IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
exec_child() is supposed to set *exit_status when returning failure.
Unfortunately, we didn't do that in two cases. The result would be:
- a bogus error message "Failed at step SUCCESS spawning foo: …",
- a bogus success exit status.
Bugs introduced in 390902012c5177b6b01bc634b2e9c704073d9e7d and
ad21e542b20f0fb292d1958d3a759bf3403522c2.
The code is reworked to add some asserts and not set exit_status in the caller
so that it's clearer (also to the compiler) that it needs to be set.
(cherry picked from commit 5fa01ac0369f0f225ab1e1f90f6b7058cc4deaaf)
If someone reads /run/host/os-release at the exact same time it is being updated, and it
is large enough, they might read a half-written file. This is very unlikely as
os-release is typically small and very rarely changes, but it is not
impossible.
Bind mount a staging directory instead of the file, and symlink the file
into into, so that we can do atomic file updates and close this gap.
Atomic replacement creates a new inode, so existing bind mounts would
continue to see the old file, and only new services would see the new file.
The indirection via the directory allows to work around this, as the
directory is fixed and never changes so the bind mount is always valid,
and its content is shared with all existing services.
Fixes https://github.com/systemd/systemd/issues/28794
Follow-up for 3f37a82545d461ab
(cherry picked from commit 663e27564ff4529b04da0ddc96804eb4e084a043)
The logic around checking PKCS11 tokens (used by systemd-cryptenroll) contains a bug.
The code is checking the flags field of a pkcs11 token_info structure against a set of flags defined for the pkcs11 slot_info structure. This PR changes the check so that the correct structure's flag field is being checked.
(Reference to the PKCS#11 spec:http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html, section CK_SLOT_INFO).
(cherry picked from commit 5007942477ecfb69702f542cb6770ea4b5bc1e57)
We call dir_is_empty() to check if the directory is empty but don't
take the result into account when returning from the function.
(cherry picked from commit e36c6210b7e1509206514dccedb73f7a1a5c4de1)
This makes tmpfiles, sysusers, and udevd invoked in the following order:
1. systemd-tmpfiles-setup-dev-early.service
Create device nodes gracefully, that is, create device nodes anyway
by ignoring unknown users and groups.
2. systemd-sysusers.service
Create users and groups, to make later invocations of tmpfiles and
udevd can resolve necessary users and groups.
3. systemd-tmpfiles-setup-dev.service
Adjust owners of previously created device nodes.
4. systemd-udevd.service
Process all devices. Especially to make block devices active and can
be mountable.
5. systemd-tmpfiles-setup.service
Setup basic filesystem.
Follow-up for b42482af904ae0b94a6e4501ec595448f0ba1c06.
Fixes#28653.
Replaces #28681 and #28732.
(cherry picked from commit bb7f485f4bddd57bbf50739bafa43d127bab59d6)
Otherwise if the os-release file shrinks between updates, there
will be a merge of the two.
Also remove redundant ENOENT check.
Follow-up for 3f37a82545d461ab
(cherry picked from commit bf85c2395e3ed5628b58f86a478e99132288130d)
Follow-up for: 947d836a6e86f1936250ff8e3c67fa33b92a597f
(I guess in the original patch authors usecase the root fs actually
*does* remain in memory, but that's a special case and does not belong
in the man pages this way).
(cherry picked from commit 579fbe5b789cbee10546f6274c39be311e71e49c)
This change makes sure a data copy using copy_bytes() does not exceed the
max_bytes value when using COPY_HOLES and max_bytes stops before the next
data section.
(cherry picked from commit c2dfcbd48e780e49bfc11f1c34077f6c98891e40)
On openSUSE with BTRFS, /root has to be mounted as dedicated subvolume to avoid
restoring it when a rollback of the system happens.
(cherry picked from commit 487ae08b85048f86e72e86d6c601d4c558b6cb8a)
This is a magic string, and we should avoid stepping into the territory
of normal keymap names with that, given that users can pick names
otherwise freely.
Hence, prefix the name with a special char to avoid any namespace
issues.
Follow-up for: #28660
(cherry picked from commit bf77d59772722e96508df91bd24e1b6940b3edfb)
We must go through finish, to undo the destruction of the final elements
of the iovw properly.
(cherry picked from commit 946dc7c635f050129896d1515c08a81504af2421)
The gnu-efi definition of the struct uses [1], our local one [0] to size
the filename array. Let's avoid an ambiguity and use offsetof() so that
this difference doesn't matter. Also, doing it this way makes very clear
to the read what happens here: it's a structure with a variable size
suffix.
(cherry picked from commit 490b4486a752d8d2a10eb4c10d5af523ea539f5e)
This is a follow-up for #28596.
I think the suggestion to use Type=exec uses too strong wording:
Type=exec has non-trivial drawbacks over Type=simple, and they deserve
to be mentioned.
Hence drop the <emphasis> and turn this around so that Type=exec is
*recommended*, but Type=simple is not expressly discouraged, because
there are plenty reasons to use it.
Add a brief discussion where Type=simple might be preferable.
Also, fix the outright unruth that Type=exec was the "simplest and
fastest", because it certainly is a lot, but not that.
(cherry picked from commit e5e900edcd3b245499379201072cbb69346e9798)
The command is deprecated, as per NEWS of 254. Let's go one step further
and remove it from the help text and man page, so that people are not
inspired to use it at this time anymore.
This is how we usually have done this before: remove it from visibility,
but support it for a while still.
(cherry picked from commit 0de0ed6e89823c8834a94682bfd5e366aee9930b)
Follow-up for #26089 and #28505
Currently, if default-keymap is not empty, there's no way
to ask vconsole-setup to retain the kernel keymap. Let's
accept a special value "kernel" for that purpose.
Addresses the problem mentioned in https://github.com/systemd/systemd/pull/28505#issuecomment-1663681665
(cherry picked from commit ef7f5baae8224960f78651e8a3cf4c1f1b870a31)
Kernel patch [1] fixed bugs in rfkill handling on MSI Wind U100. Now
that the HW rfkill reports the correct state, and the SW rfkill is
controllable from userspace, it's necessary to mute KEY_WLAN and
KEY_BLUETOOTH generated on HW rfkill state changes. Otherwise, the
userspace will react to these keys and toggle the SW rfkill as well,
which is not desired, because the user may end up with non-functional
radios if HW and SW rfkills are out of sync.
Blocking these keycodes doesn't impair user experience, because the
desktop environment can still react to HW rfkill events and act
accordingly (for example, show notifications).
While at it, use "unknown" instead of "reserved" to mute keys, to avoid
the "atkbd serio0: Unknown key pressed" flood in dmesg.
[1]: https://lore.kernel.org/all/20230721145423.161057-1-maxtram95@gmail.com/
(cherry picked from commit fa8216e20605ff42054ee316201a13ac6cdd4cd1)
Otherwise, the check below is always fail.
```
if (FLAGS_SET(query_flags, SD_RESOLVED_NO_STALE) && j->until_valid < current)
```
Follow-up for 5ed91481abea382dc486507556e5cdf0f36b796f.
(cherry picked from commit 6756b61626afc343f8b6824f41bef67bb442f1d7)
This reverts commit 33b91308c26ca5d512e43b6b32d596a2c9237d04.
The commit b42482af904ae0b94a6e4501ec595448f0ba1c06 dropped
'--exclude-prefix=/dev' from systemd-tmpfiles-setup.service. So, the
possibly later invocation of the service changes the permission set by
udevd.
As commmented in the head of this file, settings should be consistent
with udev rules. Only missing entry here is vfio. Let's re-add the
entry for the device.
Addresses https://github.com/systemd/systemd/pull/28681#issuecomment-1666949888.
(cherry picked from commit ca15b59f1f37cad54e82edb3042e8a035fc6ab18)
Decrease devlink priority for encrypted partitions, and make the priority for
decrypted DM devices relatively higher. This is for the case that an encrypted
partition and its decrypted DM device have the same label.
(cherry picked from commit c4521fc17bb33d10bf5aca3f87f6a394dfecf423)
Fixes a bug introduced by 08b04ec7e72b7327b4803809732b1b8fce8dd069 and
953006dcb0a37a57aed0e762ff6289700e8689e8.
Fixes#28725.
(cherry picked from commit 685e0dd1924cce44327040b08a8980af2192bf59)
Otherwise, we silently ignore the received packet and that makes hard to
debug issue.
(cherry picked from commit 809da721f0167f88234e55a342e82023019e2341)
Otherwise, manager_parse_dns_server_string_and_warn() or
manager_parse_search_domains_and_warn() will trigger assertion.
(cherry picked from commit 91acee9906e973365109b1b1d5e880ced9aeae65)
If emergency.target is started while initrd-parse-etc.service/start is queued,
the initrd-parse-etc job did not get canceled. In parallel to the emergency
units, it eventually runs the service, which starts initrd-cleanup.service,
which in turn isolates initrd-switch-root.target. This stops the emergency
units and effectively starts the initrd boot process again, which likely
fails again like the initial attempt. The system is thus stuck in an endless
loop, never really reaching emergency.target.
With this conflict added, starting emergency.target automatically cancels
initrd-parse-etc.service/start, avoiding the loop.
(cherry picked from commit 327cd2d3db703555f8d572b4cd055fbe55e1068b)
The systemctl completion previously made use of PREFIX as a pattern
argument to list-unit-files and list-units. This had the problem of
erroneously filtering the results that were stored in the cache, and
erroneously filtering results that might have been requested according
to the users configuration (e.g. _correct completer, certain
matcher-lists or tag-orders, etc.).
Unfortunately, the runtime of list-unit-files increases when no pattern
argument is provided, and systemctl show, used to filter those units,
can become unacceptably slow when provided with too many units to
describe.
Let's re-introduce the pattern argument to list-unit-files and
list-units where necessary in order to alleviate these bottlenecks
without poisining the cache. A 'use-pattern' style is introduced that
may be used to disable this behavior if it is undesired. We can still
expect that certain completions, like `systemctl start <TAB>` will be
slow, like before. To fix this we will need systemd to learn a more
efficient way of filtering the units than parsing systemctl show.
(cherry picked from commit 2cbda74862049be2003496c7d432341d53a0fdf9)
The systemctl invocations used for these completions match the ones used
for the _sys_really_all_units parameter, so we should really just use
the cached parameter rather than recomputing the result.
(cherry picked from commit c8e2cd79c155151bcdb983eedd24a6a77082c41b)
This partially reverts the commit 684bce3d54463b3222246f72adfe82ad5d176fea
and fixes the issue introduced by it.
Fixes#28711.
(cherry picked from commit beddf8ba29152e8b7d8c04b8fc929ac33b693166)
We'll need this on each read() again, hence let's just allocate this
once and then reuse it for subsequent read()s.
Follow-up for: #28639
(cherry picked from commit 3c8680585c698668c4d9774d3801d3446a194113)
bus_unit_queue_job_one has two callers:
- bus_unit_queue_job which would do the appropriate transormations
to turn JOB_TRY_RESTART into JOB_TRY_RELOAD,
- and method_enqueue_marked_jobs which did not.
In effect, method_enqueue_marked_jobs() would queue restart jobs for
units which has Markers= needs-reload or needs-restart.
When the chunk of code which does the transformations is moved from
bus_unit_queue_job to bus_unit_queue_job_one, there is no change for
bus_unit_queue_job, and method_enqueue_marked_jobs is fixed.
The additional checks that are done seem reasonable to do from
method_enqueue_marked_jobs: we shouldn't be restarting units which are
configured to not allow that, or force unwanted start of dbus-broker.
(cherry picked from commit 8ea8e23f4013dbc4f4a66c81eb786f0505434f2e)
Follow-up for 99299d0d5a722812cedc0a23e4987f90a257c2d2
is_device_node() calls lstat(), causing device node
symlinks under /dev/disk/ not being compared correctly
using devnode_same().
Fixes#28585
(cherry picked from commit cc1e1bb03e49ccb90f36173a3d1ff10ab5676eb0)
Handle the case when all the arguments are passed in through a
configuration file:
$ cat ukify.conf
[UKI]
Linux = /boot/vmlinuz-linux
Initrd = /boot/initramfs-linux.img
Before:
$ src/ukify/ukify.py --config ukify.conf build
Traceback (most recent call last):
File "/root/systemd/src/ukify/ukify.py", line 1604, in <module>
main()
File "/root/systemd/src/ukify/ukify.py", line 1590, in main
opts = parse_args()
^^^^^^^^^^^^
File "/root/systemd/src/ukify/ukify.py", line 1584, in parse_args
apply_config(opts)
File "/root/systemd/src/ukify/ukify.py", line 1431, in apply_config
item.apply_config(namespace, section_name, group, key, value)
File "/root/systemd/src/ukify/ukify.py", line 1123, in apply_config
self.config_push(namespace, group, dest, value)
File "/root/systemd/src/ukify/ukify.py", line 1019, in config_list_prepend
setattr(namespace, dest, value + old)
~~~~~~^~~~~
TypeError: can only concatenate list (not "NoneType") to list
After:
$ src/ukify/ukify.py --config ukify.conf build
Kernel version not specified, starting autodetection 😖.
Found uname version: 6.4.7-arch1-3
Wrote unsigned vmlinuz-linux.unsigned.efi
Resolves: #28688
(cherry picked from commit 0be1de7ffc4a608482e45890425b6fd90f6073f0)
The count field indicates the number of elements in the pcrSelections field,
and the size of each elements is greater than 1 byte, so using sizeof() is
incorrect when verifying the count field is valid; instead ELEMENTSOF() should
be used.
Caught by coverity check: https://github.com/systemd/systemd/pull/26331#pullrequestreview-1556629586
(cherry picked from commit 9afd4dde22f852fa4643799b218bef268a76272c)
The tty user is not guaranteed to exist, so let's remove the dependency
from the test.
(cherry picked from commit a1fedc613fe90b9f1f253fd02a7a6575351a27cc)
We already handle the case where /etc/machine-id is empty. Let's make
sure we also handle the case where /etc/machine-id is "uninitialized".
(cherry picked from commit 5dd814d7cd88b9d58c7c5bd79fb27ee2b22e82a3)
c18f4eb9e96836a made it possible to use --force with various verbs, by
going through the newer D-Bus methods. Except it didn't, as it regressed
during PR review refactorings, and nobody noticed because there were no
tests for it. Fix it, and add tests.
Follow-up for c18f4eb9e96836a6a8285ec42fd8a34c8909f6d9
(cherry picked from commit bdfa3f3a5c6d16d56d432e7bc52be0c03a5ce6ad)
