IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Note that test-cgroup-mask, test-cgroup-unit-default and test-unit-name will now
report being skipped instead of reporting success if not run under systemd.
Note that this will only report test skips if they use TEST_RET macro.
Regular TEST macros can still be skipped, but this will not be reported
back to main();
This mostly reverts 489f01f806f865eabb55458c98182b06a6c53a62 and
deb2cfa4c6885d448eb1f17e5ef1b139106b7e86.
As now MACAddress=none is supported. So, users can still disable MAC
address assignment.
In case `/proc` is successfully mounted with pid tree subset only due to
`ProcSubset=pid`, the protective mounts for `ProtectKernelTunables=yes` and
`ProtectKernelLogs=yes` to non-pid `/proc` paths are failing because the paths
don't exist. But the pid only option may have failed gracefully (for example
because of ancient kernel), so let's try the mounts but it's not fatal if they
don't succeed.
00db9a114e ("docs: generate table from header using a script") got the
descriptions for the partition types mixed up. After that change, the
spec claimed, for example, that the /usr partition should contain
"dm-verity integrity hash data for the matching root partition", and
that the /usr verity partition should be of type "Any native, optionally
in LUKS". This made the spec an extremely confusing read before I
figured out what must have happened!
I've gone through the table as it existed prior to 00db9a114e, and moved
the descriptions around in the script that generates the table until
they matched up with what they used to be. Then I regenerated the
table from the fixed script.
Allows to pass a portable profile when doing offline analysis of
units. Especially useful for analyzing portable images, since a
lot of the security-relevant settings in those cases come from
the profiles, but they are not shipped in the portable images.
I think the function name is confusing: we generally say "free_free" when
both keys and values are freed in a hash map, but here the type is an
array of strvs, so the name should be something like strv_array_free.
The function is unused since 143fadf369a18449464956206226761e49be1928 (2018),
let's just drop it.
Make oomctl a bit less likely to race with systemd-oomd receiving the
managed oom cgroup info by checking oomctl output in a loop with
timeout.
Fixes#21146
We would fail if the input file was corrupted:
build/test-journal-flush ./system@0005b7dac334f805-0021aca076ae5c5e.journal\~
journal_file_copy_entry failed: Bad message
Assertion 'r >= 0' failed at src/libsystemd/sd-journal/test-journal-flush.c:55, function main(). Aborting.
[1] 619472 IOT instruction (core dumped) build/test-journal-flush ./system@0005b7dac334f805-0021aca076ae5c5e.journal\~
Let's skip some "reasonable" errors.
Fixes#17963.
Code simplification; no idea why the Context structs were being
heap-allocated piecemeal. There aren't many and they're small,
and made even smaller with this commit.
This also gets rid of the Context.cache backreference by just
accompanying the Context* with MMapCache* to the few private
Context* operations, resolving the context ID to a Context* at
the single public entrypoint: mmap_cache_fd_get(), which asserts
on the value being within bounds. The Context.id member and
checks are also removed, as there's far less opportunity for
these things to become inconsistent now.
Of course this drops all context_{add,free}() related code,
making for a tasty diffstat.
