From 66154542ca041bfe248eba890fccfe1aef0bb405 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Mar 31 2020 09:40:03 +0000 Subject: import systemd-219-73.el7.1 --- diff --git a/SOURCES/0747-path-util-fix-more-path_is_mount-e792e890f-fallout.patch b/SOURCES/0747-path-util-fix-more-path_is_mount-e792e890f-fallout.patch new file mode 100644 index 0000000..1ed1346 --- /dev/null +++ b/SOURCES/0747-path-util-fix-more-path_is_mount-e792e890f-fallout.patch @@ -0,0 +1,83 @@ +From 728b5cc04fe75f2b46a34c78a94fe906f34596f1 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 7 Apr 2015 16:03:45 +0200 +Subject: [PATCH] path-util: fix more path_is_mount e792e890f fallout + +(cherry picked from commit da00518b3f3a8b08d521c4b72068eafa2db566cc) + +Related: 1585411 +--- + src/core/automount.c | 6 ++---- + src/nspawn/nspawn.c | 2 +- + src/shared/cgroup-util.c | 6 ++++-- + src/test/test-path-util.c | 10 ++++++++-- + 4 files changed, 15 insertions(+), 9 deletions(-) + +diff --git a/src/core/automount.c b/src/core/automount.c +index 4678bdc7c9..590b1952e0 100644 +--- a/src/core/automount.c ++++ b/src/core/automount.c +@@ -789,10 +789,8 @@ static int automount_start(Unit *u) { + assert(a); + assert(a->state == AUTOMOUNT_DEAD || a->state == AUTOMOUNT_FAILED); + +- if (path_is_mount_point(a->where, false)) { +- log_unit_error(u->id, +- "Path %s is already a mount point, refusing start for %s", +- a->where, u->id); ++ if (path_is_mount_point(a->where, false) > 0) { ++ log_unit_error(u->id, "Path %s is already a mount point, refusing start for %s", a->where, u->id); + return -EEXIST; + } + +diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c +index ee2e1832f1..e7ecee8674 100644 +--- a/src/nspawn/nspawn.c ++++ b/src/nspawn/nspawn.c +@@ -864,7 +864,7 @@ static int mount_all(const char *dest) { + return log_oom(); + + t = path_is_mount_point(where, true); +- if (t < 0) { ++ if (t < 0 && t != -ENOENT) { + log_error_errno(t, "Failed to detect whether %s is a mount point: %m", where); + + if (r == 0) +diff --git a/src/shared/cgroup-util.c b/src/shared/cgroup-util.c +index 4585450b39..f1bed8a25a 100644 +--- a/src/shared/cgroup-util.c ++++ b/src/shared/cgroup-util.c +@@ -489,8 +489,10 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch + int r; + + r = path_is_mount_point("/sys/fs/cgroup", false); +- if (r <= 0) +- return r < 0 ? r : -ENOENT; ++ if (r < 0) ++ return r; ++ if (r == 0) ++ return -ENOENT; + + /* Cache this to save a few stat()s */ + good = true; +diff --git a/src/test/test-path-util.c b/src/test/test-path-util.c +index aee1f4e036..aebfa3821d 100644 +--- a/src/test/test-path-util.c ++++ b/src/test/test-path-util.c +@@ -86,8 +86,14 @@ static void test_path(void) { + test_parent("/aa///file...", "/aa///"); + test_parent("file.../", NULL); + +- assert_se(path_is_mount_point("/", true)); +- assert_se(path_is_mount_point("/", false)); ++ assert_se(path_is_mount_point("/", true) > 0); ++ assert_se(path_is_mount_point("/", false) > 0); ++ ++ assert_se(path_is_mount_point("/proc", true) > 0); ++ assert_se(path_is_mount_point("/proc", false) > 0); ++ ++ assert_se(path_is_mount_point("/sys", true) > 0); ++ assert_se(path_is_mount_point("/sys", false) > 0); + + { + char p1[] = "aaa/bbb////ccc"; diff --git a/SOURCES/0747-return-error-value-on-failure.patch b/SOURCES/0747-return-error-value-on-failure.patch deleted file mode 100644 index 573bdfa..0000000 --- a/SOURCES/0747-return-error-value-on-failure.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 0ee2318c1bc5f13904b8f60e3826eadfe2b7c66f Mon Sep 17 00:00:00 2001 -From: David Tardon -Date: Thu, 4 Jul 2019 15:57:23 +0200 -Subject: [PATCH] return error value on failure - -Regression from commit c0f32feb77768aa76d8c813471b3484c93bc2651 . - -(cherry picked from commit e4a25c5d867e6ed832a077c32f3555bcd49ef8a6) - -Resolves: #1729226 ---- - src/core/service.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/core/service.c b/src/core/service.c -index 93e4759171..957c6f37cc 100644 ---- a/src/core/service.c -+++ b/src/core/service.c -@@ -750,9 +750,9 @@ static int service_load_pid_file(Service *s, bool may_warn) { - - fd = chase_symlinks(s->pid_file, NULL, CHASE_OPEN|CHASE_SAFE, NULL); - if (fd == -EPERM) -- return log_unit_full(UNIT(s)->id, prio, "Permission denied while opening PID file or unsafe symlink chain: %s", s->pid_file); -+ return log_unit_full_errno(UNIT(s)->id, prio, fd, "Permission denied while opening PID file or unsafe symlink chain: %s", s->pid_file); - if (fd < 0) -- return log_unit_full(UNIT(s)->id, prio, "Can't open PID file %s (yet?) after %s: %m", s->pid_file, service_state_to_string(s->state)); -+ return log_unit_full_errno(UNIT(s)->id, prio, fd, "Can't open PID file %s (yet?) after %s: %m", s->pid_file, service_state_to_string(s->state)); - - /* Let's read the PID file now that we chased it down. But we need to convert the O_PATH fd chase_symlinks() returned us into a proper fd first. */ - xsprintf(procfs, "/proc/self/fd/%i", fd); -@@ -762,7 +762,7 @@ static int service_load_pid_file(Service *s, bool may_warn) { - - r = parse_pid(k, &pid); - if (r < 0) -- return log_unit_full(UNIT(s)->id, prio, "Failed to parse PID from file %s: %m", s->pid_file); -+ return log_unit_full_errno(UNIT(s)->id, prio, r, "Failed to parse PID from file %s: %m", s->pid_file); - - if (s->main_pid_known && pid == s->main_pid) - return 0; diff --git a/SOURCES/0748-return-error-value-on-failure.patch b/SOURCES/0748-return-error-value-on-failure.patch new file mode 100644 index 0000000..40546e5 --- /dev/null +++ b/SOURCES/0748-return-error-value-on-failure.patch @@ -0,0 +1,37 @@ +From e4a25c5d867e6ed832a077c32f3555bcd49ef8a6 Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Thu, 4 Jul 2019 15:57:23 +0200 +Subject: [PATCH] return error value on failure + +Regression from commit c0f32feb77768aa76d8c813471b3484c93bc2651 . + +Resolves: #1726785 +--- + src/core/service.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/core/service.c b/src/core/service.c +index 93e4759171..957c6f37cc 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -750,9 +750,9 @@ static int service_load_pid_file(Service *s, bool may_warn) { + + fd = chase_symlinks(s->pid_file, NULL, CHASE_OPEN|CHASE_SAFE, NULL); + if (fd == -EPERM) +- return log_unit_full(UNIT(s)->id, prio, "Permission denied while opening PID file or unsafe symlink chain: %s", s->pid_file); ++ return log_unit_full_errno(UNIT(s)->id, prio, fd, "Permission denied while opening PID file or unsafe symlink chain: %s", s->pid_file); + if (fd < 0) +- return log_unit_full(UNIT(s)->id, prio, "Can't open PID file %s (yet?) after %s: %m", s->pid_file, service_state_to_string(s->state)); ++ return log_unit_full_errno(UNIT(s)->id, prio, fd, "Can't open PID file %s (yet?) after %s: %m", s->pid_file, service_state_to_string(s->state)); + + /* Let's read the PID file now that we chased it down. But we need to convert the O_PATH fd chase_symlinks() returned us into a proper fd first. */ + xsprintf(procfs, "/proc/self/fd/%i", fd); +@@ -762,7 +762,7 @@ static int service_load_pid_file(Service *s, bool may_warn) { + + r = parse_pid(k, &pid); + if (r < 0) +- return log_unit_full(UNIT(s)->id, prio, "Failed to parse PID from file %s: %m", s->pid_file); ++ return log_unit_full_errno(UNIT(s)->id, prio, r, "Failed to parse PID from file %s: %m", s->pid_file); + + if (s->main_pid_known && pid == s->main_pid) + return 0; diff --git a/SOURCES/0748-revert-local-changes-made-during-backport-of-the-tes.patch b/SOURCES/0748-revert-local-changes-made-during-backport-of-the-tes.patch deleted file mode 100644 index 4bad426..0000000 --- a/SOURCES/0748-revert-local-changes-made-during-backport-of-the-tes.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 067cc9cc451ef4b98f451bf3a67c10660749ddd0 Mon Sep 17 00:00:00 2001 -From: David Tardon -Date: Wed, 10 Jul 2019 09:48:51 +0200 -Subject: [PATCH] revert local changes made during backport of the test - -(cherry picked from commit 225a458ec4c1bee97d0cee13895977614fd8cc16) - -Related: #1729226 ---- - test/TEST-20-MAINPIDGAMES/testsuite.sh | 6 ++---- - 1 file changed, 2 insertions(+), 4 deletions(-) - -diff --git a/test/TEST-20-MAINPIDGAMES/testsuite.sh b/test/TEST-20-MAINPIDGAMES/testsuite.sh -index d4ad63865c..8b0b664652 100755 ---- a/test/TEST-20-MAINPIDGAMES/testsuite.sh -+++ b/test/TEST-20-MAINPIDGAMES/testsuite.sh -@@ -175,12 +175,10 @@ ExecStart=/dev/shm/mainpid3.sh - EOF - - systemctl daemon-reload --systemctl start mainpidsh3.service -+! systemctl start mainpidsh3.service - - # Test that this failed due to timeout, and not some other error --# test `systemctl_show_value -p Result mainpidsh3.service` = timeout --# Just check that there is no MainPID => the pid file was ignored --test `systemctl_show_value -p MainPID mainpidsh3.service` -eq 0 -+test `systemctl_show_value -p Result mainpidsh3.service` = timeout - - systemd-analyze set-log-level info - diff --git a/SOURCES/0749-core-timer-Prevent-timer-looping-when-unit-cannot-st.patch b/SOURCES/0749-core-timer-Prevent-timer-looping-when-unit-cannot-st.patch deleted file mode 100644 index 0266c15..0000000 --- a/SOURCES/0749-core-timer-Prevent-timer-looping-when-unit-cannot-st.patch +++ /dev/null @@ -1,75 +0,0 @@ -From d7eac3e0ae20510e2737dc4e23975391fef5ece3 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Michal=20Koutn=C3=BD?= -Date: Tue, 16 Jan 2018 19:22:46 +0100 -Subject: [PATCH] core/timer: Prevent timer looping when unit cannot start - -When a unit job finishes early (e.g. when fork(2) fails) triggered unit goes -through states - stopped->failed (or failed->failed), -in case a ExecStart= command fails unit passes through - stopped->starting->failed. - -The former transition doesn't result in unit active/inactive timestamp being -updated and timer (OnUnitActiveSec= or OnUnitInactiveSec=) would use an expired -timestamp triggering immediately again (repeatedly). - -This patch exploits timer's last trigger timestamp to ensure the timer isn't -triggered more frequently than OnUnitActiveSec=/OnUnitInactiveSec= period. - -Steps to reproduce: - -0) Create sample units: - -cat >~/.config/systemd/user/looper.service <~/.config/systemd/user/looper.timer <last_trigger.monotonic); - - break; - -@@ -428,6 +429,7 @@ static void timer_enter_waiting(Timer *t, bool initial) { - - if (base <= 0) - continue; -+ base = MAX(base, t->last_trigger.monotonic); - - break; - diff --git a/SOURCES/0749-revert-local-changes-made-during-backport-of-the-tes.patch b/SOURCES/0749-revert-local-changes-made-during-backport-of-the-tes.patch new file mode 100644 index 0000000..5e11995 --- /dev/null +++ b/SOURCES/0749-revert-local-changes-made-during-backport-of-the-tes.patch @@ -0,0 +1,29 @@ +From 225a458ec4c1bee97d0cee13895977614fd8cc16 Mon Sep 17 00:00:00 2001 +From: David Tardon +Date: Wed, 10 Jul 2019 09:48:51 +0200 +Subject: [PATCH] revert local changes made during backport of the test + +Related: #1726785 +--- + test/TEST-20-MAINPIDGAMES/testsuite.sh | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/test/TEST-20-MAINPIDGAMES/testsuite.sh b/test/TEST-20-MAINPIDGAMES/testsuite.sh +index d4ad63865c..8b0b664652 100755 +--- a/test/TEST-20-MAINPIDGAMES/testsuite.sh ++++ b/test/TEST-20-MAINPIDGAMES/testsuite.sh +@@ -175,12 +175,10 @@ ExecStart=/dev/shm/mainpid3.sh + EOF + + systemctl daemon-reload +-systemctl start mainpidsh3.service ++! systemctl start mainpidsh3.service + + # Test that this failed due to timeout, and not some other error +-# test `systemctl_show_value -p Result mainpidsh3.service` = timeout +-# Just check that there is no MainPID => the pid file was ignored +-test `systemctl_show_value -p MainPID mainpidsh3.service` -eq 0 ++test `systemctl_show_value -p Result mainpidsh3.service` = timeout + + systemd-analyze set-log-level info + diff --git a/SOURCES/0750-core-add-a-Requires-dependency-between-units-and-the.patch b/SOURCES/0750-core-add-a-Requires-dependency-between-units-and-the.patch index 5bdd59c..cfdc9e0 100644 --- a/SOURCES/0750-core-add-a-Requires-dependency-between-units-and-the.patch +++ b/SOURCES/0750-core-add-a-Requires-dependency-between-units-and-the.patch @@ -1,4 +1,4 @@ -From e932760979f8658ff62b93b039a98a6d7f0f4656 Mon Sep 17 00:00:00 2001 +From 0600681f04e3818282a2d518ec3e6afee85f7978 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 29 Sep 2015 13:06:28 +0200 Subject: [PATCH] core: add a "Requires=" dependency between units and the @@ -11,9 +11,8 @@ between units and the slices they are located in from Wants= to Requires=. (cherry picked from commit 8c8da0e0cb498245c765732cf9caa081a70c560f) -(cherry picked from commit 0600681f04e3818282a2d518ec3e6afee85f7978) -Related: #1729228 +Related: #1718953 --- src/core/unit.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/SOURCES/0751-core-rerun-GC-logic-for-a-unit-that-loses-a-referenc.patch b/SOURCES/0751-core-rerun-GC-logic-for-a-unit-that-loses-a-referenc.patch index e871262..69c9dd4 100644 --- a/SOURCES/0751-core-rerun-GC-logic-for-a-unit-that-loses-a-referenc.patch +++ b/SOURCES/0751-core-rerun-GC-logic-for-a-unit-that-loses-a-referenc.patch @@ -1,4 +1,4 @@ -From 2175fc04df0f8e272cbff7540acd38eced9c63d7 Mon Sep 17 00:00:00 2001 +From 0ace07115f14a57c81afbc9a7e947778a743870e Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 29 Apr 2016 11:18:53 +0200 Subject: [PATCH] core: rerun GC logic for a unit that loses a reference @@ -10,11 +10,9 @@ This (together with the previous commit) should deal with the GC issues pointed out in: https://github.com/systemd/systemd/pull/2993#issuecomment-215331189 - (cherry picked from commit b75102e5bf4cf249052d42be955d403e3e03b47c) -(cherry picked from commit 0ace07115f14a57c81afbc9a7e947778a743870e) -Related: #1729228 +Related: #1718953 --- src/core/unit.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/SOURCES/0752-pid1-rename-unit_check_gc-to-unit_may_gc.patch b/SOURCES/0752-pid1-rename-unit_check_gc-to-unit_may_gc.patch index cc822f8..2ab8072 100644 --- a/SOURCES/0752-pid1-rename-unit_check_gc-to-unit_may_gc.patch +++ b/SOURCES/0752-pid1-rename-unit_check_gc-to-unit_may_gc.patch @@ -1,4 +1,4 @@ -From cb1a8f709ff3c27fc9f43aa27f985131422795bc Mon Sep 17 00:00:00 2001 +From 1716821fc5b93667a0bf821b25905de00818aec9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 13 Feb 2018 10:50:13 +0100 Subject: [PATCH] pid1: rename unit_check_gc to unit_may_gc @@ -10,9 +10,8 @@ v2: - rename from unit_can_gc to unit_may_gc (cherry picked from commit f2f725e5cc950e84ebfd09bd64bc01c0ebdb6734) -(cherry picked from commit 1716821fc5b93667a0bf821b25905de00818aec9) -Related: #1729228 +Related: #1718953 --- src/core/automount.c | 13 ++++++++----- src/core/manager.c | 2 +- @@ -27,10 +26,10 @@ Related: #1729228 10 files changed, 55 insertions(+), 44 deletions(-) diff --git a/src/core/automount.c b/src/core/automount.c -index 4678bdc7c9..7b9c4aaf1d 100644 +index 590b1952e0..2d6f5f3a77 100644 --- a/src/core/automount.c +++ b/src/core/automount.c -@@ -936,13 +936,16 @@ static const char *automount_sub_state_to_string(Unit *u) { +@@ -934,13 +934,16 @@ static const char *automount_sub_state_to_string(Unit *u) { return automount_state_to_string(AUTOMOUNT(u)->state); } @@ -51,7 +50,7 @@ index 4678bdc7c9..7b9c4aaf1d 100644 } static int automount_dispatch_io(sd_event_source *s, int fd, uint32_t events, void *userdata) { -@@ -1115,7 +1118,7 @@ const UnitVTable automount_vtable = { +@@ -1113,7 +1116,7 @@ const UnitVTable automount_vtable = { .active_state = automount_active_state, .sub_state_to_string = automount_sub_state_to_string, diff --git a/SOURCES/0753-pid1-include-the-source-unit-in-UnitRef.patch b/SOURCES/0753-pid1-include-the-source-unit-in-UnitRef.patch index e90ac06..7527915 100644 --- a/SOURCES/0753-pid1-include-the-source-unit-in-UnitRef.patch +++ b/SOURCES/0753-pid1-include-the-source-unit-in-UnitRef.patch @@ -1,4 +1,4 @@ -From c6da3d5d824f7b125b3fd95a961eca98db7febf7 Mon Sep 17 00:00:00 2001 +From ff80bfd94181327a5f8e0fbd70b9b7afe0c5545c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 13 Feb 2018 13:12:43 +0100 Subject: [PATCH] pid1: include the source unit in UnitRef @@ -14,9 +14,8 @@ v2: - rename refs to refs_by_target (cherry picked from commit 7f7d01ed5804afef220ebdb29f22d8177d0d3a5c) -(cherry picked from commit ff80bfd94181327a5f8e0fbd70b9b7afe0c5545c) -Related: #1729228 +Related: #1718953 --- src/core/busname.c | 2 +- src/core/dbus-manager.c | 2 +- diff --git a/SOURCES/0754-pid1-fix-collection-of-cycles-of-units-which-referen.patch b/SOURCES/0754-pid1-fix-collection-of-cycles-of-units-which-referen.patch index d6ac1bd..eb0721b 100644 --- a/SOURCES/0754-pid1-fix-collection-of-cycles-of-units-which-referen.patch +++ b/SOURCES/0754-pid1-fix-collection-of-cycles-of-units-which-referen.patch @@ -1,4 +1,4 @@ -From 98774bdfb6d40e5b7d41b86238ee2d98ff12cb69 Mon Sep 17 00:00:00 2001 +From 703cc4991049cdf3ad3506e432cda982b3b3b007 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 13 Feb 2018 14:37:11 +0100 Subject: [PATCH] pid1: fix collection of cycles of units which reference one @@ -14,9 +14,8 @@ needed. If it is not needed, do not treat the reference from it as preventing the unit we are looking at from being freed. (cherry picked from commit 2641f02e23ac7d5385db7f932aff221a063f245e) -(cherry picked from commit 703cc4991049cdf3ad3506e432cda982b3b3b007) -Resolves: #1729228 +Resolves: #1718953 --- src/core/manager.c | 14 ++++++++++++++ src/core/unit.c | 9 +++++---- diff --git a/SOURCES/0755-pid1-free-basic-unit-information-at-the-very-end-bef.patch b/SOURCES/0755-pid1-free-basic-unit-information-at-the-very-end-bef.patch index 3d0fc44..39a6cd9 100644 --- a/SOURCES/0755-pid1-free-basic-unit-information-at-the-very-end-bef.patch +++ b/SOURCES/0755-pid1-free-basic-unit-information-at-the-very-end-bef.patch @@ -1,4 +1,4 @@ -From 20d684011c93bed4b45c736ac1f9104983a090dc Mon Sep 17 00:00:00 2001 +From 42a93a826cd726d1e4d3ea2c8cb347cec2f0dabe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 14 Feb 2018 00:01:05 +0100 Subject: [PATCH] pid1: free basic unit information at the very end, before @@ -13,9 +13,8 @@ So let's move the removal of this "basic" information towards the end of unit_free(). (cherry picked from commit a946fa9bb968ac197d7a99970e27388b751dca94) -(cherry picked from commit 42a93a826cd726d1e4d3ea2c8cb347cec2f0dabe) -Related: #1729228 +Related: #1718953 --- src/core/unit.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/SOURCES/0756-pid1-properly-remove-references-to-the-unit-from-gc-.patch b/SOURCES/0756-pid1-properly-remove-references-to-the-unit-from-gc-.patch index b4c8472..7abd4b5 100644 --- a/SOURCES/0756-pid1-properly-remove-references-to-the-unit-from-gc-.patch +++ b/SOURCES/0756-pid1-properly-remove-references-to-the-unit-from-gc-.patch @@ -1,4 +1,4 @@ -From 019b19130bcba9d88c0328b40f2639e6ebbb513c Mon Sep 17 00:00:00 2001 +From 8f1df942e2237124f7559176081af7ac631d3422 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 13 Feb 2018 23:57:43 +0100 Subject: [PATCH] pid1: properly remove references to the unit from gc queue @@ -18,9 +18,8 @@ it was above the LIST_REMOVE(gc_queue,...) call, but the second was not, because it was after that. Move the all LIST_REMOVE() calls down. (cherry picked from commit 1bdf2790025e661e41894129eb390bb032b88585) -(cherry picked from commit 8f1df942e2237124f7559176081af7ac631d3422) -Related: #1729228 +Related: #1718953 --- src/core/unit.c | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/SOURCES/0757-core-timer-Prevent-timer-looping-when-unit-cannot-st.patch b/SOURCES/0757-core-timer-Prevent-timer-looping-when-unit-cannot-st.patch new file mode 100644 index 0000000..b0c64cb --- /dev/null +++ b/SOURCES/0757-core-timer-Prevent-timer-looping-when-unit-cannot-st.patch @@ -0,0 +1,73 @@ +From fe81f6f734ee46a4877df6dda6e31cdc24c00a3c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Michal=20Koutn=C3=BD?= +Date: Tue, 16 Jan 2018 19:22:46 +0100 +Subject: [PATCH] core/timer: Prevent timer looping when unit cannot start + +When a unit job finishes early (e.g. when fork(2) fails) triggered unit goes +through states + stopped->failed (or failed->failed), +in case a ExecStart= command fails unit passes through + stopped->starting->failed. + +The former transition doesn't result in unit active/inactive timestamp being +updated and timer (OnUnitActiveSec= or OnUnitInactiveSec=) would use an expired +timestamp triggering immediately again (repeatedly). + +This patch exploits timer's last trigger timestamp to ensure the timer isn't +triggered more frequently than OnUnitActiveSec=/OnUnitInactiveSec= period. + +Steps to reproduce: + +0) Create sample units: + +cat >~/.config/systemd/user/looper.service <~/.config/systemd/user/looper.timer <last_trigger.monotonic); + + break; + +@@ -428,6 +429,7 @@ static void timer_enter_waiting(Timer *t, bool initial) { + + if (base <= 0) + continue; ++ base = MAX(base, t->last_trigger.monotonic); + + break; + diff --git a/SOURCES/0757-service-relax-PID-file-symlink-chain-checks-a-bit-81.patch b/SOURCES/0757-service-relax-PID-file-symlink-chain-checks-a-bit-81.patch deleted file mode 100644 index 4983c8f..0000000 --- a/SOURCES/0757-service-relax-PID-file-symlink-chain-checks-a-bit-81.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 625b30e09d0090f81722aa8f02e7057839dfcf4f Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Fri, 9 Feb 2018 17:05:17 +0100 -Subject: [PATCH] service: relax PID file symlink chain checks a bit (#8133) - -Let's read the PID file after all if there's a potentially unsafe -symlink chain in place. But if we do, then refuse taking the PID if its -outside of the cgroup. - -Fixes: #8085 - -(cherry picked from commit 73969ab61c39357e6892747e43307fbf07cafbed) -(cherry picked from commit ce87ed7b47c61e649a0f9da39d272631b9524740) - -Resolves: #1729414 ---- - src/core/service.c | 15 +++++++++++++-- - 1 file changed, 13 insertions(+), 2 deletions(-) - -diff --git a/src/core/service.c b/src/core/service.c -index eaa588863f..6b61ccac18 100644 ---- a/src/core/service.c -+++ b/src/core/service.c -@@ -736,6 +736,7 @@ static int service_is_suitable_main_pid(Service *s, pid_t pid, int prio) { - - static int service_load_pid_file(Service *s, bool may_warn) { - char procfs[sizeof("/proc/self/fd/") - 1 + DECIMAL_STR_MAX(int)]; -+ bool questionable_pid_file = false; - _cleanup_free_ char *k = NULL; - _cleanup_close_ int fd = -1; - int r, prio; -@@ -749,8 +750,13 @@ static int service_load_pid_file(Service *s, bool may_warn) { - prio = may_warn ? LOG_INFO : LOG_DEBUG; - - fd = chase_symlinks(s->pid_file, NULL, CHASE_OPEN|CHASE_SAFE, NULL); -- if (fd == -EPERM) -- return log_unit_full_errno(UNIT(s)->id, prio, fd, "Permission denied while opening PID file or unsafe symlink chain: %s", s->pid_file); -+ if (fd == -EPERM) { -+ log_unit_full(UNIT(s)->id, LOG_DEBUG, "Permission denied while opening PID file or potentially unsafe symlink chain, will now retry with relaxed checks: %s", s->pid_file); -+ -+ questionable_pid_file = true; -+ -+ fd = chase_symlinks(s->pid_file, NULL, CHASE_OPEN, NULL); -+ } - if (fd < 0) - return log_unit_full_errno(UNIT(s)->id, prio, fd, "Can't open PID file %s (yet?) after %s: %m", s->pid_file, service_state_to_string(s->state)); - -@@ -773,6 +779,11 @@ static int service_load_pid_file(Service *s, bool may_warn) { - if (r == 0) { - struct stat st; - -+ if (questionable_pid_file) { -+ log_unit_error(UNIT(s)->id, "Refusing to accept PID outside of service control group, acquired through unsafe symlink chain: %s", s->pid_file); -+ return -EPERM; -+ } -+ - /* Hmm, it's not clear if the new main PID is safe. Let's allow this if the PID file is owned by root */ - - if (fstat(fd, &st) < 0) diff --git a/SOURCES/0758-path-util-fix-more-path_is_mount-e792e890f-fallout.patch b/SOURCES/0758-path-util-fix-more-path_is_mount-e792e890f-fallout.patch deleted file mode 100644 index 6cfafb1..0000000 --- a/SOURCES/0758-path-util-fix-more-path_is_mount-e792e890f-fallout.patch +++ /dev/null @@ -1,83 +0,0 @@ -From a4f13a2fdf5cf1650edbb02ac0393c6815ef472c Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Tue, 7 Apr 2015 16:03:45 +0200 -Subject: [PATCH] path-util: fix more path_is_mount e792e890f fallout - -(cherry picked from commit da00518b3f3a8b08d521c4b72068eafa2db566cc) - -Resolves: #1279231 ---- - src/core/automount.c | 6 ++---- - src/nspawn/nspawn.c | 2 +- - src/shared/cgroup-util.c | 6 ++++-- - src/test/test-path-util.c | 10 ++++++++-- - 4 files changed, 15 insertions(+), 9 deletions(-) - -diff --git a/src/core/automount.c b/src/core/automount.c -index 7b9c4aaf1d..2d6f5f3a77 100644 ---- a/src/core/automount.c -+++ b/src/core/automount.c -@@ -789,10 +789,8 @@ static int automount_start(Unit *u) { - assert(a); - assert(a->state == AUTOMOUNT_DEAD || a->state == AUTOMOUNT_FAILED); - -- if (path_is_mount_point(a->where, false)) { -- log_unit_error(u->id, -- "Path %s is already a mount point, refusing start for %s", -- a->where, u->id); -+ if (path_is_mount_point(a->where, false) > 0) { -+ log_unit_error(u->id, "Path %s is already a mount point, refusing start for %s", a->where, u->id); - return -EEXIST; - } - -diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c -index ee2e1832f1..e7ecee8674 100644 ---- a/src/nspawn/nspawn.c -+++ b/src/nspawn/nspawn.c -@@ -864,7 +864,7 @@ static int mount_all(const char *dest) { - return log_oom(); - - t = path_is_mount_point(where, true); -- if (t < 0) { -+ if (t < 0 && t != -ENOENT) { - log_error_errno(t, "Failed to detect whether %s is a mount point: %m", where); - - if (r == 0) -diff --git a/src/shared/cgroup-util.c b/src/shared/cgroup-util.c -index 4585450b39..f1bed8a25a 100644 ---- a/src/shared/cgroup-util.c -+++ b/src/shared/cgroup-util.c -@@ -489,8 +489,10 @@ int cg_get_path(const char *controller, const char *path, const char *suffix, ch - int r; - - r = path_is_mount_point("/sys/fs/cgroup", false); -- if (r <= 0) -- return r < 0 ? r : -ENOENT; -+ if (r < 0) -+ return r; -+ if (r == 0) -+ return -ENOENT; - - /* Cache this to save a few stat()s */ - good = true; -diff --git a/src/test/test-path-util.c b/src/test/test-path-util.c -index aee1f4e036..aebfa3821d 100644 ---- a/src/test/test-path-util.c -+++ b/src/test/test-path-util.c -@@ -86,8 +86,14 @@ static void test_path(void) { - test_parent("/aa///file...", "/aa///"); - test_parent("file.../", NULL); - -- assert_se(path_is_mount_point("/", true)); -- assert_se(path_is_mount_point("/", false)); -+ assert_se(path_is_mount_point("/", true) > 0); -+ assert_se(path_is_mount_point("/", false) > 0); -+ -+ assert_se(path_is_mount_point("/proc", true) > 0); -+ assert_se(path_is_mount_point("/proc", false) > 0); -+ -+ assert_se(path_is_mount_point("/sys", true) > 0); -+ assert_se(path_is_mount_point("/sys", false) > 0); - - { - char p1[] = "aaa/bbb////ccc"; diff --git a/SOURCES/0758-service-relax-PID-file-symlink-chain-checks-a-bit-81.patch b/SOURCES/0758-service-relax-PID-file-symlink-chain-checks-a-bit-81.patch new file mode 100644 index 0000000..60eb346 --- /dev/null +++ b/SOURCES/0758-service-relax-PID-file-symlink-chain-checks-a-bit-81.patch @@ -0,0 +1,57 @@ +From ce87ed7b47c61e649a0f9da39d272631b9524740 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Fri, 9 Feb 2018 17:05:17 +0100 +Subject: [PATCH] service: relax PID file symlink chain checks a bit (#8133) + +Let's read the PID file after all if there's a potentially unsafe +symlink chain in place. But if we do, then refuse taking the PID if its +outside of the cgroup. + +Fixes: #8085 +(cherry picked from commit 73969ab61c39357e6892747e43307fbf07cafbed) + +Resolves: #1724420 +--- + src/core/service.c | 15 +++++++++++++-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +diff --git a/src/core/service.c b/src/core/service.c +index eaa588863f..6b61ccac18 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -736,6 +736,7 @@ static int service_is_suitable_main_pid(Service *s, pid_t pid, int prio) { + + static int service_load_pid_file(Service *s, bool may_warn) { + char procfs[sizeof("/proc/self/fd/") - 1 + DECIMAL_STR_MAX(int)]; ++ bool questionable_pid_file = false; + _cleanup_free_ char *k = NULL; + _cleanup_close_ int fd = -1; + int r, prio; +@@ -749,8 +750,13 @@ static int service_load_pid_file(Service *s, bool may_warn) { + prio = may_warn ? LOG_INFO : LOG_DEBUG; + + fd = chase_symlinks(s->pid_file, NULL, CHASE_OPEN|CHASE_SAFE, NULL); +- if (fd == -EPERM) +- return log_unit_full_errno(UNIT(s)->id, prio, fd, "Permission denied while opening PID file or unsafe symlink chain: %s", s->pid_file); ++ if (fd == -EPERM) { ++ log_unit_full(UNIT(s)->id, LOG_DEBUG, "Permission denied while opening PID file or potentially unsafe symlink chain, will now retry with relaxed checks: %s", s->pid_file); ++ ++ questionable_pid_file = true; ++ ++ fd = chase_symlinks(s->pid_file, NULL, CHASE_OPEN, NULL); ++ } + if (fd < 0) + return log_unit_full_errno(UNIT(s)->id, prio, fd, "Can't open PID file %s (yet?) after %s: %m", s->pid_file, service_state_to_string(s->state)); + +@@ -773,6 +779,11 @@ static int service_load_pid_file(Service *s, bool may_warn) { + if (r == 0) { + struct stat st; + ++ if (questionable_pid_file) { ++ log_unit_error(UNIT(s)->id, "Refusing to accept PID outside of service control group, acquired through unsafe symlink chain: %s", s->pid_file); ++ return -EPERM; ++ } ++ + /* Hmm, it's not clear if the new main PID is safe. Let's allow this if the PID file is owned by root */ + + if (fstat(fd, &st) < 0) diff --git a/SOURCES/0759-core-exclude-.slice-units-from-systemctl-isolate.patch b/SOURCES/0759-core-exclude-.slice-units-from-systemctl-isolate.patch deleted file mode 100644 index b315f81..0000000 --- a/SOURCES/0759-core-exclude-.slice-units-from-systemctl-isolate.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 7230c4c85173a100f1cc484485fe87d79622cb91 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Thu, 18 Feb 2016 22:51:23 +0100 -Subject: [PATCH] core: exclude .slice units from "systemctl isolate" - -Fixes: #1969 -(cherry picked from commit 1b4cd0cf11feb7d41f2eff17f86fa55b31bb6841) - -Resolves: #1751130 ---- - src/core/slice.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/src/core/slice.c b/src/core/slice.c -index 0985a65286..b0769205f6 100644 ---- a/src/core/slice.c -+++ b/src/core/slice.c -@@ -36,6 +36,13 @@ static const UnitActiveState state_translation_table[_SLICE_STATE_MAX] = { - [SLICE_ACTIVE] = UNIT_ACTIVE - }; - -+static void slice_init(Unit *u) { -+ assert(u); -+ assert(u->load_state == UNIT_STUB); -+ -+ u->ignore_on_isolate = true; -+} -+ - static void slice_set_state(Slice *t, SliceState state) { - SliceState old_state; - assert(t); -@@ -274,6 +281,7 @@ const UnitVTable slice_vtable = { - .no_instances = true, - .can_transient = true, - -+ .init = slice_init, - .load = slice_load, - - .coldplug = slice_coldplug, diff --git a/SOURCES/0759-udev-rules-Add-rule-for-dev-kfd.patch b/SOURCES/0759-udev-rules-Add-rule-for-dev-kfd.patch new file mode 100644 index 0000000..0947964 --- /dev/null +++ b/SOURCES/0759-udev-rules-Add-rule-for-dev-kfd.patch @@ -0,0 +1,24 @@ +From 302a74feba2dd946a2f046857b5e9b6a874a2c8b Mon Sep 17 00:00:00 2001 +From: Tom Stellard +Date: Tue, 31 Oct 2017 08:56:19 -0700 +Subject: [PATCH] udev-rules: Add rule for /dev/kfd + +(cherry picked from commit f301622d840ae414e7f56c364fe9b035f3041539) + +Resolves: #1659516 +--- + rules/50-udev-default.rules | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/rules/50-udev-default.rules b/rules/50-udev-default.rules +index 2bf9c1ec7e..27681c8a8b 100644 +--- a/rules/50-udev-default.rules ++++ b/rules/50-udev-default.rules +@@ -31,6 +31,7 @@ SUBSYSTEM=="misc", KERNEL=="agpgart", GROUP="video" + SUBSYSTEM=="graphics", GROUP="video" + SUBSYSTEM=="drm", GROUP="video" + SUBSYSTEM=="dvb", GROUP="video" ++SUBSYSTEM=="kfd", GROUP="video" + + SUBSYSTEM=="sound", GROUP="audio", \ + OPTIONS+="static_node=snd/seq", OPTIONS+="static_node=snd/timer" diff --git a/SOURCES/0760-core-exclude-.slice-units-from-systemctl-isolate.patch b/SOURCES/0760-core-exclude-.slice-units-from-systemctl-isolate.patch new file mode 100644 index 0000000..2528e3a --- /dev/null +++ b/SOURCES/0760-core-exclude-.slice-units-from-systemctl-isolate.patch @@ -0,0 +1,39 @@ +From 0e6f66ae4853b0e7c99f415b14ecfefb752d51ca Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Thu, 18 Feb 2016 22:51:23 +0100 +Subject: [PATCH] core: exclude .slice units from "systemctl isolate" + +Fixes: #1969 +(cherry picked from commit 1b4cd0cf11feb7d41f2eff17f86fa55b31bb6841) + +Resolves: #1745199 +--- + src/core/slice.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/src/core/slice.c b/src/core/slice.c +index 0985a65286..b0769205f6 100644 +--- a/src/core/slice.c ++++ b/src/core/slice.c +@@ -36,6 +36,13 @@ static const UnitActiveState state_translation_table[_SLICE_STATE_MAX] = { + [SLICE_ACTIVE] = UNIT_ACTIVE + }; + ++static void slice_init(Unit *u) { ++ assert(u); ++ assert(u->load_state == UNIT_STUB); ++ ++ u->ignore_on_isolate = true; ++} ++ + static void slice_set_state(Slice *t, SliceState state) { + SliceState old_state; + assert(t); +@@ -274,6 +281,7 @@ const UnitVTable slice_vtable = { + .no_instances = true, + .can_transient = true, + ++ .init = slice_init, + .load = slice_load, + + .coldplug = slice_coldplug, diff --git a/SOURCES/0760-unit-fix-potential-use-of-cgroup_path-after-free-whe.patch b/SOURCES/0760-unit-fix-potential-use-of-cgroup_path-after-free-whe.patch deleted file mode 100644 index afe256c..0000000 --- a/SOURCES/0760-unit-fix-potential-use-of-cgroup_path-after-free-whe.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 97c5fed4ddbd627c046fbf946474270182bdda6e Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Renaud=20M=C3=A9trich?= -Date: Sat, 23 Nov 2019 13:37:02 +0100 -Subject: [PATCH] unit: fix potential use of cgroup_path after free() when - freeing unit - -Resolves: #1778083 ---- - src/core/cgroup.c | 3 +-- - src/core/unit.c | 2 +- - 2 files changed, 2 insertions(+), 3 deletions(-) - -diff --git a/src/core/cgroup.c b/src/core/cgroup.c -index 0779fa5552..f598fdd1e7 100644 ---- a/src/core/cgroup.c -+++ b/src/core/cgroup.c -@@ -873,8 +873,7 @@ void unit_destroy_cgroup_if_empty(Unit *u) { - - hashmap_remove(u->manager->cgroup_unit, u->cgroup_path); - -- free(u->cgroup_path); -- u->cgroup_path = NULL; -+ u->cgroup_path = mfree(u->cgroup_path); - u->cgroup_realized = false; - u->cgroup_realized_mask = 0; - } -diff --git a/src/core/unit.c b/src/core/unit.c -index def36a0930..cabbf8056e 100644 ---- a/src/core/unit.c -+++ b/src/core/unit.c -@@ -514,7 +514,7 @@ void unit_free(Unit *u) { - - if (u->cgroup_path) { - hashmap_remove(u->manager->cgroup_unit, u->cgroup_path); -- free(u->cgroup_path); -+ u->cgroup_path = mfree(u->cgroup_path); - } - - set_remove(u->manager->failed_units, u); diff --git a/SOURCES/0761-core-when-restarting-services-don-t-close-fds.patch b/SOURCES/0761-core-when-restarting-services-don-t-close-fds.patch deleted file mode 100644 index eb27fb1..0000000 --- a/SOURCES/0761-core-when-restarting-services-don-t-close-fds.patch +++ /dev/null @@ -1,113 +0,0 @@ -From 3cc0f088de0daa7bb8732128f51b657d30409c03 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= -Date: Sat, 22 Oct 2016 22:16:02 -0400 -Subject: [PATCH] core: when restarting services, don't close fds - -We would close all the stored fds in service_release_resources(), which of -course broke the whole concept of storing fds over service restart. - -Fixes #4408. - -(cherry picked from commit f0bfbfac43b7faa68ef1bb2ad659c191b9ec85d2) -(cherry picked from commit 4c271437cd695c31e76adb191013009689a7797c) -(cherry picked from commit 10a6469f95c8b8fc43efb3916567e1f15f17bdcf) -Resolves: #1798162 ---- - src/core/service.c | 22 +++++++++++++++------- - src/core/unit.c | 6 ++++-- - src/core/unit.h | 2 +- - 3 files changed, 20 insertions(+), 10 deletions(-) - -diff --git a/src/core/service.c b/src/core/service.c -index 6b61ccac18..ad45a38270 100644 ---- a/src/core/service.c -+++ b/src/core/service.c -@@ -262,7 +262,17 @@ static void service_fd_store_unlink(ServiceFDStore *fs) { - free(fs); - } - --static void service_release_resources(Unit *u) { -+static void service_release_fd_store(Service *s) { -+ assert(s); -+ -+ log_unit_debug(UNIT(s)->id, "Releasing all stored fds"); -+ while (s->fd_store) -+ service_fd_store_unlink(s->fd_store); -+ -+ assert(s->n_fd_store == 0); -+} -+ -+static void service_release_resources(Unit *u, bool inactive) { - Service *s = SERVICE(u); - - assert(s); -@@ -270,12 +280,10 @@ static void service_release_resources(Unit *u) { - if (!s->fd_store) - return; - -- log_debug("Releasing all resources for %s", u->id); -- -- while (s->fd_store) -- service_fd_store_unlink(s->fd_store); -+ log_unit_debug(u->id, "Releasing resources."); - -- assert(s->n_fd_store == 0); -+ if (inactive) -+ service_release_fd_store(s); - } - - static void service_done(Unit *u) { -@@ -323,7 +331,7 @@ static void service_done(Unit *u) { - - s->timer_event_source = sd_event_source_unref(s->timer_event_source); - -- service_release_resources(u); -+ service_release_resources(u, true); - } - - static int on_fd_store_io(sd_event_source *e, int fd, uint32_t revents, void *userdata) { -diff --git a/src/core/unit.c b/src/core/unit.c -index cabbf8056e..33e0b7126b 100644 ---- a/src/core/unit.c -+++ b/src/core/unit.c -@@ -284,6 +284,7 @@ int unit_set_description(Unit *u, const char *description) { - - bool unit_may_gc(Unit *u) { - UnitActiveState state; -+ bool inactive; - assert(u); - - /* Checks whether the unit is ready to be unloaded for garbage collection. -@@ -301,16 +302,17 @@ bool unit_may_gc(Unit *u) { - return false; - - state = unit_active_state(u); -+ inactive = state == UNIT_INACTIVE; - - /* If the unit is inactive and failed and no job is queued for - * it, then release its runtime resources */ - if (UNIT_IS_INACTIVE_OR_FAILED(state) && - UNIT_VTABLE(u)->release_resources) -- UNIT_VTABLE(u)->release_resources(u); -+ UNIT_VTABLE(u)->release_resources(u, inactive); - - /* But we keep the unit object around for longer when it is - * referenced or configured to not be gc'ed */ -- if (state != UNIT_INACTIVE) -+ if (!inactive) - return false; - - if (UNIT_VTABLE(u)->no_gc) -diff --git a/src/core/unit.h b/src/core/unit.h -index a6e21d60ce..97a63f0f8b 100644 ---- a/src/core/unit.h -+++ b/src/core/unit.h -@@ -359,7 +359,7 @@ struct UnitVTable { - - /* When the unit is not running and no job for it queued we - * shall release its runtime resources */ -- void (*release_resources)(Unit *u); -+ void (*release_resources)(Unit *u, bool inactive); - - /* Return true when this unit is suitable for snapshotting */ - bool (*check_snapshot)(Unit *u); diff --git a/SOURCES/0761-udev-scsi_id-fix-incorrect-page-length-when-get-devi.patch b/SOURCES/0761-udev-scsi_id-fix-incorrect-page-length-when-get-devi.patch new file mode 100644 index 0000000..e964b6b --- /dev/null +++ b/SOURCES/0761-udev-scsi_id-fix-incorrect-page-length-when-get-devi.patch @@ -0,0 +1,30 @@ +From 0c25ad023d3864bf55ae7334cbc3da25b9227d18 Mon Sep 17 00:00:00 2001 +From: Zhang Xianwei +Date: Mon, 13 May 2019 18:41:55 +0800 +Subject: [PATCH] udev/scsi_id: fix incorrect page length when get device + identification VPD page + +The length of device identification VPD page is filled with two bytes, +but scsi_id only gets the low byte. Fix it. + +Signed-off-by: Zhang Xianwei +(cherry picked from commit 1f7b6872dbe8ccae1f3bda9aa6aeb87c9b42e01e) + +Resolves: #1635945 +--- + src/udev/scsi_id/scsi_serial.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udev/scsi_id/scsi_serial.c b/src/udev/scsi_id/scsi_serial.c +index dcfff1d4ea..06fb4815b6 100644 +--- a/src/udev/scsi_id/scsi_serial.c ++++ b/src/udev/scsi_id/scsi_serial.c +@@ -677,7 +677,7 @@ static int do_scsi_page83_inquiry(struct udev *udev, + * Examine each descriptor returned. There is normally only + * one or a small number of descriptors. + */ +- for (j = 4; j <= (unsigned int)page_83[3] + 3; j += page_83[j + 3] + 4) { ++ for (j = 4; j <= ((unsigned)page_83[2] << 8) + (unsigned)page_83[3] + 3; j += page_83[j + 3] + 4) { + retval = check_fill_0x83_id(udev, + dev_scsi, &page_83[j], + &id_search_list[id_ind], diff --git a/SOURCES/0762-core-when-determining-whether-a-process-exit-status-.patch b/SOURCES/0762-core-when-determining-whether-a-process-exit-status-.patch new file mode 100644 index 0000000..1cb4d27 --- /dev/null +++ b/SOURCES/0762-core-when-determining-whether-a-process-exit-status-.patch @@ -0,0 +1,164 @@ +From 8c9d6639a22d32734d950db37bfb852a1464c621 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Mon, 10 Oct 2016 22:07:30 +0200 +Subject: [PATCH] core: when determining whether a process exit status is + clean, consider whether it is a command or a daemon + +SIGTERM should be considered a clean exit code for daemons (i.e. long-running +processes, as a daemon without SIGTERM handler may be shut down without issues +via SIGTERM still) while it should not be considered a clean exit code for +commands (i.e. short-running processes). + +Let's add two different clean checking modes for this, and use the right one at +the appropriate places. + +Fixes: #4275 +(cherry picked from commit 1f0958f640b87175cd547c1e69084cfe54a22e9d) + +Resolves: #1560417 +--- + src/core/busname.c | 2 +- + src/core/mount.c | 2 +- + src/core/service.c | 2 +- + src/core/socket.c | 2 +- + src/core/swap.c | 2 +- + src/remount-fs/remount-fs.c | 2 +- + src/shared/exit-status.c | 13 ++++--------- + src/shared/exit-status.h | 7 ++++++- + 8 files changed, 16 insertions(+), 16 deletions(-) + +diff --git a/src/core/busname.c b/src/core/busname.c +index 97886f1e05..f5553e5418 100644 +--- a/src/core/busname.c ++++ b/src/core/busname.c +@@ -849,7 +849,7 @@ static void busname_sigchld_event(Unit *u, pid_t pid, int code, int status) { + + n->control_pid = 0; + +- if (is_clean_exit(code, status, NULL)) ++ if (is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL)) + f = BUSNAME_SUCCESS; + else if (code == CLD_EXITED) + f = BUSNAME_FAILURE_EXIT_CODE; +diff --git a/src/core/mount.c b/src/core/mount.c +index 8a25ebd163..bfbfc10731 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -1203,7 +1203,7 @@ static void mount_sigchld_event(Unit *u, pid_t pid, int code, int status) { + + m->control_pid = 0; + +- if (is_clean_exit(code, status, NULL)) ++ if (is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL)) + f = MOUNT_SUCCESS; + else if (code == CLD_EXITED) + f = MOUNT_FAILURE_EXIT_CODE; +diff --git a/src/core/service.c b/src/core/service.c +index 6b61ccac18..f7b859d076 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -2632,7 +2632,7 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) { + assert(s); + assert(pid >= 0); + +- if (UNIT(s)->fragment_path ? is_clean_exit(code, status, &s->success_status) : ++ if (UNIT(s)->fragment_path ? is_clean_exit(code, status, s->type == SERVICE_ONESHOT ? EXIT_CLEAN_COMMAND : EXIT_CLEAN_DAEMON, &s->success_status) : + is_clean_exit_lsb(code, status, &s->success_status)) + f = SERVICE_SUCCESS; + else if (code == CLD_EXITED) +diff --git a/src/core/socket.c b/src/core/socket.c +index 8489575de6..1e8ae0a6e5 100644 +--- a/src/core/socket.c ++++ b/src/core/socket.c +@@ -2344,7 +2344,7 @@ static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) { + + s->control_pid = 0; + +- if (is_clean_exit(code, status, NULL)) ++ if (is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL)) + f = SOCKET_SUCCESS; + else if (code == CLD_EXITED) + f = SOCKET_FAILURE_EXIT_CODE; +diff --git a/src/core/swap.c b/src/core/swap.c +index 1f69736aa3..757a8d45c5 100644 +--- a/src/core/swap.c ++++ b/src/core/swap.c +@@ -972,7 +972,7 @@ static void swap_sigchld_event(Unit *u, pid_t pid, int code, int status) { + + s->control_pid = 0; + +- if (is_clean_exit(code, status, NULL)) ++ if (is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL)) + f = SWAP_SUCCESS; + else if (code == CLD_EXITED) + f = SWAP_FAILURE_EXIT_CODE; +diff --git a/src/remount-fs/remount-fs.c b/src/remount-fs/remount-fs.c +index 57b47021e4..db9ae391b8 100644 +--- a/src/remount-fs/remount-fs.c ++++ b/src/remount-fs/remount-fs.c +@@ -142,7 +142,7 @@ int main(int argc, char *argv[]) { + + s = hashmap_remove(pids, UINT_TO_PTR(si.si_pid)); + if (s) { +- if (!is_clean_exit(si.si_code, si.si_status, NULL)) { ++ if (!is_clean_exit(si.si_code, si.si_status, EXIT_CLEAN_COMMAND, NULL)) { + if (si.si_code == CLD_EXITED) + log_error("/bin/mount for %s exited with exit status %i.", s, si.si_status); + else +diff --git a/src/shared/exit-status.c b/src/shared/exit-status.c +index 90c83a47a8..ab09550d7a 100644 +--- a/src/shared/exit-status.c ++++ b/src/shared/exit-status.c +@@ -180,22 +180,17 @@ const char* exit_status_to_string(ExitStatus status, ExitStatusLevel level) { + return NULL; + } + +- +-bool is_clean_exit(int code, int status, ExitStatusSet *success_status) { ++bool is_clean_exit(int code, int status, ExitClean clean, ExitStatusSet *success_status) { + + if (code == CLD_EXITED) + return status == 0 || + (success_status && + set_contains(success_status->status, INT_TO_PTR(status))); + +- /* If a daemon does not implement handlers for some of the +- * signals that's not considered an unclean shutdown */ ++ /* If a daemon does not implement handlers for some of the signals that's not considered an unclean shutdown */ + if (code == CLD_KILLED) + return +- status == SIGHUP || +- status == SIGINT || +- status == SIGTERM || +- status == SIGPIPE || ++ (clean == EXIT_CLEAN_DAEMON && IN_SET(status, SIGHUP, SIGINT, SIGTERM, SIGPIPE)) || + (success_status && + set_contains(success_status->signal, INT_TO_PTR(status))); + +@@ -204,7 +199,7 @@ bool is_clean_exit(int code, int status, ExitStatusSet *success_status) { + + bool is_clean_exit_lsb(int code, int status, ExitStatusSet *success_status) { + +- if (is_clean_exit(code, status, success_status)) ++ if (is_clean_exit(code, status, EXIT_CLEAN_DAEMON, success_status)) + return true; + + return +diff --git a/src/shared/exit-status.h b/src/shared/exit-status.h +index 1d774f25dc..f7953aecb1 100644 +--- a/src/shared/exit-status.h ++++ b/src/shared/exit-status.h +@@ -95,7 +95,12 @@ typedef struct ExitStatusSet { + + const char* exit_status_to_string(ExitStatus status, ExitStatusLevel level) _const_; + +-bool is_clean_exit(int code, int status, ExitStatusSet *success_status); ++typedef enum ExitClean { ++ EXIT_CLEAN_DAEMON, ++ EXIT_CLEAN_COMMAND, ++} ExitClean; ++ ++bool is_clean_exit(int code, int status, ExitClean clean, ExitStatusSet *success_status); + bool is_clean_exit_lsb(int code, int status, ExitStatusSet *success_status); + + void exit_status_set_free(ExitStatusSet *x); diff --git a/SOURCES/0762-unit-rework-a-bit-how-we-keep-the-service-fdstore-fr.patch b/SOURCES/0762-unit-rework-a-bit-how-we-keep-the-service-fdstore-fr.patch deleted file mode 100644 index 8f3ce20..0000000 --- a/SOURCES/0762-unit-rework-a-bit-how-we-keep-the-service-fdstore-fr.patch +++ /dev/null @@ -1,171 +0,0 @@ -From 7c39b498d6ea21b1c6f4d26b74c064ef2b507706 Mon Sep 17 00:00:00 2001 -From: Lennart Poettering -Date: Mon, 13 Nov 2017 15:08:49 +0100 -Subject: [PATCH] unit: rework a bit how we keep the service fdstore from being - destroyed during service restart - -When preparing for a restart we quickly go through the DEAD/INACTIVE -service state before entering AUTO_RESTART. When doing this, we need to -make sure we don't destroy the FD store. Previously this was done by -checking the failure state of the unit, and keeping the FD store around -when the unit failed, under the assumption that the restart logic will -then get into action. - -This is not entirely correct howver, as there might be failure states -that will no result in restarts. - -With this commit we slightly alter the logic: a ref counter for the fd -store is added, that is increased right before we handle the restart -logic, and decreased again right-after. - -This should ensure that the fdstore lives exactly as long as it needs. - -Follow-up for f0bfbfac43b7faa68ef1bb2ad659c191b9ec85d2. - -(cherry picked from commit 7eb2a8a1259043e107ebec94e30ed160a93f40a7) -(cherry picked from commit e2636bde0f07319d0d35262dac6ff2638ba4e598) -(cherry picked from commit 20b18b7b9aac2532215dba4d56f19989a5fca9f0) -Related: #1798162 ---- - src/core/service.c | 23 ++++++++++++++++++----- - src/core/service.h | 1 + - src/core/unit.c | 12 ++++-------- - src/core/unit.h | 5 ++--- - 4 files changed, 25 insertions(+), 16 deletions(-) - -diff --git a/src/core/service.c b/src/core/service.c -index ad45a38270..283c2968ea 100644 ---- a/src/core/service.c -+++ b/src/core/service.c -@@ -265,6 +265,9 @@ static void service_fd_store_unlink(ServiceFDStore *fs) { - static void service_release_fd_store(Service *s) { - assert(s); - -+ if (s->n_keep_fd_store > 0) -+ return; -+ - log_unit_debug(UNIT(s)->id, "Releasing all stored fds"); - while (s->fd_store) - service_fd_store_unlink(s->fd_store); -@@ -272,7 +275,7 @@ static void service_release_fd_store(Service *s) { - assert(s->n_fd_store == 0); - } - --static void service_release_resources(Unit *u, bool inactive) { -+static void service_release_resources(Unit *u) { - Service *s = SERVICE(u); - - assert(s); -@@ -282,8 +285,7 @@ static void service_release_resources(Unit *u, bool inactive) { - - log_unit_debug(u->id, "Releasing resources."); - -- if (inactive) -- service_release_fd_store(s); -+ service_release_fd_store(s); - } - - static void service_done(Unit *u) { -@@ -331,7 +333,7 @@ static void service_done(Unit *u) { - - s->timer_event_source = sd_event_source_unref(s->timer_event_source); - -- service_release_resources(u, true); -+ service_release_resources(u); - } - - static int on_fd_store_io(sd_event_source *e, int fd, uint32_t revents, void *userdata) { -@@ -1354,6 +1356,10 @@ static void service_enter_dead(Service *s, ServiceResult f, bool allow_restart) - if (f != SERVICE_SUCCESS) - s->result = f; - -+ /* Make sure service_release_resources() doesn't destroy our FD store, while we are changing through -+ * SERVICE_FAILED/SERVICE_DEAD before entering into SERVICE_AUTO_RESTART. */ -+ s->n_keep_fd_store++; -+ - service_set_state(s, s->result != SERVICE_SUCCESS ? SERVICE_FAILED : SERVICE_DEAD); - - if (s->result != SERVICE_SUCCESS) { -@@ -1375,12 +1381,19 @@ static void service_enter_dead(Service *s, ServiceResult f, bool allow_restart) - (!IN_SET(s->main_exec_status.code, CLD_KILLED, CLD_DUMPED) || !set_contains(s->restart_prevent_status.signal, INT_TO_PTR(s->main_exec_status.status)))) { - - r = service_arm_timer(s, s->restart_usec); -- if (r < 0) -+ if (r < 0) { -+ s->n_keep_fd_store--; - goto fail; -+ } - - service_set_state(s, SERVICE_AUTO_RESTART); - } - -+ /* The new state is in effect, let's decrease the fd store ref counter again. Let's also readd us to the GC -+ * queue, so that the fd store is possibly gc'ed again */ -+ s->n_keep_fd_store--; -+ unit_add_to_gc_queue(UNIT(s)); -+ - s->forbid_restart = false; - - /* We want fresh tmpdirs in case service is started again immediately */ -diff --git a/src/core/service.h b/src/core/service.h -index e0547a464e..81b17db652 100644 ---- a/src/core/service.h -+++ b/src/core/service.h -@@ -214,6 +214,7 @@ struct Service { - ServiceFDStore *fd_store; - unsigned n_fd_store; - unsigned n_fd_store_max; -+ unsigned n_keep_fd_store; - }; - - extern const UnitVTable service_vtable; -diff --git a/src/core/unit.c b/src/core/unit.c -index 33e0b7126b..e74c6bc2cc 100644 ---- a/src/core/unit.c -+++ b/src/core/unit.c -@@ -284,7 +284,6 @@ int unit_set_description(Unit *u, const char *description) { - - bool unit_may_gc(Unit *u) { - UnitActiveState state; -- bool inactive; - assert(u); - - /* Checks whether the unit is ready to be unloaded for garbage collection. -@@ -302,17 +301,14 @@ bool unit_may_gc(Unit *u) { - return false; - - state = unit_active_state(u); -- inactive = state == UNIT_INACTIVE; - -- /* If the unit is inactive and failed and no job is queued for -- * it, then release its runtime resources */ -+ /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */ - if (UNIT_IS_INACTIVE_OR_FAILED(state) && - UNIT_VTABLE(u)->release_resources) -- UNIT_VTABLE(u)->release_resources(u, inactive); -+ UNIT_VTABLE(u)->release_resources(u); - -- /* But we keep the unit object around for longer when it is -- * referenced or configured to not be gc'ed */ -- if (!inactive) -+ /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */ -+ if (state != UNIT_INACTIVE) - return false; - - if (UNIT_VTABLE(u)->no_gc) -diff --git a/src/core/unit.h b/src/core/unit.h -index 97a63f0f8b..61ff59e8c7 100644 ---- a/src/core/unit.h -+++ b/src/core/unit.h -@@ -357,9 +357,8 @@ struct UnitVTable { - * even though nothing references it and it isn't active in any way. */ - bool (*may_gc)(Unit *u); - -- /* When the unit is not running and no job for it queued we -- * shall release its runtime resources */ -- void (*release_resources)(Unit *u, bool inactive); -+ /* When the unit is not running and no job for it queued we shall release its runtime resources */ -+ void (*release_resources)(Unit *u); - - /* Return true when this unit is suitable for snapshotting */ - bool (*check_snapshot)(Unit *u); diff --git a/SOURCES/0763-tests-add-basic-journal-test.patch b/SOURCES/0763-tests-add-basic-journal-test.patch deleted file mode 100644 index ae0bb52..0000000 --- a/SOURCES/0763-tests-add-basic-journal-test.patch +++ /dev/null @@ -1,146 +0,0 @@ -From b62a63582b7985b2fb331a1eab60c1e007a16ac5 Mon Sep 17 00:00:00 2001 -From: Evgeny Vereshchagin -Date: Tue, 17 Nov 2015 11:21:23 +0000 -Subject: [PATCH] tests: add basic journal test - -(cherry picked from commit 1c36b4a73b876258fbe01fbe9bc9b750b7dcc9ce) -(cherry picked from commit e974b9915ccc7bf56d23fd6fc67631990d893c89) -(cherry picked from commit d87be62e67f4d7ee8cbd3496a85344f845498c2f) -Related: #1798162 ---- - test/TEST-04-JOURNAL/Makefile | 1 + - test/TEST-04-JOURNAL/test-journal.sh | 18 +++++++ - test/TEST-04-JOURNAL/test.sh | 76 ++++++++++++++++++++++++++++ - test/test-functions | 2 +- - 4 files changed, 96 insertions(+), 1 deletion(-) - create mode 120000 test/TEST-04-JOURNAL/Makefile - create mode 100755 test/TEST-04-JOURNAL/test-journal.sh - create mode 100755 test/TEST-04-JOURNAL/test.sh - -diff --git a/test/TEST-04-JOURNAL/Makefile b/test/TEST-04-JOURNAL/Makefile -new file mode 120000 -index 0000000000..e9f93b1104 ---- /dev/null -+++ b/test/TEST-04-JOURNAL/Makefile -@@ -0,0 +1 @@ -+../TEST-01-BASIC/Makefile -\ No newline at end of file -diff --git a/test/TEST-04-JOURNAL/test-journal.sh b/test/TEST-04-JOURNAL/test-journal.sh -new file mode 100755 -index 0000000000..c75f396ceb ---- /dev/null -+++ b/test/TEST-04-JOURNAL/test-journal.sh -@@ -0,0 +1,18 @@ -+#!/bin/bash -+ -+set -x -+set -e -+set -o pipefail -+ -+# Test stdout stream -+ -+# Skip empty lines -+ID=$(journalctl --new-id128 | sed -n 2p) -+>/expected -+printf $'\n\n\n' | systemd-cat -t "$ID" --level-prefix false -+journalctl --flush -+journalctl -b -o cat -t "$ID" >/output -+cmp /expected /output -+ -+touch /testok -+exit 0 -diff --git a/test/TEST-04-JOURNAL/test.sh b/test/TEST-04-JOURNAL/test.sh -new file mode 100755 -index 0000000000..e37cb7d412 ---- /dev/null -+++ b/test/TEST-04-JOURNAL/test.sh -@@ -0,0 +1,76 @@ -+#!/bin/bash -+# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- -+# ex: ts=8 sw=4 sts=4 et filetype=sh -+TEST_DESCRIPTION="Journal-related tests" -+ -+. $TEST_BASE_DIR/test-functions -+ -+check_result_qemu() { -+ ret=1 -+ mkdir -p $TESTDIR/root -+ mount ${LOOPDEV}p1 $TESTDIR/root -+ [[ -e $TESTDIR/root/testok ]] && ret=0 -+ [[ -f $TESTDIR/root/failed ]] && cp -a $TESTDIR/root/failed $TESTDIR -+ cp -a $TESTDIR/root/var/log/journal $TESTDIR -+ umount $TESTDIR/root -+ [[ -f $TESTDIR/failed ]] && cat $TESTDIR/failed -+ ls -l $TESTDIR/journal/*/*.journal -+ test -s $TESTDIR/failed && ret=$(($ret+1)) -+ return $ret -+} -+ -+test_run() { -+ if run_qemu; then -+ check_result_qemu || return 1 -+ else -+ dwarn "can't run QEMU, skipping" -+ fi -+ if check_nspawn; then -+ run_nspawn -+ check_result_nspawn || return 1 -+ else -+ dwarn "can't run systemd-nspawn, skipping" -+ fi -+ return 0 -+} -+ -+test_setup() { -+ create_empty_image -+ mkdir -p $TESTDIR/root -+ mount ${LOOPDEV}p1 $TESTDIR/root -+ -+ # Create what will eventually be our root filesystem onto an overlay -+ ( -+ LOG_LEVEL=5 -+ eval $(udevadm info --export --query=env --name=${LOOPDEV}p2) -+ -+ setup_basic_environment -+ -+ # setup the testsuite service -+ cat >$initdir/etc/systemd/system/testsuite.service </dev/null -+ [[ $LOOPDEV ]] && losetup -d $LOOPDEV -+ return 0 -+} -+ -+do_test "$@" -diff --git a/test/test-functions b/test/test-functions -index e50ce556fd..d5e9650903 100644 ---- a/test/test-functions -+++ b/test/test-functions -@@ -12,7 +12,7 @@ if ! ROOTLIBDIR=$(pkg-config --variable=systemdutildir systemd); then - ROOTLIBDIR=/usr/lib/systemd - fi - --BASICTOOLS="test sh bash setsid loadkeys setfont login sulogin gzip sleep echo mount umount cryptsetup date dmsetup modprobe chmod chown ln" -+BASICTOOLS="test sh bash setsid loadkeys setfont login sulogin gzip sleep echo mount umount cryptsetup date dmsetup modprobe chmod chown ln sed cmp tee" - DEBUGTOOLS="df free ls stty cat ps ln ip route dmesg dhclient mkdir cp ping dhclient strace less grep id tty touch du sort hostname" - - function find_qemu_bin() { diff --git a/SOURCES/0763-units-add-Wants-initrd-cleanup.service-to-initrd-swi.patch b/SOURCES/0763-units-add-Wants-initrd-cleanup.service-to-initrd-swi.patch new file mode 100644 index 0000000..7dfc02e --- /dev/null +++ b/SOURCES/0763-units-add-Wants-initrd-cleanup.service-to-initrd-swi.patch @@ -0,0 +1,31 @@ +From 592fde970f4493b202ed0fc035e3f6785a850a55 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Tue, 11 Oct 2016 21:36:14 +0900 +Subject: [PATCH] units: add Wants=initrd-cleanup.service to + initrd-switch-root.target (#4345) + +`systemctl isolate initrd-switch-root.target` called by initrd-cleanup.service +kills initrd-cleanup.service itself. Then, initrd-cleanup.service failed and +system goes to emergency shell. +To prevent this problem, this commit adds `Wants=initrd-cleanup.service` to +initrd-switch-root.target. + +fixes: #4343. +(cherry picked from commit a8cb1dc3e0fa81affd01c8ed3df35e4c4520a24e) + +Related: #1560417 +--- + units/initrd-switch-root.target | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/units/initrd-switch-root.target b/units/initrd-switch-root.target +index f34768790b..934d82f667 100644 +--- a/units/initrd-switch-root.target ++++ b/units/initrd-switch-root.target +@@ -12,5 +12,5 @@ DefaultDependencies=no + Requires=initrd-switch-root.service + Before=initrd-switch-root.service + AllowIsolate=yes +-Wants=initrd-udevadm-cleanup-db.service initrd-root-fs.target initrd-fs.target systemd-journald.service ++Wants=initrd-udevadm-cleanup-db.service initrd-root-fs.target initrd-fs.target systemd-journald.service initrd-cleanup.service + After=initrd-udevadm-cleanup-db.service initrd-root-fs.target initrd-fs.target emergency.service emergency.target diff --git a/SOURCES/0764-tests-add-regression-test-for-systemctl-restart-syst.patch b/SOURCES/0764-tests-add-regression-test-for-systemctl-restart-syst.patch deleted file mode 100644 index 85a0408..0000000 --- a/SOURCES/0764-tests-add-regression-test-for-systemctl-restart-syst.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 0d93b2275f5c93148f509de28cefcf3b7cabc0c7 Mon Sep 17 00:00:00 2001 -From: Evgeny Vereshchagin -Date: Wed, 30 Dec 2015 03:33:43 +0000 -Subject: [PATCH] tests: add regression test for `systemctl restart - systemd-journald` - -See https://github.com/systemd/systemd/issues/2236 - -(cherry picked from commit 3889613ec6bc54b9e02955f62b9d5c5b571c3d4b) -(cherry picked from commit 4dc893c03fe9c56a3d3070fb8583f5584014aa49) -(cherry picked from commit 5c1904dbd1bd3301ce797d2764571b3e3669bec2) -Related: #1798162 ---- - test/TEST-04-JOURNAL/test-journal.sh | 8 ++++++++ - test/TEST-04-JOURNAL/test.sh | 9 +++++++++ - 2 files changed, 17 insertions(+) - -diff --git a/test/TEST-04-JOURNAL/test-journal.sh b/test/TEST-04-JOURNAL/test-journal.sh -index c75f396ceb..701b0cf724 100755 ---- a/test/TEST-04-JOURNAL/test-journal.sh -+++ b/test/TEST-04-JOURNAL/test-journal.sh -@@ -14,5 +14,13 @@ journalctl --flush - journalctl -b -o cat -t "$ID" >/output - cmp /expected /output - -+# Don't lose streams on restart -+systemctl start forever-print-hola -+sleep 3 -+systemctl restart systemd-journald -+sleep 3 -+systemctl stop forever-print-hola -+[[ ! -f "/i-lose-my-logs" ]] -+ - touch /testok - exit 0 -diff --git a/test/TEST-04-JOURNAL/test.sh b/test/TEST-04-JOURNAL/test.sh -index e37cb7d412..6aea67ba4e 100755 ---- a/test/TEST-04-JOURNAL/test.sh -+++ b/test/TEST-04-JOURNAL/test.sh -@@ -55,6 +55,15 @@ After=multi-user.target - [Service] - ExecStart=/test-journal.sh - Type=oneshot -+EOF -+ -+ cat >$initdir/etc/systemd/system/forever-print-hola.service < +Date: Mon, 28 Jan 2019 12:07:37 +0100 +Subject: [PATCH] units: make sure initrd-cleanup.service terminates before + switching to rootfs + +A follow-up for commit a8cb1dc3e0fa81aff. + +Commit a8cb1dc3e0fa81aff made sure that initrd-cleanup.service won't be stopped +when initrd-switch-root.target is isolated. + +However even with this change, it might happen that initrd-cleanup.service +survives the switch to rootfs (since it has no ordering constraints against +initrd-switch-root.target) and is stopped right after when default.target is +isolated. This led to initrd-cleanup.service entering in failed state as it +happens when oneshot services are stopped. + +This patch along with a8cb1dc3e0fa81aff should fix issue #4343. + +Fixes: #4343 +(cherry picked from commit e2c7c94ea35fe7e669afb51bfc2251158b522ea5) + +Related: #1560417 +--- + units/initrd-switch-root.target | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/units/initrd-switch-root.target b/units/initrd-switch-root.target +index 934d82f667..ada5b9e7fd 100644 +--- a/units/initrd-switch-root.target ++++ b/units/initrd-switch-root.target +@@ -13,4 +13,4 @@ Requires=initrd-switch-root.service + Before=initrd-switch-root.service + AllowIsolate=yes + Wants=initrd-udevadm-cleanup-db.service initrd-root-fs.target initrd-fs.target systemd-journald.service initrd-cleanup.service +-After=initrd-udevadm-cleanup-db.service initrd-root-fs.target initrd-fs.target emergency.service emergency.target ++After=initrd-udevadm-cleanup-db.service initrd-root-fs.target initrd-fs.target emergency.service emergency.target initrd-cleanup.service diff --git a/SOURCES/0765-core-tiny-tweak-for-cgroup-trimming-during-manager_f.patch b/SOURCES/0765-core-tiny-tweak-for-cgroup-trimming-during-manager_f.patch new file mode 100644 index 0000000..1101b8d --- /dev/null +++ b/SOURCES/0765-core-tiny-tweak-for-cgroup-trimming-during-manager_f.patch @@ -0,0 +1,37 @@ +From 83c66e1d0c1bc6e7522719250e77fad40a147870 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Tue, 9 Oct 2018 15:56:27 +0200 +Subject: [PATCH] core: tiny tweak for cgroup trimming during manager_free() + +Instead of blacklisting when not to trim the cgroup tree, let's instead +whitelist when to do it, as an excercise of being careful when being +destructive. + +This should not change behaviour with exception that during switch roots +we now won't attempt to trim the cgroup tree anymore. Which is more +correct behaviour after all we serialize/deserialize during the +transition and should be needlessly destructive. + +(cherry picked from commit 86036b26a1da4d90ca274d37e77c56980ab689fd) + +Resolves: #1630378 +--- + src/core/manager.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/src/core/manager.c b/src/core/manager.c +index fdbb3c0fd9..afa4d2b8fa 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -998,9 +998,8 @@ Manager* manager_free(Manager *m) { + if (unit_vtable[c]->shutdown) + unit_vtable[c]->shutdown(m); + +- /* If we reexecute ourselves, we keep the root cgroup +- * around */ +- manager_shutdown_cgroup(m, m->exit_code != MANAGER_REEXECUTE); ++ /* Keep the cgroup hierarchy in place except when we know we are going down for good */ ++ manager_shutdown_cgroup(m, IN_SET(m->exit_code, MANAGER_EXIT, MANAGER_REBOOT, MANAGER_POWEROFF, MANAGER_HALT, MANAGER_KEXEC)); + + manager_undo_generators(m); + diff --git a/SOURCES/0765-tests-add-test-that-journald-keeps-fds-over-terminat.patch b/SOURCES/0765-tests-add-test-that-journald-keeps-fds-over-terminat.patch deleted file mode 100644 index a5d2b7a..0000000 --- a/SOURCES/0765-tests-add-test-that-journald-keeps-fds-over-terminat.patch +++ /dev/null @@ -1,34 +0,0 @@ -From cdf21cebfbe324917b7609edb08f23aa940ef038 Mon Sep 17 00:00:00 2001 -From: Evgeny Vereshchagin -Date: Thu, 20 Oct 2016 13:18:12 +0000 -Subject: [PATCH] tests: add test that journald keeps fds over termination by - signal - -This test fails before previous commit, and passes with it. - -(cherry picked from commit bff653e3970bb79832568ae86b095ee530b62302) -(cherry picked from commit ee8f69ae5ddac6f05c56ea7dbcb76fbbb2e355ee) -(cherry picked from commit ad0bd9f2a41b62fa2f08eeceeff4969e83bfc32a) -Related: #1798162 ---- - test/TEST-04-JOURNAL/test-journal.sh | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/test/TEST-04-JOURNAL/test-journal.sh b/test/TEST-04-JOURNAL/test-journal.sh -index 701b0cf724..d0b05c46d6 100755 ---- a/test/TEST-04-JOURNAL/test-journal.sh -+++ b/test/TEST-04-JOURNAL/test-journal.sh -@@ -22,5 +22,13 @@ sleep 3 - systemctl stop forever-print-hola - [[ ! -f "/i-lose-my-logs" ]] - -+# https://github.com/systemd/systemd/issues/4408 -+rm -f /i-lose-my-logs -+systemctl start forever-print-hola -+sleep 3 -+systemctl kill --signal=SIGKILL systemd-journald -+sleep 3 -+[[ ! -f "/i-lose-my-logs" ]] -+ - touch /testok - exit 0 diff --git a/SOURCES/0766-process-an-empty-environment-block-should-be-returne.patch b/SOURCES/0766-process-an-empty-environment-block-should-be-returne.patch new file mode 100644 index 0000000..5133a2a --- /dev/null +++ b/SOURCES/0766-process-an-empty-environment-block-should-be-returne.patch @@ -0,0 +1,35 @@ +From c145af2a34a47f357711a2ae97c3d71db8df905f Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Thu, 23 Jul 2015 23:47:54 +0200 +Subject: [PATCH] process: an empty environment block should be returned as + such + +An empty env block is completely valid, hence return it as such, and +don't turn it into an error. + +(cherry picked from commit 03c55bc0b980e2a6aaf6f166a9271ed8ecce2222) + +Resolves: #1685648 +--- + src/shared/util.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/src/shared/util.c b/src/shared/util.c +index 07de902aaf..82c8e433dd 100644 +--- a/src/shared/util.c ++++ b/src/shared/util.c +@@ -954,7 +954,13 @@ int get_process_environ(pid_t pid, char **env) { + sz += cescape_char(c, outcome + sz); + } + +- outcome[sz] = '\0'; ++ if (!outcome) { ++ outcome = strdup(""); ++ if (!outcome) ++ return -ENOMEM; ++ } else ++ outcome[sz] = '\0'; ++ + *env = outcome; + outcome = NULL; + diff --git a/SOURCES/0767-core-make-sure-initrd-switch-root-command-survives-P.patch b/SOURCES/0767-core-make-sure-initrd-switch-root-command-survives-P.patch new file mode 100644 index 0000000..912e428 --- /dev/null +++ b/SOURCES/0767-core-make-sure-initrd-switch-root-command-survives-P.patch @@ -0,0 +1,59 @@ +From 5e68640c5b25b3b682ca8ce92a4a573e8dfba6ae Mon Sep 17 00:00:00 2001 +From: Franck Bui +Date: Thu, 24 Nov 2016 18:52:04 +0100 +Subject: [PATCH] core: make sure initrd-switch-root command survives PID1's + killing spree (#4730) + +This is a different way to implement the fix proposed by commit +a4021390fef27f4136497328f suggested by Lennart Poettering. + +In this patch we instruct PID1 to not kill "systemctl switch-root" command +started by initrd-switch-root service using the "argv[0][0]='@'" trick. + +See: https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons/ for +more details. + +We had to backup argv[0] because argv is modified by dispatch_verb(). + +(cherry picked from commit acc28e2e3037d689d6481e4664925cf31d4d087b) + +Related: #1754053 +--- + src/systemctl/systemctl.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c +index f31137787a..f84b92ccbe 100644 +--- a/src/systemctl/systemctl.c ++++ b/src/systemctl/systemctl.c +@@ -128,6 +128,7 @@ static const char *arg_kill_who = NULL; + static int arg_signal = SIGTERM; + static const char *arg_root = NULL; + static usec_t arg_when = 0; ++static char *argv_cmdline = NULL; + static enum action { + _ACTION_INVALID, + ACTION_SYSTEMCTL, +@@ -5060,6 +5061,13 @@ static int switch_root(sd_bus *bus, char **args) { + init = NULL; + } + ++ /* Instruct PID1 to exclude us from its killing spree applied during ++ * the transition from the initrd to the main system otherwise we would ++ * exit with a failure status even though the switch to the new root ++ * has succeed. */ ++ if (in_initrd()) ++ argv_cmdline[0] = '@'; ++ + log_debug("Switching root - root: %s; init: %s", root, strna(init)); + + r = sd_bus_call_method( +@@ -7626,6 +7634,8 @@ int main(int argc, char*argv[]) { + _cleanup_bus_close_unref_ sd_bus *bus = NULL; + int r; + ++ argv_cmdline = argv[0]; ++ + setlocale(LC_ALL, ""); + log_parse_environment(); + log_open(); diff --git a/SOURCES/0768-systemctl-always-avoid-being-killed-when-doing-switc.patch b/SOURCES/0768-systemctl-always-avoid-being-killed-when-doing-switc.patch new file mode 100644 index 0000000..cba44fc --- /dev/null +++ b/SOURCES/0768-systemctl-always-avoid-being-killed-when-doing-switc.patch @@ -0,0 +1,34 @@ +From 1be885f0e0f7023d1adc09fb0b247935c1a0b3bd Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Sat, 28 Jan 2017 21:18:31 -0500 +Subject: [PATCH] systemctl: always avoid being killed when doing switch-root + +The same logic as described in acc28e2e3037d689d6481e applies to any time we are +switching root, to just set the flag unconditionally. + +(cherry picked from commit b3ad0ff48c154ed056a6bded2adac609395a9439) + +Related: #1754053 +--- + src/systemctl/systemctl.c | 8 +++----- + 1 file changed, 3 insertions(+), 5 deletions(-) + +diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c +index f84b92ccbe..0928e2972a 100644 +--- a/src/systemctl/systemctl.c ++++ b/src/systemctl/systemctl.c +@@ -5062,11 +5062,9 @@ static int switch_root(sd_bus *bus, char **args) { + } + + /* Instruct PID1 to exclude us from its killing spree applied during +- * the transition from the initrd to the main system otherwise we would +- * exit with a failure status even though the switch to the new root +- * has succeed. */ +- if (in_initrd()) +- argv_cmdline[0] = '@'; ++ * the transition. Otherwise we would exit with a failure status even ++ * though the switch to the new root has succeed. */ ++ argv_cmdline[0] = '@'; + + log_debug("Switching root - root: %s; init: %s", root, strna(init)); + diff --git a/SOURCES/0769-units-drop-KillMode-from-initrd-switch-root.service.patch b/SOURCES/0769-units-drop-KillMode-from-initrd-switch-root.service.patch new file mode 100644 index 0000000..fe2896a --- /dev/null +++ b/SOURCES/0769-units-drop-KillMode-from-initrd-switch-root.service.patch @@ -0,0 +1,27 @@ +From 7872e75d4be31e6ba295c8360e801fd133ee6d76 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Sun, 29 Jan 2017 12:45:51 -0500 +Subject: [PATCH] units: drop KillMode= from initrd-switch-root.service + +The service already has DefaultDeps disabled, so systemd should not try to stop +it. And if it *does* get stopped, we don't want the zombie process around. +KillMode=none does not change anything in the killall() phase, and we already +use argv[0][0] = '@' to protect against that anyway. KillMode=none should not +be useful in normal operation, so let's leave it out. + +(cherry picked from commit 0af9a194ca0243fcb206499116e28612f571bd91) + +Related: #1754053 +--- + units/initrd-switch-root.service.in | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/units/initrd-switch-root.service.in b/units/initrd-switch-root.service.in +index 82893dafb1..d8e35c79fe 100644 +--- a/units/initrd-switch-root.service.in ++++ b/units/initrd-switch-root.service.in +@@ -17,4 +17,3 @@ AllowIsolate=yes + Type=oneshot + # we have to use "--force" here, otherwise systemd would umount /run + ExecStart=@rootbindir@/systemctl --no-block --force switch-root /sysroot +-KillMode=none diff --git a/SOURCES/0770-systemctl-ignore-SIGTERM-after-switch-root.patch b/SOURCES/0770-systemctl-ignore-SIGTERM-after-switch-root.patch new file mode 100644 index 0000000..be66455 --- /dev/null +++ b/SOURCES/0770-systemctl-ignore-SIGTERM-after-switch-root.patch @@ -0,0 +1,41 @@ +From 928f72e2070685886c0266891a74ca266587755a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 30 Jan 2017 13:06:10 -0500 +Subject: [PATCH] systemctl: ignore SIGTERM after switch root + +https://bugzilla.redhat.com/show_bug.cgi?id=1414904#c14 and #c15. +(cherry picked from commit 8a7a9ceab204fb02fd5d93a765b36b31efeb9beb) + +Resolves: #1754053 +--- + src/systemctl/systemctl.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c +index 0928e2972a..398727cc7d 100644 +--- a/src/systemctl/systemctl.c ++++ b/src/systemctl/systemctl.c +@@ -5066,6 +5066,14 @@ static int switch_root(sd_bus *bus, char **args) { + * though the switch to the new root has succeed. */ + argv_cmdline[0] = '@'; + ++ /* If we are slow to exit after the root switch, the new systemd instance ++ * will send us a signal to terminate. Just ignore it and exit normally. ++ * This way the unit does not end up as failed. ++ */ ++ r = ignore_signals(SIGTERM, -1); ++ if (r < 0) ++ log_warning_errno(r, "Failed to change disposition of SIGTERM to ignore: %m"); ++ + log_debug("Switching root - root: %s; init: %s", root, strna(init)); + + r = sd_bus_call_method( +@@ -5078,6 +5086,8 @@ static int switch_root(sd_bus *bus, char **args) { + NULL, + "ss", root, init); + if (r < 0) { ++ (void) default_signals(SIGTERM, -1); ++ + log_error("Failed to switch root: %s", bus_error_message(&error, r)); + return r; + } diff --git a/SOURCES/0771-units-restore-Before-dependencies-for-systemd-vconso.patch b/SOURCES/0771-units-restore-Before-dependencies-for-systemd-vconso.patch new file mode 100644 index 0000000..9672d49 --- /dev/null +++ b/SOURCES/0771-units-restore-Before-dependencies-for-systemd-vconso.patch @@ -0,0 +1,37 @@ +From 9335b508002f0d10c64011a90d81b515b53f0ac3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 31 Jan 2017 00:34:33 -0500 +Subject: [PATCH] units: restore Before dependencies for + systemd-vconsole-setup.service + +When the service is run in the initramfs, it is possible for it to get started +and not be fast enough to exit before the root switch happens. It is started +multiple times (depending on the consoles being detected), and runs +asynchronously, so this is quite likely. It'll then get killed by killall(), +and systemd will consider the service failed. To avoid all this, just wait +for the service to terminate on it's own. + +Before=initrd-switch-root.target should be good for the initramfs, and +Before=shutdown.tuarget should be good for the real system, although it's +unlikely to make any difference there. + +(cherry picked from commit 750e550eba362096d56a35104c6a32631aa67b8e) + +Related: #1754053 +--- + units/systemd-vconsole-setup.service.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/units/systemd-vconsole-setup.service.in b/units/systemd-vconsole-setup.service.in +index 18faa63f28..8aba67b393 100644 +--- a/units/systemd-vconsole-setup.service.in ++++ b/units/systemd-vconsole-setup.service.in +@@ -11,7 +11,7 @@ Documentation=man:systemd-vconsole-setup.service(8) man:vconsole.conf(5) + DefaultDependencies=no + Conflicts=shutdown.target + After=systemd-readahead-collect.service systemd-readahead-replay.service +-Before=sysinit.target shutdown.target ++Before=sysinit.target initrd-switch-root.target shutdown.target + ConditionPathExists=/dev/tty0 + + [Service] diff --git a/SOURCES/0772-core-reduce-the-number-of-stalled-PIDs-from-the-watc.patch b/SOURCES/0772-core-reduce-the-number-of-stalled-PIDs-from-the-watc.patch new file mode 100644 index 0000000..0021a1d --- /dev/null +++ b/SOURCES/0772-core-reduce-the-number-of-stalled-PIDs-from-the-watc.patch @@ -0,0 +1,405 @@ +From 7aff4320eab8b12b19a8800a13f6573c0cdda946 Mon Sep 17 00:00:00 2001 +From: Franck Bui +Date: Mon, 18 Mar 2019 20:59:36 +0100 +Subject: [PATCH] core: reduce the number of stalled PIDs from the watched + processes list when possible + +Some PIDs can remain in the watched list even though their processes have +exited since a long time. It can easily happen if the main process of a forking +service manages to spawn a child before the control process exits for example. + +However when a pid is about to be mapped to a unit by calling unit_watch_pid(), +the caller usually knows if the pid should belong to this unit exclusively: if +we just forked() off a child, then we can be sure that its PID is otherwise +unused. In this case we take this opportunity to remove any stalled PIDs from +the watched process list. + +If we learnt about a PID in any other form (for example via PID file, via +searching, MAINPID= and so on), then we can't assume anything. + +(cherry picked from commit f75f613d259e9332be8e9657fa37e73f7aabcb8a) + +Resolves: #1501796 +--- + src/core/busname.c | 4 ++-- + src/core/cgroup.c | 8 +++----- + src/core/dbus-scope.c | 2 +- + src/core/mount.c | 4 ++-- + src/core/service.c | 24 ++++++++++-------------- + src/core/socket.c | 6 +++--- + src/core/swap.c | 4 ++-- + src/core/unit.c | 25 ++++++++++++++++++++++--- + src/core/unit.h | 2 +- + src/shared/util.c | 14 ++++++++++++++ + src/shared/util.h | 1 + + 11 files changed, 61 insertions(+), 33 deletions(-) + +diff --git a/src/core/busname.c b/src/core/busname.c +index f5553e5418..8d149aae4e 100644 +--- a/src/core/busname.c ++++ b/src/core/busname.c +@@ -350,7 +350,7 @@ static int busname_coldplug(Unit *u, Hashmap *deferred_work) { + if (n->control_pid <= 0) + return -EBADMSG; + +- r = unit_watch_pid(UNIT(n), n->control_pid); ++ r = unit_watch_pid(UNIT(n), n->control_pid, false); + if (r < 0) + return r; + +@@ -413,7 +413,7 @@ static int busname_make_starter(BusName *n, pid_t *_pid) { + _exit(ret); + } + +- r = unit_watch_pid(UNIT(n), pid); ++ r = unit_watch_pid(UNIT(n), pid, true); + if (r < 0) + goto fail; + +diff --git a/src/core/cgroup.c b/src/core/cgroup.c +index 0779fa5552..0ce265dbf4 100644 +--- a/src/core/cgroup.c ++++ b/src/core/cgroup.c +@@ -26,6 +26,7 @@ + #include "special.h" + #include "cgroup-util.h" + #include "cgroup.h" ++#include "util.h" + + #define CGROUP_CPU_QUOTA_PERIOD_USEC ((usec_t) 100 * USEC_PER_MSEC) + +@@ -881,7 +882,7 @@ void unit_destroy_cgroup_if_empty(Unit *u) { + + pid_t unit_search_main_pid(Unit *u) { + _cleanup_fclose_ FILE *f = NULL; +- pid_t pid = 0, npid, mypid; ++ pid_t pid = 0, npid; + + assert(u); + +@@ -891,15 +892,12 @@ pid_t unit_search_main_pid(Unit *u) { + if (cg_enumerate_processes(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, &f) < 0) + return 0; + +- mypid = getpid(); + while (cg_read_pid(f, &npid) > 0) { +- pid_t ppid; +- + if (npid == pid) + continue; + + /* Ignore processes that aren't our kids */ +- if (get_parent_of_pid(npid, &ppid) >= 0 && ppid != mypid) ++ if (pid_is_my_child(npid) == 0) + continue; + + if (pid != 0) { +diff --git a/src/core/dbus-scope.c b/src/core/dbus-scope.c +index 60215a1935..f31360ad56 100644 +--- a/src/core/dbus-scope.c ++++ b/src/core/dbus-scope.c +@@ -93,7 +93,7 @@ static int bus_scope_set_transient_property( + return -EINVAL; + + if (mode != UNIT_CHECK) { +- r = unit_watch_pid(UNIT(s), pid); ++ r = unit_watch_pid(UNIT(s), pid, false); + if (r < 0 && r != -EEXIST) + return r; + } +diff --git a/src/core/mount.c b/src/core/mount.c +index bfbfc10731..3167bd6bb1 100644 +--- a/src/core/mount.c ++++ b/src/core/mount.c +@@ -659,7 +659,7 @@ static int mount_coldplug(Unit *u, Hashmap *deferred_work) { + if (m->control_pid <= 0) + return -EBADMSG; + +- r = unit_watch_pid(UNIT(m), m->control_pid); ++ r = unit_watch_pid(UNIT(m), m->control_pid, false); + if (r < 0) + return r; + +@@ -751,7 +751,7 @@ static int mount_spawn(Mount *m, ExecCommand *c, pid_t *_pid) { + if (r < 0) + goto fail; + +- r = unit_watch_pid(UNIT(m), pid); ++ r = unit_watch_pid(UNIT(m), pid, true); + if (r < 0) + /* FIXME: we need to do something here */ + goto fail; +diff --git a/src/core/service.c b/src/core/service.c +index f7b859d076..1ad154e41f 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -145,8 +145,6 @@ static void service_unwatch_pid_file(Service *s) { + } + + static int service_set_main_pid(Service *s, pid_t pid) { +- pid_t ppid; +- + assert(s); + + if (pid <= 1) +@@ -165,12 +163,10 @@ static int service_set_main_pid(Service *s, pid_t pid) { + + s->main_pid = pid; + s->main_pid_known = true; ++ s->main_pid_alien = pid_is_my_child(pid) == 0; + +- if (get_parent_of_pid(pid, &ppid) >= 0 && ppid != getpid()) { ++ if (s->main_pid_alien) + log_unit_warning(UNIT(s)->id, "%s: Supervising process "PID_FMT" which is not our child. We'll most likely not notice when it exits.", UNIT(s)->id, pid); +- s->main_pid_alien = true; +- } else +- s->main_pid_alien = false; + + return 0; + } +@@ -809,7 +805,7 @@ static int service_load_pid_file(Service *s, bool may_warn) { + if (r < 0) + return r; + +- r = unit_watch_pid(UNIT(s), pid); ++ r = unit_watch_pid(UNIT(s), pid, false); + if (r < 0) { + /* FIXME: we need to do something here */ + log_unit_warning(UNIT(s)->id, "Failed to watch PID "PID_FMT" from service %s", pid, UNIT(s)->id); +@@ -844,7 +840,7 @@ static int service_search_main_pid(Service *s) { + if (r < 0) + return r; + +- r = unit_watch_pid(UNIT(s), pid); ++ r = unit_watch_pid(UNIT(s), pid, false); + if (r < 0) { + /* FIXME: we need to do something here */ + log_unit_warning(UNIT(s)->id, "Failed to watch PID "PID_FMT" from service %s", pid, UNIT(s)->id); +@@ -989,7 +985,7 @@ static int service_coldplug(Unit *u, Hashmap *deferred_work) { + SERVICE_STOP, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, + SERVICE_STOP_SIGABRT, SERVICE_STOP_POST, + SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL))) { +- r = unit_watch_pid(UNIT(s), s->main_pid); ++ r = unit_watch_pid(UNIT(s), s->main_pid, false); + if (r < 0) + return r; + } +@@ -1001,7 +997,7 @@ static int service_coldplug(Unit *u, Hashmap *deferred_work) { + SERVICE_STOP, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, + SERVICE_STOP_SIGABRT, SERVICE_STOP_POST, + SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL)) { +- r = unit_watch_pid(UNIT(s), s->control_pid); ++ r = unit_watch_pid(UNIT(s), s->control_pid, false); + if (r < 0) + return r; + } +@@ -1271,7 +1267,7 @@ static int service_spawn( + if (r < 0) + goto fail; + +- r = unit_watch_pid(UNIT(s), pid); ++ r = unit_watch_pid(UNIT(s), pid, true); + if (r < 0) + /* FIXME: we need to do something here */ + goto fail; +@@ -2325,7 +2321,7 @@ static int service_deserialize_item(Unit *u, const char *key, const char *value, + log_unit_debug(u->id, "Failed to parse main-pid value %s", value); + else { + service_set_main_pid(s, pid); +- unit_watch_pid(UNIT(s), pid); ++ unit_watch_pid(UNIT(s), pid, false); + } + } else if (streq(key, "main-pid-known")) { + int b; +@@ -3085,7 +3081,7 @@ static void service_notify_message( + } + if (r > 0) { + service_set_main_pid(s, new_main_pid); +- unit_watch_pid(UNIT(s), new_main_pid); ++ unit_watch_pid(UNIT(s), new_main_pid, false); + notify_dbus = true; + } + } +@@ -3265,7 +3261,7 @@ static void service_bus_name_owner_change( + log_unit_debug(u->id, "%s's D-Bus name %s is now owned by process %u", u->id, name, (unsigned) pid); + + service_set_main_pid(s, pid); +- unit_watch_pid(UNIT(s), pid); ++ unit_watch_pid(UNIT(s), pid, false); + } + } + } +diff --git a/src/core/socket.c b/src/core/socket.c +index 1e8ae0a6e5..a5f610cd77 100644 +--- a/src/core/socket.c ++++ b/src/core/socket.c +@@ -1350,7 +1350,7 @@ static int socket_coldplug(Unit *u, Hashmap *deferred_work) { + if (s->control_pid <= 0) + return -EBADMSG; + +- r = unit_watch_pid(UNIT(s), s->control_pid); ++ r = unit_watch_pid(UNIT(s), s->control_pid, false); + if (r < 0) + return r; + +@@ -1427,7 +1427,7 @@ static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) { + if (r < 0) + goto fail; + +- r = unit_watch_pid(UNIT(s), pid); ++ r = unit_watch_pid(UNIT(s), pid, true); + if (r < 0) + /* FIXME: we need to do something here */ + goto fail; +@@ -1512,7 +1512,7 @@ static int socket_chown(Socket *s, pid_t *_pid) { + _exit(ret); + } + +- r = unit_watch_pid(UNIT(s), pid); ++ r = unit_watch_pid(UNIT(s), pid, true); + if (r < 0) + goto fail; + +diff --git a/src/core/swap.c b/src/core/swap.c +index 757a8d45c5..4a5e882332 100644 +--- a/src/core/swap.c ++++ b/src/core/swap.c +@@ -548,7 +548,7 @@ static int swap_coldplug(Unit *u, Hashmap *deferred_work) { + if (s->control_pid <= 0) + return -EBADMSG; + +- r = unit_watch_pid(UNIT(s), s->control_pid); ++ r = unit_watch_pid(UNIT(s), s->control_pid, false); + if (r < 0) + return r; + +@@ -645,7 +645,7 @@ static int swap_spawn(Swap *s, ExecCommand *c, pid_t *_pid) { + if (r < 0) + goto fail; + +- r = unit_watch_pid(UNIT(s), pid); ++ r = unit_watch_pid(UNIT(s), pid, true); + if (r < 0) + /* FIXME: we need to do something here */ + goto fail; +diff --git a/src/core/unit.c b/src/core/unit.c +index def36a0930..cdac192eb6 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -52,6 +52,7 @@ + #include "execute.h" + #include "virt.h" + #include "dropin.h" ++#include "util.h" + + const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = { + [UNIT_SERVICE] = &service_vtable, +@@ -1961,7 +1962,7 @@ void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_su + unit_add_to_gc_queue(u); + } + +-int unit_watch_pid(Unit *u, pid_t pid) { ++int unit_watch_pid(Unit *u, pid_t pid, bool exclusive) { + int q, r; + + assert(u); +@@ -1970,6 +1971,15 @@ int unit_watch_pid(Unit *u, pid_t pid) { + /* Watch a specific PID. We only support one or two units + * watching each PID for now, not more. */ + ++ /* Caller might be sure that this PID belongs to this unit only. Let's take this ++ * opportunity to remove any stalled references to this PID as they can be created ++ * easily (when watching a process which is not our direct child). */ ++ if (exclusive) { ++ log_unit_debug(u->id, "Cleaning "PID_FMT" from watches.", pid); ++ hashmap_remove2(u->manager->watch_pids1, LONG_TO_PTR(pid), NULL); ++ hashmap_remove2(u->manager->watch_pids2, LONG_TO_PTR(pid), NULL); ++ } ++ + r = set_ensure_allocated(&u->pids, NULL); + if (r < 0) + return r; +@@ -1985,7 +1995,12 @@ int unit_watch_pid(Unit *u, pid_t pid) { + return r; + + r = hashmap_put(u->manager->watch_pids2, LONG_TO_PTR(pid), u); +- } ++ if (r >= 0) ++ log_unit_debug(u->id, "Watching "PID_FMT" through watch_pids2.", pid); ++ else if (r == -EEXIST) ++ log_unit_warning(u->id, "Cannot watch "PID_FMT", PID is already watched twice.", pid); ++ } else if (r >= 0) ++ log_unit_debug(u->id, "Watching "PID_FMT" through watch_pids1.", pid); + + q = set_put(u->pids, LONG_TO_PTR(pid)); + if (q < 0) +@@ -1998,6 +2013,8 @@ void unit_unwatch_pid(Unit *u, pid_t pid) { + assert(u); + assert(pid >= 1); + ++ log_unit_debug(u->id, "Unwatching "PID_FMT".", pid); ++ + hashmap_remove_value(u->manager->watch_pids1, LONG_TO_PTR(pid), u); + hashmap_remove_value(u->manager->watch_pids2, LONG_TO_PTR(pid), u); + set_remove(u->pids, LONG_TO_PTR(pid)); +@@ -2028,7 +2045,9 @@ static int unit_watch_pids_in_path(Unit *u, const char *path) { + pid_t pid; + + while ((r = cg_read_pid(f, &pid)) > 0) { +- r = unit_watch_pid(u, pid); ++ if (pid_is_my_child(pid) == 0) ++ log_unit_debug(u->id, "Watching non detached "PID_FMT".", pid); ++ r = unit_watch_pid(u, pid, false); + if (r < 0 && ret >= 0) + ret = r; + } +diff --git a/src/core/unit.h b/src/core/unit.h +index a6e21d60ce..4a8bd79052 100644 +--- a/src/core/unit.h ++++ b/src/core/unit.h +@@ -537,7 +537,7 @@ int unit_kill_common(Unit *u, KillWho who, int signo, pid_t main_pid, pid_t cont + + void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success); + +-int unit_watch_pid(Unit *u, pid_t pid); ++int unit_watch_pid(Unit *u, pid_t pid, bool exclusive); + void unit_unwatch_pid(Unit *u, pid_t pid); + int unit_watch_all_pids(Unit *u); + void unit_unwatch_all_pids(Unit *u); +diff --git a/src/shared/util.c b/src/shared/util.c +index 82c8e433dd..127a64c3c6 100644 +--- a/src/shared/util.c ++++ b/src/shared/util.c +@@ -641,6 +641,20 @@ int get_parent_of_pid(pid_t pid, pid_t *_ppid) { + return 0; + } + ++int pid_is_my_child(pid_t pid) { ++ pid_t ppid; ++ int r; ++ ++ if (pid <= 1) ++ return false; ++ ++ r = get_parent_of_pid(pid, &ppid); ++ if (r < 0) ++ return r; ++ ++ return ppid == getpid(); ++} ++ + int fchmod_umask(int fd, mode_t m) { + mode_t u; + int r; +diff --git a/src/shared/util.h b/src/shared/util.h +index 538ca4be2d..6b885d7533 100644 +--- a/src/shared/util.h ++++ b/src/shared/util.h +@@ -279,6 +279,7 @@ const char* split(const char **state, size_t *l, const char *separator, bool quo + for ((state) = (s), (word) = split(&(state), &(length), (separator), (quoted)); (word); (word) = split(&(state), &(length), (separator), (quoted))) + + pid_t get_parent_of_pid(pid_t pid, pid_t *ppid); ++int pid_is_my_child(pid_t pid); + + char *strappend(const char *s, const char *suffix); + char *strnappend(const char *s, const char *suffix, size_t length); diff --git a/SOURCES/0773-timedate-use-gmtime_r-and-localtime_r.patch b/SOURCES/0773-timedate-use-gmtime_r-and-localtime_r.patch new file mode 100644 index 0000000..49f0faa --- /dev/null +++ b/SOURCES/0773-timedate-use-gmtime_r-and-localtime_r.patch @@ -0,0 +1,78 @@ +From 52df8972d4005b23f7c2e52b0cf7210b8c594876 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Mon, 25 Jun 2018 14:29:25 +0200 +Subject: [PATCH] timedate: use gmtime_r() and localtime_r() + +gmtime() and localtime() operate on a static buffer. let's avoid this, +as we never know whether some library might use these calls in some +backrgound thread. + +Discovered by lgtm: + +https://lgtm.com/projects/g/systemd/systemd/ +(cherry picked from commit e46acb7950a9f07ac60d772309de842c444ad2bd) + +Resolves: #1694605 +--- + src/timedate/timedated.c | 20 ++++++++++---------- + 1 file changed, 10 insertions(+), 10 deletions(-) + +diff --git a/src/timedate/timedated.c b/src/timedate/timedated.c +index 09d0dbabcd..afd54a8936 100644 +--- a/src/timedate/timedated.c ++++ b/src/timedate/timedated.c +@@ -542,9 +542,9 @@ static int method_set_local_rtc(sd_bus *bus, sd_bus_message *m, void *userdata, + * initialize the timezone fields of + * struct tm. */ + if (c->local_rtc) +- tm = *localtime(&ts.tv_sec); ++ localtime_r(&ts.tv_sec, &tm); + else +- tm = *gmtime(&ts.tv_sec); ++ gmtime_r(&ts.tv_sec, &tm); + + /* Override the main fields of + * struct tm, but not the timezone +@@ -562,15 +562,15 @@ static int method_set_local_rtc(sd_bus *bus, sd_bus_message *m, void *userdata, + } + + } else { +- struct tm *tm; ++ struct tm tm; + + /* Sync RTC from system clock */ + if (c->local_rtc) +- tm = localtime(&ts.tv_sec); ++ localtime_r(&ts.tv_sec, &tm); + else +- tm = gmtime(&ts.tv_sec); ++ gmtime_r(&ts.tv_sec, &tm); + +- clock_set_hwclock(tm); ++ clock_set_hwclock(&tm); + } + + log_info("RTC configured to %s time.", c->local_rtc ? "local" : "UTC"); +@@ -585,7 +585,7 @@ static int method_set_time(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bu + Context *c = userdata; + int64_t utc; + struct timespec ts; +- struct tm* tm; ++ struct tm tm; + int r; + + assert(bus); +@@ -633,10 +633,10 @@ static int method_set_time(sd_bus *bus, sd_bus_message *m, void *userdata, sd_bu + + /* Sync down to RTC */ + if (c->local_rtc) +- tm = localtime(&ts.tv_sec); ++ localtime_r(&ts.tv_sec, &tm); + else +- tm = gmtime(&ts.tv_sec); +- clock_set_hwclock(tm); ++ gmtime_r(&ts.tv_sec, &tm); ++ clock_set_hwclock(&tm); + + log_struct(LOG_INFO, + LOG_MESSAGE_ID(SD_MESSAGE_TIME_CHANGE), diff --git a/SOURCES/0774-sd-bus-stop-using-the-result-of-an-assignment-as-an-.patch b/SOURCES/0774-sd-bus-stop-using-the-result-of-an-assignment-as-an-.patch new file mode 100644 index 0000000..6100bdb --- /dev/null +++ b/SOURCES/0774-sd-bus-stop-using-the-result-of-an-assignment-as-an-.patch @@ -0,0 +1,30 @@ +From b6f311503a6d8cbca75d1579045ec4bff2d2459a Mon Sep 17 00:00:00 2001 +From: Evegeny Vereshchagin +Date: Tue, 26 Jun 2018 02:32:44 +0000 +Subject: [PATCH] sd-bus: stop using the result of an assignment as an operand + of && + +This makes OBJECT_PATH_FOREACH_PREFIX consistent with PATH_FOREACH_PREFIX +and also fixes 7 alerts reported by LGTM at +https://lgtm.com/projects/g/systemd/systemd/snapshot/ac0a08700344a5690803df8dd80e8bb5013184a5/files/src/libsystemd/sd-bus/bus-objects.c?sort=name&dir=ASC&mode=heatmap&showExcluded=true#V1383 + +(cherry picked from commit 283c2653877f2b958045ad99493869fe1a88be95) + +Resolves: #1694605 +--- + src/libsystemd/sd-bus/bus-internal.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h +index 1c5fbeac2a..33a5569146 100644 +--- a/src/libsystemd/sd-bus/bus-internal.h ++++ b/src/libsystemd/sd-bus/bus-internal.h +@@ -378,7 +378,7 @@ char *bus_address_escape(const char *v); + + #define OBJECT_PATH_FOREACH_PREFIX(prefix, path) \ + for (char *_slash = ({ strcpy((prefix), (path)); streq((prefix), "/") ? NULL : strrchr((prefix), '/'); }) ; \ +- _slash && !(_slash[(_slash) == (prefix)] = 0); \ ++ _slash && ((_slash[(_slash) == (prefix)] = 0), true); \ + _slash = streq((prefix), "/") ? NULL : strrchr((prefix), '/')) + + /* If we are invoking callbacks of a bus object, ensure unreffing the diff --git a/SOURCES/0775-journal-upload-add-asserts-that-snprintf-does-not-re.patch b/SOURCES/0775-journal-upload-add-asserts-that-snprintf-does-not-re.patch new file mode 100644 index 0000000..8bbb420 --- /dev/null +++ b/SOURCES/0775-journal-upload-add-asserts-that-snprintf-does-not-re.patch @@ -0,0 +1,65 @@ +From c394463688c332199a8fcabe6f84818b57c730b3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 2 Oct 2018 12:46:31 +0200 +Subject: [PATCH] journal-upload: add asserts that snprintf does not return an + error + +LGMT complains: +> The size argument of this snprintf call is derived from its return value, +> which may exceed the size of the buffer and overflow. + +Let's make sure that r is non-negative. (This shouldn't occur unless the format +string is borked, so let's just add an assert.) +Then, let's reorder the comparison to avoid the potential overflow. + +(cherry picked from commit 91db8ed5b2e67abf738381a6ed6a05a8271498cd) + +Resolves: #1694605 +--- + src/journal-remote/journal-upload-journal.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +diff --git a/src/journal-remote/journal-upload-journal.c b/src/journal-remote/journal-upload-journal.c +index 5fd639a76a..c244a76932 100644 +--- a/src/journal-remote/journal-upload-journal.c ++++ b/src/journal-remote/journal-upload-journal.c +@@ -30,7 +30,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) { + + r = snprintf(buf + pos, size - pos, + "__CURSOR=%s\n", u->current_cursor); +- if (pos + r > size) ++ assert(r >= 0); ++ if ((size_t) r > size - pos) + /* not enough space */ + return pos; + +@@ -54,7 +55,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) { + + r = snprintf(buf + pos, size - pos, + "__REALTIME_TIMESTAMP="USEC_FMT"\n", realtime); +- if (r + pos > size) ++ assert(r >= 0); ++ if ((size_t) r > size - pos) + /* not enough space */ + return pos; + +@@ -79,7 +81,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) { + + r = snprintf(buf + pos, size - pos, + "__MONOTONIC_TIMESTAMP="USEC_FMT"\n", monotonic); +- if (r + pos > size) ++ assert(r >= 0); ++ if ((size_t) r > size - pos) + /* not enough space */ + return pos; + +@@ -104,7 +107,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) { + + r = snprintf(buf + pos, size - pos, + "_BOOT_ID=%s\n", sd_id128_to_string(boot_id, sid)); +- if (r + pos > size) ++ assert(r >= 0); ++ if ((size_t) r > size - pos) + /* not enough space */ + return pos; + diff --git a/SOURCES/0776-analyze-actually-select-longest-activated-time-of-se.patch b/SOURCES/0776-analyze-actually-select-longest-activated-time-of-se.patch new file mode 100644 index 0000000..487f7bd --- /dev/null +++ b/SOURCES/0776-analyze-actually-select-longest-activated-time-of-se.patch @@ -0,0 +1,35 @@ +From 91b866591a2fb05a087a040a49a792a3d40a2a06 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 27 Jun 2018 13:32:05 +0900 +Subject: [PATCH] analyze: actually select longest activated-time of services + +Discovered by LGTM. + +(cherry picked from commit e68131526b7a2cfdb8e59bd2ed7a284dba095ac5) + +Resolves: #1694605 +--- + src/analyze/analyze.c | 7 ++----- + 1 file changed, 2 insertions(+), 5 deletions(-) + +diff --git a/src/analyze/analyze.c b/src/analyze/analyze.c +index 7116aaa88d..e9ca9ba818 100644 +--- a/src/analyze/analyze.c ++++ b/src/analyze/analyze.c +@@ -788,14 +788,11 @@ static int list_dependencies_one(sd_bus *bus, const char *name, unsigned int lev + if (times + && times->activated + && times->activated <= boot->finish_time +- && (times->activated >= service_longest +- || service_longest == 0)) { ++ && times->activated >= service_longest) + service_longest = times->activated; +- break; +- } + } + +- if (service_longest == 0 ) ++ if (service_longest == 0) + return r; + + STRV_FOREACH(c, deps) { diff --git a/SOURCES/0777-pid1-remove-unnecessary-error-reassignment.patch b/SOURCES/0777-pid1-remove-unnecessary-error-reassignment.patch new file mode 100644 index 0000000..f08cb07 --- /dev/null +++ b/SOURCES/0777-pid1-remove-unnecessary-error-reassignment.patch @@ -0,0 +1,30 @@ +From f1851da2600d24191d90cfa2474574821c240969 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 27 Feb 2019 18:11:44 +0100 +Subject: [PATCH] pid1: remove unnecessary error reassignment + +r is always >= 0 so let's drop the unnecessary condition +to make LGTM happy + +Based on commit 7c3733d5defb5428ddfeefae6d80fcbcc253e7ef + +Resolves: #1694605 +--- + src/core/manager.c | 4 +--- + 1 file changed, 1 insertion(+), 3 deletions(-) + +diff --git a/src/core/manager.c b/src/core/manager.c +index afa4d2b8fa..88d156e8fb 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -2805,9 +2805,7 @@ int manager_reload(Manager *m) { + lookup_paths_free(&m->lookup_paths); + + /* Find new unit paths */ +- q = manager_run_generators(m); +- if (q < 0 && r >= 0) +- r = q; ++ r = manager_run_generators(m); + + q = lookup_paths_init( + &m->lookup_paths, m->running_as, true, diff --git a/SOURCES/0778-core-drop-unnecessary-condition.patch b/SOURCES/0778-core-drop-unnecessary-condition.patch new file mode 100644 index 0000000..4305839 --- /dev/null +++ b/SOURCES/0778-core-drop-unnecessary-condition.patch @@ -0,0 +1,28 @@ +From 443a7bc554b65f9b859db60474439c03b19c79c1 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 27 Feb 2019 18:35:15 +0100 +Subject: [PATCH] core: drop unnecessary condition + +In this case ret is always >= 0 as it still contains the initialization +value (i.e. 0). Let's drop the unnecessary condition to make LGTM happy. + +Relevant commit: efdb02375beb0a940c3320865572913780b4d7de + +Resolves: #1694605 +--- + src/core/unit.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/core/unit.c b/src/core/unit.c +index cdac192eb6..4069a6f4c4 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -2054,7 +2054,7 @@ static int unit_watch_pids_in_path(Unit *u, const char *path) { + if (r < 0 && ret >= 0) + ret = r; + +- } else if (ret >= 0) ++ } else + ret = r; + + r = cg_enumerate_subgroups(SYSTEMD_CGROUP_CONTROLLER, path, &d); diff --git a/SOURCES/0779-import-drop-unnecessary-condition.patch b/SOURCES/0779-import-drop-unnecessary-condition.patch new file mode 100644 index 0000000..9147197 --- /dev/null +++ b/SOURCES/0779-import-drop-unnecessary-condition.patch @@ -0,0 +1,26 @@ +From 8606f4b13ba677efad8bb6aae2d61c98e23a75f2 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 27 Feb 2019 18:53:19 +0100 +Subject: [PATCH] import: drop unnecessary condition + +Relevant commit: d61b34f1b22d1d7a641a1652ff23113d3e87ace7 + +Resolves: #1694605 +--- + src/import/import-common.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/import/import-common.c b/src/import/import-common.c +index 243e657c56..713a218c67 100644 +--- a/src/import/import-common.c ++++ b/src/import/import-common.c +@@ -455,8 +455,7 @@ int import_verify( + } + + finish: +- if (sig_file >= 0) +- unlink(sig_file_path); ++ (void) unlink(sig_file_path); + + if (gpg_home_created) + rm_rf_dangerous(gpg_home, false, true, false); diff --git a/SOURCES/0780-journal-verify-add-comment-and-silence-LGTM-warning.patch b/SOURCES/0780-journal-verify-add-comment-and-silence-LGTM-warning.patch new file mode 100644 index 0000000..b434cc4 --- /dev/null +++ b/SOURCES/0780-journal-verify-add-comment-and-silence-LGTM-warning.patch @@ -0,0 +1,31 @@ +From d58e871a424fedf286747816e9525fc2287bb72d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Tue, 2 Oct 2018 12:26:23 +0200 +Subject: [PATCH] journal-verify: add comment and silence LGTM warning + +(cherry picked from commit 0a587335d2a16a48479b10969491a7353d78c25b) + +Resolves: #1694605 +--- + src/journal/journal-verify.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/journal/journal-verify.c b/src/journal/journal-verify.c +index 250d4c7586..7c6d8ab780 100644 +--- a/src/journal/journal-verify.c ++++ b/src/journal/journal-verify.c +@@ -70,10 +70,11 @@ static void draw_progress(uint64_t p, usec_t *last_usec) { + } + + static uint64_t scale_progress(uint64_t scale, uint64_t p, uint64_t m) { ++ /* Calculates scale * p / m, but handles m == 0 safely, and saturates. ++ * Currently all callers use m >= 1, but we keep the check to be defensive. ++ */ + +- /* Calculates scale * p / m, but handles m == 0 safely, and saturates */ +- +- if (p >= m || m == 0) ++ if (p >= m || m == 0) // lgtm[cpp/constant-comparison] + return scale; + + return scale * p / m; diff --git a/SOURCES/0781-journal-drop-redundant-condition.patch b/SOURCES/0781-journal-drop-redundant-condition.patch new file mode 100644 index 0000000..bb618c2 --- /dev/null +++ b/SOURCES/0781-journal-drop-redundant-condition.patch @@ -0,0 +1,25 @@ +From 5f71ed0c948653fd9037d751f48182cb0c5dfb99 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 27 Feb 2019 19:01:20 +0100 +Subject: [PATCH] journal: drop redundant condition + +Relevant commit: 29bfb683a8c9d03f10db58b4e61351fd9048f270 + +Resolves: #1694605 +--- + src/journal/journald-server.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c +index 2e1e07eb0e..aaabb2f7ab 100644 +--- a/src/journal/journald-server.c ++++ b/src/journal/journald-server.c +@@ -345,7 +345,7 @@ static int system_journal_open(Server *s, bool flush_requested) { + if (r >= 0) { + server_fix_perms(s, s->system_journal, 0); + available_space(s, true); +- } else if (r < 0) { ++ } else { + if (r != -ENOENT && r != -EROFS) + log_warning_errno(r, "Failed to open system journal: %m"); + diff --git a/SOURCES/0782-lldp-set-correct-state-for-processing.patch b/SOURCES/0782-lldp-set-correct-state-for-processing.patch new file mode 100644 index 0000000..1755b02 --- /dev/null +++ b/SOURCES/0782-lldp-set-correct-state-for-processing.patch @@ -0,0 +1,28 @@ +From 9562c6da55b17beb54de3a4f2c3a0ef0592dc53f Mon Sep 17 00:00:00 2001 +From: Susant Sahani +Date: Thu, 2 Jul 2015 09:00:02 +0530 +Subject: [PATCH] lldp: set correct state for processing + +ldp_receive_frame after correct processing of the packet the state +should be LLDP_AGENT_RX_WAIT_FOR_FRAME not LLDP_AGENT_RX_UPDATE_INFO. + +(cherry picked from commit 9bb1bffe3018aef5e70c411f68863eafdc92fddf) + +Resolves: #1694605 +--- + src/libsystemd-network/sd-lldp.c | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/src/libsystemd-network/sd-lldp.c b/src/libsystemd-network/sd-lldp.c +index 19ef2ccdbd..d2f21fd10f 100644 +--- a/src/libsystemd-network/sd-lldp.c ++++ b/src/libsystemd-network/sd-lldp.c +@@ -136,8 +136,6 @@ static int lldp_receive_frame(sd_lldp *lldp, tlv_packet *tlv) { + + lldp->statistics.stats_frames_in_total ++; + +- return 0; +- + out: + if (r < 0) + log_lldp("Receive frame failed: %s", strerror(-r)); diff --git a/SOURCES/0783-sd-bus-fix-implicit-downcast-of-bitfield-reported-by.patch b/SOURCES/0783-sd-bus-fix-implicit-downcast-of-bitfield-reported-by.patch new file mode 100644 index 0000000..6a0327f --- /dev/null +++ b/SOURCES/0783-sd-bus-fix-implicit-downcast-of-bitfield-reported-by.patch @@ -0,0 +1,25 @@ +From c8389c4a0b1e2587247824782230d4c132a639ee Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 27 Jun 2018 13:28:28 +0900 +Subject: [PATCH] sd-bus: fix implicit downcast of bitfield reported by LGTM + +(cherry picked from commit affaed1e55685e8e248db1afd50b3e0f466ce5cc) + +Resolves: #1694605 +--- + src/libsystemd/sd-bus/bus-introspect.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libsystemd/sd-bus/bus-introspect.c b/src/libsystemd/sd-bus/bus-introspect.c +index d528ab2a04..f77e6abec7 100644 +--- a/src/libsystemd/sd-bus/bus-introspect.c ++++ b/src/libsystemd/sd-bus/bus-introspect.c +@@ -74,7 +74,7 @@ int introspect_write_child_nodes(struct introspect *i, Set *s, const char *prefi + return 0; + } + +-static void introspect_write_flags(struct introspect *i, int type, int flags) { ++static void introspect_write_flags(struct introspect *i, int type, uint64_t flags) { + if (flags & SD_BUS_VTABLE_DEPRECATED) + fputs(" \n", i->f); + diff --git a/SOURCES/0784-tree-wide-use-signed-int-instead-of-int-for-bit-fiel.patch b/SOURCES/0784-tree-wide-use-signed-int-instead-of-int-for-bit-fiel.patch new file mode 100644 index 0000000..73bf4d3 --- /dev/null +++ b/SOURCES/0784-tree-wide-use-signed-int-instead-of-int-for-bit-fiel.patch @@ -0,0 +1,28 @@ +From 16c52e0a0efcdddc7809eca7fa6543f47e91ec9b Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 27 Feb 2019 19:45:59 +0100 +Subject: [PATCH] tree-wide: use 'signed int' instead of 'int' for bit field + variables + +Suggested by LGTM: https://lgtm.com/rules/1506024027114/ + +(cherry picked from commit 845d247a3dbca437fd8a118a118328acb322e2c1) + +Resolves: #1694605 +--- + src/libsystemd/sd-event/sd-event.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c +index 9d48e5a490..1cd2dfac84 100644 +--- a/src/libsystemd/sd-event/sd-event.c ++++ b/src/libsystemd/sd-event/sd-event.c +@@ -68,7 +68,7 @@ struct sd_event_source { + char *description; + + EventSourceType type:5; +- int enabled:3; ++ signed int enabled:3; + bool pending:1; + bool dispatching:1; + bool floating:1; diff --git a/SOURCES/0785-machinectl-check-correct-FD-for-a-return-value.patch b/SOURCES/0785-machinectl-check-correct-FD-for-a-return-value.patch new file mode 100644 index 0000000..7f5a5cb --- /dev/null +++ b/SOURCES/0785-machinectl-check-correct-FD-for-a-return-value.patch @@ -0,0 +1,25 @@ +From 2d1a6a5665492cc0a71554045b2293e1193c889b Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 27 Feb 2019 19:51:48 +0100 +Subject: [PATCH] machinectl: check correct FD for a return value + +Found by LGTM. + +Resolves: #1694605 +--- + src/machine/machinectl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c +index 1a58aeaf11..66b64e1feb 100644 +--- a/src/machine/machinectl.c ++++ b/src/machine/machinectl.c +@@ -1086,7 +1086,7 @@ static int copy_files(int argc, char *argv[], void *userdata) { + return r; + + hostfd = open(host_dirname, O_CLOEXEC|O_RDONLY|O_NOCTTY|O_DIRECTORY); +- if (r < 0) ++ if (hostfd < 0) + return log_error_errno(errno, "Failed to open source directory: %m"); + + child = fork(); diff --git a/SOURCES/0786-shared-install-avoid-overwriting-r-counter-with-a-pa.patch b/SOURCES/0786-shared-install-avoid-overwriting-r-counter-with-a-pa.patch new file mode 100644 index 0000000..4881d3c --- /dev/null +++ b/SOURCES/0786-shared-install-avoid-overwriting-r-counter-with-a-pa.patch @@ -0,0 +1,37 @@ +From 3d359367291484097c0b496f6d83726e4070d036 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Thu, 28 Feb 2019 11:09:24 +0100 +Subject: [PATCH] shared/install: avoid overwriting 'r' counter with a partial + result + +We want to store either the first error or the total number of changes in 'r'. +Instead, we were overwriting this with the return value from +install_info_traverse(). + +LGTM complained later in the loop that: +> Comparison is always true because r >= 0. + +Relevant commit: 459500a32cf74edca93ec79ee4cdd9dfcd20eee0 + +Resolves: #1694605 +--- + src/shared/install.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/shared/install.c b/src/shared/install.c +index ea01e4dcc2..f2f968e329 100644 +--- a/src/shared/install.c ++++ b/src/shared/install.c +@@ -1482,9 +1482,9 @@ static int install_context_apply( + if (q < 0) + return q; + +- r = install_info_traverse(scope, c, root_dir, paths, i, flags, NULL); +- if (r < 0) +- return r; ++ q = install_info_traverse(scope, c, root_dir, paths, i, flags, NULL); ++ if (q < 0) ++ return q; + + if (i->type != UNIT_FILE_TYPE_REGULAR) + continue; diff --git a/SOURCES/0787-systemctl-set_put-can-t-return-EEXIST.patch b/SOURCES/0787-systemctl-set_put-can-t-return-EEXIST.patch new file mode 100644 index 0000000..8f79aef --- /dev/null +++ b/SOURCES/0787-systemctl-set_put-can-t-return-EEXIST.patch @@ -0,0 +1,30 @@ +From 732efbce6725db08a527e14d34f4e10e51fae965 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Thu, 28 Feb 2019 11:35:53 +0100 +Subject: [PATCH] systemctl: set_put() can't return (-)EEXIST + +set_put() returns 0 if the key already exists, 1 if the entry +was inserted successfully, and -ENOMEM otherwise. + +See: set_put(), hashmap_base_put_boldly() + +Found by LGTM. + +Resolves: #1694605 +--- + src/systemctl/systemctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c +index 398727cc7d..83c418f0b7 100644 +--- a/src/systemctl/systemctl.c ++++ b/src/systemctl/systemctl.c +@@ -4310,7 +4310,7 @@ static int show_one( + return log_oom(); + + r = set_put(found_properties, name); +- if (r < 0 && r != EEXIST) ++ if (r < 0) + return log_oom(); + + r = print_property(name, reply, contents); diff --git a/SOURCES/0788-systemctl-remove-dead-check.patch b/SOURCES/0788-systemctl-remove-dead-check.patch new file mode 100644 index 0000000..674e323 --- /dev/null +++ b/SOURCES/0788-systemctl-remove-dead-check.patch @@ -0,0 +1,38 @@ +From 9e1bc4f2d8c24ad1b257e3452212d945e1078a8f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Sat, 7 Mar 2015 15:00:22 -0500 +Subject: [PATCH] systemctl: remove dead check + +r could never be less than zero. + +CID #1271350. + +(cherry picked from commit 2558691285b2f7b3078b43b26736fcadf3c6d194) + +Resolves: #1694605 +--- + src/systemctl/systemctl.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c +index 83c418f0b7..a55340f0a4 100644 +--- a/src/systemctl/systemctl.c ++++ b/src/systemctl/systemctl.c +@@ -4652,7 +4652,7 @@ static int cat(sd_bus *bus, char **args) { + _cleanup_strv_free_ char **names = NULL; + char **name; + bool first = true, avoid_bus_cache; +- int r = 0; ++ int r; + + assert(args); + +@@ -4702,7 +4702,7 @@ static int cat(sd_bus *bus, char **args) { + } + } + +- return r < 0 ? r : 0; ++ return 0; + } + + static int set_property(sd_bus *bus, char **args) { diff --git a/SOURCES/0789-journal-gateway-explicitly-declare-local-variables.patch b/SOURCES/0789-journal-gateway-explicitly-declare-local-variables.patch new file mode 100644 index 0000000..42d9a31 --- /dev/null +++ b/SOURCES/0789-journal-gateway-explicitly-declare-local-variables.patch @@ -0,0 +1,75 @@ +From c101d92274043d6d219b97fb356f8827407c3eeb Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 27 Jun 2018 14:22:24 +0900 +Subject: [PATCH] journal-gateway: explicitly declare local variables + +Suggested by LGTM. + +(cherry picked from commit c497e449f41774a36e01ae2cc2abade6133dffe1) + +Resolves: #1694605 +--- + src/journal-remote/browse.html | 11 ++++++----- + 1 file changed, 6 insertions(+), 5 deletions(-) + +diff --git a/src/journal-remote/browse.html b/src/journal-remote/browse.html +index 3594f70c87..30615795b3 100644 +--- a/src/journal-remote/browse.html ++++ b/src/journal-remote/browse.html +@@ -304,7 +304,6 @@ + var buf = ''; + + for (i in l) { +- + if (l[i] == '') + continue; + +@@ -322,6 +321,7 @@ + else + priority = 6; + ++ var clazz; + if (priority <= 3) + clazz = "message-error"; + else if (priority <= 5) +@@ -388,7 +388,7 @@ + var d = JSON.parse(event.currentTarget.responseText); + + document.getElementById("diventry").style.display = "block"; +- entry = document.getElementById("tableentry"); ++ var entry = document.getElementById("tableentry"); + + var buf = ""; + for (var key in d){ +@@ -455,7 +455,7 @@ + (event.currentTarget.status != 200 && event.currentTarget.status != 0)) + return; + +- f = document.getElementById("filter"); ++ var f = document.getElementById("filter"); + + var l = event.currentTarget.responseText.split('\n'); + var buf = ''; +@@ -511,11 +511,12 @@ + } + + function initFilter() { +- f = document.getElementById("filter"); ++ var f = document.getElementById("filter"); + + var buf = ''; + + var filter = localStorage["filter"]; ++ var j; + if (filter != null && filter != "") { + buf += ''; + j = 1; +@@ -529,7 +530,7 @@ + function installHandlers() { + document.onkeyup = onKeyUp; + +- logs = document.getElementById("divlogs"); ++ var logs = document.getElementById("divlogs"); + logs.addEventListener("mousewheel", onMouseWheel, false); + logs.addEventListener("DOMMouseScroll", onMouseWheel, false); + } diff --git a/SOURCES/0790-journal-gateway-use-localStorage-cursor-only-when-it.patch b/SOURCES/0790-journal-gateway-use-localStorage-cursor-only-when-it.patch new file mode 100644 index 0000000..d6069e4 --- /dev/null +++ b/SOURCES/0790-journal-gateway-use-localStorage-cursor-only-when-it.patch @@ -0,0 +1,36 @@ +From 0b53945e8b1db6255bf25017a7569b2545c8ed15 Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Wed, 27 Jun 2018 14:50:19 +0900 +Subject: [PATCH] journal-gateway: use localStorage["cursor"] only when it has + valid value + +Discovered by LGTM. + +(cherry picked from commit 944072feddb73333023d0a98bf87fd2a17f894d3) + +Resolves: #1694605 +--- + src/journal-remote/browse.html | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/src/journal-remote/browse.html b/src/journal-remote/browse.html +index 30615795b3..be1ec5f235 100644 +--- a/src/journal-remote/browse.html ++++ b/src/journal-remote/browse.html +@@ -236,10 +236,12 @@ + + function entriesLoad(range) { + +- if (range == null) +- range = localStorage["cursor"] + ":0"; +- if (range == null) +- range = ""; ++ if (range == null) { ++ if (localStorage["cursor"] != null && localStorage["cursor"] != "") ++ range = localStorage["cursor"] + ":0"; ++ else ++ range = ""; ++ } + + var url = "/entries"; + diff --git a/SOURCES/0791-lgtm-ignore-files-dropped-in-upstream.patch b/SOURCES/0791-lgtm-ignore-files-dropped-in-upstream.patch new file mode 100644 index 0000000..77daba6 --- /dev/null +++ b/SOURCES/0791-lgtm-ignore-files-dropped-in-upstream.patch @@ -0,0 +1,25 @@ +From a9c3cc27f21e3ec11ba47f6f5a2cf719098d366c Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Thu, 28 Feb 2019 14:20:31 +0100 +Subject: [PATCH] lgtm: ignore files dropped in upstream + +Resolves: #1694605 +--- + .lgtm.yml | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/.lgtm.yml b/.lgtm.yml +index 0c8304d689..070a13cd63 100644 +--- a/.lgtm.yml ++++ b/.lgtm.yml +@@ -7,3 +7,10 @@ extraction: + --disable-gtk-doc --disable-manpages --disable-gtk-doc-html + --enable-compat-libs --disable-sysusers --disable-ldconfig + --enable-lz4 --disable-microhttpd ++path_classifiers: ++ # Any files which have a tag attached are filtered out from results & stats ++ ignored: ++ # Skip files dropped in upstream ++ - src/bootchart/ ++ - src/gudev/ ++ - src/libsystemd/sd-bus/bus-bloom.c diff --git a/SOURCES/0792-lgtm-suppress-several-constant-comparisons.patch b/SOURCES/0792-lgtm-suppress-several-constant-comparisons.patch new file mode 100644 index 0000000..1194e2b --- /dev/null +++ b/SOURCES/0792-lgtm-suppress-several-constant-comparisons.patch @@ -0,0 +1,42 @@ +From 1499ff8f8ddd699a950729f5f3985975ef929c0a Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Thu, 28 Feb 2019 14:27:44 +0100 +Subject: [PATCH] lgtm: suppress several constant comparisons + +Even though LGTM is right is these cases, fixing it would require +substantial refactoring in some cases, so it's better to leave them +here (at least for RHEL 7). + +Resolves: #1694605 +rhel-only +--- + src/sysv-generator/sysv-generator.c | 2 +- + src/tty-ask-password-agent/tty-ask-password-agent.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/sysv-generator/sysv-generator.c b/src/sysv-generator/sysv-generator.c +index fe6fae1510..232436a258 100644 +--- a/src/sysv-generator/sysv-generator.c ++++ b/src/sysv-generator/sysv-generator.c +@@ -568,7 +568,7 @@ static int load_sysv(SysvStub *s) { + } + } + +- if (r < 0) ++ if (r < 0) // lgtm[cpp/constant-comparison] + log_unit_error(s->name, + "[%s:%u] Failed to add dependency on %s, ignoring: %s", + s->path, line, m, strerror(-r)); +diff --git a/src/tty-ask-password-agent/tty-ask-password-agent.c b/src/tty-ask-password-agent/tty-ask-password-agent.c +index 47093b850d..1b7bbfa075 100644 +--- a/src/tty-ask-password-agent/tty-ask-password-agent.c ++++ b/src/tty-ask-password-agent/tty-ask-password-agent.c +@@ -150,7 +150,7 @@ static int ask_password_plymouth( + + p += k; + +- if (p < 1) ++ if (p < 1) // lgtm[cpp/constant-comparison] + continue; + + if (buffer[0] == 5) { diff --git a/SOURCES/0793-core-add-a-new-unit_needs_console-call.patch b/SOURCES/0793-core-add-a-new-unit_needs_console-call.patch new file mode 100644 index 0000000..dd585de --- /dev/null +++ b/SOURCES/0793-core-add-a-new-unit_needs_console-call.patch @@ -0,0 +1,121 @@ +From 94355e0146245c14012ac177461110d0a0c65f10 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 24 Jan 2018 19:54:26 +0100 +Subject: [PATCH] core: add a new unit_needs_console() call + +This call determines whether a specific unit currently needs access to +the console. It's a fancy wrapper around +exec_context_may_touch_console() ultimately, however for service units +we'll explicitly exclude the SERVICE_EXITED state from when we report +true. + +(cherry picked from commit bb2c7685454842549bc1fe47adc35cbca2a84190) + +Related: #1524359 +--- + src/core/service.c | 27 +++++++++++++++++++++++++++ + src/core/unit.c | 22 ++++++++++++++++++++++ + src/core/unit.h | 5 +++++ + 3 files changed, 54 insertions(+) + +diff --git a/src/core/service.c b/src/core/service.c +index 1ad154e41f..8a8f4be149 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -3368,6 +3368,32 @@ static int service_control_pid(Unit *u) { + return s->control_pid; + } + ++static bool service_needs_console(Unit *u) { ++ Service *s = SERVICE(u); ++ ++ assert(s); ++ ++ /* We provide our own implementation of this here, instead of relying of the generic implementation ++ * unit_needs_console() provides, since we want to return false if we are in SERVICE_EXITED state. */ ++ ++ if (!exec_context_may_touch_console(&s->exec_context)) ++ return false; ++ ++ return IN_SET(s->state, ++ SERVICE_START_PRE, ++ SERVICE_START, ++ SERVICE_START_POST, ++ SERVICE_RUNNING, ++ SERVICE_RELOAD, ++ SERVICE_STOP, ++ SERVICE_STOP_SIGABRT, ++ SERVICE_STOP_SIGTERM, ++ SERVICE_STOP_SIGKILL, ++ SERVICE_STOP_POST, ++ SERVICE_FINAL_SIGTERM, ++ SERVICE_FINAL_SIGKILL); ++} ++ + static const char* const service_restart_table[_SERVICE_RESTART_MAX] = { + [SERVICE_RESTART_NO] = "no", + [SERVICE_RESTART_ON_SUCCESS] = "on-success", +@@ -3489,6 +3515,7 @@ const UnitVTable service_vtable = { + .bus_commit_properties = bus_service_commit_properties, + + .get_timeout = service_get_timeout, ++ .needs_console = service_needs_console, + .can_transient = true, + + .status_message_formats = { +diff --git a/src/core/unit.c b/src/core/unit.c +index 4069a6f4c4..48358bc026 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -3699,6 +3699,28 @@ pid_t unit_main_pid(Unit *u) { + return 0; + } + ++bool unit_needs_console(Unit *u) { ++ ExecContext *ec; ++ UnitActiveState state; ++ ++ assert(u); ++ ++ state = unit_active_state(u); ++ ++ if (UNIT_IS_INACTIVE_OR_FAILED(state)) ++ return false; ++ ++ if (UNIT_VTABLE(u)->needs_console) ++ return UNIT_VTABLE(u)->needs_console(u); ++ ++ /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */ ++ ec = unit_get_exec_context(u); ++ if (!ec) ++ return false; ++ ++ return exec_context_may_touch_console(ec); ++} ++ + static const char* const unit_active_state_table[_UNIT_ACTIVE_STATE_MAX] = { + [UNIT_ACTIVE] = "active", + [UNIT_RELOADING] = "reloading", +diff --git a/src/core/unit.h b/src/core/unit.h +index 4a8bd79052..fa7de11645 100644 +--- a/src/core/unit.h ++++ b/src/core/unit.h +@@ -408,6 +408,9 @@ struct UnitVTable { + /* Returns the main PID if there is any defined, or 0. */ + pid_t (*control_pid)(Unit *u); + ++ /* Returns true if the unit currently needs access to the console */ ++ bool (*needs_console)(Unit *u); ++ + /* This is called for each unit type and should be used to + * enumerate existing devices and load them. However, + * everything that is loaded here should still stay in +@@ -627,6 +630,8 @@ pid_t unit_main_pid(Unit *u); + const char *unit_active_state_to_string(UnitActiveState i) _const_; + UnitActiveState unit_active_state_from_string(const char *s) _pure_; + ++bool unit_needs_console(Unit *u); ++ + /* Macros which append UNIT= or USER_UNIT= to the message */ + + #define log_unit_full_errno(unit, level, error, ...) log_object_internal(level, error, __FILE__, __LINE__, __func__, getpid() == 1 ? "UNIT=" : "USER_UNIT=", unit, __VA_ARGS__) diff --git a/SOURCES/0794-core-rework-how-we-count-the-n_on_console-counter.patch b/SOURCES/0794-core-rework-how-we-count-the-n_on_console-counter.patch new file mode 100644 index 0000000..b6d788e --- /dev/null +++ b/SOURCES/0794-core-rework-how-we-count-the-n_on_console-counter.patch @@ -0,0 +1,171 @@ +From 1ac6c613ef11a9ee9c36b25133cc302c4be1a858 Mon Sep 17 00:00:00 2001 +From: Lennart Poettering +Date: Wed, 24 Jan 2018 19:59:55 +0100 +Subject: [PATCH] core: rework how we count the n_on_console counter + +Let's add a per-unit boolean that tells us whether our unit is currently +counted or not. This way it's unlikely we get out of sync again and +things are generally more robust. + +This also allows us to remove the counting logic specific to service +units (which was in fact mostly a copy from the generic implementation), +in favour of fully generic code. + +Replaces: #7824 +(cherry picked from commit adefcf2821a386184991054ed2bb6dacc90d7419) + +Resolves: #1524359 +--- + src/core/manager.c | 15 +++++++++++++++ + src/core/manager.h | 3 +++ + src/core/service.c | 20 -------------------- + src/core/unit.c | 39 +++++++++++++++++++++------------------ + src/core/unit.h | 1 + + 5 files changed, 40 insertions(+), 38 deletions(-) + +diff --git a/src/core/manager.c b/src/core/manager.c +index 88d156e8fb..4c87ad8a2f 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -3379,6 +3379,21 @@ ManagerState manager_state(Manager *m) { + return MANAGER_RUNNING; + } + ++void manager_ref_console(Manager *m) { ++ assert(m); ++ ++ m->n_on_console++; ++} ++ ++void manager_unref_console(Manager *m) { ++ ++ assert(m->n_on_console > 0); ++ m->n_on_console--; ++ ++ if (m->n_on_console == 0) ++ m->no_console_output = false; /* unset no_console_output flag, since the console is definitely free now */ ++} ++ + static const char *const manager_state_table[_MANAGER_STATE_MAX] = { + [MANAGER_INITIALIZING] = "initializing", + [MANAGER_STARTING] = "starting", +diff --git a/src/core/manager.h b/src/core/manager.h +index b0e4cad1fc..cfc564dfb6 100644 +--- a/src/core/manager.h ++++ b/src/core/manager.h +@@ -379,5 +379,8 @@ const char *manager_get_runtime_prefix(Manager *m); + + ManagerState manager_state(Manager *m); + ++void manager_ref_console(Manager *m); ++void manager_unref_console(Manager *m); ++ + const char *manager_state_to_string(ManagerState m) _const_; + ManagerState manager_state_from_string(const char *s) _pure_; +diff --git a/src/core/service.c b/src/core/service.c +index 8a8f4be149..ea71c9e237 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -914,26 +914,6 @@ static void service_set_state(Service *s, ServiceState state) { + if (state == SERVICE_EXITED && UNIT(s)->manager->n_reloading <= 0) + unit_destroy_cgroup_if_empty(UNIT(s)); + +- /* For remain_after_exit services, let's see if we can "release" the +- * hold on the console, since unit_notify() only does that in case of +- * change of state */ +- if (state == SERVICE_EXITED && +- s->remain_after_exit && +- UNIT(s)->manager->n_on_console > 0) { +- +- ExecContext *ec; +- +- ec = unit_get_exec_context(UNIT(s)); +- if (ec && exec_context_may_touch_console(ec)) { +- Manager *m = UNIT(s)->manager; +- +- m->n_on_console --; +- if (m->n_on_console == 0) +- /* unset no_console_output flag, since the console is free */ +- m->no_console_output = false; +- } +- } +- + if (old_state != state) + log_unit_debug(UNIT(s)->id, "%s changed %s -> %s", UNIT(s)->id, service_state_to_string(old_state), service_state_to_string(state)); + +diff --git a/src/core/unit.c b/src/core/unit.c +index 48358bc026..294c9eb70f 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -544,6 +544,9 @@ void unit_free(Unit *u) { + u->manager->n_in_gc_queue--; + } + ++ if (u->on_console) ++ manager_unref_console(u->manager); ++ + condition_free_list(u->conditions); + condition_free_list(u->asserts); + +@@ -1741,6 +1744,23 @@ void unit_trigger_notify(Unit *u) { + UNIT_VTABLE(other)->trigger_notify(other, u); + } + ++static void unit_update_on_console(Unit *u) { ++ bool b; ++ ++ assert(u); ++ ++ b = unit_needs_console(u); ++ if (u->on_console == b) ++ return; ++ ++ u->on_console = b; ++ if (b) ++ manager_ref_console(u->manager); ++ else ++ manager_unref_console(u->manager); ++ ++} ++ + void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) { + Manager *m; + bool unexpected; +@@ -1784,24 +1804,7 @@ void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_su + if (UNIT_IS_INACTIVE_OR_FAILED(ns)) + unit_destroy_cgroup_if_empty(u); + +- /* Note that this doesn't apply to RemainAfterExit services exiting +- * successfully, since there's no change of state in that case. Which is +- * why it is handled in service_set_state() */ +- if (UNIT_IS_INACTIVE_OR_FAILED(os) != UNIT_IS_INACTIVE_OR_FAILED(ns)) { +- ExecContext *ec; +- +- ec = unit_get_exec_context(u); +- if (ec && exec_context_may_touch_console(ec)) { +- if (UNIT_IS_INACTIVE_OR_FAILED(ns)) { +- m->n_on_console --; +- +- if (m->n_on_console == 0) +- /* unset no_console_output flag, since the console is free */ +- m->no_console_output = false; +- } else +- m->n_on_console ++; +- } +- } ++ unit_update_on_console(u); + + if (u->job) { + unexpected = false; +diff --git a/src/core/unit.h b/src/core/unit.h +index fa7de11645..719fc95260 100644 +--- a/src/core/unit.h ++++ b/src/core/unit.h +@@ -238,6 +238,7 @@ struct Unit { + bool no_gc:1; + + bool in_audit:1; ++ bool on_console:1; + + bool cgroup_realized:1; + bool cgroup_members_mask_valid:1; diff --git a/SOURCES/0795-service-introduce-protocol-error-type.patch b/SOURCES/0795-service-introduce-protocol-error-type.patch new file mode 100644 index 0000000..13024bd --- /dev/null +++ b/SOURCES/0795-service-introduce-protocol-error-type.patch @@ -0,0 +1,71 @@ +From c460203ad5165dfb095fcfaa6646708e39d2080e Mon Sep 17 00:00:00 2001 +From: Jouke Witteveen +Date: Tue, 22 Nov 2016 17:39:56 +0100 +Subject: [PATCH] service: introduce protocol error type + +Introduce a SERVICE_FAILURE_PROTOCOL error type for when a service does +not follow the protocol. +This error type is used when a pid file is expected, but not delivered. + +(cherry picked from commit c35755fb878af58b80ac62a501a75f79c90a3763) + +Related: #1733998 +--- + src/core/service.c | 9 +++++---- + src/core/service.h | 1 + + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/src/core/service.c b/src/core/service.c +index ea71c9e237..84a5aeb072 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -2568,9 +2568,9 @@ static void service_notify_cgroup_empty_event(Unit *u) { + + service_unwatch_pid_file(s); + if (s->state == SERVICE_START) +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES); ++ service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_PROTOCOL); + else +- service_enter_stop(s, SERVICE_FAILURE_RESOURCES); ++ service_enter_stop(s, SERVICE_FAILURE_PROTOCOL); + } + break; + +@@ -2804,7 +2804,7 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) { + if (!has_start_post && r < 0) { + r = service_demand_pid_file(s); + if (r < 0 || !cgroup_good(s)) +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES); ++ service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_PROTOCOL); + break; + } + } else +@@ -2826,7 +2826,7 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) { + if (r < 0) { + r = service_demand_pid_file(s); + if (r < 0 || !cgroup_good(s)) +- service_enter_stop(s, SERVICE_FAILURE_RESOURCES); ++ service_enter_stop(s, SERVICE_FAILURE_PROTOCOL); + break; + } + } else +@@ -3428,6 +3428,7 @@ DEFINE_STRING_TABLE_LOOKUP(notify_state, NotifyState); + static const char* const service_result_table[_SERVICE_RESULT_MAX] = { + [SERVICE_SUCCESS] = "success", + [SERVICE_FAILURE_RESOURCES] = "resources", ++ [SERVICE_FAILURE_PROTOCOL] = "protocol", + [SERVICE_FAILURE_TIMEOUT] = "timeout", + [SERVICE_FAILURE_EXIT_CODE] = "exit-code", + [SERVICE_FAILURE_SIGNAL] = "signal", +diff --git a/src/core/service.h b/src/core/service.h +index e0547a464e..82938a1fc4 100644 +--- a/src/core/service.h ++++ b/src/core/service.h +@@ -108,6 +108,7 @@ typedef enum NotifyState { + typedef enum ServiceResult { + SERVICE_SUCCESS, + SERVICE_FAILURE_RESOURCES, ++ SERVICE_FAILURE_PROTOCOL, + SERVICE_FAILURE_TIMEOUT, + SERVICE_FAILURE_EXIT_CODE, + SERVICE_FAILURE_SIGNAL, diff --git a/SOURCES/0796-service-fix-main-processes-exit-behavior-for-type-no.patch b/SOURCES/0796-service-fix-main-processes-exit-behavior-for-type-no.patch new file mode 100644 index 0000000..845065a --- /dev/null +++ b/SOURCES/0796-service-fix-main-processes-exit-behavior-for-type-no.patch @@ -0,0 +1,76 @@ +From 273d69011bf2a8abfcef71e33e6b6ae3323dfc34 Mon Sep 17 00:00:00 2001 +From: Jouke Witteveen +Date: Sat, 1 Oct 2016 14:06:48 +0200 +Subject: [PATCH] service: fix main processes exit behavior for type notify + services + +Before this commit, when the main process of a Type=notify service exits the +service would enter a running state without passing through the startup post +state. This meant ExecStartPost= from being executed and allowed follow-up +units to start too early (before the ready notification). +Additionally, when RemainAfterExit=yes is used on a Type=notify service, the +exit status of the main process would be disregarded. + +After this commit, an unsuccessful exit of the main process of a Type=notify +service puts the unit in a failed state. A successful exit is inconsequential +in case RemainAfterExit=yes. Otherwise, when no ready notification has been +received, the unit is put in a failed state because it has never been active. +When all processes in the cgroup of a Type=notify service are gone and no ready +notification has been received yet, the unit is also put in a failed state. + +(cherry picked from commit 3d474ef7a687e2052aa303e0f95893b2fc610475) + +Related: #1733998 +--- + src/core/service.c | 24 +++++++++++++++++++----- + 1 file changed, 19 insertions(+), 5 deletions(-) + +diff --git a/src/core/service.c b/src/core/service.c +index 84a5aeb072..b6f302ec33 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -1531,7 +1531,9 @@ static void service_enter_running(Service *s, ServiceResult f) { + else + service_set_state(s, SERVICE_RUNNING); + +- } else if (s->remain_after_exit) ++ } else if (f != SERVICE_SUCCESS) ++ service_enter_signal(s, SERVICE_FINAL_SIGTERM, f); ++ else if (s->remain_after_exit) + service_set_state(s, SERVICE_EXITED); + else + service_enter_stop(s, SERVICE_SUCCESS); +@@ -2561,10 +2563,12 @@ static void service_notify_cgroup_empty_event(Unit *u) { + + case SERVICE_START: + case SERVICE_START_POST: +- /* If we were hoping for the daemon to write its PID file, +- * we can give up now. */ +- if (s->pid_file_pathspec) { +- log_unit_warning(u->id, "%s never wrote its PID file. Failing.", UNIT(s)->id); ++ if (s->type == SERVICE_NOTIFY) ++ /* No chance of getting a ready notification anymore */ ++ service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_PROTOCOL); ++ else if (s->pid_file_pathspec) { ++ /* Give up hoping for the daemon to write its PID file */ ++ log_unit_warning(u->id, "Daemon never wrote its PID file. Failing."); + + service_unwatch_pid_file(s); + if (s->state == SERVICE_START) +@@ -2699,6 +2703,16 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) { + else + service_enter_signal(s, SERVICE_FINAL_SIGTERM, f); + break; ++ } else if (s->type == SERVICE_NOTIFY) { ++ /* Only enter running through a notification, so that the ++ * SERVICE_START state signifies that no ready notification ++ * has been received */ ++ if (f != SERVICE_SUCCESS) ++ service_enter_signal(s, SERVICE_FINAL_SIGTERM, f); ++ else if (!s->remain_after_exit) ++ /* The service has never been active */ ++ service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_PROTOCOL); ++ break; + } + + /* Fall through */ diff --git a/SOURCES/0797-service-go-through-stop_post-on-failure-4770.patch b/SOURCES/0797-service-go-through-stop_post-on-failure-4770.patch new file mode 100644 index 0000000..a7095a6 --- /dev/null +++ b/SOURCES/0797-service-go-through-stop_post-on-failure-4770.patch @@ -0,0 +1,111 @@ +From 5f0bb278dfe913bd2c7dcbc9f457892f5e8aca9d Mon Sep 17 00:00:00 2001 +From: Jouke Witteveen +Date: Tue, 6 Dec 2016 13:30:28 +0100 +Subject: [PATCH] service: go through stop_post on failure (#4770) + +(cherry picked from commit c3fda31da36706b045f5de800d6a77e65e7a8ec9) + +Resolves: #1733998 +--- + src/core/service.c | 24 +++++++++++------------- + 1 file changed, 11 insertions(+), 13 deletions(-) + +diff --git a/src/core/service.c b/src/core/service.c +index b6f302ec33..e538280bad 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -1532,7 +1532,7 @@ static void service_enter_running(Service *s, ServiceResult f) { + service_set_state(s, SERVICE_RUNNING); + + } else if (f != SERVICE_SUCCESS) +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, f); ++ service_enter_signal(s, SERVICE_STOP_SIGTERM, f); + else if (s->remain_after_exit) + service_set_state(s, SERVICE_EXITED); + else +@@ -1671,7 +1671,7 @@ static void service_enter_start(Service *s) { + + fail: + log_unit_warning_errno(UNIT(s)->id, r, "%s failed to run 'start' task: %m", UNIT(s)->id); +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES); ++ service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES); + } + + static void service_enter_start_pre(Service *s) { +@@ -1823,9 +1823,7 @@ static void service_run_next_control(Service *s) { + fail: + log_unit_warning_errno(UNIT(s)->id, r, "%s failed to run next control task: %m", UNIT(s)->id); + +- if (s->state == SERVICE_START_PRE) +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES); +- else if (s->state == SERVICE_STOP) ++ if (IN_SET(s->state, SERVICE_START_PRE, SERVICE_STOP)) + service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES); + else if (s->state == SERVICE_STOP_POST) + service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true); +@@ -2572,7 +2570,7 @@ static void service_notify_cgroup_empty_event(Unit *u) { + + service_unwatch_pid_file(s); + if (s->state == SERVICE_START) +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_PROTOCOL); ++ service_enter_stop_post(s, SERVICE_FAILURE_PROTOCOL); + else + service_enter_stop(s, SERVICE_FAILURE_PROTOCOL); + } +@@ -2701,17 +2699,17 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) { + if (f == SERVICE_SUCCESS) + service_enter_start_post(s); + else +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, f); ++ service_enter_signal(s, SERVICE_STOP_SIGTERM, f); + break; + } else if (s->type == SERVICE_NOTIFY) { + /* Only enter running through a notification, so that the + * SERVICE_START state signifies that no ready notification + * has been received */ + if (f != SERVICE_SUCCESS) +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, f); ++ service_enter_signal(s, SERVICE_STOP_SIGTERM, f); + else if (!s->remain_after_exit) + /* The service has never been active */ +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_PROTOCOL); ++ service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_PROTOCOL); + break; + } + +@@ -2792,7 +2790,7 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) { + if (f == SERVICE_SUCCESS) + service_enter_start(s); + else +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, f); ++ service_enter_signal(s, SERVICE_STOP_SIGTERM, f); + break; + + case SERVICE_START: +@@ -2801,7 +2799,7 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) { + break; + + if (f != SERVICE_SUCCESS) { +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, f); ++ service_enter_signal(s, SERVICE_STOP_SIGTERM, f); + break; + } + +@@ -2818,7 +2816,7 @@ static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) { + if (!has_start_post && r < 0) { + r = service_demand_pid_file(s); + if (r < 0 || !cgroup_good(s)) +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_PROTOCOL); ++ service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_PROTOCOL); + break; + } + } else +@@ -2914,7 +2912,7 @@ static int service_dispatch_timer(sd_event_source *source, usec_t usec, void *us + case SERVICE_START_PRE: + case SERVICE_START: + log_unit_warning(UNIT(s)->id, "%s %s operation timed out. Terminating.", UNIT(s)->id, s->state == SERVICE_START ? "start" : "start-pre"); +- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_TIMEOUT); ++ service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT); + break; + + case SERVICE_START_POST: diff --git a/SOURCES/0798-Call-getgroups-to-know-size-of-supplementary-groups-.patch b/SOURCES/0798-Call-getgroups-to-know-size-of-supplementary-groups-.patch new file mode 100644 index 0000000..b2718cc --- /dev/null +++ b/SOURCES/0798-Call-getgroups-to-know-size-of-supplementary-groups-.patch @@ -0,0 +1,44 @@ +From 0d0ba7ee44d652c23e6027fe3b1c1ee8e2f65a25 Mon Sep 17 00:00:00 2001 +From: systemd team +Date: Mon, 19 Aug 2019 13:51:48 +0200 +Subject: [PATCH] Call getgroups() to know size of supplementary groups array + to allocate + +Resolves RHBZ #1743230 - journalctl dumps core when stack limit is reduced to 256 KB +--- + src/shared/util.c | 13 ++++++++----- + 1 file changed, 8 insertions(+), 5 deletions(-) + +diff --git a/src/shared/util.c b/src/shared/util.c +index 127a64c3c6..ce6678eb38 100644 +--- a/src/shared/util.c ++++ b/src/shared/util.c +@@ -5097,7 +5097,7 @@ int get_group_creds(const char **groupname, gid_t *gid) { + + int in_gid(gid_t gid) { + gid_t *gids; +- int ngroups_max, r, i; ++ int ngroups, r, i; + + if (getgid() == gid) + return 1; +@@ -5105,12 +5105,15 @@ int in_gid(gid_t gid) { + if (getegid() == gid) + return 1; + +- ngroups_max = sysconf(_SC_NGROUPS_MAX); +- assert(ngroups_max > 0); ++ ngroups = getgroups(0, NULL); ++ if (ngroups < 0) ++ return -errno; ++ if (ngroups == 0) ++ return 0; + +- gids = alloca(sizeof(gid_t) * ngroups_max); ++ gids = alloca(sizeof(gid_t) * ngroups); + +- r = getgroups(ngroups_max, gids); ++ r = getgroups(ngroups, gids); + if (r < 0) + return -errno; + diff --git a/SOURCES/0799-udev-introduce-CONST-key-name.patch b/SOURCES/0799-udev-introduce-CONST-key-name.patch new file mode 100644 index 0000000..4f54b9d --- /dev/null +++ b/SOURCES/0799-udev-introduce-CONST-key-name.patch @@ -0,0 +1,190 @@ +From be88b819ecec075187ac313b8ab15d8ed8004b54 Mon Sep 17 00:00:00 2001 +From: Jan Synacek +Date: Wed, 11 Sep 2019 12:35:18 +0200 +Subject: [PATCH] udev: introduce CONST key name + +Currently, there is no way to match against system-wide constants, such +as architecture or virtualization type, without forking helper binaries. +That potentially results in a huge number of spawned processes which +output always the same answer. + +This patch introduces a special CONST keyword which takes a hard-coded +string as its key and returns a value assigned to that key. Currently +implemented are CONST{arch} and CONST{virt}, which can be used to match +against the system's architecture and virtualization type. + +(based on commit 4801d8afe2ff1c1c075c9f0bc5631612172e0bb7) + +Resolves: #1748051 +--- + man/udev.xml | 26 ++++++++++++++++++++++++++ + rules/40-redhat.rules | 4 ++-- + src/udev/udev-rules.c | 39 +++++++++++++++++++++++++++++++++++++++ + test/rule-syntax-check.py | 2 +- + 4 files changed, 68 insertions(+), 3 deletions(-) + +diff --git a/man/udev.xml b/man/udev.xml +index a948ea79a9..fc02edd214 100644 +--- a/man/udev.xml ++++ b/man/udev.xml +@@ -240,6 +240,32 @@ + + + ++ ++ CONST{key} ++ ++ Match against a system-wide constant. Supported keys are: ++ ++ ++ arch ++ ++ System's architecture. See in ++ systemd.unit5 ++ for possible values. ++ ++ ++ ++ virt ++ ++ System's virtualization environment. See ++ systemd-detect-virt1 ++ for possible values. ++ ++ ++ ++ Unknown keys will never match. ++ ++ ++ + + TAG + +diff --git a/rules/40-redhat.rules b/rules/40-redhat.rules +index 2c690e522e..83d823e172 100644 +--- a/rules/40-redhat.rules ++++ b/rules/40-redhat.rules +@@ -6,10 +6,10 @@ SUBSYSTEM=="cpu", ACTION=="add", TEST=="online", ATTR{online}=="0", ATTR{online} + # Memory hotadd request + SUBSYSTEM!="memory", GOTO="memory_hotplug_end" + ACTION!="add", GOTO="memory_hotplug_end" +-PROGRAM="/bin/uname -p", RESULT=="s390*", GOTO="memory_hotplug_end" ++CONST{arch}=="s390*", GOTO="memory_hotplug_end" + + ENV{.state}="online" +-PROGRAM="/bin/systemd-detect-virt", RESULT=="none", ENV{.state}="online_movable" ++CONST{virt}=="none", ENV{.state}="online_movable" + ATTR{state}=="offline", ATTR{state}="$env{.state}" + + LABEL="memory_hotplug_end" +diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c +index c9a0197534..9211f563b1 100644 +--- a/src/udev/udev-rules.c ++++ b/src/udev/udev-rules.c +@@ -29,12 +29,14 @@ + #include + #include + ++#include "architecture.h" + #include "udev.h" + #include "path-util.h" + #include "conf-files.h" + #include "strbuf.h" + #include "strv.h" + #include "util.h" ++#include "virt.h" + + #define PREALLOC_TOKEN 2048 + +@@ -123,6 +125,7 @@ enum token_type { + TK_M_DEVLINK, /* val */ + TK_M_NAME, /* val */ + TK_M_ENV, /* val, attr */ ++ TK_M_CONST, /* val, attr */ + TK_M_TAG, /* val */ + TK_M_SUBSYSTEM, /* val */ + TK_M_DRIVER, /* val */ +@@ -257,6 +260,7 @@ static const char *token_str(enum token_type type) { + [TK_M_DEVLINK] = "M DEVLINK", + [TK_M_NAME] = "M NAME", + [TK_M_ENV] = "M ENV", ++ [TK_M_CONST] = "M CONST", + [TK_M_TAG] = "M TAG", + [TK_M_SUBSYSTEM] = "M SUBSYSTEM", + [TK_M_DRIVER] = "M DRIVER", +@@ -365,6 +369,7 @@ static void dump_token(struct udev_rules *rules, struct token *token) { + case TK_M_ATTR: + case TK_M_ATTRS: + case TK_M_ENV: ++ case TK_M_CONST: + case TK_A_ATTR: + case TK_A_ENV: + log_debug("%s %s '%s' '%s'(%s)", +@@ -905,6 +910,7 @@ static int rule_add_key(struct rule_tmp *rule_tmp, enum token_type type, + token->key.builtin_cmd = *(enum udev_builtin_cmd *)data; + break; + case TK_M_ENV: ++ case TK_M_CONST: + case TK_M_ATTR: + case TK_M_ATTRS: + case TK_A_ATTR: +@@ -1264,6 +1270,22 @@ static int add_rule(struct udev_rules *rules, char *line, + continue; + } + ++ if (startswith(key, "CONST{")) { ++ attr = get_key_attribute(rules->udev, key + STRLEN("CONST")); ++ if (attr == NULL || !STR_IN_SET(attr, "arch", "virt")) { ++ log_error("error parsing CONST attribute"); ++ goto invalid; ++ } ++ if (op == OP_REMOVE) { ++ log_error("invalid CONST operation"); ++ goto invalid; ++ } ++ if (op < OP_MATCH_MAX) { ++ if (rule_add_key(&rule_tmp, TK_M_CONST, op, value, attr) != 0) ++ goto invalid; ++ } ++ continue; ++ } + if (streq(key, "TAG")) { + if (op < OP_MATCH_MAX) + rule_add_key(&rule_tmp, TK_M_TAG, op, value, NULL); +@@ -1959,6 +1981,23 @@ int udev_rules_apply_to_event(struct udev_rules *rules, + goto nomatch; + break; + } ++ case TK_M_CONST: { ++ const char *key_name = rules_str(rules, cur->key.attr_off); ++ const char *value = NULL; ++ int q; ++ ++ if (streq(key_name, "arch")) { ++ q = uname_architecture(); ++ value = architecture_to_string(q); ++ } else if (streq(key_name, "virt")) { ++ q = detect_virtualization(&value); ++ } else ++ assert_not_reached("Invalid CONST key"); ++ ++ if (match_key(rules, cur, value)) ++ goto nomatch; ++ break; ++ } + case TK_M_TAG: { + struct udev_list_entry *list_entry; + bool match = false; +diff --git a/test/rule-syntax-check.py b/test/rule-syntax-check.py +index 80bbe65bea..c6d003b167 100644 +--- a/test/rule-syntax-check.py ++++ b/test/rule-syntax-check.py +@@ -34,7 +34,7 @@ else: + rules_files = glob(os.path.join(rules_dir, '*.rules')) + + no_args_tests = re.compile('(ACTION|DEVPATH|KERNELS?|NAME|SYMLINK|SUBSYSTEMS?|DRIVERS?|TAG|RESULT|TEST)\s*(?:=|!)=\s*"([^"]*)"$') +-args_tests = re.compile('(ATTRS?|ENV|TEST){([a-zA-Z0-9/_.*%-]+)}\s*(?:=|!)=\s*"([^"]*)"$') ++args_tests = re.compile('(ATTRS?|ENV|CONST|TEST){([a-zA-Z0-9/_.*%-]+)}\s*(?:=|!)=\s*"([^"]*)"$') + no_args_assign = re.compile('(NAME|SYMLINK|OWNER|GROUP|MODE|TAG|PROGRAM|RUN|LABEL|GOTO|WAIT_FOR|OPTIONS|IMPORT)\s*(?:\+=|:=|=)\s*"([^"]*)"$') + args_assign = re.compile('(ATTR|ENV|IMPORT|RUN){([a-zA-Z0-9/_.*%-]+)}\s*(=|\+=)\s*"([^"]*)"$') + diff --git a/SOURCES/0800-path-stop-watching-path-specs-once-we-triggered-the-.patch b/SOURCES/0800-path-stop-watching-path-specs-once-we-triggered-the-.patch new file mode 100644 index 0000000..8a4c807 --- /dev/null +++ b/SOURCES/0800-path-stop-watching-path-specs-once-we-triggered-the-.patch @@ -0,0 +1,35 @@ +From 6a0d21a508e43ca7a89b700e98fd86a08eff4fee Mon Sep 17 00:00:00 2001 +From: Michal Sekletar +Date: Mon, 9 Sep 2019 14:38:35 +0200 +Subject: [PATCH] path: stop watching path specs once we triggered the target + unit + +We start watching them again once we get a notification that triggered +unit entered inactive or failed state. + +Fixes: #10503 +(cherry picked from commit 8fca6944c2ee20c63d62154c8badddc77170b176) + +Resolves: #1641777 +--- + src/core/path.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/src/core/path.c b/src/core/path.c +index 0533bb4e21..a74cbf2372 100644 +--- a/src/core/path.c ++++ b/src/core/path.c +@@ -497,11 +497,9 @@ static void path_enter_running(Path *p) { + + p->inotify_triggered = false; + +- r = path_watch(p); +- if (r < 0) +- goto fail; +- + path_set_state(p, PATH_RUNNING); ++ path_unwatch(p); ++ + return; + + fail: diff --git a/SOURCES/0801-unit-fix-potential-use-of-cgroup_path-after-free-whe.patch b/SOURCES/0801-unit-fix-potential-use-of-cgroup_path-after-free-whe.patch new file mode 100644 index 0000000..f41540a --- /dev/null +++ b/SOURCES/0801-unit-fix-potential-use-of-cgroup_path-after-free-whe.patch @@ -0,0 +1,39 @@ +From 98234ad6e16e868bd1fa3e4622c43a182fdee75c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Renaud=20M=C3=A9trich?= +Date: Sat, 23 Nov 2019 13:37:02 +0100 +Subject: [PATCH] unit: fix potential use of cgroup_path after free() when + freeing unit + +Resolves: #1760149 +--- + src/core/cgroup.c | 3 +-- + src/core/unit.c | 2 +- + 2 files changed, 2 insertions(+), 3 deletions(-) + +diff --git a/src/core/cgroup.c b/src/core/cgroup.c +index 0ce265dbf4..9af8126957 100644 +--- a/src/core/cgroup.c ++++ b/src/core/cgroup.c +@@ -874,8 +874,7 @@ void unit_destroy_cgroup_if_empty(Unit *u) { + + hashmap_remove(u->manager->cgroup_unit, u->cgroup_path); + +- free(u->cgroup_path); +- u->cgroup_path = NULL; ++ u->cgroup_path = mfree(u->cgroup_path); + u->cgroup_realized = false; + u->cgroup_realized_mask = 0; + } +diff --git a/src/core/unit.c b/src/core/unit.c +index 294c9eb70f..0dc66203a4 100644 +--- a/src/core/unit.c ++++ b/src/core/unit.c +@@ -515,7 +515,7 @@ void unit_free(Unit *u) { + + if (u->cgroup_path) { + hashmap_remove(u->manager->cgroup_unit, u->cgroup_path); +- free(u->cgroup_path); ++ u->cgroup_path = mfree(u->cgroup_path); + } + + set_remove(u->manager->failed_units, u); diff --git a/SOURCES/9999-Update-kernel-install-script-by-backporting-fedora-p.patch b/SOURCES/9999-Update-kernel-install-script-by-backporting-fedora-p.patch deleted file mode 100644 index c42f0b6..0000000 --- a/SOURCES/9999-Update-kernel-install-script-by-backporting-fedora-p.patch +++ /dev/null @@ -1,57 +0,0 @@ -From c49c37d5e26bf71a97d5194d390f80d3e71758e1 Mon Sep 17 00:00:00 2001 -From: systemd team -Date: Tue, 23 Apr 2019 10:46:19 -0300 -Subject: [PATCH] Update kernel-install script by backporting fedora patches - ---- - src/kernel-install/kernel-install | 30 +++++++++++++++++------------- - 1 file changed, 17 insertions(+), 13 deletions(-) - -diff --git a/src/kernel-install/kernel-install b/src/kernel-install/kernel-install -index f1c74de..d860701 100755 ---- a/src/kernel-install/kernel-install -+++ b/src/kernel-install/kernel-install -@@ -73,23 +73,27 @@ KERNEL_IMAGE="$2" - - if [[ -x /sbin/new-kernel-pkg ]]; then - KERNEL_DIR="${KERNEL_IMAGE%/*}" -- if [[ "${KERNEL_DIR}" != "/boot" ]]; then -- for i in \ -- "$KERNEL_IMAGE" \ -- "$KERNEL_DIR/.${KERNEL_IMAGE##*/}.hmac" \ -- "$KERNEL_DIR"/System.map \ -- "$KERNEL_DIR"/config \ -- "$KERNEL_DIR"/zImage.stub \ -- "$KERNEL_DIR"/dtb \ -- ; do -- [[ -e "$i" ]] || continue -- cp -a "$i" "/boot/${i##*/}-${KERNEL_VERSION}" -- done -- fi - - [[ "$KERNEL_VERSION" == *\+* ]] && flavor=-"${KERNEL_VERSION##*+}" - case "$COMMAND" in - add) -+ if [[ "${KERNEL_DIR}" != "/boot" ]]; then -+ for i in \ -+ "$KERNEL_IMAGE" \ -+ "$KERNEL_DIR"/System.map \ -+ "$KERNEL_DIR"/config \ -+ "$KERNEL_DIR"/zImage.stub \ -+ "$KERNEL_DIR"/dtb \ -+ ; do -+ [[ -e "$i" ]] || continue -+ cp -aT "$i" "/boot/${i##*/}-${KERNEL_VERSION}" -+ done -+ # hmac is .vmlinuz-.hmac so needs a special treatment -+ i="$KERNEL_DIR/.${KERNEL_IMAGE##*/}.hmac" -+ if [[ -e "$i" ]]; then -+ cp -aT "$i" "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac" -+ fi -+ fi - /sbin/new-kernel-pkg --package "kernel${flavor}" --install "$KERNEL_VERSION" || exit $? - /sbin/new-kernel-pkg --package "kernel${flavor}" --mkinitrd --dracut --depmod --update "$KERNEL_VERSION" || exit $? - /sbin/new-kernel-pkg --package "kernel${flavor}" --rpmposttrans "$KERNEL_VERSION" || exit $? --- -1.8.3.1 - diff --git a/SPECS/systemd.spec b/SPECS/systemd.spec index 609492d..fbe65dd 100644 --- a/SPECS/systemd.spec +++ b/SPECS/systemd.spec @@ -7,7 +7,7 @@ Name: systemd Url: http://www.freedesktop.org/wiki/Software/systemd Version: 219 -Release: 67%{?dist}.4 +Release: 73%{?dist}.1 # For a breakdown of the licensing, see README License: LGPLv2+ and MIT and GPLv2+ Summary: A System and Service Manager @@ -785,9 +785,9 @@ Patch0743: 0743-man-be-more-explicit-about-thread-safety-of-sd_journ.patch Patch0744: 0744-selinux-don-t-log-SELINUX_INFO-and-SELINUX_WARNING-m.patch Patch0745: 0745-fix-mis-merge.patch Patch0746: 0746-fs-util-chase_symlinks-prevent-double-free.patch -Patch0747: 0747-return-error-value-on-failure.patch -Patch0748: 0748-revert-local-changes-made-during-backport-of-the-tes.patch -Patch0749: 0749-core-timer-Prevent-timer-looping-when-unit-cannot-st.patch +Patch0747: 0747-path-util-fix-more-path_is_mount-e792e890f-fallout.patch +Patch0748: 0748-return-error-value-on-failure.patch +Patch0749: 0749-revert-local-changes-made-during-backport-of-the-tes.patch Patch0750: 0750-core-add-a-Requires-dependency-between-units-and-the.patch Patch0751: 0751-core-rerun-GC-logic-for-a-unit-that-loses-a-referenc.patch Patch0752: 0752-pid1-rename-unit_check_gc-to-unit_may_gc.patch @@ -795,17 +795,51 @@ Patch0753: 0753-pid1-include-the-source-unit-in-UnitRef.patch Patch0754: 0754-pid1-fix-collection-of-cycles-of-units-which-referen.patch Patch0755: 0755-pid1-free-basic-unit-information-at-the-very-end-bef.patch Patch0756: 0756-pid1-properly-remove-references-to-the-unit-from-gc-.patch -Patch0757: 0757-service-relax-PID-file-symlink-chain-checks-a-bit-81.patch -Patch0758: 0758-path-util-fix-more-path_is_mount-e792e890f-fallout.patch -Patch0759: 0759-core-exclude-.slice-units-from-systemctl-isolate.patch -Patch0760: 0760-unit-fix-potential-use-of-cgroup_path-after-free-whe.patch -Patch0761: 0761-core-when-restarting-services-don-t-close-fds.patch -Patch0762: 0762-unit-rework-a-bit-how-we-keep-the-service-fdstore-fr.patch -Patch0763: 0763-tests-add-basic-journal-test.patch -Patch0764: 0764-tests-add-regression-test-for-systemctl-restart-syst.patch -Patch0765: 0765-tests-add-test-that-journald-keeps-fds-over-terminat.patch - -Patch9999: 9999-Update-kernel-install-script-by-backporting-fedora-p.patch +Patch0757: 0757-core-timer-Prevent-timer-looping-when-unit-cannot-st.patch +Patch0758: 0758-service-relax-PID-file-symlink-chain-checks-a-bit-81.patch +Patch0759: 0759-udev-rules-Add-rule-for-dev-kfd.patch +Patch0760: 0760-core-exclude-.slice-units-from-systemctl-isolate.patch +Patch0761: 0761-udev-scsi_id-fix-incorrect-page-length-when-get-devi.patch +Patch0762: 0762-core-when-determining-whether-a-process-exit-status-.patch +Patch0763: 0763-units-add-Wants-initrd-cleanup.service-to-initrd-swi.patch +Patch0764: 0764-units-make-sure-initrd-cleanup.service-terminates-be.patch +Patch0765: 0765-core-tiny-tweak-for-cgroup-trimming-during-manager_f.patch +Patch0766: 0766-process-an-empty-environment-block-should-be-returne.patch +Patch0767: 0767-core-make-sure-initrd-switch-root-command-survives-P.patch +Patch0768: 0768-systemctl-always-avoid-being-killed-when-doing-switc.patch +Patch0769: 0769-units-drop-KillMode-from-initrd-switch-root.service.patch +Patch0770: 0770-systemctl-ignore-SIGTERM-after-switch-root.patch +Patch0771: 0771-units-restore-Before-dependencies-for-systemd-vconso.patch +Patch0772: 0772-core-reduce-the-number-of-stalled-PIDs-from-the-watc.patch +Patch0773: 0773-timedate-use-gmtime_r-and-localtime_r.patch +Patch0774: 0774-sd-bus-stop-using-the-result-of-an-assignment-as-an-.patch +Patch0775: 0775-journal-upload-add-asserts-that-snprintf-does-not-re.patch +Patch0776: 0776-analyze-actually-select-longest-activated-time-of-se.patch +Patch0777: 0777-pid1-remove-unnecessary-error-reassignment.patch +Patch0778: 0778-core-drop-unnecessary-condition.patch +Patch0779: 0779-import-drop-unnecessary-condition.patch +Patch0780: 0780-journal-verify-add-comment-and-silence-LGTM-warning.patch +Patch0781: 0781-journal-drop-redundant-condition.patch +Patch0782: 0782-lldp-set-correct-state-for-processing.patch +Patch0783: 0783-sd-bus-fix-implicit-downcast-of-bitfield-reported-by.patch +Patch0784: 0784-tree-wide-use-signed-int-instead-of-int-for-bit-fiel.patch +Patch0785: 0785-machinectl-check-correct-FD-for-a-return-value.patch +Patch0786: 0786-shared-install-avoid-overwriting-r-counter-with-a-pa.patch +Patch0787: 0787-systemctl-set_put-can-t-return-EEXIST.patch +Patch0788: 0788-systemctl-remove-dead-check.patch +Patch0789: 0789-journal-gateway-explicitly-declare-local-variables.patch +Patch0790: 0790-journal-gateway-use-localStorage-cursor-only-when-it.patch +Patch0791: 0791-lgtm-ignore-files-dropped-in-upstream.patch +Patch0792: 0792-lgtm-suppress-several-constant-comparisons.patch +Patch0793: 0793-core-add-a-new-unit_needs_console-call.patch +Patch0794: 0794-core-rework-how-we-count-the-n_on_console-counter.patch +Patch0795: 0795-service-introduce-protocol-error-type.patch +Patch0796: 0796-service-fix-main-processes-exit-behavior-for-type-no.patch +Patch0797: 0797-service-go-through-stop_post-on-failure-4770.patch +Patch0798: 0798-Call-getgroups-to-know-size-of-supplementary-groups-.patch +Patch0799: 0799-udev-introduce-CONST-key-name.patch +Patch0800: 0800-path-stop-watching-path-specs-once-we-triggered-the-.patch +Patch0801: 0801-unit-fix-potential-use-of-cgroup_path-after-free-whe.patch %global num_patches %{lua: c=0; for i,p in ipairs(patches) do c=c+1; end; print(c);} @@ -995,6 +1029,7 @@ git init git config user.email "systemd-maint@redhat.com" git config user.name "systemd team" git add . +git add -f src/journal-remote/browse.html git commit -a -q -m "%{version} baseline." # Apply all the patches. @@ -1517,7 +1552,7 @@ fi %dir %{_datadir}/pkgconfig %dir %{_datadir}/zsh %dir %{_datadir}/zsh/site-functions -%ghost %dir %{_localstatedir}/log/journal +%ghost %dir %attr(2755, root, systemd-journal) %verify(not mode) %{_localstatedir}/log/journal %dir %{_localstatedir}/lib/systemd %dir %{_localstatedir}/lib/systemd/catalog %ghost %dir %{_localstatedir}/lib/systemd/coredump @@ -1782,18 +1817,76 @@ fi %{_mandir}/man8/systemd-resolved.* %changelog -* Tue Feb 18 2020 systemd maintenance team - 219-67.4 -- core: when restarting services, don't close fds (#1798162) -- unit: rework a bit how we keep the service fdstore from being destroyed during service restart (#1798162) -- tests: add basic journal test (#1798162) -- tests: add regression test for `systemctl restart systemd-journald` (#1798162) -- tests: add test that journald keeps fds over termination by signal (#1798162) - -* Fri Nov 29 2019 Lukas Nykryn - 219-67.3 -- unit: fix potential use of cgroup_path after free() when freeing unit (#1778083) - -* Thu Sep 19 2019 David Tardon - 219-67.2 -- core: exclude .slice units from "systemctl isolate" (#1751130) +* Fri Nov 29 2019 Lukas Nykryn - 219-73.1 +- unit: fix potential use of cgroup_path after free() when freeing unit (#1760149) + +* Fri Oct 25 2019 Lukas Nykryn - 219-73 +- path: stop watching path specs once we triggered the target unit (#1641777) + +* Thu Oct 24 2019 Lukas Nykryn - 219-72 +- service: introduce protocol error type (#1733998) +- service: fix main processes exit behavior for type notify services (#1733998) +- service: go through stop_post on failure (#4770) (#1733998) +- Call getgroups() to know size of supplementary groups array to allocate (#1743230256 KB) +- udev: introduce CONST key name (#1748051) + +* Thu Oct 10 2019 Lukas Nykryn - 219-71 +- core: add a new unit_needs_console() call (#1524359) +- core: rework how we count the n_on_console counter (#1524359) + +* Fri Sep 27 2019 Lukas Nykryn - 219-70 +- add src/journal-remote/browse.html to index + +* Fri Sep 27 2019 Lukas Nykryn - 219-70 +- udev-rules: Add rule for /dev/kfd (#1659516) +- core: exclude .slice units from "systemctl isolate" (#1745199) +- udev/scsi_id: fix incorrect page length when get device identification VPD page (#1635945) +- core: when determining whether a process exit status is clean, consider whether it is a command or a daemon (#1560417) +- units: add Wants=initrd-cleanup.service to initrd-switch-root.target (#4345) (#1560417) +- units: make sure initrd-cleanup.service terminates before switching to rootfs (#1560417) +- core: tiny tweak for cgroup trimming during manager_free() (#1630378) +- process: an empty environment block should be returned as such (#1685648) +- core: make sure initrd-switch-root command survives PID1's killing spree (#4730) (#1754053) +- systemctl: always avoid being killed when doing switch-root (#1754053) +- units: drop KillMode= from initrd-switch-root.service (#1754053) +- systemctl: ignore SIGTERM after switch root (#1754053) +- units: restore Before dependencies for systemd-vconsole-setup.service (#1754053) +- core: reduce the number of stalled PIDs from the watched processes list when possible (#1501796) +- timedate: use gmtime_r() and localtime_r() (#1694605) +- sd-bus: stop using the result of an assignment as an operand of && (#1694605) +- journal-upload: add asserts that snprintf does not return an error (#1694605) +- analyze: actually select longest activated-time of services (#1694605) +- pid1: remove unnecessary error reassignment (#1694605) +- core: drop unnecessary condition (#1694605) +- import: drop unnecessary condition (#1694605) +- journal-verify: add comment and silence LGTM warning (#1694605) +- journal: drop redundant condition (#1694605) +- lldp: set correct state for processing (#1694605) +- sd-bus: fix implicit downcast of bitfield reported by LGTM (#1694605) +- tree-wide: use 'signed int' instead of 'int' for bit field variables (#1694605) +- machinectl: check correct FD for a return value (#1694605) +- shared/install: avoid overwriting 'r' counter with a partial result (#1694605) +- systemctl: set_put() can't return (-)EEXIST (#1694605) +- systemctl: remove dead check (#1694605) +- journal-gateway: explicitly declare local variables (#1694605) +- journal-gateway: use localStorage["cursor"] only when it has valid value (#1694605) +- lgtm: ignore files dropped in upstream (#1694605) +- lgtm: suppress several constant comparisons (#1694605) + +* Thu Aug 22 2019 Lukas Nykryn - 219-69 +- revert local changes made during backport of the test (#1726785) +- core: add a "Requires=" dependency between units and the slices they are located in (#1718953) +- core: rerun GC logic for a unit that loses a reference (#1718953) +- pid1: rename unit_check_gc to unit_may_gc (#1718953) +- pid1: include the source unit in UnitRef (#1718953) +- pid1: fix collection of cycles of units which reference one another (#1718953) +- pid1: free basic unit information at the very end, before freeing the unit (#1718953) +- pid1: properly remove references to the unit from gc queue during final cleanup (#1718953) +- core/timer: Prevent timer looping when unit cannot start (#1710302) +- service: relax PID file symlink chain checks a bit (#8133) (#1724420) + +* Wed Aug 07 2019 David Tardon - 219-68 +- fix rpm -V failure on /var/log/journal (#1545372) * Fri Jul 12 2019 Lukas Nykryn - 219-67.1 - return error value on failure (#1729226)