Compare commits
4 Commits
7f7a50dd15
...
165c23c6b2
Author | SHA1 | Date |
---|---|---|
Luca Boccassi | 165c23c6b2 | |
Zbigniew Jędrzejewski-Szmek | 7ff9d99e9e | |
Zbigniew Jędrzejewski-Szmek | a77f9dfbae | |
Vito Caputo | 592d419ce6 |
34
NEWS
34
NEWS
|
@ -84,7 +84,8 @@ CHANGES WITH 249 in spe:
|
||||||
|
|
||||||
* portablectl gained a new switch --extension= for enabling portable
|
* portablectl gained a new switch --extension= for enabling portable
|
||||||
service images with extensions that follow the extension image
|
service images with extensions that follow the extension image
|
||||||
concept introduced with v248.
|
concept introduced with v248, and thus allows layering multiple
|
||||||
|
images when setting up the root filesystem of the service.
|
||||||
|
|
||||||
* systemd-coredump will now extract ELF build-id information from
|
* systemd-coredump will now extract ELF build-id information from
|
||||||
processes dumping core and include it in the coredump report.
|
processes dumping core and include it in the coredump report.
|
||||||
|
@ -416,6 +417,37 @@ CHANGES WITH 249 in spe:
|
||||||
|
|
||||||
https://systemd.io/ARCHITECTURE
|
https://systemd.io/ARCHITECTURE
|
||||||
|
|
||||||
|
* Units using ConditionNeedsUpdate= will no longer be activated in
|
||||||
|
the initrd.
|
||||||
|
|
||||||
|
* It is now possible to list a template unit in WantedBy= or RequiredBy=
|
||||||
|
of another template unit, which will be triggered using the same
|
||||||
|
instance name.
|
||||||
|
|
||||||
|
* A new MemoryAvailable property is available for units. If the unit,
|
||||||
|
or the slice(s) it is part of, have a memory limit set via MemoryMax=/
|
||||||
|
MemoryHigh=, MemoryAvailable will indicate how much more memory the
|
||||||
|
unit can claim before hitting the limit(s).
|
||||||
|
|
||||||
|
* systemd-coredump will now try to stay below the cgroup memory limit
|
||||||
|
placed on itself or one of the slices it runs under, if the storage
|
||||||
|
area for core files (/var/lib/systemd/coredump/) is placed on a tmpfs,
|
||||||
|
since files written on such filesystems count toward the cgroup memory
|
||||||
|
limit. If there is not enough available memory in such cases to store
|
||||||
|
the core file uncompressed, systemd-coredump will skip to compressed
|
||||||
|
storage directly (if enabled) and it will avoid analyzing the core file
|
||||||
|
to print backtrace and metadata in the journal.
|
||||||
|
|
||||||
|
* tmpfiles.d gained a new '=' modifier to check if the type of a path
|
||||||
|
matches the configured expectations, and remove it if not.
|
||||||
|
|
||||||
|
* tmpfiles.d's 'Age' now accepts an 'age-by' argument, which allows to
|
||||||
|
specify which of the several available filesystem timestamp to look
|
||||||
|
at when deciding whether a path has aged enough to be cleaned.
|
||||||
|
|
||||||
|
* Journal files, which are allocated in fixed incremenets, are now
|
||||||
|
truncated when rotated/archived to remove unused space from their tails.
|
||||||
|
|
||||||
* …
|
* …
|
||||||
|
|
||||||
Contributions from: …
|
Contributions from: …
|
||||||
|
|
|
@ -89,6 +89,41 @@
|
||||||
# pragma GCC diagnostic ignored "-Waddress-of-packed-member"
|
# pragma GCC diagnostic ignored "-Waddress-of-packed-member"
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
static int journal_file_tail_end(JournalFile *f, uint64_t *ret_offset) {
|
||||||
|
Object *tail;
|
||||||
|
uint64_t p;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert(f);
|
||||||
|
assert(f->header);
|
||||||
|
assert(ret_offset);
|
||||||
|
|
||||||
|
p = le64toh(f->header->tail_object_offset);
|
||||||
|
if (p == 0)
|
||||||
|
p = le64toh(f->header->header_size);
|
||||||
|
else {
|
||||||
|
uint64_t sz;
|
||||||
|
|
||||||
|
r = journal_file_move_to_object(f, OBJECT_UNUSED, p, &tail);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
sz = le64toh(READ_NOW(tail->object.size));
|
||||||
|
if (sz > UINT64_MAX - sizeof(uint64_t) + 1)
|
||||||
|
return -EBADMSG;
|
||||||
|
|
||||||
|
sz = ALIGN64(sz);
|
||||||
|
if (p > UINT64_MAX - sz)
|
||||||
|
return -EBADMSG;
|
||||||
|
|
||||||
|
p += sz;
|
||||||
|
}
|
||||||
|
|
||||||
|
*ret_offset = p;
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
/* This may be called from a separate thread to prevent blocking the caller for the duration of fsync().
|
/* This may be called from a separate thread to prevent blocking the caller for the duration of fsync().
|
||||||
* As a result we use atomic operations on f->offline_state for inter-thread communications with
|
* As a result we use atomic operations on f->offline_state for inter-thread communications with
|
||||||
* journal_file_set_offline() and journal_file_set_online(). */
|
* journal_file_set_offline() and journal_file_set_online(). */
|
||||||
|
@ -122,6 +157,25 @@ static void journal_file_set_offline_internal(JournalFile *f) {
|
||||||
|
|
||||||
f->header->state = f->archive ? STATE_ARCHIVED : STATE_OFFLINE;
|
f->header->state = f->archive ? STATE_ARCHIVED : STATE_OFFLINE;
|
||||||
(void) fsync(f->fd);
|
(void) fsync(f->fd);
|
||||||
|
|
||||||
|
if (f->archive) {
|
||||||
|
uint64_t p;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
/* truncate excess from the end of archives */
|
||||||
|
r = journal_file_tail_end(f, &p);
|
||||||
|
if (r < 0)
|
||||||
|
log_debug_errno(r, "Failed to determine end of tail object, ignoring: %m");
|
||||||
|
else {
|
||||||
|
/* arena_size can't exceed the file size, ensure it's updated before truncating */
|
||||||
|
f->header->arena_size = htole64(p - le64toh(f->header->header_size));
|
||||||
|
|
||||||
|
(void) fsync(f->fd);
|
||||||
|
|
||||||
|
if (ftruncate(f->fd, p) < 0)
|
||||||
|
log_debug_errno(errno, "Failed to truncate archive at end of tail object, ignoring: %m");
|
||||||
|
}
|
||||||
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case OFFLINE_OFFLINING:
|
case OFFLINE_OFFLINING:
|
||||||
|
@ -1054,7 +1108,7 @@ int journal_file_append_object(
|
||||||
|
|
||||||
int r;
|
int r;
|
||||||
uint64_t p;
|
uint64_t p;
|
||||||
Object *tail, *o;
|
Object *o;
|
||||||
void *t;
|
void *t;
|
||||||
|
|
||||||
assert(f);
|
assert(f);
|
||||||
|
@ -1066,26 +1120,9 @@ int journal_file_append_object(
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
p = le64toh(f->header->tail_object_offset);
|
r = journal_file_tail_end(f, &p);
|
||||||
if (p == 0)
|
if (r < 0)
|
||||||
p = le64toh(f->header->header_size);
|
return r;
|
||||||
else {
|
|
||||||
uint64_t sz;
|
|
||||||
|
|
||||||
r = journal_file_move_to_object(f, OBJECT_UNUSED, p, &tail);
|
|
||||||
if (r < 0)
|
|
||||||
return r;
|
|
||||||
|
|
||||||
sz = le64toh(READ_NOW(tail->object.size));
|
|
||||||
if (sz > UINT64_MAX - sizeof(uint64_t) + 1)
|
|
||||||
return -EBADMSG;
|
|
||||||
|
|
||||||
sz = ALIGN64(sz);
|
|
||||||
if (p > UINT64_MAX - sz)
|
|
||||||
return -EBADMSG;
|
|
||||||
|
|
||||||
p += sz;
|
|
||||||
}
|
|
||||||
|
|
||||||
r = journal_file_allocate(f, p, size);
|
r = journal_file_allocate(f, p, size);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
|
|
@ -805,30 +805,30 @@ void dns_server_unlink_all(DnsServer *first) {
|
||||||
dns_server_unlink_all(next);
|
dns_server_unlink_all(next);
|
||||||
}
|
}
|
||||||
|
|
||||||
bool dns_server_unlink_marked(DnsServer *first) {
|
bool dns_server_unlink_marked(DnsServer *server) {
|
||||||
DnsServer *next;
|
bool changed = false;
|
||||||
bool changed;
|
|
||||||
|
|
||||||
if (!first)
|
while (server) {
|
||||||
return false;
|
DnsServer *next;
|
||||||
|
|
||||||
next = first->servers_next;
|
next = server->servers_next;
|
||||||
|
|
||||||
if (first->marked) {
|
if (server->marked) {
|
||||||
changed = true;
|
dns_server_unlink(server);
|
||||||
dns_server_unlink(first);
|
changed = true;
|
||||||
} else
|
}
|
||||||
changed = false;
|
|
||||||
|
|
||||||
return changed || dns_server_unlink_marked(next);
|
server = next;
|
||||||
|
}
|
||||||
|
|
||||||
|
return changed;
|
||||||
}
|
}
|
||||||
|
|
||||||
void dns_server_mark_all(DnsServer *first) {
|
void dns_server_mark_all(DnsServer *server) {
|
||||||
if (!first)
|
while (server) {
|
||||||
return;
|
server->marked = true;
|
||||||
|
server = server->servers_next;
|
||||||
first->marked = true;
|
}
|
||||||
dns_server_mark_all(first->servers_next);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
DnsServer *dns_server_find(DnsServer *first, int family, const union in_addr_union *in_addr, uint16_t port, int ifindex, const char *name) {
|
DnsServer *dns_server_find(DnsServer *first, int family, const union in_addr_union *in_addr, uint16_t port, int ifindex, const char *name) {
|
||||||
|
|
|
@ -224,7 +224,7 @@ tests += [
|
||||||
[['src/test/test-os-util.c']],
|
[['src/test/test-os-util.c']],
|
||||||
|
|
||||||
[['src/test/test-libcrypt-util.c'],
|
[['src/test/test-libcrypt-util.c'],
|
||||||
[], [], [], '', 'timeout=120'],
|
[], [libcrypt], [], '', 'timeout=120'],
|
||||||
|
|
||||||
[['src/test/test-escape.c']],
|
[['src/test/test-escape.c']],
|
||||||
|
|
||||||
|
|
|
@ -10,6 +10,29 @@
|
||||||
#include "tests.h"
|
#include "tests.h"
|
||||||
#include "libcrypt-util.h"
|
#include "libcrypt-util.h"
|
||||||
|
|
||||||
|
static void test_crypt_preferred_method(void) {
|
||||||
|
log_info("/* %s */", __func__);
|
||||||
|
|
||||||
|
log_info("crypt_preferred_method: %s",
|
||||||
|
#if HAVE_CRYPT_PREFERRED_METHOD
|
||||||
|
crypt_preferred_method()
|
||||||
|
#else
|
||||||
|
"(not available)"
|
||||||
|
#endif
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void test_make_salt(void) {
|
||||||
|
log_info("/* %s */", __func__);
|
||||||
|
|
||||||
|
for (int i = 0; i < 10; i++) {
|
||||||
|
_cleanup_free_ char *t;
|
||||||
|
|
||||||
|
assert_se(make_salt(&t) == 0);
|
||||||
|
log_info("%s", t);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
static int test_hash_password(void) {
|
static int test_hash_password(void) {
|
||||||
log_info("/* %s */", __func__);
|
log_info("/* %s */", __func__);
|
||||||
|
|
||||||
|
@ -93,6 +116,9 @@ int main(int argc, char *argv[]) {
|
||||||
return log_tests_skipped("crypt_r() causes a buffer overflow on ppc64el, see https://github.com/systemd/systemd/pull/16981#issuecomment-691203787");
|
return log_tests_skipped("crypt_r() causes a buffer overflow on ppc64el, see https://github.com/systemd/systemd/pull/16981#issuecomment-691203787");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
test_crypt_preferred_method();
|
||||||
|
test_make_salt();
|
||||||
|
|
||||||
if (!test_hash_password())
|
if (!test_hash_password())
|
||||||
return log_tests_skipped("crypt doesn't support yescrypt or sha512crypt");
|
return log_tests_skipped("crypt doesn't support yescrypt or sha512crypt");
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue