IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The key has moved to a different location and mkosi needs an update
that we cannot do due to dependency on repart.
(cherry picked from commit 9c9630bfea7cf25d2fe7ba9f7216dc747ba196a5)
as with 512M some tests occasionally trip off OOM-killer (e.g.
TEST-64 + multipath).
(cherry picked from commit 6a9c4977683a30fcd36baf64e35255e9846028c6)
systemd-repart needs to find mkfs.ext4 for the test.
This is located in the directory /usr/sbin on openSUSE Tumbleweed.
But since the variable ALWAYS_SET_PATH in /etc/login.defs is set to yes,
su re-initializes the $PATH variable and removes /usr/sbin.
Hence, mkfs.ext4 is not found and the test fails.
Using setpriv instead of su fixes this issue and is more appropriate to
do the switch user task from root.
[zjs: move setpriv to $BASICTOOLS and force-push to retrigger CI]
(cherry picked from commit c7bf1959d7580e1b7e918b75f852b3bf3fb6eb3c)
(cherry picked from commit 43d194392fd36151c339fa7a1a9eebe30490bddb)
(cherry picked from commit 9cd2f2c31f0291a865f1ae26f2754211e9437300)
(cherry picked from commit e912bef85d4d5a47b474a66555200cbee094f865)
(cherry picked from commit ba683eb48c91e406bfd168da305eefba07f12f43)
(cherry picked from commit 5c666aae260d0901245c7264cee326114a2c75c6)
Let's attempt to reduce the amount of flakes further when the AWS region
we run in is under heavy load and the hypervisor stars stealing our CPU
time.
Follow-up to e0cbb73911 and c78d18215b.
(cherry picked from commit 72f6d0e556d29b695369493a909562ff1325f8cd)
(cherry picked from commit fdcd1807fff02d4ab7f0d80558f5505ac94f301c)
(cherry picked from commit 50f3623b7ec435e97f252b8b27c6ffa468516335)
The kernel returns ERANGE when UINT64_MAX is passed. Create a mask
and use UINT32_max, which is accepted, so that future bits will also
be set.
(cherry picked from commit 7f3bb8f20dcccaceea8b1ee05f0560b81162037b)
(cherry picked from commit 4f8b2abf699f092576efff55a061efede795d99e)
(cherry picked from commit 5bba2890ef53ca166670aaa715bd1a5386b8cf91)
We translate 'all' to UNIT64_MAX, which has a lot more 'f's. Use the
helper macro, since a decimal uint64_t will always be >> than a hex
representation.
root@image:~# systemd-run -t --property CoredumpFilter=all ls /tmp
Running as unit: run-u13.service
Press ^] three times within 1s to disconnect TTY.
*** stack smashing detected ***: terminated
[137256.320511] systemd[1]: run-u13.service: Main process exited, code=dumped, status=6/ABRT
[137256.320850] systemd[1]: run-u13.service: Failed with result 'core-dump'.
(cherry picked from commit 37232d55a7bcace37280e28b207c85f5ca9b3f6b)
(cherry picked from commit 021bb972ffd87aae9f9f7bcc691bf5b812db309b)
(cherry picked from commit ab33ee67d58780eccd9082d7d75bbc1d48f50468)
(cherry picked from commit fa84c1ce00eb07f69a200322fc513fff226e444b)
(cherry picked from commit ae12c1380b8ad05baee7b1391f76b1f80ac69e2a)
(cherry picked from commit 6ed30a20be172353e6ebd21e258af1a365cffef0)
/usr/lib/systemd/random-seed is not a thing.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
(cherry picked from commit b4e5c103be9de99dfb5e2e47fd1563cf5388978a)
(cherry picked from commit b1ecfe3fe7a74b2be8127dfa15514cd9f01f5c85)
(cherry picked from commit 1e8057fce7dfd5c826f066a9b456dd403bea37a2)
Brief is sweet.
(cherry picked from commit 128db0aa0098b58b415065c2955f9abc7fc967e1)
(cherry picked from commit f3abd451dde25086e06c56ba0b8388f64c1d306e)
(cherry picked from commit 3626aabecb8a8682caa466de711e8f6509f954ec)
Follow-up for c6b8fffdfaf1f7c9a1dac73e1e54993a06c766c0
(cherry picked from commit 33054db730fb6f2fd6221d38a788e30b95525463)
(cherry picked from commit 59243061f62142ee0f74d25e352a55f174f1bb97)
(cherry picked from commit 7bcdbf43011f7b1c72a552f126924795a15baf30)
sd-bus connection is cached by the two pam modules globally, but this
can lead to issues due to hashmaps (used by sd-bus) using a global
static variable for the shared hash key, which is different per module
as both modules are loaded in the same process.
This happens because the sd-bus object is create in one module, but
used in the other, so global state does not match.
Use a different pam cache identifier for the sd-bus pointer, so that
each module uses a different sd-bus connection as a workaround.
Fixes https://github.com/systemd/systemd/issues/27216
Fixes https://github.com/systemd/systemd/issues/17266
(cherry picked from commit a2dd39b4cb19f4ed4599422e635cc019dcae6ada)
(cherry picked from commit 04983c2b00c8c04dd97ce55a43c6811355b642d6)
(cherry picked from commit bdbad92ac0526c4adce0fc46e7714593e80a892b)
acquire_home() takes a reference to a sd-bus object, which the open_session
hook cleans on success. But only when handling a user actually owned by homed,
it did not clean it up when skipping because it is being invoked on a system
user.
We need to be careful with sd-bus here as pam_sm_open_session is the last
hook before forking, and we want to clean up sd-bus before that happens, or
we'll have a broken reference (FDs are cloexec) in the child process, which
will then assert when attempting to close them, or leak the bus connection
which causes dbus to complain loudly:
dbus-daemon[62]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30020ms)
(cherry picked from commit db0c0f5e003b0a0e202dbc399d35db36087c641c)
(cherry picked from commit 0045d952b5db4b8761892faef2a2e173111c6333)
(cherry picked from commit 791205fe3f6e10865c17bbd155fe5dc1e0bc0912)
It picks the bus based on the cgroup slice.
(cherry picked from commit f0f7cbd488fd0e00c5b77baf3b1324240fd7d72d)
(cherry picked from commit 5a8987794eb1cddf43bfe240d241d3a5462c1e5a)
(cherry picked from commit a9e44da6b1a2c15f24d26b94970a384432745d00)
Add fully working and documented example that can be copied and pasted
(cherry picked from commit c6b8fffdfaf1f7c9a1dac73e1e54993a06c766c0)
(cherry picked from commit b9af9a320ece89804ba8e17390240e4325968ef5)
(cherry picked from commit 3c9b9aabc53e12f8fd9804556ccdab6205518aa8)
Normal users do not have permissions to access /proc/1/root, so
'systemd-detect-virt -r' fails, but the output, even at debug level
is cryptic:
$ SYSTEMD_LOG_LEVEL=debug build/systemd-detect-virt -r
Failed to check for chroot() environment: Permission denied
Let's make this a bit easier to figure out:
$ SYSTEMD_LOG_LEVEL=debug build/systemd-detect-virt -r
Cannot stat /proc/1/root: Permission denied
Failed to check for chroot() environment: Permission denied
I looked over other users of files_same(), and I think in general the message
at debug level is OK for them too.
(cherry picked from commit 08c2f9c626e0f0052d505b1b7e52f335c0fbfa1d)
(cherry picked from commit 4d2b5338ac0ab8c351bc6aa31113c2dfbe26f890)
(cherry picked from commit a473e951581a477c8a7d8607806430b6482daa02)
(cherry picked from commit 24a5370bbc1b52fee52d8891f66af13e9d77d799)
(cherry picked from commit 7b437659b15c0cd87b5720b3570dcd5e5ad9abca)
(cherry picked from commit 73f7c65d34d507c75b3044e2205d1393e43a7534)
(cherry picked from commit 4b1e461c49ea935df0c740b31aecfd161b12d2e7)
(cherry picked from commit ffbb75aa46786f0fc797c4a3b5b28679b28877a3)
(cherry picked from commit f196219de47db10fc80a832af35d93cbaea5aedb)
See 9fd8226312 for more details.
Follow-up to c9210b7470.
(cherry picked from commit 574d09bad079cfc19e0dd142fd6fe23d4b251878)
(cherry picked from commit 14eb49b5eb48a73a77baafc63aa3e46c524aeaf2)
(cherry picked from commit d5ad512709f70180b1614e675c8a225227a5c6ef)
detect_vm() is cheap, because cached, let's hence do that early before
we get out the big guns and sweep through sysfs.
(cherry picked from commit 0a5d3c0b5bfee68102de6345a3cd5580fbd5da02)
(cherry picked from commit 980954d2cf66a52d8950b93371b222443e4c7f23)
(cherry picked from commit 96e51b5f3e7f4c2d5b445b86b7f1f9fb3433aea9)
(cherry picked from commit fa505db314ba74c71e5165c8857009ff9e7d4641)
(cherry picked from commit 567a1a6fd87794ea948305d8809875f66470666a)
(cherry picked from commit ecda1ada561a647aaef25e6ba8001c2e201b87f8)
(cherry picked from commit 1034dfd0d8f7b788a64c325b0ca2e1585bf639cf)
(cherry picked from commit d15f907b5b010124f12637e9a98883dc7fbb01bf)
(cherry picked from commit ec659f92858b15afb65da68e62b6a85e20917009)
Commit f90eea7d18d9ebe88e6a66cd7a86b618def8945d
virt: Improve detection of EC2 metal instances
Added support for detecting EC2 metal instances via the product
name in DMI by testing for the ".metal" suffix.
Unfortunately this doesn't cover all cases, as there are going to be
instance types where ".metal" is not a suffix (ie, .metal-16xl,
.metal-32xl, ...)
This modifies the logic to also allow those new forms.
Signed-off-by: Benjamin Herrenschmidt <benh@amazon.com>
(cherry picked from commit aab896e2135362ab126830c73284d4af0baad88a)
(cherry picked from commit cedea4cb7ee18b2d174e5290dbad03c5b91bea37)
(cherry picked from commit c7b42ad937a39b1873c07b4d2908986a892c7fd4)
strstrafter() is like strstr() but returns a pointer to the first
character *after* the found substring, not on the substring itself.
Quite often this is what we actually want.
Inspired by #27267 I think it makes sense to add a helper for this,
to avoid the potentially fragile manual pointer increment afterwards.
(cherry picked from commit d791013ff529cbbb74d4cc5f1455f172befab1e6)
(cherry picked from commit 826662680badec75ba0fd607dbeaedf6f45cec8f)
(cherry picked from commit 5e04efbc2a235f8b4b3f781cc8bccaddff92ce95)
(cherry picked from commit 841834d9c358163308deb70642249e8b2ba76c1a)
(cherry picked from commit ac721c88aff0dca71bc517d4d7ba57091307c8ae)
(cherry picked from commit 2a82906e9ed052911a933d8e8ccabf91d1d52dbf)
(cherry picked from commit 192242c986e2462c4d2ec5b3ecd6f1ac02f9c0ad)
(cherry picked from commit 9c8d8719e4d60c1220e06a10d1c8f779043bbf95)
(cherry picked from commit e8ac7521b42d7255a2549ed4e50a66269413a997)
(cherry picked from commit 1b2719c2c5ce1349a1e48a093668fb90734e2e53)
(cherry picked from commit def6c37a196e8b0750edc8dee31d3e16e93d9afd)
(cherry picked from commit 71a8198af4521620650a022ec6d4120377bf86aa)
Otherwise it keeps printing stuff to the journal/console, adding
unnecessary noise.
(cherry picked from commit 3a8b7e8b5f72a940a07938a8ed33f2c3283dd52b)
(cherry picked from commit eab75a859117206352f4c8d2928631c42e9b3541)
(cherry picked from commit e33487408347a041f6b27b4145cd94fae345846a)
* Fix inaccurate synposis, and description
Before the fix, they reflected only part of networkctl functionality.
(cherry picked from commit dd9f909ea819a4a06218982f681b92dab0ba7d9d)
(cherry picked from commit f86ec3495853ab143d5b0c1d0cb09b5725ef8d40)
(cherry picked from commit ef395963a4f89af2ee19caaf5e05206f1040cfe1)
Follow-up for d2ebd50d7f9740dcf30e84efc75610af173967d2
Fixes#27105
(cherry picked from commit 6b7f150bbf4e873e57d527b7328ac59a57e0a681)
(cherry picked from commit fffcebc4bbe841418556d551b9ed44f8b7056138)
(cherry picked from commit e7015a5a02c0bc94a3318bf5b49540ff0194f7e5)
Make sure the RuntimeMaxSec is applied correctly to service and scope
units when they are started, and also on coldplug.
(cherry picked from commit af4688398f55b110c9d7d57be5cd0199b06e18c8)
(cherry picked from commit f152cdabaed160c767de2857b9c22513e8518b3e)
(cherry picked from commit 6da4d102e1a37011bb7c897e492268bb71bc069d)
In scope_set_state(), the timer event source may be disabled depending
on the state. Currently, it will be disabled when the state is
SCOPE_RUNNING. This has the effect of new RuntimeMaxSec values being
ignored on coldplug.
Note that this issue is not currently present when scopes are started
because when scope_start() is called, scope_arm_timer() is called after
scope_set_state().
(cherry picked from commit e1f85b49b09ed3e3717cf7776c9da7acc4e906c6)
(cherry picked from commit 999f48558bbe5d4665b97d76c530edc12f71b70b)
(cherry picked from commit 6bdcd58a88ca70b4fc097941a8f435400eb90e53)
(cherry picked from commit 8dacdd28f49e0b985d651e7c9f946aa666454063)
(cherry picked from commit 430861fc96585c6a5913b2a84456916e516a1a44)
(cherry picked from commit 696c0ed616dcd549903321db024d6ad7aad3ceca)
Correct what appears to be a copy/paste error in config_parse_exec_coredump_filter that is preventing the coredump_filter setting from working correctly.
(cherry picked from commit 9c669abb7106ae340ea47e7747d3bd054fbacdc5)
(cherry picked from commit 91953109ecd0956775b5bef442cd567917b11050)
(cherry picked from commit be49fcd07b3fa6db96dc8ff237f4bad959350b6c)
When a unit is upheld and fails, and there are no state changes in
the upholder, it will not be retried, which is against what the
documentation suggests.
Requeue when the job finishes. Same for the other two queues.
(cherry picked from commit 4c7a0fc8d061b41fdd63eb19b6fc0a5c94668dde)
(cherry picked from commit fa8d33bb3704f7b14c1c51e1d0e48e0e5042a98c)
(cherry picked from commit dd7a821b5f15265047a14a4bd76f0761bb563d9f)
The Upholds= promise is that as long as unit A is up and Upholds=B,
B will be activated if failed or inactive. But there is a hard-coded,
non-configurable rate limit for this, so add a timed retry after the
ratelimit has expired.
Apply to BindsTo= and StopWhenUnneeded= as well.
(cherry picked from commit 7223d500ac548c69e7879931e3ad8c84838f925b)
(cherry picked from commit 6fc08d840718cbf20ddc2832a603c149ed92331b)
(cherry picked from commit 374ef07274a26a4cac3887da86add2c1b3d4a065)
/bin/login is shipped in util-linux, however, systemd.spec on Fedora has
"Requires: (util-linux-core or util-linux)". If the dependency is
fulfilled just by installation of util-linux-core then users won't be
able to log in into the container after it boots. Let's add util-linux
package to the package list so that /bin/login is always present.
(cherry picked from commit 5015b5014bcff93371aef2c78b92efcfc2e38a40)
(cherry picked from commit 1fb4ae32b08c737662714c259573159d0e8788c3)
(cherry picked from commit 7c353ca5d60c57324ba9163528603311864f22d5)
Fedora 36 is a bit old at this point and will be EOL in about 6 weeks.
Fedora 38 is not out yet, so the cloud link wouldn't work.
(cherry picked from commit 5a9e2dff473fe9c18f1425fd18ed7c16881b6997)
(cherry picked from commit 841146f243db0c368b20b111fe5d33166ff325b4)
(cherry picked from commit b3f0c01a9d7b31138a08d86a44bc710554a5b785)
It's not required as per comment - https://github.com/systemd/systemd/pull/27110#issuecomment-1499653913
(cherry picked from commit 19cdda7c3a37362df602b3bfd1d2b949cc1f3598)
(cherry picked from commit 7102925d1a9b08cb25e5d8de031c75f29cff0d68)
(cherry picked from commit 77f5c9773379019a6d929b3da95617a75a58e71f)
(cherry picked from commit 9718afd194290228e225a81126988394d167bf7a)
(cherry picked from commit 167c01688f80b97b9f148276b1fb2b601dff6706)
(cherry picked from commit 4857bc61d28f06df373272b73f7c1b4432bffa8b)
(cherry picked from commit adc5b9823c6e6b518e73789d5ae9ae9718cd7072)
(cherry picked from commit d26fd71d1a2636c553672476d9b16dd4e1ec5bf4)
(cherry picked from commit 6de5e7646718346984e33995f406930b7b2028a9)
follow-up to https://github.com/systemd/systemd/pull/27071
in order to create Github Releases, the job needs permissions to write
contents
also:
- pinned the `softprops/action-gh-release` action to a specific commit
- made it only active on the `systemd` organization repos (so not on
forks)
(cherry picked from commit 7b411cf8421ef3bf6c05edcf131f63b8e7bae8ac)
(cherry picked from commit dc2facf61d80cbb45421d024b56b93fb70e363aa)
(cherry picked from commit 24c3212eaeb48ceb052c66f178da471383c94438)
(cherry picked from commit d6d06616319ef41ae2f6fcc4812764de2295cd7e)
(cherry picked from commit 4c65c644d6227dadedb317ae500a929e92f365fd)
(cherry picked from commit 1f8ec0ed38405367e8d79f715aad6b0b24775989)
