mirror of
https://github.com/systemd/systemd
synced 2026-04-23 15:34:50 +02:00
Compare commits
22 Commits
60f53dd5cc
...
43a5fd98a5
| Author | SHA1 | Date | |
|---|---|---|---|
|
43a5fd98a5 | ||
|
|
4da5e99a8f | ||
|
|
13a5ffa477 | ||
|
|
3f4ead8d5f | ||
|
|
904447ce5a | ||
|
|
5c09daf8ff | ||
|
|
f1a147f2be | ||
|
|
3976da0265 | ||
|
|
8f39ecf6aa | ||
|
|
a43d2229bb | ||
|
|
b9fbff7403 | ||
|
|
5980d46304 | ||
|
|
24f0c62df5 | ||
|
|
5b39139582 | ||
|
|
7a692931ab | ||
|
|
2e3591a4fd | ||
|
|
c0ebfef358 | ||
|
|
38c41427c7 | ||
|
|
f7829525be | ||
|
|
62a4b584bb | ||
|
|
523487f713 | ||
|
|
9817b7dbc9 |
@ -4,8 +4,6 @@
|
||||
|
||||
# Explicitly enable certain checks which are hidden by default
|
||||
queries:
|
||||
- exclude: cpp/missing-return
|
||||
# LGTM does not handle assert_not_reached() gracefully...
|
||||
- include: cpp/bad-strncpy-size
|
||||
- include: cpp/declaration-hides-variable
|
||||
- include: cpp/inconsistent-null-check
|
||||
|
||||
8
TODO
8
TODO
@ -78,6 +78,10 @@ Janitorial Clean-ups:
|
||||
|
||||
Features:
|
||||
|
||||
* deprecate cgroupsv1 (i.e. taint system with it, print log message at boot)
|
||||
|
||||
* systemd-dissect: add --cat switch for dumping files such as /etc/os-release
|
||||
|
||||
* per-service sandboxing option: ProtectIds=. If used, will overmount
|
||||
/etc/machine-id and /proc/sys/kernel/random/boot_id with synthetic files, to
|
||||
make it harder for the service to identify the host. Depending on the user
|
||||
@ -1345,6 +1349,10 @@ Features:
|
||||
can easily set overall quota for all users
|
||||
- on login, if we can't fallocate initially, but rebalance is on, then allow
|
||||
login in discard mode, then immediately rebalance, then turn off discard
|
||||
- extend user records with optional "bulk" data. Specifically, a user
|
||||
avatar/photo or so. This data should be stored along wiht the user record,
|
||||
but probably shouldn't be part of the record itself, since it might be
|
||||
large.
|
||||
|
||||
* add a new switch --auto-definitions=yes/no or so to systemd-repart. If
|
||||
specified, synthesize a definition automatically if we can: enlarge last
|
||||
|
||||
@ -148,6 +148,6 @@ names for them in UIs.
|
||||
|
||||
[Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION)<br>
|
||||
[Discoverable Partitions Specification](https://systemd.io/DISCOVERABLE_PARTITIONS)<br>
|
||||
[systemd-boot(7)](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
|
||||
[bootctl(1)](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br>
|
||||
[systemd-gpt-auto-generator(8)](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)
|
||||
[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
|
||||
[`bootctl(1)`](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br>
|
||||
[`systemd-gpt-auto-generator(8)`](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)
|
||||
|
||||
@ -440,6 +440,6 @@ There are a couple of items that are out of focus for this specification:
|
||||
[GUID Partition Table](https://en.wikipedia.org/wiki/GUID_Partition_Table)<br>
|
||||
[Boot Loader Interface](https://systemd.io/BOOT_LOADER_INTERFACE)<br>
|
||||
[Discoverable Partitions Specification](https://systemd.io/DISCOVERABLE_PARTITIONS)<br>
|
||||
[systemd-boot(7)](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
|
||||
[bootctl(1)](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br>
|
||||
[systemd-gpt-auto-generator(8)](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)
|
||||
[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
|
||||
[`bootctl(1)`](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br>
|
||||
[`systemd-gpt-auto-generator(8)`](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)
|
||||
|
||||
@ -35,24 +35,29 @@ boot. For that it's essential to:
|
||||
ID, for example IPv6 addresses or transient MAC addresses.
|
||||
|
||||
2. Remove the `/var/lib/systemd/random-seed` file (see
|
||||
[`systemd-random-seed(8)`](https://www.freedesktop.org/software/systemd/man/systemd-random-seed.service.html),
|
||||
[`systemd-random-seed(8)`](https://www.freedesktop.org/software/systemd/man/systemd-random-seed.service.html)),
|
||||
which is used to seed the kernel's random pool on boot. If this file is
|
||||
shipped pre-initialized, every instance will seed its random pool with the
|
||||
same random data that is included in the image, and thus possibly generate
|
||||
random data that is more similar to other instances booted off the same image
|
||||
than advisable.
|
||||
random data that is more similar to other instances booted off the same
|
||||
image than advisable.
|
||||
|
||||
3. Remove the `/loader/random-seed` file (see
|
||||
[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)
|
||||
[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html))
|
||||
from the UEFI System Partition (ESP), in case the `systemd-boot` boot loader
|
||||
is used in the image.
|
||||
|
||||
4. It might also make sense to remove `/etc/hostname` and `/etc/machine-info`
|
||||
4. It might also make sense to remove
|
||||
[`/etc/hostname`](https://www.freedesktop.org/software/systemd/man/hostname.html)
|
||||
and
|
||||
[`/etc/machine-info`](https://www.freedesktop.org/software/systemd/man/machine-info.html)
|
||||
which carry additional identifying information about the OS image.
|
||||
|
||||
## Boot Menu Entry Identifiers
|
||||
|
||||
The `kernel-install` logic used to generate [Boot Loader Specification Type
|
||||
The
|
||||
[`kernel-install(8)`](https://www.freedesktop.org/software/systemd/man/kernel-install.html)
|
||||
logic used to generate [Boot Loader Specification Type
|
||||
1](https://systemd.io/BOOT_LOADER_SPECIFICATION) entries by default uses the
|
||||
machine ID as stored in `/etc/machine-id` for naming boot menu entries and the
|
||||
directories in the ESP to place kernel images in. This is done in order to
|
||||
@ -70,7 +75,8 @@ resources of the OS. If not configured explicitly it defaults to the machine
|
||||
ID. The file `/etc/kernel/entry-token` may be used to configure this string
|
||||
explicitly. Thus, golden image builders should write a suitable identifier into
|
||||
this file, for example the `IMAGE_ID=` or `ID=` field from
|
||||
`/etc/os-release`. It is recommended to do this before the `kernel-install`
|
||||
[`/etc/os-release`](https://www.freedesktop.org/software/systemd/man/os-release.html)
|
||||
(also see below). It is recommended to do this before the `kernel-install`
|
||||
functionality is invoked (i.e. before the package manager is used to install
|
||||
packages into the OS tree being prepared), so that the selected string is
|
||||
automatically used for all entries to be generated.
|
||||
@ -95,16 +101,18 @@ Specifically, the following mechanisms are in place:
|
||||
2. PID 1 will initialize `/etc/machine-id` automatically if not initialized yet
|
||||
(see above).
|
||||
|
||||
3. The `nss-systemd` glibc NSS module ensures the `root` and `nobody` users and
|
||||
groups remain resolvable, even without `/etc/passwd` and `/etc/group` around.
|
||||
3. The
|
||||
[`nss-systemd(8)`](https://www.freedesktop.org/software/systemd/man/nss-systemd.html)
|
||||
glibc NSS module ensures the `root` and `nobody` users and groups remain
|
||||
resolvable, even without `/etc/passwd` and `/etc/group` around.
|
||||
|
||||
4. The
|
||||
[`systemd-sysusers`](https://www.freedesktop.org/software/systemd/man/systemd-sysusers.service.html)
|
||||
[`systemd-sysusers(8)`](https://www.freedesktop.org/software/systemd/man/systemd-sysusers.service.html)
|
||||
will component automatically populate `/etc/passwd` and `/etc/group` on
|
||||
first boot with further necessary system users.
|
||||
|
||||
5. The
|
||||
[`systemd-tmpfiles`](https://www.freedesktop.org/software/systemd/man/systemd-tmpfiles-setup.service.html)
|
||||
[`systemd-tmpfiles(8)`](https://www.freedesktop.org/software/systemd/man/systemd-tmpfiles-setup.service.html)
|
||||
component ensures that various files and directories below `/etc/`, `/var/`
|
||||
and other places are created automatically at boot if missing. Unlike the
|
||||
directories/symlinks created by the `switch-root` logic above this logic is
|
||||
@ -113,8 +121,10 @@ Specifically, the following mechanisms are in place:
|
||||
`/usr/lib/os-release`, ensuring that the OS release information is
|
||||
unconditionally accessible through `/etc/os-release`.
|
||||
|
||||
6. The `nss-myhostname` glibc NSS module will ensure the local host name as
|
||||
well as `localhost` remains resolvable, even without `/etc/hosts` around.
|
||||
6. The
|
||||
[`nss-myhostname(8)`](https://www.freedesktop.org/software/systemd/man/nss-myhostname.html)
|
||||
glibc NSS module will ensure the local host name as well as `localhost`
|
||||
remains resolvable, even without `/etc/hosts` around.
|
||||
|
||||
With these mechanisms the hierarchies below `/var/` and `/etc/` can be safely
|
||||
and robustly populated on first boot, so that the OS can safely boot up. Note
|
||||
@ -170,7 +180,7 @@ it, then format it.
|
||||
`systemd` provides multiple tools to implement the above logic:
|
||||
|
||||
1. The
|
||||
[`systemd-repart`](https://www.freedesktop.org/software/systemd/man/systemd-repart.service.html)
|
||||
[`systemd-repart(8)`](https://www.freedesktop.org/software/systemd/man/systemd-repart.service.html)
|
||||
component may manipulate GPT partition tables automatically on boot, growing
|
||||
partitions or adding in partitions taking the backing storage size into
|
||||
account. It can also encrypt partitions automatically it creates (even bind
|
||||
@ -179,11 +189,14 @@ it, then format it.
|
||||
incompletely set up partitions around.
|
||||
|
||||
2. The
|
||||
[`systemd-makefs@(8).service`](https://www.freedesktop.org/software/systemd/man/systemd-growfs.html)
|
||||
[`systemd-growfs@(8).service`](https://www.freedesktop.org/software/systemd/man/systemd-growfs.html)
|
||||
tool can automatically grow a file system to the partition it is contained
|
||||
in. The `x-systemd.growfs` `/etc/fstab` mount option is sufficient to enable
|
||||
this logic for specific mounts. If the file system is already grown it
|
||||
executes no operation.
|
||||
in. The `x-systemd.growfs` mount option in `/etc/fstab` is sufficient to
|
||||
enable this logic for specific mounts. Alternatively appropriately set up
|
||||
partitions can set GPT partition flag 59 to request this behaviour, see the
|
||||
[Discoverable Partitions
|
||||
Specification](https://systemd.io/DISCOVERABLE_PARTITIONS) for details. If
|
||||
the file system is already grown it executes no operation.
|
||||
|
||||
3. Similar, the `systemd-makefs@.service` and `systemd-makeswap@.service`
|
||||
services can format file systems and swap spaces before first use, if they
|
||||
@ -196,7 +209,7 @@ While a lot of work has gone into ensuring `systemd` systems can safely boot
|
||||
with unpopulated `/etc/` trees, it sometimes is desirable to set a couple of
|
||||
basic settings *after* `dd`-ing the image to disk, but *before* first boot. For
|
||||
this the tool
|
||||
[`systemd-firstboot`](https://www.freedesktop.org/software/systemd/man/systemd-firstboot.html)
|
||||
[`systemd-firstboot(1)`](https://www.freedesktop.org/software/systemd/man/systemd-firstboot.html)
|
||||
can be useful, with its `--image=` switch. It may be used to set very basic
|
||||
settings, such as the root password or hostname on an OS disk image or
|
||||
installed block device.
|
||||
@ -225,3 +238,30 @@ initialization status of `/etc/machine-id`: if the file already carries a valid
|
||||
ID the system is already past the first boot. If it is not initialized yet it
|
||||
is still considered in the first boot state. For details see
|
||||
[`machine-id(5)`](https://www.freedesktop.org/software/systemd/man/machine-id.html).
|
||||
|
||||
## Image Metadata
|
||||
|
||||
Typically, when operating with golden disk images it is useful to be able to
|
||||
identify them and their version. For this the two fields `IMAGE_ID=` and
|
||||
`IMAGE_VERSION=` have been defined in
|
||||
[`os-release(5)`](https://www.freedesktop.org/software/systemd/man/os-release.html). These
|
||||
fields may be accessed from unit files and similar via the `%M` and `%A`
|
||||
specifiers.
|
||||
|
||||
Depending on how the images are put together it might make sense to leave the
|
||||
OS distribution's `os-release` file as is in `/usr/lib/os-release` but to
|
||||
replace the usual `/etc/os-release` symlink with a regular file that extends
|
||||
the distribution's file with one augmented with these two additional
|
||||
fields.
|
||||
|
||||
## Links
|
||||
|
||||
[`machine-id(5)`](https://www.freedesktop.org/software/systemd/man/machine-id.html)<br>
|
||||
[`systemd-random-seed(8)`](https://www.freedesktop.org/software/systemd/man/systemd-random-seed.service.html)<br>
|
||||
[`os-release(5)`](https://www.freedesktop.org/software/systemd/man/os-release.html)<br>
|
||||
[Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION)<br>
|
||||
[Discoverable Partitions Specification](https://systemd.io/DISCOVERABLE_PARTITIONS)<br>
|
||||
[`mkosi`](https://github.com/systemd/mkosi)<br>
|
||||
[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
|
||||
[`systemd-repart(8)`](https://www.freedesktop.org/software/systemd/man/systemd-repart.service.html)<br>
|
||||
[`systemd-growfs@(8).service`](https://www.freedesktop.org/software/systemd/man/systemd-growfs.html)<br>
|
||||
|
||||
@ -412,6 +412,7 @@ The `gdisk` tool (from version 1.0.5 onward) and its variants (`sgdisk`,
|
||||
|
||||
[Boot Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION)<br>
|
||||
[Boot Loader Interface](https://systemd.io/BOOT_LOADER_INTERFACE)<br>
|
||||
[systemd-boot(7)](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
|
||||
[bootctl(1)](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br>
|
||||
[systemd-gpt-auto-generator(8)](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)
|
||||
[Safely Building Images](https://systemd.io/BUILDING_IMAGES)<br>
|
||||
[`systemd-boot(7)`](https://www.freedesktop.org/software/systemd/man/systemd-boot.html)<br>
|
||||
[`bootctl(1)`](https://www.freedesktop.org/software/systemd/man/bootctl.html)<br>
|
||||
[`systemd-gpt-auto-generator(8)`](https://www.freedesktop.org/software/systemd/man/systemd-gpt-auto-generator.html)
|
||||
|
||||
@ -337,7 +337,7 @@ services copied onto the host.
|
||||
|
||||
## Links
|
||||
|
||||
[portablectl(1)](https://www.freedesktop.org/software/systemd/man/portablectl.html)<br>
|
||||
[systemd-portabled.service(8)](https://www.freedesktop.org/software/systemd/man/systemd-portabled.service.html)<br>
|
||||
[`portablectl(1)`](https://www.freedesktop.org/software/systemd/man/portablectl.html)<br>
|
||||
[`systemd-portabled.service(8)`](https://www.freedesktop.org/software/systemd/man/systemd-portabled.service.html)<br>
|
||||
[Walkthrough for Portable Services](https://0pointer.net/blog/walkthrough-for-portable-services.html)<br>
|
||||
[Repo with examples](https://github.com/systemd/portable-walkthrough)
|
||||
|
||||
@ -80,13 +80,13 @@
|
||||
<filename>/etc/machine-id</filename> may also be written using any other means.
|
||||
</para>
|
||||
|
||||
<para>For operating system images which are created once and used on multiple
|
||||
machines, for example for containers or in the cloud,
|
||||
<filename>/etc/machine-id</filename> should be either missing or an empty file in the generic file
|
||||
system image (the difference between the two options is described under "First Boot Semantics" below). An
|
||||
ID will be generated during boot and saved to this file if possible. Having an empty file in place is
|
||||
useful because it allows a temporary file to be bind-mounted over the real file, in case the image is
|
||||
used read-only.</para>
|
||||
<para>For operating system images which are created once and used on multiple machines, for example for
|
||||
containers or in the cloud, <filename>/etc/machine-id</filename> should be either missing or an empty
|
||||
file in the generic file system image (the difference between the two options is described under "First
|
||||
Boot Semantics" below). An ID will be generated during boot and saved to this file if possible. Having an
|
||||
empty file in place is useful because it allows a temporary file to be bind-mounted over the real file,
|
||||
in case the image is used read-only. Also see <ulink url="https://systemd.io/BUILDING_IMAGES">Safely
|
||||
Building Images</ulink>.</para>
|
||||
|
||||
<para><citerefentry><refentrytitle>systemd-firstboot</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
may be used to initialize <filename>/etc/machine-id</filename> on mounted (but not
|
||||
|
||||
@ -57,7 +57,8 @@
|
||||
thus — if otherwise entropy-starved — generate the same or at least guessable random seed streams. As a
|
||||
safety precaution crediting entropy is thus disabled by default. It is recommended to remove the random
|
||||
seed from OS images intended for replication on multiple systems, in which case it is safe to enable
|
||||
entropy crediting, see below.</para>
|
||||
entropy crediting, see below. Also see <ulink url="https://systemd.io/BUILDING_IMAGES">Safely Building
|
||||
Images</ulink>.</para>
|
||||
|
||||
<para>See <ulink url="https://systemd.io/RANDOM_SEEDS">Random Seeds</ulink> for further
|
||||
information.</para>
|
||||
|
||||
@ -505,7 +505,7 @@
|
||||
<term><varname>DefaultOOMPolicy=</varname></term>
|
||||
|
||||
<listitem><para>Configure the default policy for reacting to processes being killed by the Linux
|
||||
Out-Of-Memory (OOM) killer. This may be used to pick a global default for the per-unit
|
||||
Out-Of-Memory (OOM) killer or <command>systemd-oomd</command>. This may be used to pick a global default for the per-unit
|
||||
<varname>OOMPolicy=</varname> setting. See
|
||||
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for details. Note that this default is not used for services that have <varname>Delegate=</varname>
|
||||
|
||||
@ -1039,7 +1039,7 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
|
||||
normally at 0.</para>
|
||||
|
||||
<para>Use the <varname>OOMPolicy=</varname> setting of service units to configure how the service
|
||||
manager shall react to the kernel OOM killer terminating a process of the service. See
|
||||
manager shall react to the kernel OOM killer or <command>systemd-oomd</command> terminating a process of the service. See
|
||||
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for details.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
@ -1140,7 +1140,11 @@
|
||||
shall be considered preferred or less preferred candidates for process termination by the Linux OOM
|
||||
killer logic. See
|
||||
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
|
||||
details.</para></listitem>
|
||||
details.</para>
|
||||
|
||||
<para>This setting also applies to <command>systemd-oomd</command>, similar to kernel OOM kills
|
||||
this setting determines the state of the service after <command>systemd-oomd</command> kills a cgroup associated
|
||||
with the service.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
|
||||
@ -638,7 +638,8 @@ endif
|
||||
|
||||
############################################################
|
||||
|
||||
if run_command('python3', '-c', 'import jinja2', check : false).returncode() != 0
|
||||
python = find_program('python3')
|
||||
if run_command(python, '-c', 'import jinja2', check : false).returncode() != 0
|
||||
error('python3 jinja2 missing')
|
||||
endif
|
||||
|
||||
|
||||
@ -123,7 +123,6 @@ static int open_sockets(int *epoll_fd, bool accept) {
|
||||
|
||||
static int exec_process(const char *name, char **argv, int start_fd, size_t n_fds) {
|
||||
_cleanup_strv_free_ char **envp = NULL;
|
||||
const char *var;
|
||||
int r;
|
||||
|
||||
if (arg_inetd && n_fds != 1)
|
||||
|
||||
@ -570,7 +570,6 @@ int get_files_in_directory(const char *path, char ***list) {
|
||||
}
|
||||
|
||||
static int getenv_tmp_dir(const char **ret_path) {
|
||||
const char *n;
|
||||
int r, ret = 0;
|
||||
|
||||
assert(ret_path);
|
||||
|
||||
@ -170,8 +170,6 @@ int open_extension_release(const char *root, const char *extension, char **ret_p
|
||||
}
|
||||
}
|
||||
} else {
|
||||
const char *p;
|
||||
|
||||
FOREACH_STRING(p, "/etc/os-release", "/usr/lib/os-release") {
|
||||
r = chase_symlinks(p, root, CHASE_PREFIX_ROOT,
|
||||
ret_path ? &q : NULL,
|
||||
|
||||
@ -218,7 +218,7 @@ void strv_print(char * const *l);
|
||||
})
|
||||
|
||||
#define _FOREACH_STRING(uniq, x, y, ...) \
|
||||
for (char **UNIQ_T(l, uniq) = STRV_MAKE(({ x = y; }), ##__VA_ARGS__); \
|
||||
for (const char *x, * const*UNIQ_T(l, uniq) = STRV_MAKE_CONST(({ x = y; }), ##__VA_ARGS__); \
|
||||
x; \
|
||||
x = *(++UNIQ_T(l, uniq)))
|
||||
|
||||
|
||||
@ -236,7 +236,6 @@ bool lookup_paths_timestamp_hash_same(const LookupPaths *lp, uint64_t timestamp_
|
||||
}
|
||||
|
||||
static int directory_name_is_valid(const char *name) {
|
||||
const char *suffix;
|
||||
|
||||
/* Accept a directory whose name is a valid unit file name ending in .wants/, .requires/ or .d/ */
|
||||
|
||||
|
||||
@ -1255,12 +1255,11 @@ static int remove_variables(sd_id128_t uuid, const char *path, bool in_order) {
|
||||
}
|
||||
|
||||
static int remove_loader_variables(void) {
|
||||
const char *variable;
|
||||
int r = 0;
|
||||
|
||||
/* Remove all persistent loader variables we define */
|
||||
|
||||
FOREACH_STRING(variable,
|
||||
FOREACH_STRING(var,
|
||||
EFI_LOADER_VARIABLE(LoaderConfigTimeout),
|
||||
EFI_LOADER_VARIABLE(LoaderConfigTimeoutOneShot),
|
||||
EFI_LOADER_VARIABLE(LoaderEntryDefault),
|
||||
@ -1269,15 +1268,15 @@ static int remove_loader_variables(void) {
|
||||
|
||||
int q;
|
||||
|
||||
q = efi_set_variable(variable, NULL, 0);
|
||||
q = efi_set_variable(var, NULL, 0);
|
||||
if (q == -ENOENT)
|
||||
continue;
|
||||
if (q < 0) {
|
||||
log_warning_errno(q, "Failed to remove EFI variable %s: %m", variable);
|
||||
log_warning_errno(q, "Failed to remove EFI variable %s: %m", var);
|
||||
if (r >= 0)
|
||||
r = q;
|
||||
} else
|
||||
log_info("Removed EFI variable %s.", variable);
|
||||
log_info("Removed EFI variable %s.", var);
|
||||
}
|
||||
|
||||
return r;
|
||||
|
||||
@ -1675,10 +1675,9 @@ static INTN config_entry_compare(const ConfigEntry *a, const ConfigEntry *b) {
|
||||
assert(b);
|
||||
|
||||
/* Order entries that have no tries left to the end of the list */
|
||||
if (a->tries_left == 0 && b->tries_left != 0)
|
||||
return 1;
|
||||
if (a->tries_left != 0 && b->tries_left == 0)
|
||||
return -1;
|
||||
r = CMP(a->tries_left == 0, b->tries_left == 0);
|
||||
if (r != 0)
|
||||
return r;
|
||||
|
||||
/* If there's a sort key defined for *both* entries, then we do new-style ordering, i.e. by
|
||||
* sort-key/machine-id/version, with a final fallback to id. If there's no sort key for either, we do
|
||||
@ -1687,8 +1686,8 @@ static INTN config_entry_compare(const ConfigEntry *a, const ConfigEntry *b) {
|
||||
r = CMP(!a->sort_key, !b->sort_key);
|
||||
if (r != 0) /* one is old-style, one new-style */
|
||||
return r;
|
||||
if (a->sort_key && b->sort_key) {
|
||||
|
||||
if (a->sort_key && b->sort_key) {
|
||||
r = strcmp(a->sort_key, b->sort_key);
|
||||
if (r != 0)
|
||||
return r;
|
||||
@ -1704,30 +1703,23 @@ static INTN config_entry_compare(const ConfigEntry *a, const ConfigEntry *b) {
|
||||
return r;
|
||||
}
|
||||
|
||||
/* Now order by ID (the version is likely part of the ID, thus note that this might put the oldest
|
||||
* version last, not first, i.e. specifying a sort key explicitly is thus generally preferable, to
|
||||
* take benefit of the explicit sorting above.) */
|
||||
r = strverscmp_improved(a->id, b->id);
|
||||
/* Now order by ID. The version is likely part of the ID, thus note that this will generatelly put
|
||||
* the newer versions earlier. Specifying a sort key explicitly is preferable, because it gives an
|
||||
* explicit sort order. */
|
||||
r = -strverscmp_improved(a->id, b->id);
|
||||
if (r != 0)
|
||||
return r;
|
||||
|
||||
if (a->tries_left == UINTN_MAX ||
|
||||
b->tries_left == UINTN_MAX)
|
||||
if (a->tries_left == UINTN_MAX || b->tries_left == UINTN_MAX)
|
||||
return 0;
|
||||
|
||||
/* If both items have boot counting, and otherwise are identical, put the entry with more tries left first */
|
||||
if (a->tries_left < b->tries_left)
|
||||
return 1;
|
||||
if (a->tries_left > b->tries_left)
|
||||
return -1;
|
||||
r = -CMP(a->tries_left, b->tries_left);
|
||||
if (r != 0)
|
||||
return r;
|
||||
|
||||
/* If they have the same number of tries left, then let the one win which was tried fewer times so far */
|
||||
if (a->tries_done > b->tries_done)
|
||||
return 1;
|
||||
if (a->tries_done < b->tries_done)
|
||||
return -1;
|
||||
|
||||
return 0;
|
||||
return CMP(a->tries_done, b->tries_done);
|
||||
}
|
||||
|
||||
static UINTN config_entry_find(Config *config, const CHAR16 *needle) {
|
||||
|
||||
@ -510,7 +510,6 @@ static int refresh_one(
|
||||
}
|
||||
|
||||
static int refresh(const char *root, Hashmap *a, Hashmap *b, unsigned iteration) {
|
||||
const char *c;
|
||||
int r;
|
||||
|
||||
FOREACH_STRING(c, SYSTEMD_CGROUP_CONTROLLER, "cpu", "cpuacct", "memory", "io", "blkio", "pids") {
|
||||
|
||||
@ -24,7 +24,6 @@ int mac_apparmor_setup(void) {
|
||||
#if HAVE_APPARMOR
|
||||
_cleanup_(aa_policy_cache_unrefp) aa_policy_cache *policy_cache = NULL;
|
||||
_cleanup_(aa_features_unrefp) aa_features *features = NULL;
|
||||
const char *current_file;
|
||||
_cleanup_free_ char *current_profile = NULL, *cache_dir_path = NULL;
|
||||
int r;
|
||||
|
||||
|
||||
@ -786,7 +786,6 @@ void cgroup_oomd_xattr_apply(Unit *u, const char *cgroup_path) {
|
||||
}
|
||||
|
||||
static void cgroup_xattr_apply(Unit *u) {
|
||||
const char *xn;
|
||||
bool b;
|
||||
|
||||
assert(u);
|
||||
@ -2958,6 +2957,10 @@ static int on_cgroup_empty_event(sd_event_source *s, void *userdata) {
|
||||
log_debug_errno(r, "Failed to reenable cgroup empty event source, ignoring: %m");
|
||||
}
|
||||
|
||||
/* Update state based on OOM kills before we notify about cgroup empty event */
|
||||
(void) unit_check_oom(u);
|
||||
(void) unit_check_oomd_kill(u);
|
||||
|
||||
unit_add_to_gc_queue(u);
|
||||
|
||||
if (UNIT_VTABLE(u)->notify_cgroup_empty)
|
||||
@ -3037,7 +3040,7 @@ int unit_check_oomd_kill(Unit *u) {
|
||||
else if (r == 0)
|
||||
return 0;
|
||||
|
||||
r = cg_get_xattr_malloc(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "user.oomd_kill", &value);
|
||||
r = cg_get_xattr_malloc(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "user.oomd_ooms", &value);
|
||||
if (r < 0 && r != -ENODATA)
|
||||
return r;
|
||||
|
||||
@ -3053,11 +3056,25 @@ int unit_check_oomd_kill(Unit *u) {
|
||||
if (!increased)
|
||||
return 0;
|
||||
|
||||
n = 0;
|
||||
value = mfree(value);
|
||||
r = cg_get_xattr_malloc(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "user.oomd_kill", &value);
|
||||
if (r >= 0 && !isempty(value))
|
||||
(void) safe_atou64(value, &n);
|
||||
|
||||
if (n > 0)
|
||||
log_unit_struct(u, LOG_NOTICE,
|
||||
"MESSAGE_ID=" SD_MESSAGE_UNIT_OOMD_KILL_STR,
|
||||
LOG_UNIT_INVOCATION_ID(u),
|
||||
LOG_UNIT_MESSAGE(u, "systemd-oomd killed %"PRIu64" process(es) in this unit.", n));
|
||||
LOG_UNIT_MESSAGE(u, "systemd-oomd killed %"PRIu64" process(es) in this unit.", n),
|
||||
"N_PROCESSES=%" PRIu64, n);
|
||||
else
|
||||
log_unit_struct(u, LOG_NOTICE,
|
||||
"MESSAGE_ID=" SD_MESSAGE_UNIT_OOMD_KILL_STR,
|
||||
LOG_UNIT_INVOCATION_ID(u),
|
||||
LOG_UNIT_MESSAGE(u, "systemd-oomd killed some process(es) in this unit."));
|
||||
|
||||
unit_notify_cgroup_oom(u, /* ManagedOOM= */ true);
|
||||
|
||||
return 1;
|
||||
}
|
||||
@ -3093,8 +3110,7 @@ int unit_check_oom(Unit *u) {
|
||||
LOG_UNIT_INVOCATION_ID(u),
|
||||
LOG_UNIT_MESSAGE(u, "A process of this unit has been killed by the OOM killer."));
|
||||
|
||||
if (UNIT_VTABLE(u)->notify_cgroup_oom)
|
||||
UNIT_VTABLE(u)->notify_cgroup_oom(u);
|
||||
unit_notify_cgroup_oom(u, /* ManagedOOM= */ false);
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
@ -20,24 +20,23 @@
|
||||
* is suitably validated. */
|
||||
|
||||
static void lock_down_efi_variables(void) {
|
||||
const char *p;
|
||||
int r;
|
||||
|
||||
/* Paranoia: let's restrict access modes of these a bit, so that unprivileged users can't use them to
|
||||
* identify the system or gain too much insight into what we might have credited to the entropy
|
||||
* pool. */
|
||||
FOREACH_STRING(p,
|
||||
FOREACH_STRING(path,
|
||||
EFIVAR_PATH(EFI_LOADER_VARIABLE(LoaderRandomSeed)),
|
||||
EFIVAR_PATH(EFI_LOADER_VARIABLE(LoaderSystemToken))) {
|
||||
|
||||
r = chattr_path(p, 0, FS_IMMUTABLE_FL, NULL);
|
||||
r = chattr_path(path, 0, FS_IMMUTABLE_FL, NULL);
|
||||
if (r == -ENOENT)
|
||||
continue;
|
||||
if (r < 0)
|
||||
log_warning_errno(r, "Failed to drop FS_IMMUTABLE_FL from %s, ignoring: %m", p);
|
||||
log_warning_errno(r, "Failed to drop FS_IMMUTABLE_FL from %s, ignoring: %m", path);
|
||||
|
||||
if (chmod(p, 0600) < 0)
|
||||
log_warning_errno(errno, "Failed to reduce access mode of %s, ignoring: %m", p);
|
||||
if (chmod(path, 0600) < 0)
|
||||
log_warning_errno(errno, "Failed to reduce access mode of %s, ignoring: %m", path);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -3043,7 +3043,6 @@ static int setup_credentials(
|
||||
uid_t uid) {
|
||||
|
||||
_cleanup_free_ char *p = NULL, *q = NULL;
|
||||
const char *i;
|
||||
int r;
|
||||
|
||||
assert(context);
|
||||
|
||||
@ -2644,9 +2644,7 @@ static int manager_dispatch_sigchld(sd_event_source *source, void *userdata) {
|
||||
* We only do this for the cgroup the PID belonged to. */
|
||||
(void) unit_check_oom(u1);
|
||||
|
||||
/* This only logs for now. In the future when the interface for kills/notifications
|
||||
* is more stable we can extend service results table similar to how kernel oom kills
|
||||
* are managed. */
|
||||
/* We check if systemd-oomd perfomed a kill so that we log and notify appropriately */
|
||||
(void) unit_check_oomd_kill(u1);
|
||||
|
||||
manager_invoke_sigchld_event(m, u1, &si);
|
||||
|
||||
@ -60,9 +60,9 @@ typedef enum StatusType {
|
||||
} StatusType;
|
||||
|
||||
typedef enum OOMPolicy {
|
||||
OOM_CONTINUE, /* The kernel kills the process it wants to kill, and that's it */
|
||||
OOM_STOP, /* The kernel kills the process it wants to kill, and we stop the unit */
|
||||
OOM_KILL, /* The kernel kills the process it wants to kill, and all others in the unit, and we stop the unit */
|
||||
OOM_CONTINUE, /* The kernel or systemd-oomd kills the process it wants to kill, and that's it */
|
||||
OOM_STOP, /* The kernel or systemd-oomd kills the process it wants to kill, and we stop the unit */
|
||||
OOM_KILL, /* The kernel or systemd-oomd kills the process it wants to kill, and all others in the unit, and we stop the unit */
|
||||
_OOM_POLICY_MAX,
|
||||
_OOM_POLICY_INVALID = -EINVAL,
|
||||
} OOMPolicy;
|
||||
|
||||
@ -3404,9 +3404,12 @@ static void service_notify_cgroup_empty_event(Unit *u) {
|
||||
}
|
||||
}
|
||||
|
||||
static void service_notify_cgroup_oom_event(Unit *u) {
|
||||
static void service_notify_cgroup_oom_event(Unit *u, bool managed_oom) {
|
||||
Service *s = SERVICE(u);
|
||||
|
||||
if (managed_oom)
|
||||
log_unit_debug(u, "Process(es) of control group were killed by systemd-oomd.");
|
||||
else
|
||||
log_unit_debug(u, "Process of control group was killed by the OOM killer.");
|
||||
|
||||
if (s->oom_policy == OOM_CONTINUE)
|
||||
|
||||
@ -75,7 +75,7 @@ typedef enum ServiceResult {
|
||||
SERVICE_FAILURE_CORE_DUMP,
|
||||
SERVICE_FAILURE_WATCHDOG,
|
||||
SERVICE_FAILURE_START_LIMIT_HIT,
|
||||
SERVICE_FAILURE_OOM_KILL,
|
||||
SERVICE_FAILURE_OOM_KILL, /* OOM Kill by the Kernel or systemd-oomd */
|
||||
SERVICE_SKIP_CONDITION,
|
||||
_SERVICE_RESULT_MAX,
|
||||
_SERVICE_RESULT_INVALID = -EINVAL,
|
||||
|
||||
@ -99,8 +99,6 @@ static int timer_add_default_dependencies(Timer *t) {
|
||||
return r;
|
||||
|
||||
LIST_FOREACH(value, v, t->values) {
|
||||
const char *target;
|
||||
|
||||
if (v->base != TIMER_CALENDAR)
|
||||
continue;
|
||||
|
||||
|
||||
@ -3801,6 +3801,13 @@ int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
|
||||
return UNIT_VTABLE(u)->kill(u, w, signo, error);
|
||||
}
|
||||
|
||||
void unit_notify_cgroup_oom(Unit *u, bool managed_oom) {
|
||||
assert(u);
|
||||
|
||||
if (UNIT_VTABLE(u)->notify_cgroup_oom)
|
||||
UNIT_VTABLE(u)->notify_cgroup_oom(u, managed_oom);
|
||||
}
|
||||
|
||||
static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
|
||||
_cleanup_set_free_ Set *pid_set = NULL;
|
||||
int r;
|
||||
@ -4126,7 +4133,6 @@ int unit_patch_contexts(Unit *u) {
|
||||
|
||||
if ((ec->root_image || !LIST_IS_EMPTY(ec->mount_images)) &&
|
||||
(cc->device_policy != CGROUP_DEVICE_POLICY_AUTO || cc->device_allow)) {
|
||||
const char *p;
|
||||
|
||||
/* When RootImage= or MountImages= is specified, the following devices are touched. */
|
||||
FOREACH_STRING(p, "/dev/loop-control", "/dev/mapper/control") {
|
||||
|
||||
@ -285,7 +285,7 @@ typedef struct Unit {
|
||||
nsec_t cpu_usage_base;
|
||||
nsec_t cpu_usage_last; /* the most recently read value */
|
||||
|
||||
/* The current counter of processes sent SIGKILL by systemd-oomd */
|
||||
/* The current counter of OOM kills initiated by systemd-oomd */
|
||||
uint64_t managed_oom_kill_last;
|
||||
|
||||
/* The current counter of the oom_kill field in the memory.events cgroup attribute */
|
||||
@ -596,7 +596,7 @@ typedef struct UnitVTable {
|
||||
void (*notify_cgroup_empty)(Unit *u);
|
||||
|
||||
/* Called whenever an OOM kill event on this unit was seen */
|
||||
void (*notify_cgroup_oom)(Unit *u);
|
||||
void (*notify_cgroup_oom)(Unit *u, bool managed_oom);
|
||||
|
||||
/* Called whenever a process of this unit sends us a message */
|
||||
void (*notify_message)(Unit *u, const struct ucred *ucred, char * const *tags, FDSet *fds);
|
||||
@ -811,6 +811,8 @@ int unit_reload(Unit *u);
|
||||
int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error);
|
||||
int unit_kill_common(Unit *u, KillWho who, int signo, pid_t main_pid, pid_t control_pid, sd_bus_error *error);
|
||||
|
||||
void unit_notify_cgroup_oom(Unit *u, bool managed_oom);
|
||||
|
||||
typedef enum UnitNotifyFlags {
|
||||
UNIT_NOTIFY_RELOAD_FAILURE = 1 << 0,
|
||||
UNIT_NOTIFY_WILL_AUTO_RESTART = 1 << 1,
|
||||
|
||||
@ -215,9 +215,7 @@ static int run(const char *dest, const char *dest_early, const char *dest_late)
|
||||
return r;
|
||||
}
|
||||
|
||||
/* Automatically add in a serial getty on the first
|
||||
* virtualizer console */
|
||||
const char *j;
|
||||
/* Automatically add in a serial getty on the first virtualizer console */
|
||||
FOREACH_STRING(j,
|
||||
"hvc0",
|
||||
"xvc0",
|
||||
|
||||
@ -2949,8 +2949,6 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
|
||||
case ARG_DISK_SIZE:
|
||||
if (isempty(optarg)) {
|
||||
const char *prop;
|
||||
|
||||
FOREACH_STRING(prop, "diskSize", "diskSizeRelative", "rebalanceWeight") {
|
||||
r = drop_from_identity(prop);
|
||||
if (r < 0)
|
||||
@ -3452,9 +3450,7 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
break;
|
||||
}
|
||||
|
||||
case ARG_PKCS11_TOKEN_URI: {
|
||||
const char *p;
|
||||
|
||||
case ARG_PKCS11_TOKEN_URI:
|
||||
if (streq(optarg, "list"))
|
||||
return pkcs11_list_tokens();
|
||||
|
||||
@ -3488,11 +3484,8 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
|
||||
strv_uniq(arg_pkcs11_token_uri);
|
||||
break;
|
||||
}
|
||||
|
||||
case ARG_FIDO2_DEVICE: {
|
||||
const char *p;
|
||||
|
||||
case ARG_FIDO2_DEVICE:
|
||||
if (streq(optarg, "list"))
|
||||
return fido2_list_devices();
|
||||
|
||||
@ -3522,7 +3515,6 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
|
||||
strv_uniq(arg_fido2_device);
|
||||
break;
|
||||
}
|
||||
|
||||
case ARG_FIDO2_WITH_PIN: {
|
||||
bool lock_with_pin;
|
||||
@ -3557,9 +3549,7 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
break;
|
||||
}
|
||||
|
||||
case ARG_RECOVERY_KEY: {
|
||||
const char *p;
|
||||
|
||||
case ARG_RECOVERY_KEY:
|
||||
r = parse_boolean(optarg);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to parse --recovery-key= argument: %s", optarg);
|
||||
@ -3573,7 +3563,6 @@ static int parse_argv(int argc, char *argv[]) {
|
||||
}
|
||||
|
||||
break;
|
||||
}
|
||||
|
||||
case ARG_AUTO_RESIZE_MODE:
|
||||
if (isempty(optarg)) {
|
||||
|
||||
@ -482,7 +482,6 @@ static int manager_enumerate_records(Manager *m) {
|
||||
static int search_quota(uid_t uid, const char *exclude_quota_path) {
|
||||
struct stat exclude_st = {};
|
||||
dev_t previous_devno = 0;
|
||||
const char *where;
|
||||
int r;
|
||||
|
||||
/* Checks whether the specified UID owns any files on the files system, but ignore any file system
|
||||
|
||||
@ -332,7 +332,6 @@ _public_ int sd_device_new_from_subsystem_sysname(
|
||||
const char *subsystem,
|
||||
const char *sysname) {
|
||||
|
||||
const char *s;
|
||||
char *name;
|
||||
int r;
|
||||
|
||||
@ -341,7 +340,6 @@ _public_ int sd_device_new_from_subsystem_sysname(
|
||||
assert_return(path_is_normalized(sysname), -EINVAL);
|
||||
|
||||
if (streq(subsystem, "subsystem")) {
|
||||
|
||||
FOREACH_STRING(s, "/sys/subsystem/", "/sys/bus/", "/sys/class/") {
|
||||
r = device_strjoin_new(s, sysname, NULL, NULL, ret);
|
||||
if (r < 0)
|
||||
@ -351,7 +349,6 @@ _public_ int sd_device_new_from_subsystem_sysname(
|
||||
}
|
||||
|
||||
} else if (streq(subsystem, "module")) {
|
||||
|
||||
r = device_strjoin_new("/sys/module/", sysname, NULL, NULL, ret);
|
||||
if (r < 0)
|
||||
return r;
|
||||
@ -363,9 +360,8 @@ _public_ int sd_device_new_from_subsystem_sysname(
|
||||
|
||||
sep = strchr(sysname, ':');
|
||||
if (sep && sep[1] != '\0') { /* Require ":" and something non-empty after that. */
|
||||
const char *subsys;
|
||||
|
||||
subsys = memdupa_suffix0(sysname, sep - sysname);
|
||||
const char *subsys = memdupa_suffix0(sysname, sep - sysname);
|
||||
sep++;
|
||||
|
||||
FOREACH_STRING(s, "/sys/subsystem/", "/sys/bus/") {
|
||||
|
||||
@ -474,7 +474,7 @@ static int method_set_locale(sd_bus_message *m, void *userdata, sd_bus_error *er
|
||||
|
||||
static int method_set_vc_keyboard(sd_bus_message *m, void *userdata, sd_bus_error *error) {
|
||||
Context *c = userdata;
|
||||
const char *name, *keymap, *keymap_toggle;
|
||||
const char *keymap, *keymap_toggle;
|
||||
int convert, interactive, r;
|
||||
|
||||
assert(m);
|
||||
|
||||
@ -627,7 +627,6 @@ int user_check_linger_file(User *u) {
|
||||
}
|
||||
|
||||
static bool user_unit_active(User *u) {
|
||||
const char *i;
|
||||
int r;
|
||||
|
||||
assert(u->service);
|
||||
|
||||
@ -22,7 +22,6 @@
|
||||
|
||||
static int chown_cgroup_path(const char *path, uid_t uid_shift) {
|
||||
_cleanup_close_ int fd = -1;
|
||||
const char *fn;
|
||||
|
||||
fd = open(path, O_RDONLY|O_CLOEXEC|O_DIRECTORY);
|
||||
if (fd < 0)
|
||||
|
||||
@ -404,7 +404,7 @@ int tmpfs_patch_options(
|
||||
}
|
||||
|
||||
int mount_sysfs(const char *dest, MountSettingsMask mount_settings) {
|
||||
const char *full, *top, *x;
|
||||
const char *full, *top;
|
||||
int r;
|
||||
unsigned long extra_flags = 0;
|
||||
|
||||
@ -464,7 +464,7 @@ int mount_sysfs(const char *dest, MountSettingsMask mount_settings) {
|
||||
/* Create mountpoint for cgroups. Otherwise we are not allowed since we
|
||||
* remount /sys read-only.
|
||||
*/
|
||||
x = prefix_roota(top, "/fs/cgroup");
|
||||
const char *x = prefix_roota(top, "/fs/cgroup");
|
||||
(void) mkdir_p(x, 0755);
|
||||
|
||||
return mount_nofollow_verbose(LOG_ERR, NULL, top, NULL,
|
||||
|
||||
@ -2564,7 +2564,7 @@ static int setup_hostname(void) {
|
||||
|
||||
static int setup_journal(const char *directory) {
|
||||
_cleanup_free_ char *d = NULL;
|
||||
const char *dirname, *p, *q;
|
||||
const char *p, *q;
|
||||
sd_id128_t this_id;
|
||||
bool try;
|
||||
int r;
|
||||
@ -3512,7 +3512,6 @@ static int inner_child(
|
||||
(void) fdset_close_others(fds);
|
||||
|
||||
if (arg_start_mode == START_BOOT) {
|
||||
const char *init;
|
||||
char **a;
|
||||
size_t m;
|
||||
|
||||
@ -4603,7 +4602,7 @@ static int load_settings(void) {
|
||||
_cleanup_(settings_freep) Settings *settings = NULL;
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
_cleanup_free_ char *p = NULL;
|
||||
const char *fn, *i;
|
||||
const char *fn;
|
||||
int r;
|
||||
|
||||
if (arg_oci_bundle)
|
||||
|
||||
@ -192,6 +192,10 @@ int oomd_cgroup_kill(const char *path, bool recurse, bool dry_run) {
|
||||
if (!pids_killed)
|
||||
return -ENOMEM;
|
||||
|
||||
r = increment_oomd_xattr(path, "user.oomd_ooms", 1);
|
||||
if (r < 0)
|
||||
log_debug_errno(r, "Failed to set user.oomd_ooms before kill: %m");
|
||||
|
||||
if (recurse)
|
||||
r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, path, SIGKILL, CGROUP_IGNORE_SELF, pids_killed, log_kill, NULL);
|
||||
else
|
||||
|
||||
@ -77,12 +77,16 @@ static void test_oomd_cgroup_kill(void) {
|
||||
abort();
|
||||
}
|
||||
|
||||
assert_se(cg_get_xattr_malloc(SYSTEMD_CGROUP_CONTROLLER, cgroup, "user.oomd_ooms", &v) >= 0);
|
||||
assert_se(streq(v, i == 0 ? "1" : "2"));
|
||||
v = mfree(v);
|
||||
|
||||
/* Wait a bit since processes may take some time to be cleaned up. */
|
||||
sleep(2);
|
||||
assert_se(cg_is_empty(SYSTEMD_CGROUP_CONTROLLER, cgroup) == true);
|
||||
|
||||
assert_se(cg_get_xattr_malloc(SYSTEMD_CGROUP_CONTROLLER, cgroup, "user.oomd_kill", &v) >= 0);
|
||||
assert_se(memcmp(v, i == 0 ? "2" : "4", 2) == 0);
|
||||
assert_se(streq(v, i == 0 ? "2" : "4"));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -4533,9 +4533,8 @@ static int acquire_root_devno(
|
||||
}
|
||||
|
||||
static int find_root(char **ret, int *ret_fd) {
|
||||
const char *p;
|
||||
int r;
|
||||
_cleanup_free_ char *device = NULL;
|
||||
int r;
|
||||
|
||||
assert(ret);
|
||||
assert(ret_fd);
|
||||
|
||||
@ -1599,7 +1599,6 @@ int portable_detach(
|
||||
|
||||
SET_FOREACH(item, unit_files) {
|
||||
_cleanup_free_ char *md = NULL;
|
||||
const char *suffix;
|
||||
|
||||
if (unlinkat(dirfd(d), item, 0) < 0) {
|
||||
log_debug_errno(errno, "Can't remove unit file %s/%s: %m", where, item);
|
||||
|
||||
@ -50,8 +50,6 @@ int manager_check_resolv_conf(const Manager *m) {
|
||||
}
|
||||
|
||||
static bool file_is_our_own(const struct stat *st) {
|
||||
const char *path;
|
||||
|
||||
assert(st);
|
||||
|
||||
FOREACH_STRING(path,
|
||||
|
||||
@ -41,7 +41,6 @@ TEST(parse_etc_hosts) {
|
||||
|
||||
int fd;
|
||||
_cleanup_fclose_ FILE *f;
|
||||
const char *s;
|
||||
|
||||
fd = mkostemp_safe(t);
|
||||
assert_se(fd >= 0);
|
||||
|
||||
@ -1702,8 +1702,6 @@ static int start_transient_trigger(
|
||||
}
|
||||
|
||||
static bool shall_make_executable_absolute(void) {
|
||||
const char *f;
|
||||
|
||||
if (strv_isempty(arg_cmdline))
|
||||
return false;
|
||||
if (arg_transport != BUS_TRANSPORT_LOCAL)
|
||||
|
||||
@ -154,8 +154,6 @@ static int boot_entry_load(
|
||||
}
|
||||
|
||||
void boot_config_free(BootConfig *config) {
|
||||
size_t i;
|
||||
|
||||
assert(config);
|
||||
|
||||
free(config->default_pattern);
|
||||
@ -171,7 +169,7 @@ void boot_config_free(BootConfig *config) {
|
||||
free(config->entry_default);
|
||||
free(config->entry_selected);
|
||||
|
||||
for (i = 0; i < config->n_entries; i++)
|
||||
for (size_t i = 0; i < config->n_entries; i++)
|
||||
boot_entry_free(config->entries + i);
|
||||
free(config->entries);
|
||||
}
|
||||
@ -256,6 +254,7 @@ static int boot_entry_compare(const BootEntry *a, const BootEntry *b) {
|
||||
r = CMP(!a->sort_key, !b->sort_key);
|
||||
if (r != 0)
|
||||
return r;
|
||||
|
||||
if (a->sort_key && b->sort_key) {
|
||||
r = strcmp(a->sort_key, b->sort_key);
|
||||
if (r != 0)
|
||||
@ -270,7 +269,7 @@ static int boot_entry_compare(const BootEntry *a, const BootEntry *b) {
|
||||
return r;
|
||||
}
|
||||
|
||||
return strverscmp_improved(a->id, b->id);
|
||||
return -strverscmp_improved(a->id, b->id);
|
||||
}
|
||||
|
||||
static int boot_entries_find(
|
||||
@ -418,12 +417,9 @@ static int find_sections(
|
||||
|
||||
_cleanup_free_ struct PeSectionHeader *sections = NULL;
|
||||
_cleanup_free_ char *osrelease = NULL, *cmdline = NULL;
|
||||
size_t i, n_sections;
|
||||
struct DosFileHeader dos;
|
||||
struct PeHeader pe;
|
||||
uint64_t start;
|
||||
ssize_t n;
|
||||
|
||||
struct DosFileHeader dos;
|
||||
n = pread(fd, &dos, sizeof(dos), 0);
|
||||
if (n < 0)
|
||||
return log_error_errno(errno, "Failed read DOS header: %m");
|
||||
@ -433,7 +429,9 @@ static int find_sections(
|
||||
if (dos.Magic[0] != 'M' || dos.Magic[1] != 'Z')
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "DOS executable magic missing, refusing.");
|
||||
|
||||
start = unaligned_read_le32(&dos.ExeHeader);
|
||||
uint64_t start = unaligned_read_le32(&dos.ExeHeader);
|
||||
|
||||
struct PeHeader pe;
|
||||
n = pread(fd, &pe, sizeof(pe), start);
|
||||
if (n < 0)
|
||||
return log_error_errno(errno, "Failed to read PE header: %m");
|
||||
@ -443,7 +441,7 @@ static int find_sections(
|
||||
if (pe.Magic[0] != 'P' || pe.Magic[1] != 'E' || pe.Magic[2] != 0 || pe.Magic[3] != 0)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "PE executable magic missing, refusing.");
|
||||
|
||||
n_sections = unaligned_read_le16(&pe.FileHeader.NumberOfSections);
|
||||
size_t n_sections = unaligned_read_le16(&pe.FileHeader.NumberOfSections);
|
||||
if (n_sections > 96)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EBADMSG), "PE header has too many sections, refusing.");
|
||||
|
||||
@ -459,7 +457,7 @@ static int find_sections(
|
||||
if ((size_t) n != n_sections * sizeof(struct PeSectionHeader))
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EIO), "Short read while reading sections, refusing.");
|
||||
|
||||
for (i = 0; i < n_sections; i++) {
|
||||
for (size_t i = 0; i < n_sections; i++) {
|
||||
_cleanup_free_ char *k = NULL;
|
||||
uint32_t offset, size;
|
||||
char **b;
|
||||
|
||||
@ -21,7 +21,6 @@ static int chown_one(
|
||||
gid_t gid,
|
||||
mode_t mask) {
|
||||
|
||||
const char *n;
|
||||
int r;
|
||||
|
||||
assert(fd >= 0);
|
||||
|
||||
@ -85,7 +85,7 @@ DEFINE_HASH_OPS_WITH_VALUE_DESTRUCTOR(image_hash_ops, char, string_hash_func, st
|
||||
|
||||
static char **image_settings_path(Image *image) {
|
||||
_cleanup_strv_free_ char **l = NULL;
|
||||
const char *fn, *s;
|
||||
const char *fn;
|
||||
unsigned i = 0;
|
||||
|
||||
assert(image);
|
||||
|
||||
@ -3041,7 +3041,6 @@ int dissected_image_acquire_metadata(DissectedImage *m, DissectImageFlags extra_
|
||||
|
||||
case META_HAS_INIT_SYSTEM: {
|
||||
bool found = false;
|
||||
const char *init;
|
||||
|
||||
FOREACH_STRING(init,
|
||||
"/usr/lib/systemd/systemd", /* systemd on /usr merged system */
|
||||
|
||||
@ -435,7 +435,8 @@ int find_esp_and_warn(
|
||||
goto found;
|
||||
}
|
||||
|
||||
FOREACH_STRING(path, "/efi", "/boot", "/boot/efi") {
|
||||
FOREACH_STRING(_path, "/efi", "/boot", "/boot/efi") {
|
||||
path = _path;
|
||||
|
||||
r = verify_esp(path, /* searching= */ true, unprivileged_mode, ret_part, ret_pstart, ret_psize, ret_uuid, ret_devid);
|
||||
if (r >= 0)
|
||||
|
||||
@ -197,7 +197,7 @@ finish:
|
||||
|
||||
int machine_id_commit(const char *root) {
|
||||
_cleanup_close_ int fd = -1, initial_mntns_fd = -1;
|
||||
const char *etc_machine_id, *sync_path;
|
||||
const char *etc_machine_id;
|
||||
sd_id128_t id;
|
||||
int r;
|
||||
|
||||
|
||||
@ -126,9 +126,6 @@ bool mount_point_is_api(const char *path) {
|
||||
}
|
||||
|
||||
bool mount_point_ignore(const char *path) {
|
||||
|
||||
const char *i;
|
||||
|
||||
/* These are API file systems that might be mounted by other software, we just list them here so that
|
||||
* we know that we should ignore them. */
|
||||
FOREACH_STRING(i,
|
||||
@ -515,7 +512,6 @@ int mount_setup(bool loaded_policy, bool leave_propagation) {
|
||||
* use the same label for all their files. */
|
||||
if (loaded_policy) {
|
||||
usec_t before_relabel, after_relabel;
|
||||
const char *i;
|
||||
int n_extra;
|
||||
|
||||
before_relabel = now(CLOCK_MONOTONIC);
|
||||
|
||||
@ -54,14 +54,15 @@ int net_get_type_string(sd_device *device, uint16_t iftype, char **ret) {
|
||||
}
|
||||
|
||||
const char *net_get_persistent_name(sd_device *device) {
|
||||
const char *name, *field;
|
||||
|
||||
assert(device);
|
||||
|
||||
/* fetch some persistent data unique (on this machine) to this device */
|
||||
FOREACH_STRING(field, "ID_NET_NAME_ONBOARD", "ID_NET_NAME_SLOT", "ID_NET_NAME_PATH", "ID_NET_NAME_MAC")
|
||||
FOREACH_STRING(field, "ID_NET_NAME_ONBOARD", "ID_NET_NAME_SLOT", "ID_NET_NAME_PATH", "ID_NET_NAME_MAC") {
|
||||
const char *name;
|
||||
|
||||
if (sd_device_get_property_value(device, field, &name) >= 0)
|
||||
return name;
|
||||
}
|
||||
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -144,7 +144,7 @@ void pager_open(PagerFlags flags) {
|
||||
if (r < 0)
|
||||
return;
|
||||
if (r == 0) {
|
||||
const char *less_charset, *exe;
|
||||
const char *less_charset;
|
||||
|
||||
/* In the child start the pager */
|
||||
|
||||
|
||||
@ -106,8 +106,6 @@ int read_resource_pressure(const char *path, PressureType type, ResourcePressure
|
||||
}
|
||||
|
||||
int is_pressure_supported(void) {
|
||||
const char *p;
|
||||
|
||||
/* The pressure files, both under /proc and in cgroups, will exist
|
||||
* even if the kernel has PSI support disabled; we have to read
|
||||
* the file to make sure it doesn't return -EOPNOTSUPP */
|
||||
|
||||
@ -33,7 +33,6 @@ int switch_root(const char *new_root,
|
||||
_cleanup_free_ char *resolved_old_root_after = NULL;
|
||||
_cleanup_close_ int old_root_fd = -1;
|
||||
bool old_root_remove;
|
||||
const char *i;
|
||||
int r;
|
||||
|
||||
assert(new_root);
|
||||
@ -64,12 +63,12 @@ int switch_root(const char *new_root,
|
||||
if (mount(NULL, "/", NULL, MS_REC|MS_PRIVATE, NULL) < 0)
|
||||
return log_error_errno(errno, "Failed to set \"/\" mount propagation to private: %m");
|
||||
|
||||
FOREACH_STRING(i, "/sys", "/dev", "/run", "/proc") {
|
||||
FOREACH_STRING(path, "/sys", "/dev", "/run", "/proc") {
|
||||
_cleanup_free_ char *chased = NULL;
|
||||
|
||||
r = chase_symlinks(i, new_root, CHASE_PREFIX_ROOT|CHASE_NONEXISTENT, &chased, NULL);
|
||||
r = chase_symlinks(path, new_root, CHASE_PREFIX_ROOT|CHASE_NONEXISTENT, &chased, NULL);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to resolve %s/%s: %m", new_root, i);
|
||||
return log_error_errno(r, "Failed to resolve %s/%s: %m", new_root, path);
|
||||
if (r > 0) {
|
||||
/* Already exists. Let's see if it is a mount point already. */
|
||||
r = path_is_mount_point(chased, NULL, 0);
|
||||
@ -81,8 +80,8 @@ int switch_root(const char *new_root,
|
||||
/* Doesn't exist yet? */
|
||||
(void) mkdir_p_label(chased, 0755);
|
||||
|
||||
if (mount(i, chased, NULL, mount_flags, NULL) < 0)
|
||||
return log_error_errno(errno, "Failed to mount %s to %s: %m", i, chased);
|
||||
if (mount(path, chased, NULL, mount_flags, NULL) < 0)
|
||||
return log_error_errno(errno, "Failed to mount %s to %s: %m", path, chased);
|
||||
}
|
||||
|
||||
/* Do not fail if base_filesystem_create() fails. Not all switch roots are like base_filesystem_create() wants
|
||||
|
||||
@ -306,16 +306,15 @@ const char *ci_environment(void) {
|
||||
* just the general CI environment type, but also whether we're sanitizing or not, etc. The caller is
|
||||
* expected to use strstr on the returned value. */
|
||||
static const char *ans = POINTER_MAX;
|
||||
const char *p;
|
||||
int r;
|
||||
|
||||
if (ans != POINTER_MAX)
|
||||
return ans;
|
||||
|
||||
/* We allow specifying the environment with $CITYPE. Nobody uses this so far, but we are ready. */
|
||||
p = getenv("CITYPE");
|
||||
if (!isempty(p))
|
||||
return (ans = p);
|
||||
const char *citype = getenv("CITYPE");
|
||||
if (!isempty(citype))
|
||||
return (ans = citype);
|
||||
|
||||
if (getenv_bool("TRAVIS") > 0)
|
||||
return (ans = "travis");
|
||||
@ -326,12 +325,12 @@ const char *ci_environment(void) {
|
||||
if (getenv("AUTOPKGTEST_ARTIFACTS") || getenv("AUTOPKGTEST_TMP"))
|
||||
return (ans = "autopkgtest");
|
||||
|
||||
FOREACH_STRING(p, "CI", "CONTINOUS_INTEGRATION") {
|
||||
FOREACH_STRING(var, "CI", "CONTINOUS_INTEGRATION") {
|
||||
/* Those vars are booleans according to Semaphore and Travis docs:
|
||||
* https://docs.travis-ci.com/user/environment-variables/#default-environment-variables
|
||||
* https://docs.semaphoreci.com/ci-cd-environment/environment-variables/#ci
|
||||
*/
|
||||
r = getenv_bool(p);
|
||||
r = getenv_bool(var);
|
||||
if (r > 0)
|
||||
return (ans = "unknown"); /* Some other unknown thing */
|
||||
if (r == 0)
|
||||
|
||||
@ -318,7 +318,7 @@ static int run_editor(char **paths) {
|
||||
if (r == 0) {
|
||||
char **editor_args = NULL;
|
||||
size_t n_editor_args = 0, i = 1, argc;
|
||||
const char **args, *editor, *p;
|
||||
const char **args, *editor;
|
||||
|
||||
argc = strv_length(paths)/2 + 1;
|
||||
|
||||
@ -356,13 +356,13 @@ static int run_editor(char **paths) {
|
||||
if (n_editor_args > 0)
|
||||
execvp(args[0], (char* const*) args);
|
||||
|
||||
FOREACH_STRING(p, "editor", "nano", "vim", "vi") {
|
||||
args[0] = p;
|
||||
execvp(p, (char* const*) args);
|
||||
FOREACH_STRING(name, "editor", "nano", "vim", "vi") {
|
||||
args[0] = name;
|
||||
execvp(name, (char* const*) args);
|
||||
/* We do not fail if the editor doesn't exist because we want to try each one of them
|
||||
* before failing. */
|
||||
if (errno != ENOENT) {
|
||||
log_error_errno(errno, "Failed to execute %s: %m", editor);
|
||||
log_error_errno(errno, "Failed to execute %s: %m", name);
|
||||
_exit(EXIT_FAILURE);
|
||||
}
|
||||
}
|
||||
|
||||
@ -18,9 +18,8 @@
|
||||
|
||||
int talk_initctl(char rl) {
|
||||
#if HAVE_SYSV_COMPAT
|
||||
struct init_request request;
|
||||
_cleanup_close_ int fd = -1;
|
||||
const char *p;
|
||||
const char *path;
|
||||
int r;
|
||||
|
||||
/* Try to switch to the specified SysV runlevel. Returns == 0 if the operation does not apply on this
|
||||
@ -29,19 +28,19 @@ int talk_initctl(char rl) {
|
||||
if (rl == 0)
|
||||
return 0;
|
||||
|
||||
FOREACH_STRING(p, "/run/initctl", "/dev/initctl") {
|
||||
fd = open(p, O_WRONLY|O_NONBLOCK|O_CLOEXEC|O_NOCTTY);
|
||||
if (fd >= 0 || errno != ENOENT)
|
||||
FOREACH_STRING(_path, "/run/initctl", "/dev/initctl") {
|
||||
path = _path;
|
||||
|
||||
fd = open(path, O_WRONLY|O_NONBLOCK|O_CLOEXEC|O_NOCTTY);
|
||||
if (fd < 0 && errno != ENOENT)
|
||||
return log_error_errno(errno, "Failed to open %s: %m", path);
|
||||
if (fd >= 0)
|
||||
break;
|
||||
}
|
||||
if (fd < 0) {
|
||||
if (errno == ENOENT)
|
||||
if (fd < 0)
|
||||
return 0;
|
||||
|
||||
return log_error_errno(errno, "Failed to open initctl fifo: %m");
|
||||
}
|
||||
|
||||
request = (struct init_request) {
|
||||
struct init_request request = {
|
||||
.magic = INIT_MAGIC,
|
||||
.sleeptime = 0,
|
||||
.cmd = INIT_CMD_RUNLVL,
|
||||
@ -50,7 +49,7 @@ int talk_initctl(char rl) {
|
||||
|
||||
r = loop_write(fd, &request, sizeof(request), false);
|
||||
if (r < 0)
|
||||
return log_error_errno(r, "Failed to write to %s: %m", p);
|
||||
return log_error_errno(r, "Failed to write to %s: %m", path);
|
||||
|
||||
return 1;
|
||||
#else
|
||||
|
||||
@ -557,7 +557,7 @@ int resource_resolve_path(
|
||||
return log_error_errno(r, "Failed to resolve '%s': %m", rr->path);
|
||||
|
||||
if (fstat(fd, &st) < 0)
|
||||
return log_error_errno(r, "Failed to stat '%s': %m", resolved);
|
||||
return log_error_errno(errno, "Failed to stat '%s': %m", resolved);
|
||||
|
||||
if (S_ISBLK(st.st_mode) && root)
|
||||
return log_error_errno(SYNTHETIC_ERRNO(EPERM), "When using --root= or --image= access to device nodes is prohibited.");
|
||||
|
||||
@ -86,9 +86,9 @@ TEST_RET(bootspec_sort) {
|
||||
assert_se(streq(config.entries[2].id, "c.conf"));
|
||||
|
||||
/* The following ones have no sort key, hence order by version compared ids, lowest first */
|
||||
assert_se(streq(config.entries[3].id, "a-5.conf"));
|
||||
assert_se(streq(config.entries[3].id, "b.conf"));
|
||||
assert_se(streq(config.entries[4].id, "a-10.conf"));
|
||||
assert_se(streq(config.entries[5].id, "b.conf"));
|
||||
assert_se(streq(config.entries[5].id, "a-5.conf"));
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -30,7 +30,6 @@ static void test_policy_closed(const char *cgroup_path, BPFProgram **installed_p
|
||||
r = bpf_devices_apply_policy(&prog, CGROUP_DEVICE_POLICY_CLOSED, true, cgroup_path, installed_prog);
|
||||
assert_se(r >= 0);
|
||||
|
||||
const char *s;
|
||||
FOREACH_STRING(s, "/dev/null",
|
||||
"/dev/zero",
|
||||
"/dev/full",
|
||||
|
||||
@ -64,18 +64,14 @@ static void test_ellipsize_mem_one(const char *s, size_t old_length, size_t new_
|
||||
}
|
||||
|
||||
TEST(ellipsize_mem) {
|
||||
const char *s;
|
||||
ssize_t l, k;
|
||||
|
||||
FOREACH_STRING(s,
|
||||
"_XXXXXXXXXXX_", /* ASCII */
|
||||
"_aąęółśćńżźć_", /* two-byte utf-8 */
|
||||
"გამარჯობა", /* multi-byte utf-8 */
|
||||
"你好世界", /* wide characters */
|
||||
"你გą世óoó界") /* a mix */
|
||||
|
||||
for (l = strlen(s); l >= 0; l--)
|
||||
for (k = strlen(s) + 1; k >= 0; k--)
|
||||
for (ssize_t l = strlen(s); l >= 0; l--)
|
||||
for (ssize_t k = strlen(s) + 1; k >= 0; k--)
|
||||
test_ellipsize_mem_one(s, l, k);
|
||||
}
|
||||
|
||||
|
||||
@ -166,8 +166,6 @@ TEST(load_env_file_6) {
|
||||
}
|
||||
|
||||
TEST(write_and_load_env_file) {
|
||||
const char *v;
|
||||
|
||||
/* Make sure that our writer, parser and the shell agree on what our env var files mean */
|
||||
|
||||
FOREACH_STRING(v,
|
||||
|
||||
@ -190,19 +190,15 @@ static bool check_user_has_group_with_same_name(const char *name) {
|
||||
}
|
||||
|
||||
static bool is_inaccessible_available(void) {
|
||||
const char *p;
|
||||
|
||||
FOREACH_STRING(p,
|
||||
"/run/systemd/inaccessible/reg",
|
||||
"/run/systemd/inaccessible/dir",
|
||||
"/run/systemd/inaccessible/chr",
|
||||
"/run/systemd/inaccessible/blk",
|
||||
"/run/systemd/inaccessible/fifo",
|
||||
"/run/systemd/inaccessible/sock"
|
||||
) {
|
||||
"/run/systemd/inaccessible/sock")
|
||||
if (access(p, F_OK) < 0)
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -998,7 +998,6 @@ TEST(read_full_file_offset_size) {
|
||||
}
|
||||
|
||||
static void test_read_virtual_file_one(size_t max_size) {
|
||||
const char *filename;
|
||||
int r;
|
||||
|
||||
log_info("/* %s (max_size=%zu) */", __func__, max_size);
|
||||
|
||||
@ -11,16 +11,13 @@
|
||||
#include "util.h"
|
||||
|
||||
TEST(gpt_types_against_architectures) {
|
||||
const char *prefix;
|
||||
int r;
|
||||
|
||||
/* Dumps a table indicating for which architectures we know we have matching GPT partition
|
||||
* types. Also validates whether we can properly categorize the entries. */
|
||||
|
||||
FOREACH_STRING(prefix, "root-", "usr-")
|
||||
for (int a = 0; a < _ARCHITECTURE_MAX; a++) {
|
||||
const char *suffix;
|
||||
|
||||
for (int a = 0; a < _ARCHITECTURE_MAX; a++)
|
||||
FOREACH_STRING(suffix, "", "-verity", "-verity-sig") {
|
||||
_cleanup_free_ char *joined = NULL;
|
||||
sd_id128_t id;
|
||||
@ -48,7 +45,6 @@ TEST(gpt_types_against_architectures) {
|
||||
|
||||
assert_se(gpt_partition_type_uuid_to_arch(id) == a);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
DEFINE_TEST_MAIN(LOG_INFO);
|
||||
|
||||
@ -39,7 +39,6 @@ static int test_hash_password(void) {
|
||||
/* As a warm-up exercise, check if we can hash passwords. */
|
||||
|
||||
bool have_sane_hash = false;
|
||||
const char *hash;
|
||||
|
||||
FOREACH_STRING(hash,
|
||||
"ew3bU1.hoKk4o",
|
||||
@ -68,7 +67,6 @@ static void test_hash_password_full(void) {
|
||||
log_info("/* %s */", __func__);
|
||||
|
||||
_cleanup_free_ void *cd_data = NULL;
|
||||
const char *i;
|
||||
int cd_size = 0;
|
||||
|
||||
log_info("sizeof(struct crypt_data): %zu bytes", sizeof(struct crypt_data));
|
||||
|
||||
@ -114,7 +114,6 @@ int main(int argc, char *argv[]) {
|
||||
_cleanup_(dissected_image_unrefp) DissectedImage *dissected = NULL;
|
||||
_cleanup_(umount_and_rmdir_and_freep) char *mounted = NULL;
|
||||
pthread_t threads[N_THREADS];
|
||||
const char *fs;
|
||||
sd_id128_t id;
|
||||
int r;
|
||||
|
||||
|
||||
@ -128,7 +128,6 @@ TEST(mount_flags_to_string) {
|
||||
TEST(bind_remount_recursive) {
|
||||
_cleanup_(rm_rf_physical_and_freep) char *tmp = NULL;
|
||||
_cleanup_free_ char *subdir = NULL;
|
||||
const char *p;
|
||||
|
||||
if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN) <= 0) {
|
||||
(void) log_tests_skipped("not running privileged");
|
||||
|
||||
@ -67,7 +67,6 @@ TEST(path_is_fs_type) {
|
||||
}
|
||||
|
||||
TEST(path_is_temporary_fs) {
|
||||
const char *s;
|
||||
int r;
|
||||
|
||||
FOREACH_STRING(s, "/", "/run", "/sys", "/sys/", "/proc", "/i-dont-exist", "/var", "/var/lib") {
|
||||
@ -85,7 +84,6 @@ TEST(path_is_temporary_fs) {
|
||||
}
|
||||
|
||||
TEST(path_is_read_only_fs) {
|
||||
const char *s;
|
||||
int r;
|
||||
|
||||
FOREACH_STRING(s, "/", "/run", "/sys", "/sys/", "/proc", "/i-dont-exist", "/var", "/var/lib") {
|
||||
|
||||
@ -924,12 +924,10 @@ TEST(foreach_string) {
|
||||
"waldo",
|
||||
NULL
|
||||
};
|
||||
const char *x;
|
||||
unsigned i = 0;
|
||||
|
||||
unsigned i = 0;
|
||||
FOREACH_STRING(x, "foo", "bar", "waldo")
|
||||
assert_se(streq_ptr(t[i++], x));
|
||||
|
||||
assert_se(i == 3);
|
||||
|
||||
FOREACH_STRING(x, "zzz")
|
||||
|
||||
@ -144,7 +144,6 @@ TEST(utf8_escape_non_printable) {
|
||||
}
|
||||
|
||||
TEST(utf8_escape_non_printable_full) {
|
||||
const char *s;
|
||||
FOREACH_STRING(s,
|
||||
"goo goo goo", /* ASCII */
|
||||
"\001 \019\20\a", /* control characters */
|
||||
@ -210,8 +209,6 @@ TEST(utf8_console_width) {
|
||||
}
|
||||
|
||||
TEST(utf8_to_utf16) {
|
||||
const char *p;
|
||||
|
||||
FOREACH_STRING(p,
|
||||
"abc",
|
||||
"zażółcić gęślą jaźń",
|
||||
|
||||
@ -39,7 +39,6 @@ static int populate_uid_cache(const char *root, Hashmap **ret) {
|
||||
/* The directory list is hardcoded here: /etc is the standard, and rpm-ostree uses /usr/lib. This
|
||||
* could be made configurable, but I don't see the point right now. */
|
||||
|
||||
const char *fname;
|
||||
FOREACH_STRING(fname, "/etc/passwd", "/usr/lib/passwd") {
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
|
||||
@ -78,7 +77,6 @@ static int populate_gid_cache(const char *root, Hashmap **ret) {
|
||||
if (!cache)
|
||||
return -ENOMEM;
|
||||
|
||||
const char *fname;
|
||||
FOREACH_STRING(fname, "/etc/group", "/usr/lib/group") {
|
||||
_cleanup_fclose_ FILE *f = NULL;
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user