static bool has_virtio_rng(void) { AT_FDCWD, "/sys/devices/pci0000:00", /* statx_mask= */ 0, - /* n_depth_max= */ 2, + /* n_depth_max= */ 3, RECURSE_DIR_ENSURE_TYPE, - has_virtio_rng_recurse_dir_cb, - NULL); + match_modalias_recurse_dir_cb, + modaliases); if (r < 0) - log_debug_errno(r, "Failed to determine whether host has virtio-rng device, ignoring: %m"); + log_debug_errno(r, "Failed to determine whether host has %s device, ignoring: %m", name); return r > 0; } +static bool has_virtio_rng(void) { + return has_virtio_feature("virtio-rng", STRV_MAKE("pci:v00001AF4d00001005", "pci:v00001AF4d00001044")); +} + +static bool has_virtiofs(void) { + return has_virtio_feature("virtiofs", STRV_MAKE("virtio:d0000001Av")); +} + +static bool has_virtio_pci(void) { + return has_virtio_feature("virtio-pci", STRV_MAKE("pci:v00001AF4d")); +} + static bool in_qemu(void) { return IN_SET(detect_vm(), VIRTUALIZATION_KVM, VIRTUALIZATION_QEMU); } @@ -117,6 +130,15 @@ int kmod_setup(void) { /* virtio_rng would be loaded by udev later, but real entropy might be needed very early */ { "virtio_rng", NULL, false, false, has_virtio_rng }, + /* We can't wait for specific virtiofs tags to show up as device nodes so we have to load the + * virtiofs and virtio_pci modules early to make sure the virtiofs tags are found when + * sysroot.mount is started. + * + * TODO: Remove these again once https://gitlab.com/virtio-fs/virtiofsd/-/issues/128 is + * resolved and the kernel fix is widely available. */ + { "virtiofs", "/sys/module/virtiofs", false, false, has_virtiofs }, + { "virtio_pci", "/sys/module/virtio_pci", false, false, has_virtio_pci }, + /* qemu_fw_cfg would be loaded by udev later, but we want to import credentials from it super early */ { "qemu_fw_cfg", "/sys/firmware/qemu_fw_cfg", false, false, in_qemu }, diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c index 1001faa..5f4d4b0 100644 --- a/src/core/load-fragment.c +++ b/src/core/load-fragment.c @@ -3990,7 +3990,7 @@ int config_parse_delegate( } else if (r > 0) { c->delegate = true; - c->delegate_controllers = _CGROUP_MASK_ALL; + c->delegate_controllers = CGROUP_MASK_DELEGATE; } else { c->delegate = false; c->delegate_controllers = 0; diff --git a/src/core/service.c b/src/core/service.c index 1d5b9ff..cdddd49 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -594,8 +594,7 @@ static int service_verify(Service *s) { if (s->type != SERVICE_ONESHOT && s->exec_command[SERVICE_EXEC_START]->command_next) return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOEXEC), "Service has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing."); - if (s->type == SERVICE_ONESHOT && - !IN_SET(s->restart, SERVICE_RESTART_NO, SERVICE_RESTART_ON_FAILURE, SERVICE_RESTART_ON_ABNORMAL, SERVICE_RESTART_ON_WATCHDOG, SERVICE_RESTART_ON_ABORT)) + if (s->type == SERVICE_ONESHOT && IN_SET(s->restart, SERVICE_RESTART_ALWAYS, SERVICE_RESTART_ON_SUCCESS)) return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(ENOEXEC), "Service has Restart= set to either always or on-success, which isn't allowed for Type=oneshot services. Refusing."); if (s->type == SERVICE_ONESHOT && !exit_status_set_is_empty(&s->restart_force_status)) |