journald: Do not always record _AUDIT_SESSION and _AUDIT_LOGINUID
When systemd was compiled without audit support, do not collect the
audit session and loginuid in the journal. This is saving a couple of
syscalls and memory allocations per log message.
util: Avoid memory allocations for formatting paths
Avoid memory allocations to construct the path for files in the
procfs. The procfs paths are way shorter than the PATH_MAX so we
can use snprintf on a string located on the stack. This shows up
as a win on x86 using the benchmark program below.
Harald Hoyer [Mon, 8 Apr 2013 12:05:24 +0000 (14:05 +0200)]
Do not serialize environment, when switching root
When switching root, i.e. LANG can be set to the locale of the initramfs
or "C", if it was unset. When systemd deserializes LANG in the real root
this would overwrite the setting previously gathered by locale_set().
To reproduce, boot with an initramfs without locale.conf or change
/etc/locale.conf to a different language than the initramfs and check a
daemon started by systemd:
$ tr "$\000" '\n' </proc/$(pidof sshd)/environ | grep LANG
LANG=C
To prevent that, serialization of environment variables is skipped, when
serializing for switching root.
Simon McVittie [Fri, 5 Apr 2013 12:35:22 +0000 (13:35 +0100)]
sd-daemon.c: allow use of -lrt to be avoided
In recent glibc, many commonly-used librt functions have moved
from librt to libc. This results in dbus' configure.ac
concluding that we don't need to link in librt. However,
sd-daemon.c needs it for mq_getattr(), causing the build
to fail.
dbus doesn't use POSIX message queues, so I'd prefer to be
able to avoid "if on Linux, link librt for sd-daemon.c".
Kay Sievers [Sat, 6 Apr 2013 00:56:04 +0000 (02:56 +0200)]
dbus-loop.c: fix variable initialization
Fix for: b92bea5d2a9481de69bb627a7b442a9f58fca43d
Causing:
systemd-logind[265]: Assertion 'd = event.data.ptr' failed at src/shared/dbus-loop.c:233, function bus_loop_dispatch(). Aborting.
Before, we would initialize many fields twice: first
by filling the structure with zeros, and then a second
time with the real values. We can let the compiler do
the job for us, avoiding one copy.
A downside of this patch is that text gets slightly
bigger. This is because all zero() calls are effectively
inlined:
$ size build/.libs/systemd
text data bss dec hex filename
before 897737 107300 2560 1007597 f5fed build/.libs/systemd
after 897873 107300 2560 1007733 f6075 build/.libs/systemd
… actually less than 1‰.
A few asserts that the parameter is not null had to be removed. I
don't think this changes much, because first, it is quite unlikely
for the assert to fail, and second, an immediate SEGV is almost as
good as an assert.
udev-builtin-usb_id: avoid comparison of unsigned and ssize_t
For some reason this shows up on i686 only:
src/udev/udev-builtin-usb_id.c:192:20: warning: comparison between signed and unsigned integer expressions [-Wsign-compare]
It's probably a good idea to minimize the number of field names to show
in the "systemctl status" output, in order to make them useful as a
guide for the reader how things are "grouped". This patch moves
information about the used socket technology to the end of the output
lines in brackets, rather than into the field names. This turns the used
socket technology into what it is -- peripheral meta information --
instead of something that was at the core.
New output:
systemd-journald.socket - Journal Socket
Loaded: loaded (/usr/lib/systemd/system/systemd-journald.socket; static)
Active: active (running) since Fr 2013-03-29 02:16:30 CET; 1 weeks 0 days ago
Docs: man:systemd-journald.service(8)
man:journald.conf(5)
man:systemd-journald.service(8)
man:journald.conf(5)
Listen: /run/systemd/journal/stdout (Stream)
/run/systemd/journal/socket (Datagram)
/dev/log (Datagram)
Martin Pitt [Tue, 26 Mar 2013 10:36:31 +0000 (11:36 +0100)]
PAM, uaccess: check for logind, not for systemd
It is possible to build systemd without logind or run logind without systemd
init. Commit 66e41181 fixed sd_booted() to only succeed for systemd init; with
that, testing for systemd init is wrong in the parts that talk to logind.
In particular, this affects the PAM module and the "uaccess" udev builtin.
Change sd_booted() to a new logind_running() which tests for
/run/systemd/seats/.
For details, see:
<https://mail.gnome.org/archives/desktop-devel-list/2013-March/msg00092.html>
Michal Schmidt [Fri, 5 Apr 2013 11:32:34 +0000 (13:32 +0200)]
vconsole-setup: fix vconsole.conf vs. cmdline overriding logic
Skipping the parsing of /etc/vconsole.conf just because some values were
already assigned from the cmdline never made sense. And by the way, commit f73141d changed the return values of parse_env_file() - it now gives 0
on success. Which means in current HEAD /etc/vconsole.conf overrides the
cmdline, which is the reverse of what's expected.
We need to parse /etc/vconsole.conf first and then let vconsole.*
overrides from cmdline take effect. The behaviour is documented in
vconsole.conf(5).
Harald Hoyer [Fri, 1 Mar 2013 14:13:43 +0000 (15:13 +0100)]
cryptsetup-generator: add JobTimeoutSec=0 for the decrypted crypt devices
The password query for a crypto device currently times out after 90s,
which is too short to grab a cup of coffee when a machine boots up.
The resulting decrypted device /dev/mapper/luks-<uuid> might not
be a mountpoint (but part of a LVM PV or raid array)
and therefore the timeout cannot be controlled by the settings
in /etc/fstab. For this reason this device should not carry its own timeout.
Also the encrypted device /dev/disk/by-*/* already has a timeout and
additionally the timeout for the password query is set in /etc/crypttab.
This patch disables the timeout of the resulting decrypted devices by creating
<device-unit>.d/50-job-timeout-sec-0.conf files with "JobTimeoutSec=0".
journal: add public API call sd_journal_get_events()
This function should be used when filling in "struct pollfd"'s .events
field for watching the journal. It will always return POLLIN for now,
but we should keep our options open to change this later on.
This mimics libsystemd-bus' sd_bus_get_events() call with the same
purpose.
Instead of outputting "5h 55s 50ms 3us" we'll now output "5h
55.050003s". Also, while outputting the accuracy is configurable.
Basically we now try use "dot notation" for all time values > 1min. For
>= 1s we use 's' as unit, otherwise for >= 1ms we use 'ms' as unit, and
finally 'us'.
build-sys: "link" libsystemd-id128 against libsd-daemon-internal
georgem> libsystemd-id128.so: undefined reference to `sd_listen_fds'
In some toolchains (--as-needed not used or not working), the
toolchain doesn't drop this dependency. It is introduced because
sd-id128.so is linked against sd-shared.la, and some functions therein
use libsystemd-daemon, but libsd-id128 doesn't use any of those
functions.
This results in no change in libsystemd-id128.so when the unused
symbols are properly stripped.
hostnamectl: if somebody invokes 'hostnamectl set-hostname' with a valid internet hostname unset the pretty name
If people are unaware or uninterested in the concept of pretty host
names, and simply invoke "hostnamectl set-hostname" for a valid internet
host name, then use this as indication to unset the pretty host name and
only set the static/dynamic one.
This also allows fqdn, hence "hostnamectl set-hostname www.foobar.com"
will just work if people really insist on using fqdns as hostnames.
This will properly escape all weird chars when writing env var files.
With this in place we can now read and write environment files where the
values contain arbitrary weird chars.
This enables hostnamed and suchlike to finally properly save pretty host
names with backlashes or quotes in them.
Implement this with a proper state machine, so that newlines and
escaped chars can appear in string assignments. This should bring the
parser much closer to shell.
util: rename parse_usec() to parse_sec() sinds the default unit is seconds
Internally we store all time values in usec_t, however parse_usec()
actually was used mostly to parse values in seconds (unless explicit
units were specified to define a different unit). Hence, be clear about
this and name the function about what we pass into it, not what we get
out of it.
mss-myhostname wasn't working because of underlinking. Instead of
fixing the underlinking, just remove the use of _cleanup_ macros.
It is impolite to use our utility functions in modules designed to be
loaded by others. So cleanup macros which (at some point) call assert
which calls log_assert_failed, should not be used. Revert this part of
commit d73c3269c.
Do no isolate in case of emergency or severe problems
This patch changes local-fs.target and systemd-fsck to not use
"isolate" when going into emergency.
This fixes https://bugzilla.redhat.com/show_bug.cgi?id=810722
The motivation is, that when something wents wrong, we should
keep everything as it is, to let the user fix the problem. When
isolating we stop a lot of services and therefore change the
system heavily so that it gets harder for the user to fix.
An example is a crypted partition. When the fsck in a crypted
partition fails, it previously used "emergency/start/isolate"
which stops cryptsetup. Therefore if the user tries to fsck
e.g. /dev/mapper/luks-356c20ae-c7a2-4f1c-ae1d-1d290a91b691
as printed by the failing fsck, then it will not find this
device (because it got closed).
So please apply this patch to let the user see the failing
situation.
Thanks!
[zj: removed dead isolate param from start_target().]
code in src/shared/macro.h only defined MAX/MIN in case
they were not defined previously. however the MAX/MIN
macros implemented in glibc are not of the "safe" kind but defined
as:
shutdown: correctly wait for processes we killed in the killall spree
Previously we simply counted how many processes we killed and expected
as many waitpid() calls to succeed. That however is incorrect to do.
As we might kill processes that are not our immediate children, and as
there might be left-over processes in the waitpid() queue from earlier
the we might get more ore less waitpid() events that we expect.
Hence: keep precise track of the processes we kill, remove the ones we
get waitpid() for, and after each time we get SIGCHLD check if all
others still exist. We use getpgid() to check if a PID still exists.
This should fix issues with journald not setting journal files offline
correctly on shutdown, because we'd too quickly proceed from SIGTERM to
SIGKILL because some left-over process was in our waitpid() queue.
core/socket: log errors when starting socket for this socket
When showing an error like 'Socket service not loaded', the
error won't show up in the status for the socket, unless it is
marked as SYSTEMD_UNIT=*.socket. Marking it as SYSTEMD_UNIT=*.service,
when the service is non-existent, is not useful.