1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-15 23:24:12 +03:00

54079 Commits

Author SHA1 Message Date
Lennart Poettering
0bada3f8b7 man: document cryptenroll limitations
Let's document this for now. We should be able to lift these limitations
sooner or later, at which point we can drop this documentation again.

These two limitations are a pitfall that people should be aware of,
before going FIDO2-only.

See: #20230 #19208
2021-11-02 15:03:11 +00:00
Frantisek Sumsal
c7448e741a
Merge pull request #21207 from mrc0mmand/test-tweak-lvm-installation
test: support the new lvm udev autoactivation
2021-11-02 14:09:57 +00:00
Frantisek Sumsal
29f8bef05e test: support both lvm vgroup activation methods 2021-11-02 12:32:48 +01:00
Daan De Meyer
db2aef5a1d
Merge pull request #21209 from yuwata/veth-peer-mtu
network: also set MTU for veth peer interface
2021-11-02 09:58:39 +00:00
Yu Watanabe
0874be35c3 test-network: add test case for MTUBytes= for veth 2021-11-02 12:35:07 +09:00
Yu Watanabe
60b4af930e network/veth: also set MTU for peer interface
Fixes #21206.
2021-11-02 12:25:15 +09:00
Frantisek Sumsal
e50d743f99 test: support the new lvm udev autoactivation
Introduced in lvm 2.03.14.
See: https://sourceware.org/git/?p=lvm2.git;a=commit;h=67722b312390cdab29c076c912e14bd739c5c0f6
2021-11-01 20:55:38 +01:00
Yu Watanabe
222cd15654
Merge pull request #21204 from yuwata/sd-dhcp6-client-cleanups
sd-dhcp6-client: further cleanups
2021-11-02 03:11:02 +09:00
Yu Watanabe
aa5a0f959c sd-dhcp6-client: simplify code a bit
Also this adds a note.
2021-11-01 23:13:08 +09:00
Yu Watanabe
0936c189c9 sd-dhcp6-client: do not implicitly cast to boolean 2021-11-01 23:13:08 +09:00
Yu Watanabe
e79b4b8534 sd-dhcp6-client: introduce dhcp6_lease_{get,set}_clientid() 2021-11-01 23:13:08 +09:00
Yu Watanabe
65457c17e6 sd-dhcp6-client: shorten code a bit 2021-11-01 23:13:08 +09:00
Yu Watanabe
4f81f0d241 sd-dhcp6-client: prefix variables which store results with "ret_" 2021-11-01 23:13:08 +09:00
Yu Watanabe
d3aa9d6a80 sd-dhcp6-client: update log messages 2021-11-01 23:13:08 +09:00
Yu Watanabe
7e6abd25f4
Merge pull request #21200 from yuwata/sd-dhcp6-client-server-address
sd-dhcp6-client: introduce sd_dhcp6_lease_get_server_address()
2021-11-01 21:04:48 +09:00
Yu Watanabe
3b73ebc08a
Merge pull request #21199 from yuwata/sd-dhcp6-client-trivial-cleanups
sd-dhcp6-client: trivial cleanups
2021-11-01 21:04:05 +09:00
Yu Watanabe
c30f9aafed network: save server address to DHCPv6 addresses
The server address will be used in later commits.
2021-11-01 18:22:55 +09:00
Yu Watanabe
ef4edc1546 sd-dhcp6-client: introduce sd_dhcp6_lease_get_server_address() 2021-11-01 18:22:49 +09:00
Yu Watanabe
2c269a4e2a sd-lldp-tx: drop unused and useless function
sd-lldp-tx does not call any callback function. So, the function is
mostly useless.
2021-11-01 08:57:17 +00:00
Yu Watanabe
7f402e5b7b sd-dhcp6: drop unused functions 2021-11-01 08:56:42 +00:00
Yu Watanabe
29ff62473b core: ignore failure on setting smack process label when allowed 2021-11-01 08:46:01 +00:00
Yu Watanabe
01b4e90f32 sd-dhcp6-client: request IA_PD by default
For consistency with 0f5ef9b62a8f454208db69f3219c7484f87a068a.
2021-11-01 10:02:50 +09:00
Yu Watanabe
5e82251913 sd-dhcp6-client: always set suitable ARP type
Also, drops unnecessary comparisons.
2021-11-01 09:51:52 +09:00
Topi Miettinen
2ad2925de5 execute: respect selinux_context_ignore
When `SELinuxContext=` parameter is prefixed with `-`, the documentation states
that any errors determining or changing context should be ignored, but this
doesn't actually happen and the service may fail with `229/SELINUX_CONTEXT`.

Fix by adding checks to `context->selinux_context_ignore`.

Closes: #21057
2021-11-01 08:28:41 +09:00
Daan De Meyer
6b64d74091 mkosi: Install less in the mkosi Fedora image
We're actually falling back to `more` in the mkosi image which doesn't
behave quite the same as less which is somewhat annoying. Let's make
sure `less` is installed so systemd can use it as the pager.
2021-10-30 11:53:49 +01:00
Yu Watanabe
6db9b30066
Merge pull request #21175 from tohojo/dhcp-server-expire
sd-dhcp-server: clear out expired leases when finding new address
2021-10-30 04:13:40 +09:00
Yu Watanabe
43b7a806df
Merge pull request #21180 from yuwata/libsystemd-network-cleanups
libsystemd-network: drop unused functions, and _public_ attribute
2021-10-30 01:18:28 +09:00
Toke Høiland-Jørgensen
cb3c06a02e sd-dhcp-server: fix address availability checks
The checks for finding a new available address in the pool were broken in two
ways: not using UINT32_TO_PTR() on hashmap lookups resulted in false negatives,
and the check wasn't skipping the server address if that was part of the pool.

Move the check for available addresses to a small helper function and fix both
issues, and also add a check to the REQUEST code for the server address.
2021-10-29 15:29:05 +02:00
Toke Høiland-Jørgensen
d635a7f9e4 sd-dhcp-server: clear out expired leases when processing requests
The DHCP server configuration supports setting a maximum lease time, but old
leases are never actually cleared out if the client doesn't send a RELEASE.
This causes the pool to run out of addresses on networks where clients just
disappear, which is a fairly common occurrence on wireless networks.

Fix this by cleaning up expired leases before processing client requests, so
addresses can be reused for new clients.
2021-10-29 15:29:05 +02:00
Yu Watanabe
17347053cf libsystemd-network: drop _public_ attribute
No function in libsystemd-network is exposed yet.
2021-10-29 22:13:23 +09:00
Yu Watanabe
41521417ab sd-radv: fix implicit conversion to boolean 2021-10-29 22:10:43 +09:00
Yu Watanabe
9661d2e80c sd-ndisc: drop unused functions
All received information is stored in sd_ndisc_router, and we have
sd_ndisc_router_get_mtu() and sd_ndisc_router_get_hop_limit().
2021-10-29 22:05:27 +09:00
Yu Watanabe
cb4aae6341 home: fix use of uninitialized value
Fixes CID#1465077.
2021-10-29 21:51:44 +09:00
Lennart Poettering
a27c229c15
Merge pull request #21172 from poettering/fix-systemctl-cgroup-tree
fix "sytemctl status" cgroup tree output
2021-10-29 09:17:43 +02:00
Lennart Poettering
30f194001f homework,repart: turn on cryptsetup logging before we have a context
Otherwise we'll miss the log message from allocation of the context. We
already made this change in most of our tools that interface with
libcryptsetup, but we forgot two.

As suggested:

https://github.com/systemd/systemd/pull/21135#discussion_r738287504
2021-10-29 09:16:59 +02:00
Lennart Poettering
07bca16fc8 nspawn: make sure to chown() implicit source dirs for --bind= to container root UID
This makes sure that a switch like --bind=:/foo does the right thing if
user namespacing is one: the backing dir should be owned by the
container's root UID not the host's. Thus, whenever the source path is
left empty and we automatically generate a source dir as temporary
directory, ensure it's owned by the right UID.

Fixes: #20869
2021-10-29 09:16:34 +02:00
Yu Watanabe
d36a343c52
Merge pull request #21163 from poettering/scope-no-pid
pid1: fail scope unit activation if all PIDs to add already died
2021-10-29 16:14:51 +09:00
Lennart Poettering
ff8b7bd6a0
Merge pull request #20321 from bluca/state_dir_symlink
core: add [State|Runtime|Cache|Logs]DirectorySymlink
2021-10-28 20:52:56 +02:00
Lennart Poettering
16d41892c3
Merge pull request #20609 from DaanDeMeyer/recursive-template
core: Try to prevent infinite recursive template instantiation
2021-10-28 19:23:17 +02:00
Andreas Valder
c0c8f71800 nspawn: add filesystem id mapping support to --bind and --bind-ro 2021-10-28 19:19:22 +02:00
Lennart Poettering
5433d425b4
Merge pull request #21135 from poettering/homed-uidmap
homed: make use of uidmap'ped mounts for avoiding recursive chown()
2021-10-28 19:18:18 +02:00
Lennart Poettering
22d0f9a7d8 systemctl: make dbus PID cgroup tree output look more like systemd-cgls
Let's add the same dash of color (well, grey, …) to the dbus-based
pid/cgroup tree output as systemd-cgls has.
2021-10-28 18:54:52 +02:00
Lennart Poettering
038cae098b systemctl: make sure "systemctl -M status" shows cgroup tree of container not host
This shows the cgroup tree of the root slice of the container now, by
querying the cgroup pid tree via the bus instead of going directly to
the cgroupfs.

A fallback is kept for really old systemd versions where querying the
PID tree was not available.

Fixes: #20958
2021-10-28 18:53:46 +02:00
Lennart Poettering
35ac0260db systemctl: only fall back to local cgroup display if we talk to local systemd
Otherwise we likely show rubbish because even in local containers we
nowadays have cgroup namespacing, hence we likely can't access the
cgroup tree from the host at the same place as inside the container.
2021-10-28 18:35:18 +02:00
Lennart Poettering
a0dde733ac systemctl: use LESS_BY where appropriate 2021-10-28 16:43:27 +02:00
Lennart Poettering
27ba2ad2f6 systemctl: use empty_to_root() where appropriate 2021-10-28 16:42:22 +02:00
Lennart Poettering
5e1b4929f5 systemctl: suppress second argument of ternary op where we can 2021-10-28 16:41:16 +02:00
Lennart Poettering
a21e88d476 docs: document what integer range we expect from JSON parsers 2021-10-28 14:15:46 +01:00
Christian Göttsche
e3a0a862f6 core: correct SELinux label of service credential directory
Label the service root credential directory so write_credential() will
create entries with the label of their parent directory.

Resolves: #21134
2021-10-28 20:55:37 +09:00
Tony Asleson
f4ae986649 integritysetup: Check args to prevent assert
The utility function parse_integrity_options is used to both validate
integritytab options or validate and return values.  In the case where
we are validating only and we have specific value options we will
assert.
2021-10-28 20:54:41 +09:00