Am 17.02.2017 um 00:29 schrieb Michael Biebl: > Package: release.debian.org > Severity: normal > Tags: jessie > User: release.debian.org@packages.debian.org > Usertags: pu > > Hi, > > I'd like to make a stable upload for systemd, fixing two bugs. Since I filed the pu request, two more issues came up which I'd like to fix as well An assert in PID1 that could be triggered by masking an automount unit (#856035) and an assert in PID1 that could be triggered by removing a service file during daemon-reload (#856985). The latter is rather easily reproducible by installing and removing systemd-cron. Those are backports of fixes which have landed in unstable. The full changelog: systemd (215-17+deb8u7) stable; urgency=medium * bus: Fix bus_print_property() to use "int" for booleans. This fixes the problem that on big endian architectures, like mips or powerpc, boolean properties that were retrieved via via sd-bus were always set to 0 (no). (Closes: #774430) * systemctl: Add is-enabled support for SysV init scripts. The update-rc.d utility does not provide is-enabled, so implement it ourselves in systemctl using the same logic as systemd-sysv-install from Stretch. (Closes: #809405) * core: If the start command vanishes during runtime don't hit an assert. This can happen when the configuration is changed and reloaded while we are executing a service. Let's not hit an assert in this case. (Closes: #856985) * automount: If an automount unit is masked, don't react to activation anymore. Otherwise we'll hit an assert sooner or later. (Closes: #856035) -- Michael Biebl <biebl@debian.org> Fri, 10 Mar 2017 06:02:49 +0100 The debdiff is attached. For individual commits see https://anonscm.debian.org/cgit/pkg-systemd/systemd.git/log/?h=jessie Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
diff --git a/debian/changelog b/debian/changelog index ffceb7d..be7e3b3 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,23 @@ +systemd (215-17+deb8u7) stable; urgency=medium + + * bus: Fix bus_print_property() to use "int" for booleans. + This fixes the problem that on big endian architectures, like mips or + powerpc, boolean properties that were retrieved via via sd-bus were + always set to 0 (no). (Closes: #774430) + * systemctl: Add is-enabled support for SysV init scripts. + The update-rc.d utility does not provide is-enabled, so implement it + ourselves in systemctl using the same logic as systemd-sysv-install from + Stretch. (Closes: #809405) + * core: If the start command vanishes during runtime don't hit an assert. + This can happen when the configuration is changed and reloaded while we + are executing a service. Let's not hit an assert in this case. + (Closes: #856985) + * automount: If an automount unit is masked, don't react to activation + anymore. + Otherwise we'll hit an assert sooner or later. (Closes: #856035) + + -- Michael Biebl <biebl@debian.org> Fri, 10 Mar 2017 06:02:49 +0100 + systemd (215-17+deb8u6) stable; urgency=medium [ Michael Biebl ] diff --git a/debian/patches/automount-if-an-automount-unit-is-masked-don-t-react-to-a.patch b/debian/patches/automount-if-an-automount-unit-is-masked-don-t-react-to-a.patch new file mode 100644 index 0000000..d9adc19 --- /dev/null +++ b/debian/patches/automount-if-an-automount-unit-is-masked-don-t-react-to-a.patch @@ -0,0 +1,134 @@ +From: Lennart Poettering <lennart@poettering.net> +Date: Wed, 1 Mar 2017 04:03:48 +0100 +Subject: automount: if an automount unit is masked, + don't react to activation anymore (#5445) + +Otherwise we'll hit an assert sooner or later. + +This requires us to initialize ->where even if we come back in "masked" +mode, as otherwise we don't know how to operate on the automount and +detach it. + +Fixes: #5441 +(backported from commit e350ca3f1ecb6672b74cd25d09ef23c7b309aa5a) +--- + src/core/automount.c | 67 +++++++++++++++++++++++++++++++++++----------------- + 1 file changed, 45 insertions(+), 22 deletions(-) + +diff --git a/src/core/automount.c b/src/core/automount.c +index 73a8ce1..4392635 100644 +--- a/src/core/automount.c ++++ b/src/core/automount.c +@@ -87,17 +87,19 @@ static void unmount_autofs(Automount *a) { + if (a->pipe_fd < 0) + return; + +- automount_send_ready(a, -EHOSTDOWN); + + a->pipe_event_source = sd_event_source_unref(a->pipe_event_source); + a->pipe_fd = safe_close(a->pipe_fd); + +- /* If we reload/reexecute things we keep the mount point +- * around */ +- if (a->where && +- (UNIT(a)->manager->exit_code != MANAGER_RELOAD && +- UNIT(a)->manager->exit_code != MANAGER_REEXECUTE)) +- repeat_unmount(a->where); ++ /* If we reload/reexecute things we keep the mount point around */ ++ if (!IN_SET(UNIT(a)->manager->exit_code, MANAGER_RELOAD, MANAGER_REEXECUTE)) { ++ ++ automount_send_ready(a, -EHOSTDOWN); ++ ++ if (a->where) { ++ repeat_unmount(a->where); ++ } ++ } + } + + static void automount_done(Unit *u) { +@@ -169,6 +171,21 @@ static int automount_verify(Automount *a) { + return 0; + } + ++static int automount_set_where(Automount *a) { ++ ++ assert(a); ++ ++ if (a->where) ++ return 0; ++ ++ a->where = unit_name_to_path(UNIT(a)->id); ++ if (!a->where) ++ return -ENOMEM; ++ ++ path_kill_slashes(a->where); ++ return 1; ++} ++ + static int automount_load(Unit *u) { + Automount *a = AUTOMOUNT(u); + int r; +@@ -184,13 +201,9 @@ static int automount_load(Unit *u) { + if (u->load_state == UNIT_LOADED) { + Unit *x; + +- if (!a->where) { +- a->where = unit_name_to_path(u->id); +- if (!a->where) +- return -ENOMEM; +- } +- +- path_kill_slashes(a->where); ++ r = automount_set_where(a); ++ if (r < 0) ++ return r; + + r = unit_load_related_unit(u, ".mount", &x); + if (r < 0) +@@ -242,21 +255,25 @@ static int automount_coldplug(Unit *u) { + assert(a); + assert(a->state == AUTOMOUNT_DEAD); + +- if (a->deserialized_state != a->state) { ++ if (a->deserialized_state == a->state) ++ return 0; ++ ++ if (IN_SET(a->deserialized_state, AUTOMOUNT_WAITING, AUTOMOUNT_RUNNING)) { ++ ++ r = automount_set_where(a); ++ if (r < 0) ++ return r; + + r = open_dev_autofs(u->manager); + if (r < 0) + return r; + +- if (a->deserialized_state == AUTOMOUNT_WAITING || +- a->deserialized_state == AUTOMOUNT_RUNNING) { ++ assert(a->pipe_fd >= 0); + +- assert(a->pipe_fd >= 0); ++ r = sd_event_add_io(u->manager->event, &a->pipe_event_source, a->pipe_fd, EPOLLIN, automount_dispatch_io, u); ++ if (r < 0) ++ return r; + +- r = sd_event_add_io(u->manager->event, &a->pipe_event_source, a->pipe_fd, EPOLLIN, automount_dispatch_io, u); +- if (r < 0) +- return r; +- } + + automount_set_state(a, a->deserialized_state); + } +@@ -548,6 +565,12 @@ static void automount_enter_runnning(Automount *a) { + + assert(a); + ++ /* If the user masked our unit in the meantime, fail */ ++ if (UNIT(a)->load_state != UNIT_LOADED) { ++ log_error_unit(UNIT(a)->id, "Suppressing automount event since unit is no longer loaded."); ++ goto fail; ++ } ++ + /* We don't take mount requests anymore if we are supposed to + * shut down anyway */ + if (unit_stop_pending(UNIT(a))) { diff --git a/debian/patches/bus-fix-bus_print_property-to-use-int-for-booleans.patch b/debian/patches/bus-fix-bus_print_property-to-use-int-for-booleans.patch new file mode 100644 index 0000000..262252e --- /dev/null +++ b/debian/patches/bus-fix-bus_print_property-to-use-int-for-booleans.patch @@ -0,0 +1,27 @@ +From: David Herrmann <dh.herrmann@gmail.com> +Date: Thu, 18 Sep 2014 13:28:28 +0200 +Subject: bus: fix bus_print_property() to use "int" for booleans + +We always use "int" if we retrieve boolean values from sd-bus, as "bool" +is only a single byte, but full int on va-args. + +Thanks to Werner Fink for the report! + +(cherry picked from commit c2fa048c4a70c8386c6d8fe939e5ea9edecf1e98) +--- + src/libsystemd/sd-bus/bus-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libsystemd/sd-bus/bus-util.c b/src/libsystemd/sd-bus/bus-util.c +index 6441c5b..d0b7c3d 100644 +--- a/src/libsystemd/sd-bus/bus-util.c ++++ b/src/libsystemd/sd-bus/bus-util.c +@@ -631,7 +631,7 @@ int bus_print_property(const char *name, sd_bus_message *property, bool all) { + } + + case SD_BUS_TYPE_BOOLEAN: { +- bool b; ++ int b; + + r = sd_bus_message_read_basic(property, type, &b); + if (r < 0) diff --git a/debian/patches/core-if-the-start-command-vanishes-during-runtime-don-t-h.patch b/debian/patches/core-if-the-start-command-vanishes-during-runtime-don-t-h.patch new file mode 100644 index 0000000..cc78db3 --- /dev/null +++ b/debian/patches/core-if-the-start-command-vanishes-during-runtime-don-t-h.patch @@ -0,0 +1,35 @@ +From: Lennart Poettering <lennart@poettering.net> +Date: Fri, 21 Oct 2016 12:27:46 +0200 +Subject: core: if the start command vanishes during runtime don't hit an + assert + +This can happen when the configuration is changed and reloaded while we are +executing a service. Let's not hit an assert in this case. + +Fixes: #4444 +(cherry picked from commit 47fffb3530af3e3ad4048570611685635fde062e) +--- + src/core/service.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/src/core/service.c b/src/core/service.c +index 2ffb2aa..eb05a75 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -1346,7 +1346,15 @@ static void service_enter_start(Service *s) { + } + + if (!c) { +- assert(s->type == SERVICE_ONESHOT); ++ if (s->type != SERVICE_ONESHOT) { ++ /* There's no command line configured for the main command? Hmm, that is strange. This can only ++ * happen if the configuration changes at runtime. In this case, let's enter a failure ++ * state. */ ++ log_error_unit(UNIT(s)->id, "There's no 'start' task anymore we could start: %m"); ++ r = -ENXIO; ++ goto fail; ++ } ++ + service_enter_start_post(s); + return; + } diff --git a/debian/patches/series b/debian/patches/series index a883d86..4929abf 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -170,6 +170,10 @@ polkit-don-t-start-polkit-agent-when-running-as-root.patch core-rework-logic-to-determine-when-we-decide-to-add-auto.patch systemctl-fix-argument-handling-when-invoked-as-shutdown.patch systemctl-when-reading-legacy-t-argument-for-shutdown-don.patch +bus-fix-bus_print_property-to-use-int-for-booleans.patch +service-allow-services-of-Type-oneshot-that-specify-no-Ex.patch +core-if-the-start-command-vanishes-during-runtime-don-t-h.patch +automount-if-an-automount-unit-is-masked-don-t-react-to-a.patch ## Debian specific patches: Add-back-support-for-Debian-specific-config-files.patch @@ -228,3 +232,4 @@ Skip-filesystem-check-if-already-done-by-the-initram.patch cryptsetup-Implement-offset-and-skip-options.patch Revert-core-one-step-back-again-for-nspawn-we-actual.patch udev-increase-udev-event-timeout-to-180s.patch +systemctl-Add-is-enabled-support-for-SysV-init-scripts.patch diff --git a/debian/patches/service-allow-services-of-Type-oneshot-that-specify-no-Ex.patch b/debian/patches/service-allow-services-of-Type-oneshot-that-specify-no-Ex.patch new file mode 100644 index 0000000..b234b2d --- /dev/null +++ b/debian/patches/service-allow-services-of-Type-oneshot-that-specify-no-Ex.patch @@ -0,0 +1,167 @@ +From: Lennart Poettering <lennart@poettering.net> +Date: Thu, 21 Aug 2014 18:50:42 +0200 +Subject: service: allow services of Type=oneshot that specify no ExecStart= + commands + +This is useful for services that simply want to run something on +shutdown, but not at bootup. They should only set ExecStop= but leave +ExecStart= unset. + +(cherry picked from commit 96fb8242cc1ef6b0e28f6c86a4f57950095dd7f1) +--- + man/systemd.service.xml | 44 +++++++++++++++++++++++++++----------------- + src/core/service.c | 39 +++++++++++++++++++++++++++++---------- + 2 files changed, 56 insertions(+), 27 deletions(-) + +diff --git a/man/systemd.service.xml b/man/systemd.service.xml +index b169716..1423084 100644 +--- a/man/systemd.service.xml ++++ b/man/systemd.service.xml +@@ -139,9 +139,10 @@ + + <para>If set to + <option>simple</option> (the default +- value if neither ++ if neither + <varname>Type=</varname> nor +- <varname>BusName=</varname> are ++ <varname>BusName=</varname>, but ++ <varname>ExecStart=</varname> are + specified), it is expected that the + process configured with + <varname>ExecStart=</varname> is the +@@ -177,13 +178,17 @@ + exits.</para> + + <para>Behavior of +- <option>oneshot</option> is similar +- to <option>simple</option>; however, +- it is expected that the process has to ++ <option>oneshot</option> is similar to ++ <option>simple</option>; however, it ++ is expected that the process has to + exit before systemd starts follow-up + units. <varname>RemainAfterExit=</varname> + is particularly useful for this type +- of service.</para> ++ of service. This is the implied ++ default if neither ++ <varname>Type=</varname> or ++ <varname>ExecStart=</varname> are ++ specified.</para> + + <para>Behavior of + <option>dbus</option> is similar to +@@ -313,22 +318,27 @@ + + <para>When <varname>Type</varname> is + not <option>oneshot</option>, only one +- command may be given. When ++ command may and must be given. When + <varname>Type=oneshot</varname> is +- used, more than one command may be +- specified. Multiple command lines may +- be concatenated in a single directive +- by separating them with semicolons +- (these semicolons must be passed as +- separate words). Alternatively, this +- directive may be specified more than +- once with the same effect. +- Lone semicolons may be escaped as ++ used, none or more than one command ++ may be specified. Multiple command ++ lines may be concatenated in a single ++ directive by separating them with ++ semicolons (these semicolons must be ++ passed as separate ++ words). Alternatively, this directive ++ may be specified more than once with ++ the same effect. Lone semicolons may ++ be escaped as + <literal>\;</literal>. If the empty + string is assigned to this option, the + list of commands to start is reset, + prior assignments of this option will +- have no effect.</para> ++ have no effect. If no ++ <varname>ExecStart=</varname> is ++ specified, then the service must have ++ <varname>RemainAfterExit=yes</varname> ++ set.</para> + + <para>Each command line is split on + whitespace, with the first item being +diff --git a/src/core/service.c b/src/core/service.c +index e60757b..2ffb2aa 100644 +--- a/src/core/service.c ++++ b/src/core/service.c +@@ -319,14 +319,23 @@ static int service_verify(Service *s) { + if (UNIT(s)->load_state != UNIT_LOADED) + return 0; + +- if (!s->exec_command[SERVICE_EXEC_START]) { +- log_error_unit(UNIT(s)->id, "%s lacks ExecStart setting. Refusing.", UNIT(s)->id); ++ if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP]) { ++ log_error_unit(UNIT(s)->id, "%s lacks both ExecStart= and ExecStop= setting. Refusing.", UNIT(s)->id); + return -EINVAL; + } + +- if (s->type != SERVICE_ONESHOT && +- s->exec_command[SERVICE_EXEC_START]->command_next) { +- log_error_unit(UNIT(s)->id, "%s has more than one ExecStart setting, which is only allowed for Type=oneshot services. Refusing.", UNIT(s)->id); ++ if (s->type != SERVICE_ONESHOT && !s->exec_command[SERVICE_EXEC_START]) { ++ log_error_unit(UNIT(s)->id, "%s has no ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.", UNIT(s)->id); ++ return -EINVAL; ++ } ++ ++ if (!s->remain_after_exit && !s->exec_command[SERVICE_EXEC_START]) { ++ log_error_unit(UNIT(s)->id, "%s has no ExecStart= setting, which is only allowed for RemainAfterExit=yes services. Refusing.", UNIT(s)->id); ++ return -EINVAL; ++ } ++ ++ if (s->type != SERVICE_ONESHOT && s->exec_command[SERVICE_EXEC_START]->command_next) { ++ log_error_unit(UNIT(s)->id, "%s has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.", UNIT(s)->id); + return -EINVAL; + } + +@@ -418,8 +427,15 @@ static int service_load(Unit *u) { + if (r < 0) + return r; + +- if (s->type == _SERVICE_TYPE_INVALID) +- s->type = s->bus_name ? SERVICE_DBUS : SERVICE_SIMPLE; ++ if (s->type == _SERVICE_TYPE_INVALID) { ++ /* Figure out a type automatically */ ++ if (s->bus_name) ++ s->type = SERVICE_DBUS; ++ else if (s->exec_command[SERVICE_EXEC_START]) ++ s->type = SERVICE_SIMPLE; ++ else ++ s->type = SERVICE_ONESHOT; ++ } + + /* Oneshot services have disabled start timeout by default */ + if (s->type == SERVICE_ONESHOT && !s->start_timeout_defined) +@@ -1309,9 +1325,6 @@ static void service_enter_start(Service *s) { + + assert(s); + +- assert(s->exec_command[SERVICE_EXEC_START]); +- assert(!s->exec_command[SERVICE_EXEC_START]->command_next || s->type == SERVICE_ONESHOT); +- + service_unwatch_control_pid(s); + service_unwatch_main_pid(s); + +@@ -1332,6 +1345,12 @@ static void service_enter_start(Service *s) { + c = s->main_command = s->exec_command[SERVICE_EXEC_START]; + } + ++ if (!c) { ++ assert(s->type == SERVICE_ONESHOT); ++ service_enter_start_post(s); ++ return; ++ } ++ + r = service_spawn(s, + c, + IN_SET(s->type, SERVICE_FORKING, SERVICE_DBUS, SERVICE_NOTIFY, SERVICE_ONESHOT) ? s->timeout_start_usec : 0, diff --git a/debian/patches/systemctl-Add-is-enabled-support-for-SysV-init-scripts.patch b/debian/patches/systemctl-Add-is-enabled-support-for-SysV-init-scripts.patch new file mode 100644 index 0000000..7b73592 --- /dev/null +++ b/debian/patches/systemctl-Add-is-enabled-support-for-SysV-init-scripts.patch @@ -0,0 +1,84 @@ +From: Michael Biebl <michael@debian> +Date: Wed, 15 Feb 2017 10:03:37 +0100 +Subject: systemctl: Add is-enabled support for SysV init scripts + +The update-rc.d utility does not provide is-enabled, so implement it +ourselves in systemctl using the same logic as systemd-sysv-install from +Stretch. +See commit b5aa768d8108b294c1187a0728f5b13c033b3d47 + +Closes: #809405 +--- + src/systemctl/systemctl.c | 38 ++++++++++++++++++++++++-------------- + 1 file changed, 24 insertions(+), 14 deletions(-) + +diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c +index c67b86d..efce97f 100644 +--- a/src/systemctl/systemctl.c ++++ b/src/systemctl/systemctl.c +@@ -4998,9 +4998,8 @@ static int enable_sysv_units(const char *verb, char **args) { + return 0; + + if (!streq(verb, "enable") && +- !streq(verb, "disable")) +- // update-rc.d currently does not provide is-enabled +- //!streq(verb, "is-enabled")) ++ !streq(verb, "disable") && ++ !streq(verb, "is-enabled")) + return 0; + + /* Processes all SysV units, and reshuffles the array so that +@@ -5045,6 +5044,12 @@ static int enable_sysv_units(const char *verb, char **args) { + break; + } + ++ /* If we have both a native unit and a SysV script, ++ * enable/disable them both (below); for is-enabled, ++ * prefer the native unit */ ++ if (found_native && streq(verb, "is-enabled")) ++ continue; ++ + if (!isempty(arg_root)) + asprintf(&p, "%s/" SYSTEM_SYSVINIT_PATH "/%s", arg_root, name); + else +@@ -5065,6 +5070,21 @@ static int enable_sysv_units(const char *verb, char **args) { + args[f] = (char*) ""; + } + ++ if (streq(verb, "is-enabled")) { ++ _cleanup_free_ char *g = NULL; ++ asprintf(&g, "%s%s", "/etc/rc[S5].d/S??", basename(p)); ++ if (glob_exists(g)) { ++ if (!arg_quiet) ++ puts("enabled"); ++ r = 1; ++ continue; ++ } else { ++ if (!arg_quiet) ++ puts("disabled"); ++ continue; ++ } ++ } ++ + log_info("Synchronizing state for %s with sysvinit using update-rc.d...", name); + + if (!isempty(arg_root) && !streq(arg_root, "/")) { +@@ -5149,17 +5169,7 @@ static int enable_sysv_units(const char *verb, char **args) { + } + + if (status.si_code == CLD_EXITED) { +- if (streq(verb, "is-enabled")) { +- if (status.si_status == 0) { +- if (!arg_quiet) +- puts("enabled"); +- r = 1; +- } else { +- if (!arg_quiet) +- puts("disabled"); +- } +- +- } else if (status.si_status != 0) { ++ if (status.si_status != 0) { + r = -EINVAL; + goto finish; + }
Attachment:
signature.asc
Description: OpenPGP digital signature