IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
I happen to have a machine where /boot is not a separate mountpoint,
but rather just a directory under /. After upgrade to recent Fedora,
I found out that grub2 can't find any new kernels.
This happens because loadentry script generates kernel and initrd file
paths relative to /boot, while grub2 expects path to be relative to the
root of filesystem on which they are residing.
This commit fixes this issue by using stat's %m to find the mount point
of a partition holding the images, and using it as a prefix to be
removed from ENTRY_DIR_ABS.
Note that %m for stat requires coreutils 8.6, released in Oct 2010.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
(cherry picked from commit 1cdbff1c844ce46f1d84d8feeed426ebfd550988)
(cherry picked from commit 2ee1c57c4ff4fd3349cf03c2e89fbd18ca0b3a4a)
(cherry picked from commit 325edff51a8f03c8c777a6c2762e7891266cc9dc)
(cherry picked from commit 3ceaa81c61b654ebf562464d142675bd4d57d7b6)
(cherry picked from commit 2fef50cd9eee59cea6145639f6bd464939fac624)
(cherry picked from commit f2763ff6cd9385e82171e17ed83a7698c7f561fd)
(cherry picked from commit 8bc7ff600f065106eed3cad5689ad5db6ab68583)
(cherry picked from commit ecbb5a4f6796cbb9d370ab881155ed1b29142c8f)
Let's verify that everything works the way we expect it to work, hence
check setsid() return code.
(cherry picked from commit efe426624046089b74b70708e61f304f3cd414a7)
(cherry picked from commit 6f9c8af500fd4362d656917703eab4f941e7e45a)
(cherry picked from commit a049ddfc61e20b19fbb64d59602e25e8ccad140e)
(cherry picked from commit a09947ddd473bd5d73789a92db6a09c128bb6db9)
(cherry picked from commit 3afda7c7976c25db786948a961873fa5c2c8e0e9)
(cherry picked from commit 31875b3cb05a2de76054752d40a810e40c8dbe87)
(cherry picked from commit 0dccd1f82b8f8b30bd6b059eba9254a08fa54861)
(cherry picked from commit 334f8e2e8fe07e1034d8ae1f94a02312ff19c0ce)
Let's suppress the secondary arch data, since we never ever want to
mount it if we found the primary arch.
Previously we only suppressed in the Verity case, but there's little
reason to entertain the idea of a secondary arch in non-Verity
environments either, we are not going to use them, and should not do
decryption or anything like that.
(cherry picked from commit 74cb2db9f403dfe17cabc6dac48b0f49a84eb03f)
(cherry picked from commit 418cf0e78c067f7249f4769f78c8c199d907935f)
(cherry picked from commit 7f2b6a50d3c47da8a697f50c0bc191902ebec069)
(cherry picked from commit b6efbbfb001a41c4e74a716f73c67abe8250594e)
(cherry picked from commit e29e5db7dff1442ef73cbcd0c898e11078e1042d)
(cherry picked from commit 1d17c00260a923188363fc32363ff8b6bae06230)
(cherry picked from commit bc321efb7a1c253f1bf584d97303c447db68a8e8)
(cherry picked from commit dc5c5cd5c864aaae8c2695c2b833d556d8df0f98)
(cherry picked from commit 150c430fd499082164b6ddbd2f501e2333261a78)
(cherry picked from commit d08f6fddc0a04a212dff9da14f77e3923414c233)
(cherry picked from commit 277b8bb5981160b3cc6b0525414df6a5e1841b19)
(cherry picked from commit f4777883f987929a0c618355a9dec6649adebaed)
This points to some firmware issue, but we should still be able to
correct things if this happens. Hence log about this and fix it.
Fixes: #17041
(cherry picked from commit ad0b610b0c1c2595c32b6235e7ac5ad7fba6e0aa)
(cherry picked from commit a06cf9a5bad917b9ac6016c940c5f0f0238f266f)
(cherry picked from commit 387881ae21acc1022c5c8c17f273ecc254fffe24)
(cherry picked from commit 9f6249eb7fe14ea975dd9d48681408005f598fe4)
if we allocate a bunch of hash tables all at the same time, with none
earlier than the other, there's a good chance we'll initialize the
shared hash key multiple times, so that some threads will see a
different shared hash key than others.
Let's fix that, and make sure really everyone sees the same hash key.
Fixes: #17007
(cherry picked from commit ae0b700a856c0ae460d271bb50dccfaae84dbcab)
(cherry picked from commit e662cf6d515daad19e70c3d85e244b213ac48997)
(cherry picked from commit 1557cfcf7ce1f2b9f2dbd28e1f9ee9fad606dec0)
(cherry picked from commit bda316cc0a2650f8bf1f1e8c60ef7a7e639189ec)
(cherry picked from commit 06d98bdc81b233584d4b225892d358f324b7030b)
(cherry picked from commit 8758580ef561d9889990c89283acf82f8a9a66dc)
(cherry picked from commit 1c12ac48ad030aebfb473078a283ba262cc35549)
(cherry picked from commit b80ea9e3da726f6d545534d83e80c4271914b491)
We already append 000000 early on when parsing the cmdline args, let's
not do that a second time.
Fixes: #16919
(cherry picked from commit 64a5384fd2cde9b66a778c318036e7771f273f17)
(cherry picked from commit 2239965c299e53db961f4294ccd5cbbda4f377df)
(cherry picked from commit a46a8189e370a5f1b58f0cf7158386cee4555fb4)
(cherry picked from commit c829f6e7ca5a3480c5995deb96ee77643128e546)
(cherry picked from commit ae0d36c161ef0b8bde08d37674eb500061245728)
(cherry picked from commit 61d29b7f8c57898ba1a15a8fab90fde7c95efbc6)
(cherry picked from commit fe01ff05031f58658b092f57c515a98956ebf218)
(cherry picked from commit bb9d872398f3d6d5dae4049d66669352c9d22e21)
We must have the error number around when completing the transaction.
Let's hence make sure we always initialize it *first* (we accidentally
did it once after).
Fixes: #11626
(cherry picked from commit fd8a30170342cfe245ea6acac392c2b224f0ae1b)
(cherry picked from commit 38ae73fafd39915e7b40fe311165fcec79fc0ee8)
(cherry picked from commit 54948d498a7b0ad446907ff51ecd549484d517bb)
(cherry picked from commit 156570cc774bd129e889c6a44c094189ac0e8fb1)
N_DEVICE_NODE_LIST_ATTEMPTS is unconditionally used since version 246 and
ac1f3ad05f
However, this variable is only defined if HAVE_BLKID is set resulting in
the following build failure if cryptsetup is enabled but not libblkid:
../src/shared/dissect-image.c:1336:34: error: 'N_DEVICE_NODE_LIST_ATTEMPTS' undeclared (first use in this function)
1336 | for (unsigned i = 0; i < N_DEVICE_NODE_LIST_ATTEMPTS; i++) {
|
Fixes:
- http://autobuild.buildroot.org/results/67782c225c08387c1bbcbea9eee3ca12bc6577cd
(cherry picked from commit 28e2641a1aa506c5df93c7a0cb107aed8297b45e)
(cherry picked from commit d6b1e659b366283fe7c7961c3d1e1550c6b1b1eb)
(cherry picked from commit 2cba282b0c0d0cae7903f9953220efe798f5c7ec)
(cherry picked from commit 02bba02fa699732881d4ac771dc5b11c00ec459c)
(cherry picked from commit 0f849d0af983922e1571b958c9ca42f51e799190)
(cherry picked from commit e42f9add21da833ce2d26d4763c022aceec20853)
(cherry picked from commit f1d740fdb177b912c8a600cd786258f992313f08)
(cherry picked from commit 13cb5986312bf877dd301087f72c13e4b4a620f9)
(cherry picked from commit dd050420390c6557354b0e3aaecd52abc4bf906c)
(cherry picked from commit 4804ce148812b0f682e2c0fe16b4677ba0fc556d)
(cherry picked from commit 4db76e17a469c8f15ac818263c145c1b66356e79)
(cherry picked from commit 6ab20e9f3b047dc24e2c2c35e8df2159eb4691ba)
We need to include `<sys/stat.h>` for usage of the `struct stat` in
the Manager struct, much as we already include `<stdbool.h>` for C99
booleans.
This helps alleviate another minor build failure on non-glibc systems.
(cherry picked from commit 97207ac85cb8f8cba9459694255ff0396f020279)
(cherry picked from commit 2fb612371dfec40a90be975f9110341cac42300d)
(cherry picked from commit e88aec2c30d1fafcca457489bf2ecb7075431992)
(cherry picked from commit 9ef259dd4d8bd38634628a503226835ff6c50e6e)
Yet another new capability coming in Linux kernel v5.9.
Make sure we can recongize them even when built with older kernel headers.
(cherry picked from commit 94d21c2ef6cd6bb035d4c21c98ab001c0abd4cbe)
(cherry picked from commit 23529212447e6a836440e0729c3562d8e0d4c891)
(cherry picked from commit 31d80185883792a9dad1519ee147a3c9e02f960c)
(cherry picked from commit 34b4dc64c6358c4dd5989778db86c4d90dadb4c9)
Previously:
1. last_error wouldn't be updated with errors from is_dir;
2. We'd always issue a stat(), even for binaries without execute;
3. We used stat() instead of access(), which is cheaper.
This change avoids all of those, by only checking inside X_OK-positive
case whether access() works on the path with an extra slash appended.
Thanks to Lennart for the suggestion.
(cherry picked from commit 33e1a5d8d3f792e1d98377fe439e123231032ec7)
(cherry picked from commit a4236a27644705e58836f5d547d5aef50d568c11)
(cherry picked from commit 6a30d4e98032575d385a09d15782be74cbef6dfe)
(cherry picked from commit 0783b4f8cecda4f21e9021495377e2c807a32a5e)
Imagine $PATH /a:/b. There is an echo command at /b/echo. Under this
configuration, this works fine:
% systemd-run --user --scope echo .
Running scope as unit: run-rfe98e0574b424d63a641644af511ff30.scope
.
However, if I do `mkdir /a/echo`, this happens:
% systemd-run --user --scope echo .
Running scope as unit: run-rcbe9369537ed47f282ee12ce9f692046.scope
Failed to execute: Permission denied
We check whether the resulting file is executable for the performing
user, but of course, most directories are anyway, since that's needed to
list within it. As such, another is_dir() check is needed prior to
considering the search result final.
Another approach might be to check S_ISREG, but there may be more gnarly
edge cases there than just eliminating this obviously pathological
example, so let's just do this for now.
(cherry picked from commit 8b5cb69bc8b70d1dcc39ed2165907723099bd9d8)
(cherry picked from commit b7cef386bd1bc810f5bb12d84c2ec4d6428231e3)
(cherry picked from commit 0752452dc504be958c38af7d49ef5b729b28de5c)
(cherry picked from commit d0735d81d406d51d320b190e522979200f5b3a8e)
(cherry picked from commit dd47b25220f69f869679089da5cc848cf9cd0c78)
(cherry picked from commit 122945f315c8ccb1ecaf8384aff85931791d45d3)
(cherry picked from commit 7d250c485fe5c0974b226767b3744e0c543ae005)
(cherry picked from commit 436872f995d712736ca917aa903921448831bbe2)
(cherry picked from commit 45b156c1559da468f1c12aa5170858574c9b5831)
(cherry picked from commit 42fab2d454a33f11d545db1d5e90d73deaf4dd9e)
(cherry picked from commit 2d0e391967ac53e1b011c63304c7ade98a3797c7)
(cherry picked from commit 342dc4c15f30d0c9ef4558e5245bccfe2077376b)
(cherry picked from commit b6ce3d2c0152a17210bb7fd31bb92a289f181a57)
(cherry picked from commit ed3f97f9625f6349045a4b80581bbf76cc4fcdbd)
(cherry picked from commit 77dddecfd0ca9200d8d241d3baf8a00cb640bd75)
(cherry picked from commit fec0bb6df444c8dd9067ec93e1398476a5fef858)
It is possible that we will be running with an upgraded libseccomp, in which
case libseccomp might know the syscall name, even if the number is not known at
the time when systemd is being compiled. The guard only serves to break such
upgrades, by requiring that we also recompile systemd.
For s390-specific syscalls, use a define to exclude them, so that that we don't
try to filter them on other arches.
(cherry picked from commit 6da432fd542af5553742b905a0f87a825a28a399)
(cherry picked from commit 6a2d73638d8c710676107aedd7ad02abcb47975d)
(cherry picked from commit b92dbd67decb443cfc35b357fb6e627e4148aadf)
(cherry picked from commit 11a97bc230f62e8c94559ccf656d3e0236429561)
(cherry picked from commit 556a7bbed607ec8cbbf4affc5d862ef92403418e)
(cherry picked from commit 76331f86f630bd884f2e16a36d66c55b2b22c8e1)
(cherry picked from commit 6cf2ec5da11488c31415f94180ad799a0187ce6c)
(cherry picked from commit da0cc77b520cc8b1f96ad8f5124d7a70c4001e74)
(cherry picked from commit f3317336450e1145b97ae9e38bd626f3d4c88eb8)
(cherry picked from commit 946e4c43bb4ac189259b3cbc035400ca90a8148f)
(cherry picked from commit 31c85925a9c1de385be0a0bab3574bf3e2aa3987)
(cherry picked from commit 5c35bcf3291839f6223e5d3e123765164fce61bd)
The commit 1070d271fa8fa553d57dd5f74dd1e3f60732d0b9 which was supposed
too fix this does not seem to take effect any more. We get again 34%
compilation success rate while scanning systemd itself. Moreover, the
installed header file breaks compilation of programs that include it:
"/usr/include/systemd/_sd-common.h", line 23: error #35: #error directive: "Do
not include _sd-common.h directly; it is a private header."
# error "Do not include _sd-common.h directly; it is a private header."
^
(cherry picked from commit 4191b3282afbca9f1ef333f91bb6566c374da1fe)
(cherry picked from commit 5aec8fe54e47dbffc9ed705e4211f935bdca1550)
(cherry picked from commit 42f329455667e48131c2a8d3d63f5ce2211d9a92)
(cherry picked from commit d091e19bbdceafa915e63f71e13bb1e1955a62f5)
strv_env_get only returns the environment variable value. putenv expects
KEY=VALUE format strings. Use setenv instead to fix the use.
(cherry picked from commit 6f646e01755df587bb33dae4ca78cdaad5721f5e)
(cherry picked from commit b81504a3c76bfb3afd339cb74988892f9dccedd1)
(cherry picked from commit 492a8b34178cf851ded4f23815d1182025bbbf8a)
(cherry picked from commit d56055f47f5ba86e0f56126e364b1939d035001f)
Fixed below systemd codesonar warning.
isprint() is invoked here with an argument of signed
type char, but only has defined behavior for int arguments that are
either representable as unsigned char or equal to the value
of macro EOF(-1).
As per codesonar report, in a number of libc implementations, isprint()
function implemented using lookup tables (arrays): passing in a
negative value can result in a read underrun.
(cherry picked from commit e7e954243a17cceb5278aac6249ee0dcc119b1eb)
(cherry picked from commit 1b9c95bfbf7e5fc32e033851bf06f0a9f7f9f08b)
(cherry picked from commit 674a2beff0ac7b1cb0358401d6f64d726bca4e4f)
Builds with recent glibc would fail with:
../src/network/netdev/fou-tunnel.c: In function ‘config_parse_ip_protocol’:
../src/basic/macro.h:380:9: error: static assertion failed: "IPPROTO_MAX-1 <= UINT8_MAX"
380 | static_assert(expr, #expr)
| ^~~~~~~~~~~~~
../src/network/netdev/fou-tunnel.c:161:9: note: in expansion of macro ‘assert_cc’
161 | assert_cc(IPPROTO_MAX-1 <= UINT8_MAX);
| ^~~~~~~~~
This is because f9ac84f92f151e07586c55e14ed628d493a5929d (present in
glibc-2.31.9000-9.fc33.x86_64) added IPPROTO_MPTCP=262, following
v5.5-rc5-1002-gfaf391c382 in the kernel.
(cherry picked from commit 3d58d7328a6ecbc61d3494803d705edd8a108d72)
(cherry picked from commit c5e346905952fef0f163d91522dd43333f1f219d)
(cherry picked from commit cc8aeb9916ee5ea026bec4cec8543ecfd73ed458)
systemd-boot selects the last valid entry by default, not the first.
Fixes: #15256
(cherry picked from commit e6190e2882e1d6772a9e586fcc65c91d406e52fb)
(cherry picked from commit c5883bc08877d8bad10110434037a3c21950a71a)
(cherry picked from commit f047b0706c01f99c1b781f44b7b4d95ecdb8abe2)
We would parse numbers with base prefixes as user identifiers. For example,
"0x2b3bfa0" would be interpreted as UID==45334432 and "01750" would be
interpreted as UID==1000. This parsing was used also in cases where either a
user/group name or number may be specified. This means that names like
0x2b3bfa0 would be ambiguous: they are a valid user name according to our
documented relaxed rules, but they would also be parsed as numeric uids.
This behaviour is definitely not expected by users, since tools generally only
accept decimal numbers (e.g. id, getent passwd), while other tools only accept
user names and thus will interpret such strings as user names without even
attempting to convert them to numbers (su, ssh). So let's follow suit and only
accept numbers in decimal notation. Effectively this means that we will reject
such strings as a username/uid/groupname/gid where strict mode is used, and try
to look up a user/group with such a name in relaxed mode.
Since the function changed is fairly low-level and fairly widely used, this
affects multiple tools: loginctl show-user/enable-linger/disable-linger foo',
the third argument in sysusers.d, fourth and fifth arguments in tmpfiles.d,
etc.
Fixes#15985.
(cherry picked from commit 156a5fd297b61bce31630d7a52c15614bf784843)
(cherry picked from commit 9498903de6c1f7b0c3e5f1654d0ee451a304c59d)
(cherry picked from commit 1d1f5006cbe239b29092602f59baa062f4ef95c6)
We need this for a follow up security fix.
(cherry picked from commit b934ac3d6e7dcad114776ef30ee9098693e7ab7e)
(cherry picked from commit 64126925181809e7c0b8916471186c0bfa19d6ce)
(cherry picked from commit b07d782047fecfa29d9d94cc826ed70eb2a3ab13)
The return type of callbacks was changed from int to an enum.
(cherry picked from commit d17eabb1052e7c8c432331a7a782845e36164f01)
(cherry picked from commit a91ed646aa698ff530770c836c174fb7b3a5e799)
(cherry picked from commit 7bc54463ced882ac31fd42b2e34a9e764330a31a)
Don't pass values from argv[] directly to child process forked using
safe_fork, because it clears argv[]. strdup them first.
(cherry picked from commit c315b79fb43a4d921a533ba0c2cb303324887993)
(cherry picked from commit ec9fd71358d617d5f178d42b82cf20f89973f687)
(cherry picked from commit 137d4487511b3221d3c9165326bf55f297dcd5a6)
(cherry picked from commit 98a349465291801537b644ff1478ac2daeeeba21)
(cherry picked from commit cd7d8bb96291a33c510cb8f9e7c7494af3d1b0b5)
We used to log the following error:
"Start job for unit user-1000.slice failed with 'canceled'"
which can be really misleading if the actual job failed at *stopping* a unit.
Indeed "Start" was hard coded but it was wrong since we can also fail with stop
jobs which are enqueued when a session is stopped.
(cherry picked from commit b39648ed47065202b343d1d4bde3232d81fdfecc)
(cherry picked from commit 8f0feac20f7d4c29a42839343308fcd602ec5b63)
(cherry picked from commit 6aae7f596afd62a72b18c92f464abc8bebbc8cba)
This documents the syntax
enable template@.service foo bar baz
that was introduced in #9901 to preset templated units.
(cherry picked from commit 1f667d8a7cff4355cd23ebebeb4d7179e3498eb8)
(cherry picked from commit d1d3f2aa1561a9a75ce58026ef0a6bd4c5b464ac)
(cherry picked from commit f4d5928122fe632b441145750a03d95fd8dd2cc6)
(cherry picked from commit 0b1b0a01ab22c088046634c46c496022e7e60673)
(cherry picked from commit 3c69813c69af90e75acf9a80047ecf5b075c138d)
(cherry picked from commit 148f7b147aaba46491cec23ec44e4e998a84900f)
This regression was introduced in #14913.
The current_file variable can be NULL, as, for example, with the
following commands:
* journalctl --list-boots
* journalctl -b -1 --no-pager
Since current_file is only checked for pointer equality with f, removing
the assertion is safe here.
(cherry picked from commit 8d0726fcd7b72f2a6f75dd731cbf7c8d4df107ef)
(cherry picked from commit e8df08cfdb20e31066559c53420d7fd56b31ec01)
(cherry picked from commit a713f52ddb09e8ef606c12e559d787355c67aa7e)