Merge pull request #17869 from DaanDeMeyer/mkosi-gdb

mkosi: Add gdb to final images

.mkosi/mkosi.arch

@@ -54,8 +54,10 @@ BuildPackages=
         zstd
 
 Packages=
+        gdb
         libidn2
         qrencode
+        strace
 
 [Host]
 QemuHeadless=yes

.mkosi/mkosi.debian

@@ -62,9 +62,11 @@ BuildPackages=
         zstd
 
 Packages=
+        gdb
+        libidn2-0
         libqrencode4
         locales
-        libidn2-0
+        strace
 
 [Host]
 QemuHeadless=yes

.mkosi/mkosi.fedora

@@ -72,11 +72,13 @@ BuildPackages=
         zstd
 
 Packages=
+        gdb
         # libfido2 + libzstd can be dropped once the Fedora RPM gets a dependency on them
         libfido2
         libzstd
         # procps-ng provides a set of useful utilies (ps, free, etc)
         procps-ng
+        strace
 
 BuildDirectory=mkosi.builddir
 Cache=mkosi.cache

.mkosi/mkosi.opensuse

@@ -62,6 +62,7 @@ BuildPackages=
         timezone
 
 Packages=
+        gdb
         # brought in via meson->python3
         libp11-kit0
         # --bootable=no
@@ -75,6 +76,7 @@ Packages=
         libqrencode4
         libseccomp2
         pam
+        strace
         util-linux
 
 [Host]

.mkosi/mkosi.ubuntu

@@ -66,9 +66,11 @@ BuildPackages=
         zstd
 
 Packages=
+        gdb
+        libidn2-0
         libqrencode4
         locales
-        libidn2-0
+        strace
 
 [Host]
 QemuHeadless=yes

man/systemd.automount.xml

@@ -63,6 +63,10 @@
     for mount dependencies here. For example, you should not set
     <varname>After=network-online.target</varname> or similar on network
     filesystems. Doing so may result in an ordering cycle.</para>
+
+    <para>Note that automount support on Linux is privileged, automount units are hence only available in the
+    system service manager (and root's user service manager), but not in unprivileged user's service
+    manager.</para>
   </refsect1>
 
   <refsect1>

man/systemd.swap.xml

@@ -59,6 +59,9 @@
     <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note that swap
     units cannot be templated, nor is possible to add multiple names to a swap unit by creating additional symlinks to
     it.</para>
+
+    <para>Note that swap support on Linux is privileged, swap units are hence only available in the system
+    service manager (and root's user service manager), but not in unprivileged user's service manager.</para>
   </refsect1>
 
   <refsect1>

meson.build

@@ -1117,6 +1117,7 @@ conf.set10('HAVE_LIBIPTC', have)
 want_qrencode = get_option('qrencode')
 if want_qrencode != 'false' and not skip_deps
         libqrencode = dependency('libqrencode',
+                                 version : '>= 4',
                                  required : want_qrencode == 'true')
         have = libqrencode.found()
 else

src/basic/log.h

@@ -44,10 +44,17 @@ typedef enum LogTarget{
 #define ERRNO_VALUE(val)                    (abs(val) & 255)
 
 void log_set_target(LogTarget target);
+
 void log_set_max_level_realm(LogRealm realm, int level);
+
 #define log_set_max_level(level)                \
         log_set_max_level_realm(LOG_REALM, (level))
 
+static inline void log_set_max_level_all_realms(int level) {
+        for (LogRealm realm = 0; realm < _LOG_REALM_MAX; realm++)
+                log_set_max_level_realm(realm, level);
+}
+
 void log_set_facility(int facility);
 
 int log_set_target_from_string(const char *e);

src/basic/virt.c

@@ -517,7 +517,7 @@ int detect_container(void) {
                  */
                 e = getenv("container");
                 if (!e)
-                        goto check_sched;
+                        goto none;
                 if (isempty(e)) {
                         r = VIRTUALIZATION_NONE;
                         goto finish;
@@ -545,24 +545,7 @@ int detect_container(void) {
         if (r < 0) /* This only works if we have CAP_SYS_PTRACE, hence let's better ignore failures here */
                 log_debug_errno(r, "Failed to read $container of PID 1, ignoring: %m");
 
-        /* Interestingly /proc/1/sched actually shows the host's PID for what we see as PID 1. If the PID
-         * shown there is not 1, we know we are in a PID namespace and hence a container. */
- check_sched:
-        r = read_one_line_file("/proc/1/sched", &m);
-        if (r >= 0) {
-                const char *t;
-
-                t = strrchr(m, '(');
-                if (!t)
-                        return -EIO;
-
-                if (!startswith(t, "(1,")) {
-                        r = VIRTUALIZATION_CONTAINER_OTHER;
-                        goto finish;
-                }
-        } else if (r != -ENOENT)
-                return r;
-
+none:
         /* If that didn't work, give up, assume no container manager. */
         r = VIRTUALIZATION_NONE;
         goto finish;

src/shared/qrcode-util.c

@@ -5,12 +5,45 @@
 #if HAVE_QRENCODE
 #include <qrencode.h>
 
+#include "alloc-util.h"
 #include "dlfcn-util.h"
 #include "locale-util.h"
 #include "terminal-util.h"
 
 #define ANSI_WHITE_ON_BLACK "\033[40;37;1m"
 
+static void *qrcode_dl = NULL;
+
+static QRcode* (*sym_QRcode_encodeString)(const char *string, int version, QRecLevel level, QRencodeMode hint, int casesensitive) = NULL;
+static void (*sym_QRcode_free)(QRcode *qrcode) = NULL;
+
+int dlopen_qrencode(void) {
+        _cleanup_(dlclosep) void *dl = NULL;
+        int r;
+
+        if (qrcode_dl)
+                return 0; /* Already loaded */
+
+        dl = dlopen("libqrencode.so.4", RTLD_LAZY);
+        if (!dl)
+                return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
+                                       "libqrcode support is not installed: %s", dlerror());
+
+        r = dlsym_many_and_warn(
+                        dl,
+                        LOG_DEBUG,
+                        DLSYM_ARG(QRcode_encodeString),
+                        DLSYM_ARG(QRcode_free),
+                        NULL);
+        if (r < 0)
+                return r;
+
+        /* Note that we never release the reference here, because there's no real reason to, after all this
+         * was traditionally a regular shared library dependency which lives forever too. */
+        qrcode_dl = TAKE_PTR(dl);
+        return 1;
+}
+
 static void print_border(FILE *output, unsigned width) {
         /* Four rows of border */
         for (unsigned y = 0; y < 4; y += 2) {
@@ -65,9 +98,6 @@ static void write_qrcode(FILE *output, QRcode *qr) {
 }
 
 int print_qrcode(FILE *out, const char *header, const char *string) {
-        QRcode* (*sym_QRcode_encodeString)(const char *string, int version, QRecLevel level, QRencodeMode hint, int casesensitive);
-        void (*sym_QRcode_free)(QRcode *qrcode);
-        _cleanup_(dlclosep) void *dl = NULL;
         QRcode* qr;
         int r;
 
@@ -76,17 +106,7 @@ int print_qrcode(FILE *out, const char *header, const char *string) {
         if (!is_locale_utf8() || !colors_enabled())
                 return -EOPNOTSUPP;
 
-        dl = dlopen("libqrencode.so.4", RTLD_LAZY);
-        if (!dl)
-                return log_debug_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
-                                       "QRCODE support is not installed: %s", dlerror());
-
-        r = dlsym_many_and_warn(
-                        dl,
-                        LOG_DEBUG,
-                        DLSYM_ARG(QRcode_encodeString),
-                        DLSYM_ARG(QRcode_free),
-                        NULL);
+        r = dlopen_qrencode();
         if (r < 0)
                 return r;
 

src/shared/qrcode-util.h

@@ -5,6 +5,8 @@
 #include <errno.h>
 
 #if HAVE_QRENCODE
+int dlopen_qrencode(void);
+
 int print_qrcode(FILE *out, const char *header, const char *string);
 #else
 static inline int print_qrcode(FILE *out, const char *header, const char *string) {

src/test/meson.build

@@ -71,6 +71,10 @@ tests += [
           libshared],
          []],
 
+        [['src/test/test-dlopen-so.c'],
+         [libshared],
+         []],
+
         [['src/test/test-job-type.c'],
          [libcore,
           libshared],

src/test/test-dlopen-so.c

@@ -0,0 +1,40 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <dlfcn.h>
+#include <stdlib.h>
+
+#include "cryptsetup-util.h"
+#include "idn-util.h"
+#include "macro.h"
+#include "main-func.h"
+#include "pwquality-util.h"
+#include "qrcode-util.h"
+#include "tests.h"
+
+static int run(int argc, char **argv) {
+        test_setup_logging(LOG_DEBUG);
+
+        /* Try to load each of our weak library dependencies once. This is supposed to help finding cases
+         * where .so versions change and distributions update, but systemd doesn't have the new so names
+         * around yet. */
+
+#if HAVE_LIBIDN2 || HAVE_LIBIDN
+        assert_se(dlopen_idn() >= 0);
+#endif
+
+#if HAVE_LIBCRYPTSETUP
+        assert_se(dlopen_cryptsetup() >= 0);
+#endif
+
+#if HAVE_PWQUALITY
+        assert_se(dlopen_pwquality() >= 0);
+#endif
+
+#if HAVE_QRENCODE
+        assert_se(dlopen_qrencode() >= 0);
+#endif
+
+        return 0;
+}
+
+DEFINE_MAIN_FUNCTION(run);

src/udev/udev-node.c

@@ -214,20 +214,23 @@ static int link_update(sd_device *dev, const char *slink, bool add) {
         if (!filename)
                 return log_oom();
 
-        if (!add && unlink(filename) == 0)
-                (void) rmdir(dirname);
-
-        if (add)
-                do {
+        if (!add) {
+                if (unlink(filename) == 0)
+                        (void) rmdir(dirname);
+        } else
+                for (;;) {
                         _cleanup_close_ int fd = -1;
 
                         r = mkdir_parents(filename, 0755);
                         if (!IN_SET(r, 0, -ENOENT))
-                                break;
+                                return r;
+
                         fd = open(filename, O_WRONLY|O_CREAT|O_CLOEXEC|O_TRUNC|O_NOFOLLOW, 0444);
-                        if (fd < 0)
-                                r = -errno;
-                } while (r == -ENOENT);
+                        if (fd >= 0)
+                                break;
+                        if (errno != ENOENT)
+                                return -errno;
+                }
 
         /* If the database entry is not written yet we will just do one iteration and possibly wrong symlink
          * will be fixed in the second invocation. */

src/udev/udevd.c

@@ -1089,8 +1089,7 @@ static int on_ctrl_msg(struct udev_ctrl *uctrl, enum udev_ctrl_msg_type type, co
         switch (type) {
         case UDEV_CTRL_SET_LOG_LEVEL:
                 log_debug("Received udev control message (SET_LOG_LEVEL), setting log_level=%i", value->intval);
-                log_set_max_level_realm(LOG_REALM_UDEV, value->intval);
-                log_set_max_level_realm(LOG_REALM_SYSTEMD, value->intval);
+                log_set_max_level_all_realms(value->intval);
                 manager_kill_workers(manager);
                 break;
         case UDEV_CTRL_STOP_EXEC_QUEUE:

test/test-functions

@@ -676,6 +676,19 @@ install_missing_libraries() {
     for i in $initdir{,/usr}/{sbin,bin}/* $initdir{,/usr}/lib/systemd/{,tests/{,manual/,unsafe/}}*; do
         LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$(get_ldpath $i):$(get_ldpath $i)/src/udev" inst_libs $i
     done
+
+    # A number of dependencies is now optional via dlopen, so the install
+    # script will not pick them up, since it looks at linkage.
+    for lib in libcryptsetup libidn libidn2 pwquality libqrencode; do
+            if pkg-config --exists ${lib}; then
+                    path=$(pkg-config --variable=libdir ${lib})
+                    if ! [[ ${lib} =~ ^lib ]]; then
+                            lib="lib${lib}"
+                    fi
+                    inst_libs "${path}/${lib}.so"
+                    inst_library "${path}/${lib}.so"
+            fi
+    done
 }
 
 cleanup_loopdev() {