IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Follow-up for 0e07cdb0e77d0322bc866b5e13abbe38e988059d and
f84331539deae28fbeb42d45ad0c8d583b3372a3.
(cherry picked from commit 62eaf8d039a14e7bc4e682fa3ad4b3bfe366c29a)
Like fdisk_get_last_lba(), fdisk_partition_get_end() return the last
sector in the partition.
Fixes#28225.
(cherry picked from commit d2eb1f8145dee61c6bddfdcc5dac3591fa03f744)
When the credential dir is backed by an fs that supports ACLs we must be
more careful with adjusting the 'x' bit of the directory, as any chmod()
call on the dir will reset the mask entry of the ACL entirely which we
don't want. Hence, do a manual set of ACL changes, that only add/drop
the 'x' bit but otherwise leave the ACL as it is.
This matters if we use tmpfs rather than ramfs to store credentials.
(cherry picked from commit f76ce81b91db1dac0d0a012e1cc903639002dd0a)
This adds possible reproducer for issue #28009 (though, the issue is
highly racy, hence this may not trigger the issue reliably).
(cherry picked from commit e4948bb2cdd1c8d1b6fc357e5b817170612aae33)
When we request an address that already exists and is under removing,
we need to wait for the address being removed. Otherwise, configuration
of a route whose preferred source is the address will fail.
Fixes#28009.
Replaces #28088.
(cherry picked from commit 6e8477edd3a988357ad5f5fa6610904d44ec402c)
The DBUS property setter overwrites the value of the property but
writes a drop-in that extends the value. Let's make sure the drop-in
overwrites the property value as well by assigning the empty string
first.
(cherry picked from commit 1dbccd6d342d9f8dd8d4a1617e0081b61a553ca8)
When reexecuting system let's put our arguments carrying deserialization
info first followed by any existing arguments to make sure they get
parsed in case we get weird stuff from the kernel cmdline (like --).
See: https://github.com/systemd/systemd/issues/28184
(cherry picked from commit 06afda6b38d5d730fca3c65449096425933272bc)
Oracle Cloud sends malformed DHCPv6 replies that have an invalid
byte at the end, which cannot be parsed as an option code.
networkd currently can cope with the invalid option (it is ignored),
but the whole packet is ignored altogether because of the additional
null at the end.
It's better to be liberal in what we accept and actually assign an
address, given that the reply contains a valid IA_NA.
Fixes#28183.
(cherry picked from commit 81b7335912ce901c61b923218bcdf06a4fdcea07)
(Does not change a single word, just rebreaks a bunch of paragraphs
matching our current line breaking rules)
(cherry picked from commit fa1d34825a9b410275e716b9b70f4fca02c71ba9)
So we're able to detect memory leaks in our NSS modules.
An example after introducing a memory leak in nss-myhostname.c:
testsuite-71.sh[2881]: =================================================================
testsuite-71.sh[2881]: ==2880==ERROR: LeakSanitizer: detected memory leaks
testsuite-71.sh[2881]: Direct leak of 2 byte(s) in 1 object(s) allocated from:
testsuite-71.sh[2881]: #0 0x7fa28907243b in strdup (/usr/lib64/libasan.so.8.0.0+0x7243b)
testsuite-71.sh[2881]: #1 0x7fa286a7bc10 in gethostname_full ../src/basic/hostname-util.c:67
testsuite-71.sh[2881]: #2 0x7fa286a74af9 in gethostname_malloc ../src/basic/hostname-util.h:24
testsuite-71.sh[2881]: #3 0x7fa286a756f4 in _nss_myhostname_gethostbyname4_r ../src/nss-myhostname/nss-myhostname.c:79
testsuite-71.sh[2881]: #4 0x7fa288f17588 in getaddrinfo (/lib64/libc.so.6+0xf4588)
testsuite-71.sh[2881]: #5 0x7fa2890a4d93 in __interceptor_getaddrinfo.part.0 (/usr/lib64/libasan.so.8.0.0+0xa4d93)
testsuite-71.sh[2881]: #6 0x55a54b2b7159 in ahosts_keys_int.part.0 (/usr/bin/getent.orig+0x4159)
testsuite-71.sh[2881]: SUMMARY: AddressSanitizer: 2 byte(s) leaked in 1 allocation(s).
(cherry picked from commit 2b5e786005d8854600bb43335fd0c4067ce8da08)
Various assorted changes, among them make clear that a missing BPF
program is not reason to abort unit activation.
(cherry picked from commit a27e6fb71bf70f27347b0e1167b2de32c4dc6637)
Let's make sure that if we load one program we don't prematurely fail,
and continue with the others still.
(cherry picked from commit f81450f2415f8fd77fc8edb3b4baab966aefa9fd)
The partition seems not to work on Ubuntu for some reason, use a
swap file instead
(cherry picked from commit f434f182ccfd17a214e4b07cec033318e6c4f7b2)
The test fails on my machine, running Debian stable, because
testsuite-55-testbloat.service just swaps and never goes over the
limit, so it's not killed. Use 'stress' instead which seems to be
able to overwhelm the swap too.
(cherry picked from commit 937e82cb7d82dbdbd287d82f4708f15d6032eb9f)
If the client never specified the address family, and IPv6 is off in the
kernel, then look only for A, never for AAAA RRs.
Fixes: #23951
(cherry picked from commit 0438aa57751559295fee86d1c1f176486e518455)
As hitting an ASan/UBSan error in PID1 results in a crash (and a kernel
panic when running under qemu), we usually lose the stack trace which
makes debugging quite painful. Let's mitigate this by forwarding the
stack trace to multiple places - namely to a file and the syslog.
(cherry picked from commit 88c98cb2614a2893ec2ae7197a1f234b579da7a7)
These requests might come in during lookup floods very quickly, since
multiple worker processes might detect that things should be scaled up
at the same time. Hence, let's substantially raise the limit so that it
doesn't get hit in real-life scenarios and acts more like a safety net.
(cherry picked from commit c659d0f55ee5854e40dbaccc20ad0e8da176b271)
The function sd_id128_get_boot_app_specific is the app specific variant of
sd_id128_get_boot.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
(cherry picked from commit 173d47f7881137a5994a3e3b918169b6c759deaf)
Commit cd621954ed643c6ee0d869132293e26056a48826 probably forgot to fix the lua
implementation.
(cherry picked from commit e538927918fea3bae0cd1e78563d9b8983c56cea)
Indeed when iterating over all the PT_LOAD segment of the core dump
while trying to look for the elf headers of a given module, we iterate
over them all and try to use the first one for which we can parse a
package metadata, but the start address is never taken into account,
so absolutely nothing guarantees we actually parse the right ELF header
of the right module we are currently iterating on.
This was tested like this:
- Create a core dump using sleep on a fedora 37 container, with an
explicit LD_PRELOAD of a library having a valid package metadata:
podman run -t -i --rm -v $(pwd):$(pwd) -w $(pwd) fedora:37 bash -x -c \
'LD_PRELOAD=libreadline.so.8 sleep 1000 & SLEEP_PID="$!" && sleep 1 && kill -11 "${SLEEP_PID}" && mv "core.${SLEEP_PID}" the-core'
- Then from a fedora 38 container with systemd installed, the resulting
core dump has been passed to systemd-coredump with and without this
patch. Without this patch, we get:
Module /usr/bin/sleep from rpm bash-5.2.15-3.fc38.x86_64
Module /usr/lib64/libtinfo.so.6.3 from rpm coreutils-9.1-8.fc37.x86_64
Module /usr/lib64/libc.so.6 from rpm coreutils-9.1-8.fc37.x86_64
Module /usr/lib64/libreadline.so.8.2 from rpm coreutils-9.1-8.fc37.x86_64
Module /usr/lib64/ld-linux-x86-64.so.2 from rpm coreutils-9.1-8.fc37.x86_64
While with this patch we get:
Module /usr/bin/sleep from rpm bash-5.2.15-3.fc38.x86_64
Module /usr/lib64/libtinfo.so.6.3 from rpm ncurses-6.3-5.20220501.fc37.x86_64
Module /usr/lib64/libreadline.so.8.2 from rpm readline-8.2-2.fc37.x86_64
So the parsed package metadata reported by systemd-coredump when the module
files are not found on the host (ie the case of crash inside a container) are
now correct. The inconsistency of the first module in the above example
(sleep is indeed not provided by the bash package) can be ignored as it
is a consequence of how this was tested.
In addition to this, this also fixes the performance issue of
systemd-coredump in case of the crashing process uses a large number of
shared libraries and having no package metadata, as reported in
https://sourceware.org/pipermail/elfutils-devel/2023q2/006225.html.
(cherry picked from commit 21a2c735e2bfdc3bfdc42f894d6e3d00f4a38dcd)
safe_atou() by default determines the base from the prefix 0x, 0b, 0o
and for compat with just 0 for octal. This is not what we want here,
since the date components are padded with zeroes yet still decimal.
Hence force decimal parsing (and while we are at it, prohibit a couple
of unexpected decorations).
WIthout this we'd fail to parse any the 8th and 9th day of each months, as
well aus aug and september of every year, because these look like octal
numbers but cannot actually parsed as such.
Let's change the testcase to check for a date that exposes this
bheaviour.
(cherry picked from commit 7dad6de158cbc280988efa9e52e6d2b9c840ea9f)
This reverts commit ff32060f2ed37b68dc26256b05e2e69013b0ecfe.
This change is incorrect as we don't want to mark the PID as invalid but
only mark it as dead.
The change in question also breaks user level socket activation for
`podman.service` as the termination of the main `podman system service`
process is not properly handled, causing any application accessing the
socket to hang.
This is because the user-level `podman.service` unit also hosts two
non-main processes: `rootlessport` and `rootlessport-child` which causes
the `cgroup_good` check to still succeed.
The original submitter of this commit is recommended to find another
more correct way to fix the cgroupsv1 issue on CentOS 8.
Let's visually separate the options associated with cpu, io, memory, …
in subsections
This patch tries to be minimal. It just adds the section titles, and
does minimal reordering to make sure the options on the same kind of
resource are placed close to each other.
(cherry picked from commit 5cbfbf2aaac66111584798fdb38f243f8593444e)
If the backing storage is LUKS2 on a block device, auto resize mode
is enabled, and disk size is not specified, resize the partition to
the maximum expandable size.
Fixes: #22255, #23967
(cherry picked from commit 5bfc4de6343905743d973834554b49cb60183481)
When trying to log, if we fail we try to close the journal FD. If
it is bad, safe_close() will fail and assert, which will try to log,
which will fail, which will try to close the journal FD...
Infinite recursion looks very pretty live in gdb, but let's avoid
that by immediately invalidating the journal FD before closing it.
(cherry picked from commit 40cdb3b756abbeb66091b8e9f1a3d38308456828)
