IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
In sd-netlink, we use 'type' for naming many variables with different type,
and worst of all, function like `type_get_type()` exists. That makes the
code hard to understood.
Let's rename
- NLType -> NLAPolicy
- NLTypeSystem -> NLAPolicySet
- NLTypeSystemUnion -> NLAPolicySetUnion
- type_get_type() -> policy_get_type()
- type_get_type_system() -> policy_get_policy_set(), and so on.
This also changes the type of attribute taken by e.g.
`sd_netlink_message_append_string()` from `unsigned short` -> `uint16_t`
to make the variable size clearer.
Rather than using a separate DATA round to transmit the trace-string of
the ANONYMOUS authentication scheme, transmit it inline as argument.
This requires a refactor of the client-side SASL parser, as we now have
a different set of replies depending on the mode used.
This fixes an issue where libdbus-1 does not query for trace-strings if
not transmit inline as AUTH-ANONYMOUS argument. It is unclear from the
wording of the spec whether this is a violation by libdbus-1. However,
we can work around it by simply changing our mode of transmittal.
So far the --help text and the man page of journactl were mostly a large
pile of options shown next to each other. Let's add some basic
structure, and group switches by sections such as "Filtering Options",
"Output Options" and so on.
Do this the same way in the --help text and in the man page.
Since this moves everything around anyway, I also opted to rebreak all
paragraphs in the man page. This makes the patch larger than necessary,
but given that this whole patch doesn't really change contents besides
section titles I figured this would be OK.
When multiple devices have the same devlink, then
adding/updating/removing one of the device may cause syspath change.
Fixes the following issue in
https://github.com/systemd/systemd/issues/23208#issue-1217909746
> the above shows an inconsistency between udev's and systemd's handling
> of the two different devices having the same alias. While udev replaces
> the by-uuid symlink which now points to sdh1 rather than sdd1, systemd
> keeps the previous mapping to sdd1 and emits a warning. This is not the
> problem cause but worth mentioning.
When a PF port becomes down (this can happens e.g. the PF port is joining
a bond interface), some drivers make its VF ports also become down, and
may cause failures in configuring VF ports.
Similary, when a VF port become down, some drivers make its PF port and
other VF ports down.
Let's configure SR-IOV ports (both PF and VFs) after all link-layer
settings of all ports being applied.
Fixes#23315.
Test the functionality implemented in the previous commit ("cryptsetup: ask for
PIN when trying to activate using a LUKS2 token plugin"): when "tpm2-device" is
not specified, systemd-cryptsetup calls crypt_activate_by_token_pin() to try to
unlock using a LUKS2 token plugin, test whether this is able to obtain the
provided PIN.
crypt_activate_by_token() fails with ENOANO if the token is protected with a
PIN, in this case we need to call crypt_activate_by_token_pin() with a PIN.
This logic is already implemented in
crypt_activate_by_token_pin_ask_password().
This code path is relevant when using systemd-gpt-auto-generator because there
is no a priory information about the type of the used security device, so
systemd-cryptsetup tries to unlock the volume using the corresponding
cryptsetup plugin.
Use the helper function introduced in the previous commit ("cryptsetup:
implement cryptsetup_token_open_pin for systemd-tpm2 LUKS2 token") for
cryptsetup-token-systemd-tpm2.
This finishes the implementation started in commit
1f895adac2 ("cryptsetup: add libcryptsetup TPM2
PIN support").
Note that the previous implementation took a shortcut by returning EOPNOTSUPP
instead of the correct ENOANO as per the cryptsetup documentation. This meant
that systemd-cryptsetup fell back to the non-plugin implementation in order to
ask for the PIN. Since this does not happen any more when returning ENOANO, we
need to ask for the PIN in attach_luks2_by_tpm2_via_plugin() instead like
attach_luks2_by_fido2_via_plugin() does.
Before this commit, when a .mount unit file is loaded, the device
dependencies from the unit file are automatically added. If a device
that is different from which specified in .mount unit file is mounted
on the path, then the device dependencies about the device are also added.
Hence, the unit has device dependencies about two (or more) different
devices. Hence, if one of the devices are unplugged, even if another one
is mounted on the path, then the path is unmounted.
This commit makes device dependencies from two different sources
exclusive, and always regenerate the dependencies when one of the
information is updated.
Fixes#19983 and #23552.
The dependencies tagged with UNIT_DEPENDENCY_MOUNTINFO_DEFAULT depend
on both /proc/self/mountinfo and corresponding .mount unit file.
Hence, if some information from mountinfo is updated, e.g. device mounted
on the path, we need to update the dependencies.
When the function mount_setup_new_unit() is called, the corresponding
.mount unit file is not loaded. Hence, Mount.from_fragment is false.
To add default dependencies to e.g. .device units, it is necessary that
the Mount.from_proc_self_mountinfo flag is set. However, the flag was
not set even the unit has information from /proc/self/mountinfo.
Partially fixes#19983.
