IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
During early boot, we'd call getrandom(), and immediately fall back to
reading from /dev/urandom unless we got the full requested number of bytes.
Those two sources are the same, so the most likely result is /dev/urandom
producing some pseudorandom numbers for us, complaining widely on the way.
Let's change our behaviour to be more conservative:
- if the numbers are only used to initialize a hash table, a short read is OK,
we don't really care if we get the first part of the seed truly random and
then some pseudorandom bytes. So just do that and return "success".
- if getrandom() returns -EAGAIN, fall back to rand() instead of querying
/dev/urandom again.
The idea with those two changes is to avoid generating a warning about
reading from an /dev/urandom when the kernel doesn't have enough entropy.
- only in the cases where we really need to make the best effort possible
(sd_id128_randomize and firstboot password hashing), fall back to
/dev/urandom.
When calling getrandom(), drop the checks whether the argument fits in an int —
getrandom() should do that for us already, and we call it with small arguments
only anyway.
Note that this does not really change the (relatively high) number of random
bytes we request from the kernel. On my laptop, during boot, PID 1 and all
other processes using this code through libsystemd request:
74780 bytes with high_quality_required == false
464 bytes with high_quality_required == true
and it does not eliminate reads from /dev/urandom completely. If the kernel was
short on entropy and getrandom() would fail, we would fall back to /dev/urandom
for those 464 bytes.
When falling back to /dev/urandom, don't lose the short read we already got,
and just read the remaining bytes.
If getrandom() syscall is not available, we fall back to /dev/urandom same
as before.
Fixes#4167 (possibly partially, let's see).
The only implementation that we care about — glibc — provides us
with 31 bits of entropy. Let's use 24 bits of that, instead of throwing
all but 8 away.
Apart from bugs (as in #6152), this can happen if we ever make
our requirements for environment entries more stringent. As with
the rest of deserialization, we should just warn and continue.
This changes loopback setup to not only start the loopback device but
also add the relevant IP addresses to it. This way, we can synchronously
wait until that's complete, and properly guarantee that loopback setup
is complete at the time we start our first processes.
This is a semi-revert of f3fc48150bb443f5b4623a819ebc2b39971a4f66, but
heavily updated.
Fixes: #5641
This code already existed in some form, however commented. Remove the
comments, as this was most likely simply a forgotten commenting for
debugging purposes.
This also extends the logic a bit, by sending SIGHUP right after the
SIGTERM, so that shells will also terminate, when PID 1 gets a
SIGRTMIN+3.
Fixes: #5711
Always install all tests if install-tests is set to true, as they might
be useful for CI. This includes manual and unsafe tests. Install those
in subdirectories of /usr/lib/systemd/tests.
Fixes#6163.
Device is gone and most likely it will get garbage collected. However in
cases when it doesn't get gc'ed (because it is referenced by some
other unit, e.g. mount from fstab) we need to unset sysfs. This is
because when device appears next time, possibly, with different sysfs
path we need to update the sysfs path. Current code could end up caching
stale sysfs path forever.
In reality this is not a problem for normal disks (unless you swap them
during system runtime). However this issue causes failures to mount
filesystems on LVM where sysfs path depends on activation
order (i.e. logical volumes from volume group that is activated first
get assigned lower dm-X numbers and corresponding syspaths).
Fixes#6126.
When a DBus name is released, NameOwnerChanged signal contains an empty string
as new_owner. Commit bbc2908 changed interpretation of the empty string to a
valid name, which is not consistent with values that are sent by dbus-daemon.
As a side effect, this masks symptoms of systemd-logind dbus disconnections
(#2925) by completely restarting it so it can freshly reconnect to dbus.
This reworks timer_enter_waiting() in a couple of ways in order to clean
it up a bit and fix#5629.
Most importantly, we previously we initialized ts_monotonic to either
the current time in CLOCK_MONOTONIC or in CLOCK_BOOTTIME, depending on
t->wake_system. Then given specific conditions we'd use this time as
base for our timers. And afterwards, if t->wake_system was on we'd
convetr the resulting value from CLOCK_MONOTONIC to CLOCK_BOOTTIME again
— which of course is wrong since we already were in CLOCK_BOOTTIME! This
fixes this logic, by using a triple timestamp so that we always have the
right base around, and initially only calculate in CLOCK_MONOTONIC and
only convert as last step.
Conversion between the clocks is now done with the generic
usec_shift_clock(), and additions via usec_add() making these
calculations a bit safer.
Fixes: #5629
For now, let's just special-case this in the sources. If more partition
types like this show up we should probably find some other solution.
Fixes: #5806
Recent systemd compiled in a build root which had libidn2-devel installed would
not run in the default installation root which had just libidn and did not have
libidn2. Since a8a2a0ed64f727c82e libidn2-devel (or equivalent) is installed in
the build root. Normally, since we install systemd in the installation root,
all dependencies that are needed for the compiled systemd to run are present,
but libidn2 is a new dependency, so the distro packages would just pull in
libidn, and not libidn2.
Temporily add libdn2 to explicitly specified Packages. We can remove that once
distro-compiled systemds have moved to libind2.
These buttons were added specifically for joysticks with lots of buttons, no
other device should be using them. See kernel commit
cf2f765f18960 "HID: handle joysticks with large number of buttons"
We only test for BTN_TRIGGER_HAPPY (an alias for BTN_TRIGGER_HAPPY1) here, a
device that sets buttons 2 and above but doesn't set 1 is considered buggy.
https://github.com/systemd/systemd/issues/6137
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
/var can be on a remote filesystem, thus hooking it to local-fs.target is not correct.
Also, only install the mount unit when machined is enabled, because
machined is the one managing the underlying device, and thus makes no
sense without machined.
Fixes#1175
Previously we'd propagate errors returned by user callbacks configured
in vtables back to the users only for method handlers and property
get/set handlers. This does the same for child enumeration and when we
check whether a fallback unit exists.
Without this the failure will be treated as a non-recoverable connection
error and result in connection termination.
Fixes: #6059
Three binaries would fail to link when ld.bfd was used and link-udev-shared was
false. Add -pthreads (again) to the failing binaries and synchronize the
dependency list between libsystemd-shared .a and .so versions.
Apart from allowing the build to succeed, this shouldn't have much effect becuase
systemd-networkd was already using pthreads.
Fixes#5828.
Also called "ANSI-C Quoting" in info:(bash) ANSI-C Quoting.
The escaping rules are a POSIX proposal, and are described in
http://austingroupbugs.net/view.php?id=249. There's a lot of back-and-forth on
the details of escaping of control characters, but we'll be only using a small
subset of the syntax that is common to all proposals and is widely supported.
Unfortunately dash and fish and maybe some other shells do not support it (see
the man page patch for a list).
This allows environment variables to be safely exported using show-environment
and imported into the shell. Shells which do not support this syntax will have
to do something like
export $(systemctl show-environment|grep -v '=\$')
or whatever is appropriate in their case. I think csh and fish do not support
the A=B syntax anyway, so the change is moot for them.
Fixes#5536.
v2:
- also escape newlines (which currently disallowed in shell values, so this
doesn't really matter), and tabs (as $'\t'), and ! (as $'!'). This way quoted
output can be included directly in both interactive and noninteractive bash.
