Enabling libcrypsetup in libmount had several unintended side
effects.
First of all, it increases the Debian minimal image size by
~2.5% (5.6MB worth of new libraries).
Then, due to libcryptsetup linkage to OpenSSL and libjson-c,
it causes incompatibilities with external programs linking
against both libmount and a private, static, old version of
OpenSSL, or external programs linking against libjansson or
json-glib, which have one symbol in common with libjson-c.
If ./configure is ran with --with-crypsetup=dlopen,
instead of linking to libcrypsetup, use dlopen to resolve
the symbols at runtime only when the verity feature is
used, thus avoiding clashes and keeping images size down.
Fixes#1081
Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
- use --with-vendordir= (rather than --enable) to be compatible with
another package stuuf
- add USE_VENDORDIR automake condition
- add vendordir to global AM_CPPFLAGS to avoid binary specific cflags
modifications
Signed-off-by: Karel Zak <kzak@redhat.com>
As the old commend said: 'This code would best be shared with the file(1)
program or, perhaps, more should not try to be so smart'. Now at configure
time one can choose whether more(1) is sharing code with file(1), or not.
Addresses: http://bugs.debian.org/139205
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
From man siglongjmp(3) 'longjmp() and siglongjmp() make programs hard to
understand and maintain. If possible, an alternative should be used.' That
manual page remark summarizes quite well why more(1) needs to move away from
jumping around.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
The event loop takes care of the standard screen updates, signals, and user
inputs. Two nice things using even loop like this are; 1) no need for any
global variables and 2) effect of user commands is immediate.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
The currently used date/time parser (for hwclock --set --date <date>)
is gnulib based code with GPLv3.
This patch allows to avoid this code and replace it with minimalistic
date/time parser.
Addresses: https://github.com/karelzak/util-linux/issues/891
Reported-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
A new API was added to libcryptsetup to make use of the kernel's new
CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG feature, which allows to sign
root hashes. Add a verity.roothashsig option to use it.
Device reuse will be allowed only if signatures are used by all, or
by none.
* 'kill-pidfd' of https://github.com/kerolasa/util-linux:
kill: use pidfd system calls to implement --timeout option
build-sys: add missing NR underscore to UL_CHECK_SYSCALL()
The following new options are added:
verity.hashdevice
verity.roothash
verity.hashoffset
The source path will be used as a dm-verity object, and will be
opened using libcryptsetup APIs.
A new --with-cryptsetup build-time option is added, which adds a
dependency on libcryptsetup. To ease bootstrapping, given libcryptsetup
build-depends on util-linux for libuuid, if --with-cryptsetup=yes but
libcryptsetup is not installed only a warning will be printed at
configure time rather than an error. This way stage0/first stage/ring0
builds can use the same configure options but avoid installing
cryptsetup to get a working base set, and then rebuild util-linux in
the next step of the boostrapping process.
If verity options are selected but cannot be fullfilled due to lack of
dependencies, mounting a volume will fail even if using a loop device
would work as a fallback, to avoid silently skipping integrity checks.
At times there is need in scripts to send multiple signals to a process.
Often these cases require some amount of waiting before follow-up signal
should be sent.
One common case is process termination, where first script tries to kill
process gracefully but if that does not work SIGKILL is sent. Functionality
like that is commonly done by periodically checking if signalled pid exist
or not, and if it does another signal is sent possibly to an unrelated
process that reused pid number. That means polling a pid is prone to a data
race. Also if the first signal immediately kills the process one polling
interval is lost in sleep.
Another example when multiple signal need to be sent is various daemon
process control situations, such as Upgrading Executable on the Fly (see
reference). This happens to be the case that inspired change author to make
sequential signaling a little bit easier.
Reference: http://nginx.org/en/docs/control.html#upgrade
Pull-request: https://github.com/karelzak/util-linux/pull/902
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
The current situation is that distros differentiate between:
* host specific configuration -- usually /etc, maintained by admin
* distribution specific (static) configuration -- usually /usr/lib,
maintained by ditro packages
Unfortunately autotools have clue about $sysconfdir (/etc) only. This
patch introduces $sysconfstaticdir (default $prefix/lib).
Signed-off-by: Karel Zak <kzak@redhat.com>
Currently if `--disable-all-packages` is set, there is no configure
option for re-enabling `wipefs`.
As the current default for `wipefs` is "enabled", add `--disable-` flag
to maintain backward compatibility.
Signed-off-by: Sam Voss <sam.voss@gmail.com>
This patch consolidate pseudo-terminal stuff in util-linux. From now
there is only one implementation used in su(1) --pty, scriptlive(1)
and script(1).
The new stuff is based on the original script(1) -- it means poll()
and signalfd() based.
Note that script(1) code does not provide fallback for systems/libc
where is no openpty().
Signed-off-by: Karel Zak <kzak@redhat.com>
After this change shell executed by scriptlive(1) is going to behave
like shell in script(1). It means that the shell stdin is a
pseudo-terminal rather than pipe. This allows live replay of
interactive applications, ssh sessions, etc.
Signed-off-by: Karel Zak <kzak@redhat.com>
The idea is to consolidate script(1), scriptlive(1) and su(1) --pty
and use the same code everywhere.
TODO: add callbacks for stdin/out logging (necessary for script(1)).
Signed-off-by: Karel Zak <kzak@redhat.com>
The old good scriptreplay(1) just display your recorded session, the
scriptlive(1) uses stdin typescript (from new script(1)) to execute
your commands again.
Signed-off-by: Karel Zak <kzak@redhat.com>
The standard way how we read mount table is not reliable because
during the read() syscalls the table may be modified by some another
process. The changes in the table is possible to detect by poll()
event, and in this case it seems better to lseek to the begin of the file
and read it again. It's expensive, but better than races...
This patch does not modify mountinfo parser, but it reads all file to
memory (by read()+poll()) and than it creates memory stream
from the buffer and use it rather than a regular file stream.
It means the parser is still possible to use for normal files
(e.g. fstab) as well as for mountinfo and it's also portable to
systems where for some reason is no fmemopen().
Note that re-read after poll() event is limited to 5 attempts (but
successful read() without event zeroize the counter). It's because we
do not want to wait for consistent mountinfo for ever. It seems better
to use old (less reliable) way than hang up in read()+poll()
loop.
Addresses: https://github.com/systemd/systemd/issues/10872
Reported-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Signed-off-by: Karel Zak <kzak@redhat.com>
- Add --disable-hwclock-cmos configuration argument
- Add USE_HWCLOCK_CMOS (enabled by default for i386/x86_64)
- Add define(USE_HWCLOCK_CMOS)
- Compile hwclock-cmos.c only if USE_HWCLOCK_CMOS is true
- Remove all unnecessary #ifdefs from hwclock-cmos.c
- Add #ifdef USE_HWCLOCK_CMOS around the determine_clock_access_method()
call in hwclock.c
Signed-off-by: Carlos Santos <unixmania@gmail.com>
Without #include <stdlib.h>, this configure check fails for strict
C99/C11 compilers which do not support implicit function declarations
(which are a C90 feature removed from C99).
Signed-off-by: Karel Zak <kzak@redhat.com>
It seems we need a way how to override the default pkg-config install directory.
default:
$ ./configure
$ grep 'pkgconfigdir =' Makefile
pkgconfigdir = ${usrlib_execdir}/pkgconfig
user-defined:
$ ./configure --with-pkgconfigdir=/usr/share/pkgconfig
$ grep 'pkgconfigdir =' Makefile
$ pkgconfigdir = /usr/share/pkgconfig
Addresses: https://github.com/karelzak/util-linux/issues/793
Signed-off-by: Karel Zak <kzak@redhat.com>
It seems better to have a way to control when atexit(close_stdout()) is
used, because close stdout means that for example ASAN (or another
into binary integrated tool) is not able to print the final summary.
Signed-off-by: Karel Zak <kzak@redhat.com>
* 'hardlink' of https://github.com/rudimeier/util-linux: (25 commits)
hardlink: add first simple tests
hardlink: util-linux usage
hardlink: fix compiler warnings
hardlink: style indentations and license header
hardlink: enable build with and without pcre2
fixes for the fixes
temporal fix before re-patch (updates from Fedora repo)
Update hardlink.1
Fixed version number, added changelog about Todd Lewis' patch
exclude files via pcre
Fixed 32 bit build with gcc7 (RH Bugzilla ID 1422989)
spec file reflects the atomic hardlinking patch; removed cleaning buildroot (redundant); update FSF address at .c source file
Revert "spec file reflects the atomic hardlinking patch; removed cleaning buildroot (redundant); current FSF address at .c source file"
spec file reflects the atomic hardlinking patch; removed cleaning buildroot (redundant); current FSF address at .c source file
Mention -f option in the man page
do not allow to hardlink files across filesystems by default (#786719) (use -f option to override)
fix possible buffer overflows, integer overflows, update man page
fix URL and remove mmap() (#676962, #672917)
- update docs to describe highest verbosity -vv option (#210816) - use dist Resolves: 210816
mostly spec cleanup
...
The check tested whether code using crypt() links without -lcrypt, but
didn't set have_crypt to yes if it succeeded.
This fixes the check erroneously failing when compiling against musl
libc.
Signed-off-by: Johannes Nixdorf <mixi@shadowice.org>
* add struct ul_timer as API abstraction to hide differences between
timer_create() and setitimer()
* add setitimer() detection to ./configure.ac
* add fallback code to use setitimer() if timer_create() not available
(for example on OSX)
Addresses: https://github.com/karelzak/util-linux/issues/584
Signed-off-by: Karel Zak <kzak@redhat.com>
Useful for embedded systems, on which only few utilities are required.
[kzak@redhat.com: - rename to --disable-fdisks
- use $enable_{c,s,}fdisk in code]
Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Karel Zak <kzak@redhat.com>
We already default to /lib for the default $exec_prefix, but the current
configure does not care about /lib64 although the use-case is exactly
same as for /lib.
Signed-off-by: Karel Zak <kzak@redhat.com>
* usable with --login to whitelist specified environment variables
* the list is ignored for the core variables like HOME, SHELL, USER,
LOGNAME and PATH (su --login always resets these variables)
Note that su(1) requires password and after successful authentication
user has full control over the session, so he can set arbitrary
environment variables. The whitelist makes things more user friendly
only.
The patch removes unnecessary optimization when allocate environ[]. It
seems better to keep all in glibc hands and just reset the environment
array only.
Addresses: https://github.com/karelzak/util-linux/issues/221
Signed-off-by: Karel Zak <kzak@redhat.com>
libmount/python/pylibmount.c:158:19: warning: cast between incompatible function types
from ‘PyObject * (*)(PyObject *)’ {aka ‘struct _object * (*)(struct _object *)’}
to ‘PyObject * (*)(PyObject *, PyObject *)’ {aka ‘struct _object * (*)(struct _object *, struct _object *)’}
[-Wcast-function-type]
This is generic problem in all Python C code and gcc v8. The another
possible (and probably more correct) way is to add unused argument to
all API functions. Unfortunately, this solution is pretty invasive. The
question is if gcc is not too paranoid in this case.
For more details see https://bugs.python.org/issue33012. It seems
Python guys also prefer CFLAGS modification for now.
Signed-off-by: Karel Zak <kzak@redhat.com>
--with- means disabled by default or modify any default path
--without- means enabled by default
Reported-by: L A Walsh <lkml@tlinx.org>
Signed-off-by: Karel Zak <kzak@redhat.com>
Make sure --without-systemd disables also --with-systemdsystemunitdir.
Reported-by: L A Walsh <lkml@tlinx.org>
Signed-off-by: Karel Zak <kzak@redhat.com>
Let's provide command line tool, man page with OOM description and
bash-completion. It seems better than force end-users to use "echo"
to /proc.
Addresses: https://github.com/karelzak/util-linux/issues/609
Signed-off-by: Karel Zak <kzak@redhat.com>
Unfortunately, old version of the file linux/fs.h defines MS_*
macros, so the file cannot be included together with sys/mount.h.
We include sys/mount.h from libmount.h now.
Signed-off-by: Karel Zak <kzak@redhat.com>
Nobody needs the .bz2 tarball. We dont't even upload it to
kernel.org.
BTW we fix dozens of these automake warnings:
automake-1.13/am/ltlibrary.am: warning: 'libblkid.la': linking libtool libraries using a non-POSIX
automake-1.13/am/ltlibrary.am: archiver requires 'AM_PROG_AR' in 'configure.ac'
So we can remove -Wno-portability. The only warning left is this
last GNU-make'ism which somebody may fix when reading it:
sys-utils/Makemodule.am:191: warning: addprefix sys-utils/,$(SETARCH_LINKS: non-POSIX variable name
sys-utils/Makemodule.am:191: (probably a GNU make extension)
Makefile.am:90: 'sys-utils/Makemodule.am' included from here
Signed-off-by: Ruediger Meier <ruediger.meier@ga-group.nl>
cal: use ALTMON_* and _NL_ABALTMON_* constants to display
months in a standalone form correctly. These constants have just
been newly added to glibc. ALTMON_x has been used in BSD family
since 1990s and has been accepted as the future POSIX extension.
_NL_ABALTMON_* is exclusively a GNU extension but it is expected
to be added to POSIX in future.
More info: https://sourceware.org/bugzilla/show_bug.cgi?id=10871
The syscall swapon() with two arguments is supported since Linux 1.3.2
and it's really long time ago... Let's assume that all libc header files
have been already fixed.
Signed-off-by: Karel Zak <kzak@redhat.com>
Linux network subsystem assigns an unique integer to a network
namespace.
term0# ip netns add UTIL-LINUX-LSNS-TEST-NS
term0# ip netns list
UTIL-LINUX-LSNS-TEST-NS
term0# ip link add name lsns-vetha type veth peer name lsns-vethb
term0 # ip link set lsns-vethb netns UTIL-LINUX-LSNS-TEST-NS
term0# ip netns list
UTIL-LINUX-LSNS-TEST-NS (id: 0)
term0# ip link show dev lsns-vetha
230: lsns-vetha@if229: <BROADCAST,MULTICAST> mtu 1500 qdisc noop ...
link/ether 3e:27:68:ba:b3:95 brd ff:ff:ff:ff:ff:ff link-netnsid 0
In this example 0 is assigned to UTIL-LINUX-LSNS-TEST-NS net namespace.
The name, UTIL-LINUX-LSNS-TEST-NS, and it semantics is given and defined
by iproute2 in userland; and nothing to do with util-linux.
However, the id, 0, is managed in linux kernel. If lsns can show
the ids, it helps users understand the state of network namespaces.
This commit adds NETNSID column to the output.
Here is an example of session:
term0# ip netns exec UTIL-LINUX-LSNS-TEST-NS cat
(Open another terminal)
term1# ./lsns --type net
NS TYPE NPROCS PID USER NETNSID COMMAND
4026531993 net 383 1 root unassigned /usr/lib/systemd/...
4026532433 net 1 1219 rtkit unassigned /usr/libexec/rtkit-daemon
4026532562 net 1 18201 root 0 cat
0 is shown as NETNSID for the cat process.
For the initial name space, "unassigned" is printed.
For the namespaces other type than net, "n/a" is printed.
If an error occurred during getting the id, "n/a" is printed.
Changes in V2:
* Remove wrongly used & operators.
* Make netnsid field empty if value for the column is not available.
Suggested by Karel Zak.
* Remove redundant condtion for checking the avaiablebility of netlink
socket. Suggested by Karel Zak.
Signed-off-by: Masatake YAMATO <yamato@redhat.com>
The command ./configure --enable-asan adds -fsanitize=address
to the compiler command line. In the regression tests leaks detection
is disabled by default. You have to use --memcheck-asan on test
command line to enable.
Signed-off-by: Karel Zak <kzak@redhat.com>
The open() syscall is probably the most strong way how to check write
accessibility in all situations, but it's overkill and on some
paranoid systems with enabled audit/selinux. It fills logs with
"Permission denied" entries. Let's use eaccess() if available.
Signed-off-by: Karel Zak <kzak@redhat.com>
It seems some systems differentiate between tinfo and tinfow. And it
seems that mix ncursesw and tinfo (wide vs. non-wide char) is problem
for the systems.
Note that for example Fedora have ncursesw as well as ncurses, but
only one tinfo library. So, we need fallback this scenario.
Reported-by: Stanislav Brabec <sbrabec@suse.cz>
Signed-off-by: Karel Zak <kzak@redhat.com>
This also makes the rfkill to output status when executed without arguments.
That is believed ot be more useful than usage() output.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Use the usual facilities, add translation strings, move global variables at
the beginning of the file, make usage() look as expected, add standard
command-line option parsing.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Let's check always for alone ncurses.h and term.h if the preferred
variant with ncursesw/ subdirectory is not available.
The patch also minimize number of HAVE_...NCURSES_H macros in
config.h. We don't need to check for ncurses.h if ncurses/ncurses.h is
available.
Reported-by: Carlos Santos <casantos@datacom.ind.br>
Signed-off-by: Karel Zak <kzak@redhat.com>
The util-linux code was previously aligned to use @localstatedir@ and
the util-linux build system was set to override the default to use /run.
Current GNU Coding Standards introduced the @runstatedir@ variable
for this purpose. Lets use that instead.
The GNU default for @runstatedir@ is ${localstatedir}/run so util-linux
still override the default to be /run to preserve the status quo from
before. The only difference is that you'll now pass --runstatedir to
override the location on the command line instead of --localstatedir.
(FWIW, Debhelper in compat 11 will automatically start passing
--runstatedir=/run to all autotools configured builds. It already
passes --localstatedir=/var (to avoid it ending up with the GNU default
/usr/local/var) which breaks the util-linux build system code that
tries to default it to /run. This change will thus allow util-linux
and debhelper to work better together and avoid the need for a
package-specific override.)
Relevant historic commits:
* commit 07a16b9d1e
"build-sys: change --localstatedir to /run"
* commit 80c51185d5
"uuidd: use run configured state directory"
* commit 01c5b78794
"agetty: use configured run state directory"
[kzak@redhat.com: - add $runstatedir fallback for autoconf < 2.70
- check for unmodified $localstatedir]
CC: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
Signed-off-by: Karel Zak <kzak@redhat.com>
This includes atleast the native multiarch path in the paths to search.
(Maybe also other multiarch paths should also be searched? But atleast
this is a first step.)
Before this change (on Debian):
$ whereis libc
libc: /usr/share/man/man7/libc.7.gz
After this change:
$ whereis libc
libc: /usr/lib/x86_64-linux-gnu/libc.so /usr/lib/x86_64-linux-gnu/libc.a /usr/share/man/man7/libc.7.gz
Addresses: https://bugs.debian.org/856968
Signed-off-by: Andreas Henriksson <andreas@fatal.se>
The vwarnx(3) is probably not available in all libc implementations, in such
cases use the earlier printout as a fallback.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
This script requires ncurses to work, and the ncurses provides reset so
there should not be need to keep this script hanging around.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>