From 0627c9d21205f93f20641dc2f55dbe69ac7152e7 Mon Sep 17 00:00:00 2001 From: chalamalasetty Date: Fri, 25 Sep 2020 00:35:17 -0700 Subject: [PATCH 1/2] Portablectl patches for to support --now --enable and --no-block flags --- ...to-detach-an-image-with-a-unit-in-li.patch | 32 ++ ...spect-on-image-attached-as-directory.patch | 44 +++ ...-add-now-and-enable-to-attach-detach.patch | 365 ++++++++++++++++++ ...blectl-to-load-new-services-without-.patch | 96 +++++ ...k-when-stopping-a-unit-on-detach-now.patch | 104 +++++ ...replace-unload-when-stopping-a-servi.patch | 33 ++ ...ent-container-host-os-release-interf.patch | 25 ++ SPECS/systemd/systemd.spec | 22 +- 8 files changed, 720 insertions(+), 1 deletion(-) create mode 100644 SPECS/systemd/100-portabled-allow-to-detach-an-image-with-a-unit-in-li.patch create mode 100644 SPECS/systemd/101-Portabled-fix-inspect-on-image-attached-as-directory.patch create mode 100644 SPECS/systemd/102-portablectl-add-now-and-enable-to-attach-detach.patch create mode 100644 SPECS/systemd/103-core-allow-portablectl-to-load-new-services-without-.patch create mode 100644 SPECS/systemd/104-portablectl-block-when-stopping-a-unit-on-detach-now.patch create mode 100644 SPECS/systemd/105-portablectl-use-replace-unload-when-stopping-a-servi.patch create mode 100644 SPECS/systemd/106-portabled-implement-container-host-os-release-interf.patch diff --git a/SPECS/systemd/100-portabled-allow-to-detach-an-image-with-a-unit-in-li.patch b/SPECS/systemd/100-portabled-allow-to-detach-an-image-with-a-unit-in-li.patch new file mode 100644 index 00000000000..6bf30e87622 --- /dev/null +++ b/SPECS/systemd/100-portabled-allow-to-detach-an-image-with-a-unit-in-li.patch @@ -0,0 +1,32 @@ +From 992a2e98add398e4c081489d747cd62332ed7e2b Mon Sep 17 00:00:00 2001 +From: Luca Boccassi +Date: Fri, 4 Oct 2019 14:45:41 +0100 +Subject: [PATCH] portabled: allow to detach an image with a unit in + linked-runtime state + +This is necessary when a directory was attached with +--copy=symlink, otherwise detach will always fail. + +Fixed #13725 + +(cherry picked from commit c3d809ef72db616391a1a2b738eae137f9024e3f) +--- + src/portable/portable.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/portable/portable.c b/src/portable/portable.c +index eb5daf3b0e..5fd14c70b6 100644 +--- a/src/portable/portable.c ++++ b/src/portable/portable.c +@@ -1185,7 +1185,7 @@ int portable_detach( + r = unit_file_lookup_state(UNIT_FILE_SYSTEM, &paths, de->d_name, &state); + if (r < 0) + return log_debug_errno(r, "Failed to determine unit file state of '%s': %m", de->d_name); +- if (!IN_SET(state, UNIT_FILE_STATIC, UNIT_FILE_DISABLED, UNIT_FILE_LINKED, UNIT_FILE_RUNTIME)) ++ if (!IN_SET(state, UNIT_FILE_STATIC, UNIT_FILE_DISABLED, UNIT_FILE_LINKED, UNIT_FILE_RUNTIME, UNIT_FILE_LINKED_RUNTIME)) + return sd_bus_error_setf(error, BUS_ERROR_UNIT_EXISTS, "Unit file '%s' is in state '%s', can't detach.", de->d_name, unit_file_state_to_string(state)); + + r = unit_file_is_active(bus, de->d_name, error); +-- +2.20.1 + diff --git a/SPECS/systemd/101-Portabled-fix-inspect-on-image-attached-as-directory.patch b/SPECS/systemd/101-Portabled-fix-inspect-on-image-attached-as-directory.patch new file mode 100644 index 00000000000..86dc2f28f1e --- /dev/null +++ b/SPECS/systemd/101-Portabled-fix-inspect-on-image-attached-as-directory.patch @@ -0,0 +1,44 @@ +From 1d2d0c4bece89adbbc32abb2f38c0efd9080e1d7 Mon Sep 17 00:00:00 2001 +From: Luca Boccassi +Date: Wed, 22 Jan 2020 15:56:24 +0000 +Subject: [PATCH] Portabled: fix inspect on image attached as directory + +When a portable image is attached as a directory, inspect will fail +as the directory will be symlinked under [/run|/etc]/portables and +chase_symlinks will try to open the resolved link to the full +absolute path of the image under [/run|/etc]/portables/. + +(eg: /run/portables/test/home/user/test/etc/os-release) + +Resolve the symlink beforehand to fix the issue. + +Fixes #14634 + +(cherry picked from commit a409d1f5c6ba21ce9f7b113da69b98072f77ca16) +--- + src/portable/portable.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/src/portable/portable.c b/src/portable/portable.c +index 3491723aa1..ea6dc51a30 100644 +--- a/src/portable/portable.c ++++ b/src/portable/portable.c +@@ -373,8 +373,14 @@ static int portable_extract_by_path( + if (r == -EISDIR) { + /* We can't turn this into a loop-back block device, and this returns EISDIR? Then this is a directory + * tree and not a raw device. It's easy then. */ ++ /* Resolve the link to the directory tree. If it's a symlink, chase_symlink of path + "/etc/os-release" ++ * as called by open_os_release will fail (see: #14634). */ ++ _cleanup_free_ char *path_resolve = NULL; + +- r = extract_now(path, matches, -1, &os_release, &unit_files); ++ r = chase_symlinks(path, "/", CHASE_PREFIX_ROOT, &path_resolve); ++ if (r < 0) ++ return log_debug_errno(r, "Failed to resolve image directory path %s: %m", path); ++ r = extract_now(path_resolve, matches, -1, &os_release, &unit_files); + if (r < 0) + return r; + +-- +2.20.1 + diff --git a/SPECS/systemd/102-portablectl-add-now-and-enable-to-attach-detach.patch b/SPECS/systemd/102-portablectl-add-now-and-enable-to-attach-detach.patch new file mode 100644 index 00000000000..6e8f48a5a60 --- /dev/null +++ b/SPECS/systemd/102-portablectl-add-now-and-enable-to-attach-detach.patch @@ -0,0 +1,365 @@ +From 3da654d9e508002c66d7d66cd1444a971e6c1aff Mon Sep 17 00:00:00 2001 +From: Luca Boccassi +Date: Thu, 23 Jan 2020 16:50:15 +0000 +Subject: [PATCH 2/3] portablectl: add --now and --enable to attach/detach + +Add shortcuts to enable and start, or disable and stop, portable +services with a single portablectl command. +Allow to pass a filter on detach, as it's necessary to call +GetImageMetadata to get the unit names associated with an image. + +Fixes #10232 +--- + man/portablectl.xml | 20 ++- + shell-completion/bash/portablectl | 2 +- + src/portable/portablectl.c | 205 +++++++++++++++++++++++++++++- + 3 files changed, 223 insertions(+), 4 deletions(-) + +diff --git a/man/portablectl.xml b/man/portablectl.xml +index 0926991cbe..5078087e70 100644 +--- a/man/portablectl.xml ++++ b/man/portablectl.xml +@@ -123,6 +123,18 @@ + contents of the image. + + ++ ++ ++ ++ Immediately enable/disable the portable service after attach/detach. ++ ++ ++ ++ ++ ++ Immediately start/stop the portable service after attach/before detach. ++ ++ + + + +@@ -202,11 +214,14 @@ + By default, after the unit files are attached the service manager's configuration is reloaded, except + when is specified (see above). This ensures that the new units made available to + the service manager are seen by it. ++ ++ If and/or are passed, the portable service(s) are ++ immediately started and/or enabled after attaching the image. + + + + +- detach IMAGE ++ detach IMAGE [PREFIX…] + + Detaches a portable service image from the host. This undoes the operations executed by the + attach command above, and removes the unit file copies, drop-ins and image symlink +@@ -214,6 +229,9 @@ + component of it (i.e. the file or directory name itself, not the path to it) is used for finding matching unit + files. This is a convencience feature to allow all arguments passed as attach also to + detach. ++ ++ If and/or are passed, prefix(es) are also necessary so ++ that the associated units can be stopped and/or disabled before detaching the image. + + + +diff --git a/shell-completion/bash/portablectl b/shell-completion/bash/portablectl +index 22455d2c1e..a9511b6ce7 100644 +--- a/shell-completion/bash/portablectl ++++ b/shell-completion/bash/portablectl +@@ -35,7 +35,7 @@ _portablectl() { + local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} + local -A OPTS=( + [STANDALONE]='-q --quiet --runtime --no-reload --cat --no-pager --no-legend +- --no-ask-password -h --help --version' ++ --no-ask-password -h --help --version --enable --now' + [ARG]='-p --profile --copy -H --host -M --machine' + ) + +diff --git a/src/portable/portablectl.c b/src/portable/portablectl.c +index b4895e6380..8ec9540786 100644 +--- a/src/portable/portablectl.c ++++ b/src/portable/portablectl.c +@@ -7,6 +7,7 @@ + + #include "alloc-util.h" + #include "bus-error.h" ++#include "bus-unit-util.h" + #include "bus-util.h" + #include "def.h" + #include "dirent-util.h" +@@ -36,6 +37,8 @@ static bool arg_reload = true; + static bool arg_cat = false; + static BusTransport arg_transport = BUS_TRANSPORT_LOCAL; + static char *arg_host = NULL; ++static bool arg_enable = false; ++static bool arg_now = false; + + static int determine_image(const char *image, bool permit_non_existing, char **ret) { + int r; +@@ -389,6 +392,90 @@ static int print_changes(sd_bus_message *m) { + return 0; + } + ++static int maybe_enable_disable(sd_bus *bus, const char *path, bool enable) { ++ _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL; ++ _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; ++ _cleanup_strv_free_ char **names = NULL; ++ UnitFileChange *changes = NULL; ++ size_t n_changes = 0; ++ int r; ++ ++ if (!arg_enable) ++ return 0; ++ ++ names = strv_new(path, NULL); ++ ++ r = sd_bus_message_new_method_call( ++ bus, ++ &m, ++ "org.freedesktop.systemd1", ++ "/org/freedesktop/systemd1", ++ "org.freedesktop.systemd1.Manager", ++ enable ? "EnableUnitFiles" : "DisableUnitFiles"); ++ if (r < 0) ++ return bus_log_create_error(r); ++ ++ r = sd_bus_message_append_strv(m, names); ++ if (r < 0) ++ return bus_log_create_error(r); ++ ++ r = sd_bus_message_append(m, "b", arg_runtime); ++ if (r < 0) ++ return bus_log_create_error(r); ++ ++ if (enable) { ++ r = sd_bus_message_append(m, "b", false); ++ if (r < 0) ++ return bus_log_create_error(r); ++ } ++ ++ r = sd_bus_call(bus, m, 0, &error, &reply); ++ if (r < 0) ++ return log_error_errno(r, "Failed to %s the portable service %s: %s", ++ enable ? "enable" : "disable", path, bus_error_message(&error, r)); ++ ++ if (enable) { ++ r = sd_bus_message_skip(reply, "b"); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ } ++ (void) bus_deserialize_and_dump_unit_file_changes(reply, arg_quiet, &changes, &n_changes); ++ ++ return 0; ++} ++ ++static int maybe_start_stop(sd_bus *bus, const char *path, bool start) { ++ _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL; ++ _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; ++ char *name = (char *)basename(path), *job = NULL; ++ int r; ++ ++ if (!arg_now) ++ return 0; ++ ++ r = sd_bus_call_method( ++ bus, ++ "org.freedesktop.systemd1", ++ "/org/freedesktop/systemd1", ++ "org.freedesktop.systemd1.Manager", ++ start ? "StartUnit" : "StopUnit", ++ &error, ++ &reply, ++ "ss", name, "replace"); ++ if (r < 0) ++ return log_error_errno(r, "Failed to %s the portable service %s: %s", ++ start ? "start" : "stop", path, bus_error_message(&error, r)); ++ ++ r = sd_bus_message_read(reply, "o", &job); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ ++ if (!arg_quiet) ++ log_info("Queued %s to %s portable service %s.", job, start ? "start" : "stop", name); ++ ++ return 0; ++} ++ + static int attach_image(int argc, char *argv[], void *userdata) { + _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL; + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; +@@ -440,6 +527,35 @@ static int attach_image(int argc, char *argv[], void *userdata) { + (void) maybe_reload(&bus); + + print_changes(reply); ++ ++ if (arg_enable || arg_now) { ++ r = sd_bus_message_rewind(reply, 1); ++ if (r < 0) ++ return r; ++ r = sd_bus_message_enter_container(reply, 'a', "(sss)"); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ ++ for (;;) { ++ char *type, *path, *source; ++ ++ r = sd_bus_message_read(reply, "(sss)", &type, &path, &source); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ if (r == 0) ++ break; ++ ++ if ((streq(type, "symlink") || streq(type, "copy")) && endswith(path, ".service")) { ++ (void) maybe_enable_disable(bus, path, true); ++ (void) maybe_start_stop(bus, path, true); ++ } ++ } ++ ++ r = sd_bus_message_exit_container(reply); ++ if (r < 0) ++ return r; ++ } ++ + return 0; + } + +@@ -460,6 +576,74 @@ static int detach_image(int argc, char *argv[], void *userdata) { + + (void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password); + ++ if (arg_now || arg_enable) { ++ _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL; ++ _cleanup_strv_free_ char **matches = NULL; ++ ++ r = determine_matches(argv[1], argv + 2, true, &matches); ++ if (r < 0) ++ return r; ++ ++ r = sd_bus_message_new_method_call( ++ bus, ++ &m, ++ "org.freedesktop.portable1", ++ "/org/freedesktop/portable1", ++ "org.freedesktop.portable1.Manager", ++ "GetImageMetadata"); ++ if (r < 0) ++ return bus_log_create_error(r); ++ ++ r = sd_bus_message_append(m, "s", image); ++ if (r < 0) ++ return bus_log_create_error(r); ++ ++ r = sd_bus_message_append_strv(m, matches); ++ if (r < 0) ++ return bus_log_create_error(r); ++ ++ r = sd_bus_call(bus, m, 0, &error, &reply); ++ if (r < 0) ++ return log_error_errno(r, "Failed to inspect image metadata: %s", bus_error_message(&error, r)); ++ ++ r = sd_bus_message_skip(reply, "say"); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ ++ r = sd_bus_message_enter_container(reply, 'a', "{say}"); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ ++ for (;;) { ++ const char *name; ++ ++ r = sd_bus_message_enter_container(reply, 'e', "say"); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ if (r == 0) ++ break; ++ ++ r = sd_bus_message_read(reply, "s", &name); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ ++ r = sd_bus_message_skip(reply, "ay"); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ ++ r = sd_bus_message_exit_container(reply); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ ++ (void) maybe_start_stop(bus, name, false); ++ (void) maybe_enable_disable(bus, name, false); ++ } ++ ++ r = sd_bus_message_exit_container(reply); ++ if (r < 0) ++ return bus_log_parse_error(r); ++ } ++ + r = sd_bus_call_method( + bus, + "org.freedesktop.portable1", +@@ -792,11 +976,16 @@ static int help(int argc, char *argv[], void *userdata) { + " --no-reload Don't reload the system and service manager\n" + " --cat When inspecting include unit and os-release file\n" + " contents\n\n" ++ " --enable Immediately enable/disable the portable service\n" ++ " after attach/detach\n" ++ " --now Immediately start/stop the portable service after\n" ++ " attach/before detach\n" + "Commands:\n" + " list List available portable service images\n" + " attach NAME|PATH [PREFIX...]\n" + " Attach the specified portable service image\n" +- " detach NAME|PATH Detach the specified portable service image\n" ++ " detach NAME|PATH [PREFIX...]\n" ++ " Detach the specified portable service image\n" + " inspect NAME|PATH [PREFIX...]\n" + " Show details of specified portable service image\n" + " is-attached NAME|PATH Query if portable service image is attached\n" +@@ -819,6 +1008,8 @@ static int parse_argv(int argc, char *argv[]) { + ARG_RUNTIME, + ARG_NO_RELOAD, + ARG_CAT, ++ ARG_ENABLE, ++ ARG_NOW, + }; + + static const struct option options[] = { +@@ -835,6 +1026,8 @@ static int parse_argv(int argc, char *argv[]) { + { "runtime", no_argument, NULL, ARG_RUNTIME }, + { "no-reload", no_argument, NULL, ARG_NO_RELOAD }, + { "cat", no_argument, NULL, ARG_CAT }, ++ { "enable", no_argument, NULL, ARG_ENABLE }, ++ { "now", no_argument, NULL, ARG_NOW }, + {} + }; + +@@ -924,6 +1117,14 @@ static int parse_argv(int argc, char *argv[]) { + arg_cat = true; + break; + ++ case ARG_ENABLE: ++ arg_enable = true; ++ break; ++ ++ case ARG_NOW: ++ arg_now = true; ++ break; ++ + case '?': + return -EINVAL; + +@@ -941,7 +1142,7 @@ int main(int argc, char *argv[]) { + { "help", VERB_ANY, VERB_ANY, 0, help }, + { "list", VERB_ANY, 1, VERB_DEFAULT, list_images }, + { "attach", 2, VERB_ANY, 0, attach_image }, +- { "detach", 2, 2, 0, detach_image }, ++ { "detach", 2, VERB_ANY, 0, detach_image }, + { "inspect", 2, VERB_ANY, 0, inspect_image }, + { "is-attached", 2, 2, 0, is_image_attached }, + { "read-only", 2, 3, 0, read_only_image }, +-- +2.20.1 + diff --git a/SPECS/systemd/103-core-allow-portablectl-to-load-new-services-without-.patch b/SPECS/systemd/103-core-allow-portablectl-to-load-new-services-without-.patch new file mode 100644 index 00000000000..0f425571f7d --- /dev/null +++ b/SPECS/systemd/103-core-allow-portablectl-to-load-new-services-without-.patch @@ -0,0 +1,96 @@ +From bcaae81db2f4eae735c32527632a43920cee536c Mon Sep 17 00:00:00 2001 +From: Luca Boccassi +Date: Thu, 23 Jan 2020 16:51:35 +0000 +Subject: [PATCH 3/3] core: allow portablectl to load new services without + daemon-reload + +When using portable services at medium scale on an arm64 8 core board, +by attaching, daemon-reloading and starting each one in a row, at about +40 services the system starts to croak, everything hangs and times out: +sometimes portablectl times out while trying to contact portabled, +sometimes portabled times out while trying to contact systemd, and +sometimes both happen at the same time. + +On arm64 qemu the limit is even lower, about 5 services are enough. +A daemon-reload takes between 30 seconds and a minute there, and it's +a heavy operation that stalls the manager in the meanwhile. + +Given portable services are most likely leaves, allow to start them +(and only them, by checking that the unit path is in system.attached) +without a daemon-reload. + +The same arm64 board with this change shows no issues anymore, tested +with up to 100 portable services. +--- + src/core/manager.c | 24 +++++++++++++++++++----- + src/portable/portablectl.c | 5 ++++- + 2 files changed, 23 insertions(+), 6 deletions(-) + +diff --git a/src/core/manager.c b/src/core/manager.c +index a4b0b432c4..61e9fb6689 100644 +--- a/src/core/manager.c ++++ b/src/core/manager.c +@@ -1910,6 +1910,13 @@ int manager_load_unit_prepare( + if (!name) + name = basename(path); + ++ /* We might have been given a full path as a name by portablectl attach. */ ++ if (!path && is_path(name) && ++ (startswith(name, "/etc/systemd/system/") || startswith(name, "/run/systemd/system/"))) { ++ path = name; ++ name = basename(path); ++ } ++ + t = unit_name_to_type(name); + + if (t == _UNIT_TYPE_INVALID || !unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) { +@@ -1922,13 +1929,20 @@ int manager_load_unit_prepare( + ret = manager_get_unit(m, name); + if (ret) { + *_ret = ret; +- return 1; ++ /* If the unit is already known (eg: referenced by a target) but ++ * it's not loaded yet, and we were given a path where to find it, set ++ * the state as STUB so that the unit_add_to_*_queue calls load it. */ ++ if (ret->load_state == UNIT_NOT_FOUND && path && ++ (startswith(path, "/etc/systemd/system/") || startswith(path, "/run/systemd/system/"))) ++ ret->load_state = UNIT_STUB; ++ else ++ return 1; ++ } else { ++ ret = cleanup_ret = unit_new(m, unit_vtable[t]->object_size); ++ if (!ret) ++ return -ENOMEM; + } + +- ret = cleanup_ret = unit_new(m, unit_vtable[t]->object_size); +- if (!ret) +- return -ENOMEM; +- + if (path) { + ret->fragment_path = strdup(path); + if (!ret->fragment_path) +diff --git a/src/portable/portablectl.c b/src/portable/portablectl.c +index 8ec9540786..b182fdbe0d 100644 +--- a/src/portable/portablectl.c ++++ b/src/portable/portablectl.c +@@ -447,12 +447,15 @@ static int maybe_enable_disable(sd_bus *bus, const char *path, bool enable) { + static int maybe_start_stop(sd_bus *bus, const char *path, bool start) { + _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL; + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; +- char *name = (char *)basename(path), *job = NULL; ++ char *name = (char *)path, *job = NULL; + int r; + + if (!arg_now) + return 0; + ++ if (arg_reload) ++ name = basename(path); ++ + r = sd_bus_call_method( + bus, + "org.freedesktop.systemd1", +-- +2.20.1 + diff --git a/SPECS/systemd/104-portablectl-block-when-stopping-a-unit-on-detach-now.patch b/SPECS/systemd/104-portablectl-block-when-stopping-a-unit-on-detach-now.patch new file mode 100644 index 00000000000..cf202fb5eeb --- /dev/null +++ b/SPECS/systemd/104-portablectl-block-when-stopping-a-unit-on-detach-now.patch @@ -0,0 +1,104 @@ +From fbcf95ece423431911a0c6f10a0136f752c308fe Mon Sep 17 00:00:00 2001 +From: Luca Boccassi +Date: Wed, 12 Feb 2020 17:27:43 +0000 +Subject: [PATCH] portablectl: block when stopping a unit on detach (--now) + +If portablectl detach --now is used, there's a possible race condition +where the unit is not stopped in time before the detach is attempted, +which causes it to fail. +Add a DBUS call to block after starting/stopping if --now is passed, +and add a --no-block parameter to skip it optionally when starting, +since it is not necessary in that case for correct functioning. +--- + src/portable/portablectl.c | 26 ++++++++++++++++++++++++++ + 1 file changed, 26 insertions(+) + +diff --git a/src/portable/portablectl.c b/src/portable/portablectl.c +index f15ee6145b..a48e022ea6 100644 +--- a/src/portable/portablectl.c ++++ b/src/portable/portablectl.c +@@ -39,6 +39,7 @@ static BusTransport arg_transport = BUS_TRANSPORT_LOCAL; + static char *arg_host = NULL; + static bool arg_enable = false; + static bool arg_now = false; ++static bool arg_no_block = false; + + static int determine_image(const char *image, bool permit_non_existing, char **ret) { + int r; +@@ -447,6 +448,7 @@ static int maybe_enable_disable(sd_bus *bus, const char *path, bool enable) { + } + + static int maybe_start_stop(sd_bus *bus, const char *path, bool start) { ++ _cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *wait = NULL; + _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL; + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; + char *name = (char *)path, *job = NULL; +@@ -458,6 +460,12 @@ static int maybe_start_stop(sd_bus *bus, const char *path, bool start) { + if (arg_reload) + name = basename(path); + ++ if (!arg_no_block || !start) { ++ r = bus_wait_for_jobs_new(bus, &wait); ++ if (r < 0) ++ return log_error_errno(r, "Could not watch jobs: %m"); ++ } ++ + r = sd_bus_call_method( + bus, + "org.freedesktop.systemd1", +@@ -478,6 +486,17 @@ static int maybe_start_stop(sd_bus *bus, const char *path, bool start) { + if (!arg_quiet) + log_info("Queued %s to %s portable service %s.", job, start ? "start" : "stop", name); + ++ /* Stopping must always block or the detach will fail if the unit is still running */ ++ if (!arg_no_block || !start) { ++ r = bus_wait_for_jobs_add(wait, job); ++ if (r < 0) ++ return log_error_errno(r, "Failed to watch %s job for %s %s: %m", ++ job, start ? "starting" : "stopping", name); ++ r = bus_wait_for_jobs(wait, arg_quiet, NULL); ++ if (r < 0) ++ return r; ++ } ++ + return 0; + } + +@@ -1005,6 +1024,7 @@ static int help(int argc, char *argv[], void *userdata) { + " after attach/detach\n" + " --now Immediately start/stop the portable service after\n" + " attach/before detach\n" ++ " --no-block Don't block waiting for attach --now to complete\n" + "Commands:\n" + " list List available portable service images\n" + " attach NAME|PATH [PREFIX...]\n" +@@ -1035,6 +1055,7 @@ static int parse_argv(int argc, char *argv[]) { + ARG_CAT, + ARG_ENABLE, + ARG_NOW, ++ ARG_NO_BLOCK, + }; + + static const struct option options[] = { +@@ -1053,6 +1074,7 @@ static int parse_argv(int argc, char *argv[]) { + { "cat", no_argument, NULL, ARG_CAT }, + { "enable", no_argument, NULL, ARG_ENABLE }, + { "now", no_argument, NULL, ARG_NOW }, ++ { "no-block", no_argument, NULL, ARG_NO_BLOCK }, + {} + }; + +@@ -1150,6 +1172,10 @@ static int parse_argv(int argc, char *argv[]) { + arg_now = true; + break; + ++ case ARG_NO_BLOCK: ++ arg_no_block = true; ++ break; ++ + case '?': + return -EINVAL; + +-- +2.20.1 + diff --git a/SPECS/systemd/105-portablectl-use-replace-unload-when-stopping-a-servi.patch b/SPECS/systemd/105-portablectl-use-replace-unload-when-stopping-a-servi.patch new file mode 100644 index 00000000000..1e85675fc1e --- /dev/null +++ b/SPECS/systemd/105-portablectl-use-replace-unload-when-stopping-a-servi.patch @@ -0,0 +1,33 @@ +From f3454e10bd598aeee71692340f52009d03a73099 Mon Sep 17 00:00:00 2001 +From: Luca Boccassi +Date: Wed, 13 May 2020 19:10:06 +0100 +Subject: [PATCH 2/2] portablectl: use replace-unload when stopping a service + with --no-reload + +Once an image is detached, the service is no longer able to run. +Without a daemon-reload, if the unit is still loaded, a subsequent +attach will fail as the unit already exists. +Ensure it is always unloaded even without daemon-reload if --no-reload +is passed on the command line by using the new stop job mode. + +(cherry picked from commit f15aa996977d3f52e0071a983456071de30d0018) +--- + src/portable/portablectl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/portable/portablectl.c b/src/portable/portablectl.c +index fc83823cf8..0eec6d5a09 100644 +--- a/src/portable/portablectl.c ++++ b/src/portable/portablectl.c +@@ -472,7 +472,7 @@ static int maybe_start_stop(sd_bus *bus, const char *path, bool start) { + start ? "StartUnit" : "StopUnit", + &error, + &reply, +- "ss", name, "replace"); ++ "ss", name, !start && !arg_reload ? "replace-unload" : "replace"); + if (r < 0) + return log_error_errno(r, "Failed to %s the portable service %s: %s", + start ? "start" : "stop", path, bus_error_message(&error, r)); +-- +2.20.1 + diff --git a/SPECS/systemd/106-portabled-implement-container-host-os-release-interf.patch b/SPECS/systemd/106-portabled-implement-container-host-os-release-interf.patch new file mode 100644 index 00000000000..9328a2cbfc7 --- /dev/null +++ b/SPECS/systemd/106-portabled-implement-container-host-os-release-interf.patch @@ -0,0 +1,25 @@ +From 69beed2bb629639a9b52410a2b35247bc4c296e1 Mon Sep 17 00:00:00 2001 +From: Luca Boccassi +Date: Fri, 22 May 2020 16:56:37 +0100 +Subject: [PATCH] portabled: implement container host os-release interface + +(cherry picked from commit 73083ca238d8d537e2713378271a316fc6afa350) +--- + src/portable/portable.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/portable/portable.c b/src/portable/portable.c +index b305949c24..d3258e1fc0 100644 +--- a/src/portable/portable.c ++++ b/src/portable/portable.c +@@ -722,6 +722,7 @@ static int install_chroot_dropin( + "[Service]\n", + IN_SET(type, IMAGE_DIRECTORY, IMAGE_SUBVOLUME) ? "RootDirectory=" : "RootImage=", image_path, "\n" + "Environment=PORTABLE=", basename(image_path), "\n" ++ "BindReadOnlyPaths=/usr/lib/os-release:/run/host/os-release\n" + "LogExtraFields=PORTABLE=", basename(image_path), "\n", + NULL)) + +-- +2.20.1 + diff --git a/SPECS/systemd/systemd.spec b/SPECS/systemd/systemd.spec index d37d36550ba..795793355ea 100644 --- a/SPECS/systemd/systemd.spec +++ b/SPECS/systemd/systemd.spec @@ -1,7 +1,7 @@ Summary: Systemd-239 Name: systemd Version: 239 -Release: 31%{?dist} +Release: 32%{?dist} License: LGPLv2+ and GPLv2+ and MIT URL: https://www.freedesktop.org/wiki/Software/systemd/ Group: System Environment/Security @@ -36,6 +36,15 @@ Patch15: https://github.com/systemd/systemd/commit/8f6b442a78d0b485f044 # Furthermore, strict mode DoT is not supported before v243. Patch16: CVE-2018-21029.nopatch +#Portablectl patches for --now --enable and --no-block flags support +Patch100: 100-portabled-allow-to-detach-an-image-with-a-unit-in-li.patch +Patch101: 101-Portabled-fix-inspect-on-image-attached-as-directory.patch +Patch102: 102-portablectl-add-now-and-enable-to-attach-detach.patch +Patch103: 103-core-allow-portablectl-to-load-new-services-without-.patch +Patch104: 104-portablectl-block-when-stopping-a-unit-on-detach-now.patch +Patch105: 105-portablectl-use-replace-unload-when-stopping-a-servi.patch +Patch106: 106-portabled-implement-container-host-os-release-interf.patch + Obsoletes: systemd-bootstrap Requires: pam Requires: libcap @@ -108,6 +117,15 @@ EOF %patch14 -p1 %patch15 -p1 +# Portablectl patches +%patch100 -p1 +%patch101 -p1 +%patch102 -p1 +%patch103 -p1 +%patch104 -p1 +%patch105 -p1 +%patch106 -p1 + sed -i "s#\#DefaultTasksMax=512#DefaultTasksMax=infinity#g" src/core/system.conf.in %build @@ -271,6 +289,8 @@ rm -rf %{buildroot}/* %files lang -f %{name}.lang %changelog +* Wed Sep 23 2020 Suresh Babu Chalamalasetty 239-32 +- Portablectl patches for --now --enable and --no-block flags support * Mon Aug 24 2020 Leandro Pereira 239-31 - Use time.windows.com as the default NTP server in timesyncd. * Tue Aug 11 2020 Mateusz Malisz 239-30 From ca6681f48f2a8b65b28bbd4630df46aced5ca814 Mon Sep 17 00:00:00 2001 From: chalamalasetty Date: Fri, 25 Sep 2020 00:51:53 -0700 Subject: [PATCH 2/2] Portablectl patches for to support --now --enable and --no-block flags --- toolkit/resources/manifests/package/toolchain_aarch64.txt | 8 ++++---- toolkit/resources/manifests/package/toolchain_x86_64.txt | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt index 2799b0b2ffd..662e5f655c3 100644 --- a/toolkit/resources/manifests/package/toolchain_aarch64.txt +++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt @@ -352,13 +352,13 @@ sqlite-devel-3.32.3-1.cm1.aarch64.rpm sqlite-libs-3.32.3-1.cm1.aarch64.rpm swig-3.0.12-4.cm1.aarch64.rpm swig-debuginfo-3.0.12-4.cm1.aarch64.rpm -systemd-239-31.cm1.aarch64.rpm +systemd-239-32.cm1.aarch64.rpm systemd-bootstrap-239-29.cm1.aarch64.rpm systemd-bootstrap-debuginfo-239-29.cm1.aarch64.rpm systemd-bootstrap-devel-239-29.cm1.aarch64.rpm -systemd-debuginfo-239-31.cm1.aarch64.rpm -systemd-devel-239-31.cm1.aarch64.rpm -systemd-lang-239-31.cm1.aarch64.rpm +systemd-debuginfo-239-32.cm1.aarch64.rpm +systemd-devel-239-32.cm1.aarch64.rpm +systemd-lang-239-32.cm1.aarch64.rpm tar-1.32-2.cm1.aarch64.rpm tar-debuginfo-1.32-2.cm1.aarch64.rpm tdnf-2.1.0-4.cm1.aarch64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt index b60f46796cd..386d44159e2 100644 --- a/toolkit/resources/manifests/package/toolchain_x86_64.txt +++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt @@ -352,13 +352,13 @@ sqlite-devel-3.32.3-1.cm1.x86_64.rpm sqlite-libs-3.32.3-1.cm1.x86_64.rpm swig-3.0.12-4.cm1.x86_64.rpm swig-debuginfo-3.0.12-4.cm1.x86_64.rpm -systemd-239-31.cm1.x86_64.rpm +systemd-239-32.cm1.x86_64.rpm systemd-bootstrap-239-29.cm1.x86_64.rpm systemd-bootstrap-debuginfo-239-29.cm1.x86_64.rpm systemd-bootstrap-devel-239-29.cm1.x86_64.rpm -systemd-debuginfo-239-31.cm1.x86_64.rpm -systemd-devel-239-31.cm1.x86_64.rpm -systemd-lang-239-31.cm1.x86_64.rpm +systemd-debuginfo-239-32.cm1.x86_64.rpm +systemd-devel-239-32.cm1.x86_64.rpm +systemd-lang-239-32.cm1.x86_64.rpm tar-1.32-2.cm1.x86_64.rpm tar-debuginfo-1.32-2.cm1.x86_64.rpm tdnf-2.1.0-4.cm1.x86_64.rpm