IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Builds with kernels headers < 4.14 fail with:
../src/shared/loop-util.c: In function ‘loop_configure_fallback’:
../src/shared/loop-util.c:237:31: error: ‘LOOP_SET_BLOCK_SIZE’ undeclared (first use in this function); did you mean ‘LOOP_SET_DIRECT_IO’?
if (ioctl(fd, LOOP_SET_BLOCK_SIZE, (unsigned long) c->block_size) < 0)
^~~~~~~~~~~~~~~~~~~
LOOP_SET_DIRECT_IO
Fixes: https://github.com/systemd/systemd/issues/33341
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
(cherry picked from commit 56ab1c54497d9fac74380ff9e11aaf931a917d2b)
(cherry picked from commit 0730ec4f3ecbbb550864ff0dbadeeeb5e271eb50)
(cherry picked from commit ed087e865896521e5965f218ee61e074a0a098d9)
(cherry picked from commit e9e2923bc1054d5910a59089b867bff79018a711)
(cherry picked from commit 4cf7a676af9a79ff418227d8ff488dfca6f243ab)
(cherry picked from commit 2e52cf1df7f4a874331dcf607e0f4329ffb20bcd)
(cherry picked from commit db1d9bf99602c69363de7c8b30e878cca133fcbe)
(cherry picked from commit 244ca2d63ed566c77ab0c0fd726d8b18b003aee9)
Unprivileged users often make themselves root by unsharing a user namespace
and then mapping their current user to root which does not require privileges.
Let's make sure our tests don't fail in such an environment by adding checks
where required to see if we're not running in a user namespace with only a
single user.
(cherry picked from commit ef31767ed7e21672a50b77e7b3935948aaba114c)
(cherry picked from commit ec5cdf9ba0e003de6f824a000c0bbe46fb4e0925)
(cherry picked from commit 4d4513c1fed6140d2d5588fed5f0eddc935439f3)
(cherry picked from commit 1c514e7eee225bc036044ab65689c2d98f3b2d10)
(cherry picked from commit d098b8df6e5c1b4c834272dd1397345483116db6)
(cherry picked from commit f6f96b05585ef3b05cef843a2c1cb2c55e77d3ba)
(cherry picked from commit 77ee2a8d72964137d3e162d9d9f656e4266357a2)
(cherry picked from commit 8096e238c8a56793c75ed49bc58977da6c6ed8f2)
testing/sid is merged-usr via base-files now, so debootstrap fails.
Update the option on the fly.
(cherry picked from commit 7ca567cdc15f910adc39d95e69e66921bd43ed29)
(cherry picked from commit e9a5b4a10eaa10fd43c69d148d57c7f4d8e10a4f)
(cherry picked from commit 8e9af7b18ac5f2adf64b5f9bdc9c4df67ec5d721)
(cherry picked from commit bfe84a55f4e8e1c069e971b566fd53242310bb87)
(cherry picked from commit a2a7968701a4ed5e35bcd9ee2b2b0473ec949773)
Bit 60 is the one corresponding to ReadOnly, not 50. Fix this.
(cherry picked from commit 932cc94436e653d0487c29e0dd44685610cd7bcb)
(cherry picked from commit 2665618555d08fc3877043cac392f1b6573811b7)
(cherry picked from commit f38c19bc695636700d85c5eb689680b017cc29e8)
(cherry picked from commit 5ae6c773e4e6f3e95db8de7d6b4e1a8ff45f7e10)
Let's mention that the new mount API may be used to establish new
mounts in a container without needing the /run/host/incoming directory.
(cherry picked from commit 74cc5e2041a2c32e1824b32316bd95f2c8a811f5)
(cherry picked from commit 65eff444c4fa7be5eb1be71c5d94ab8732167e11)
(cherry picked from commit 53d92de4b4e6bd383abb2c6e96ae63cbe42f7f89)
(cherry picked from commit c12ef9e5dd3663d04158634aa747e959c88cf8df)
The nice value is part of struct sched_attr, and consequently invoking
sched_setattr() after setpriority() would clobber the nice value with
the default (as we are not setting it in struct sched_attr).
It would be best to combine both calls, but for now simply invoke
setpriority() after sched_setattr() to make sure Nice= remains effective
when used together with CPUSchedulingPolicy=.
(cherry picked from commit 711a157738b3dcd29a5ebc8f498eb46bfac59652)
(cherry picked from commit b628d4dfa61234d28ffaa648ec09c5e9972f832a)
(cherry picked from commit 4994f15f35c183792afcfc12de91b9074379a09c)
(cherry picked from commit c90ba5eb8cf12d8180efc37ce0db243115f1e2ac)
With af1a6db58fde8f64edcf7d27e1f3b636c999934c, now we can build with the
option.
(cherry picked from commit f548bc4011bcdab008b125b9d0993817efa00718)
(cherry picked from commit 772549666cf291d85c28d3bfc1ab2b7227422d4f)
(cherry picked from commit da229ea89a9b5e861e978d3787f9cf422be21553)
(cherry picked from commit fbc4335a4ac84645768225107ab0944725db26e2)
gcc15 has -Wunterminated-string-initialization in -Wextra and
warns about string constants that are not null terminated even though
the functions do do out of bounds access.
Silence the warnings by simply not providing an explicit size.
(cherry picked from commit af1a6db58fde8f64edcf7d27e1f3b636c999934c)
(cherry picked from commit ca09bc33e8b2cbc7c410c300b6df5cf3ce437a3b)
(cherry picked from commit f6f0d85135f472eeae58807918311a6fa78596a1)
(cherry picked from commit e49ce1b1a57e9b32bf90ff33a68370f805a0d3bd)
When creating a user, check if the requested group name matches a user
name in the queue. If that matched user name is also going to be a group
name, then use it for the new user too. In other words, allow the
following:
u foo -
u bar -:foo
when both foo and bar are new users.
Fixes#33547
(cherry picked from commit 18a8f03e5160ca3828d327d9bbd1b32f26d792a3)
(cherry picked from commit edf52384c2e99cd5af9bcd4ae4b13fd8f79596d3)
(cherry picked from commit 25003a6450810aeb0722ff6fb566f41297595f49)
(cherry picked from commit ed2da0379a0f1414e6246fd3e8cf200cd8127859)
(cherry picked from commit 0d113f8e70243c1a8f0587105195e51e027a4725)
(cherry picked from commit 8d5806b1e22798d8ee18b889af47568f5fccf3ed)
(cherry picked from commit 5ee15b924edf1c43ccabf47c489936173ced0249)
(cherry picked from commit 459fdc1c34e15d9ffe22e289e1ec3adf3bf6573c)
tcp reset / icmp port-unreachable are markedly different conditions than
packet loss. It doesn't make much sense to retry in this case. It's
actually not clear if there is any benefit at all retrying tcp
connections, which were presumably already retried as necessary by the
tcp stack.
(cherry picked from commit ddd710a355acc698b48159f3e501dda5a7dc2704)
(cherry picked from commit f5376fea7de173e9369e8af569fc6ecabd0d7282)
(cherry picked from commit 030dbbc39e54666bd0f393ef47f0b0d9b2dfe8b4)
(cherry picked from commit 1b5bc5ab49fccd1e23d6ee6ba5f37d8347156790)
Fixes CID#1548022 and CID#1548075.
(cherry picked from commit f7012a93a7f04fa29c7933a4963aa17fcf120e97)
(cherry picked from commit 11c15905cd4759b89a1da63d05772c1f7c3744a4)
(cherry picked from commit a920cc9b3a8fc8b9ee57fa5c4a30d9234eb7a819)
(cherry picked from commit ff17a1023e2715ee5f54cc741b47e1eb1c444f35)
To avoid conflicts with user .network file for the wlan interface with Bond=.
See https://github.com/systemd/systemd/issues/19832#issuecomment-857661200.
(cherry picked from commit e2becab08506d8a085f4c18231c7f354db16df9f)
(cherry picked from commit ad861b6ae6ee9660912f03f73f771c98f426753c)
(cherry picked from commit 2a182ae521331fc71cf5aabc20bf0e8f0b38ae42)
(cherry picked from commit d00860118d9fa6787ed4f35cbde047c819548c12)
(cherry picked from commit 4d6ab7e8440845301c90211beb22015e7232faa1)
(cherry picked from commit c12c122e2ad3668848ffff69913006d420bda41d)
(cherry picked from commit 407ac39dd8c3ac41c7c9c6f2f9c8307cd60b5ce9)
(cherry picked from commit 2fa6dd17940b9f49d30d1be99f4f03ec99e9e000)
Otherwise, when an interface gained its carrier, the interface may not
have matching .network file yet, then link_reconfigure_impl() returns
zero, and link_handle_bound_by_list() is skipped.
Fixes#33837.
(cherry picked from commit 36b8ad085c6902631ad7054bffbda33d6d168823)
(cherry picked from commit 0d98178abb5ea470d03d05680e58ff0e59fe69bd)
(cherry picked from commit 84c4a44f17b0cd68ba5f2ee0342a5a32299a3d62)
(cherry picked from commit 4efaf9dc9af9631e8d83ac7c3efa491f8567cdf7)
Even if a timespan specified to IgnoreCarrierLoss= for an interface,
when the carrier of the interface lost, bound interfaces might be bring
down immediately.
Let's also postpone bringing down bound interfaces with the specified
timespan.
(cherry picked from commit e8eaed0240d642e70c567b08f3593e4cf45a255a)
(cherry picked from commit 9468a6ea47cfb8412875923d09b8a8ae6ee02119)
(cherry picked from commit 80e93a0640e06b9fbe7d7354b4fad8a6ad140140)
(cherry picked from commit f2e34bdb57edbed90bb6eafd3d2d08d5f4e5436f)
On CentOS/Fedora, dracut is configured to write the initrd to
/boot/initramfs-$KERNEL_VERSION...img so let's check for that as well
if no initrds were supplied.
(cherry picked from commit b56920e36c5692c0dde701bfb48330653a9c62c9)
(cherry picked from commit 1cb21b2cb194501464c52c1f32ae55f593689cc3)
(cherry picked from commit 22acfc05a72da8d79e907e1a1f34896735e00b22)
(cherry picked from commit 7182b54b8660f2429115cf41dafa321cee7baf27)
If we're running from within a container, we're very likely not going
to want to use the kernel command line from /proc/cmdline, so let's add
a check to see if we're running from a container to decide whether we'll
use the kernel command line from /proc/cmdline.
(cherry picked from commit 35c01ec59e0c2e6bd06cb18ca2ff612c6a7ea35d)
(cherry picked from commit c386327fc851863abf4c27076bd368dfc55b83a0)
(cherry picked from commit 0b4d00b28469353df337add92930626744adf06e)
(cherry picked from commit 2b3cc8d4986bfde0b7ea6362f55d13ba060e01b3)
(cherry picked from commit 3f24fa57df552accc2a6f9ab4d36724ba7227eff)
(cherry picked from commit ec3f2c8c8ad86004d6048510382167ee5f1ded61)
(cherry picked from commit 8e0cb57134161105f4eceae321a3ad3e51c60639)
(cherry picked from commit 53493370d24ecaa0b49175c9ab5849a193a5935c)
- Improve wording for explanation when these variables are inherited
- Clarify that these variables are not placed in the process environment block,
so /proc/PID/environ cannot be used as a debugging tool
(cherry picked from commit 6c1e0823b04525716d9ee0031a2b6735d3f7dfa4)
(cherry picked from commit 5cf0c45f64079430b0b7c12ad323f238386260b0)
(cherry picked from commit 79f335d0ef2d3c35fdf4c19988c711a3abd31ee0)
(cherry picked from commit bb28a6c0b68a4a9dc2aa33972b3419680d333c05)
The new file, modules.weakdep, generated by depmod to get the weak
dpendencies information can be present
(05828b4a6e),
so remove it like the other similar files.
Signed-off-by: Jose Ignacio Tornos Martinez <jtornosm@redhat.com>
(cherry picked from commit eef4cd51f94d837bd0e71512c831634a2902522d)
(cherry picked from commit 0cdec6e1fef4174c0d04aaca195ab56750437535)
(cherry picked from commit ae0c61b4a722a7eacd2cc544798467e209238bf7)
(cherry picked from commit d9abcf946689cf26f531d0faa82c9be114b9cacc)
EINVAL should be used when a function is called with an invalid
argument. Here, the signal is not a function argument.
Follow-up for 7a64c5f23efbb51fe4f1229c1a8aed6dd858a0a9.
(cherry picked from commit ab9af70edb23f2a66e93e2e16f87cd98873885b7)
(cherry picked from commit 84f0eda3781f49ff7f3035861b02fe247b89d65e)
(cherry picked from commit da81ee2f78526f78b3c57661a59de681d208e35e)
(cherry picked from commit 42885ab01726b5937390704f1d6ec33f0321fd53)
The signalfd_siginfo struct is received from outside via a FD, hence
assert() is not appropriate way to check it. Just do a normal runtime
check.
(cherry picked from commit 7a64c5f23efbb51fe4f1229c1a8aed6dd858a0a9)
(cherry picked from commit 7a48ea958bf146a45cb4a3b7ff7aeb5885469196)
(cherry picked from commit 5fa8b5d74aa81e884613ba68c6f765834e6dd02c)
(cherry picked from commit 74fa56ebc3d323bd6cd2315eb8b1057f0ea359a8)
Add macros to manage bits in a bitfield (e.g. uint32_t, uint64_t, etc),
such as setting, clearing, checking bits, and iterating all set bits.
These are similiar to the bitmap operations, but operate on basic types
instead of requiring a Bitmap object.
(cherry picked from commit 33d9beed07b3dab05d07d57e8af13bb19b9e3095)
Currently, IS_SYNTHETIC_ERRNO() evaluates to true for all negative errnos,
because of the two's-complement negative value representation.
Subsequently, ERRNO= is not logged for most of our own code.
Let's fix this, by formatting all synthetic errnos as positive.
Then, treat all negative values as non-synthetic.
While at it, mark the evaluation order explicitly, and remove
unneeded comment.
Fixes#33800
(cherry picked from commit 268f58076f7e0258dce75f521d08199092279853)
(cherry picked from commit 4ad6b2631d73a574859a62d33715a7bdef810bcf)
(cherry picked from commit 1fc7e3473c2fec27bdc0b19753e4ea84cd39644f)
(cherry picked from commit 9463b376bcbb1a177bf46d64845b52eae79af739)
(cherry picked from commit 2cf425ec573b8f67025c5e74cd267015129e7349)
(cherry picked from commit a78a52465298e8f5a927da9c9fc56c41837018aa)
(cherry picked from commit e8fe599736d70fbaf553940ea99360575637408b)
(cherry picked from commit f3eff7a838128dc690683aa94b9e1fbea3924bae)
Follow-up for 6906c028e83b77b35eaaf87b27d0fe5c6e1984b7
The mentioned commit uses access() to check if varlink socket
already exists in the filesystem, but that isn't sufficient.
> Varlink sockets are not serialized until v252, so upgrading from
> v251 or older means we will not listen anymore on the varlink sockets.
>
> See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074789
> for more details as this was found when updating from Debian Bullseye to a new version.
After this commit, the set up of varlink_server is effectively
split into two steps. manager_varlink_init_system(), which is
called after deserialization, would no longer skip listening
even if Manager.varlink_server is in place, but actually
check if we're listening on desired sockets.
Then, manager_deserialize() can be switched back to using
manager_setup_varlink_server().
Alternative to #33817
Co-authored-by: Luca Boccassi <bluca@debian.org>
(cherry picked from commit d4e5c66ed469c822ca5346c7a445ec1446b1d17f)
(cherry picked from commit b825a8be0b7b857a715e982cee861e8ae6995ee8)
(cherry picked from commit 3b3875ead34bdd14b853e9c77565647244263fa0)
(cherry picked from commit e7155d8d0f5a2de02c800f08d949af0a8daa47a2)
Certainly on systemd 252 at least a configuration of
```
MemorySwapMax=40%
```
is supported but this was missing from the man page.
Only MemoryMax was documented as supporting a %.
(cherry picked from commit 8af38e5b0475f514141d314088dcf9fffd7edc37)
(cherry picked from commit 766af3f782299a7cbfba24a4333444ac008c17d2)
(cherry picked from commit 69681c222e8198ed7327173eada85cdd7684546d)
(cherry picked from commit 5ff55bc33c7d8c29ed609e7fe1eb4237566c69b0)
We'll *always* hit ENEOENT when iterating through SMBIOS type #11
fields, on the last one. it's very confusing to debug log about that,
let's just not do it.
(cherry picked from commit 5202ee42d5da0ae3a6655d2bc959a19d8c347e9d)
(cherry picked from commit 995c702a347d16cfad4605f3982d5278616ea1f8)
(cherry picked from commit f084959002e9efc2c4dccf410fa745b57f51f512)
(cherry picked from commit b5f3e791c34206befe0355e2fb71e954cbcea4e8)
If there is an error with the execv call in fork_agent the
program exits without any meaningful log message. Log the
command and errno so the user gets more information about
the failure.
Fixes: #33418
Signed-off-by: Mauri de Souza Meneguzzo <mauri870@gmail.com>
(cherry picked from commit a408d4453145621902b9a3ef78a552f83b09bd8d)
(cherry picked from commit 7fcfb73d71ed1d4230f58de1a94790e0c28719ea)
(cherry picked from commit 76fe6ebee84c22c96f1c9a96707c7e72706989fd)
(cherry picked from commit 084b91100c8a139514382a0f2a6bb2beaa811963)
Make the warning for oneshot services (where RuntimeMaxSec= has no
effect) more actionable by pointing to the directive people can use
instead to effectively limit their runtime.
(cherry picked from commit 8c4aa0f1c6a78b35712fa6a7acf6d755d0c0bd86)
(cherry picked from commit 468b0646342986c6cc9bd797b4ba189dc488ee8d)
(cherry picked from commit 017d7fd49085e8f877cfa2510f251b9a6b59f207)
(cherry picked from commit a7e6ebc98418bc28f30f89588127e6dbce526156)
This is a common case, and nothing noteworthy at all. For example, if we
establish an enumerator for listing all devices tagged by some tag, then
the per-tag dir is not going to exist if there are currently no devices
tagged that way, but that's a really common case, and doesn't really
deserve any mention, not even at debug level.
(cherry picked from commit a68c97a54527cacaeeac0c117493639fc455ef5e)
(cherry picked from commit 8aa9e60f89f84a90fb364ee66cf62432a6b877ba)
(cherry picked from commit a321caf0583cc70cf1ba66bdc41d07175ccc1f2a)
(cherry picked from commit 32a32002c77a66499786b2f23e2aab9b21ed9a60)
Same as the other aliases. Allows chaining commands like:
$ systemd-id128 show -P root-$(dpkg-architecture --query DEB_HOST_ARCH)
4f68bce3e8cd4db196e7fbcaf984b709
(cherry picked from commit f0b151ce864371da06a4d4a63a2a8b5282817b7e)
(cherry picked from commit b60d5bc1b774f900dc5c5d45faed17e919bdf0b3)
(cherry picked from commit b4e43b53c4a2b6f3fd238a6ea073d9471514bf59)
(cherry picked from commit 11c456a8c8df417508b6eb590586860b356766b4)
When boot counting is enabled, adding a new loader entry or UKI can conflict
with an existing one that has booted successfully and therefore has its boot
counter removed. systemd-bless-boot will fail to bless the new successful boot,
since a file without a boot counter already exists. Since kernel-install will
clobber existing files without boot counting, we should therefore remove files
without a boot count as well, when we add a file with one.
Fixes: #33504
(cherry picked from commit 99d4575e541fa1fb00dc80f7aad572f3a66db461)
(cherry picked from commit b78618540659a40c4c26aa588b3cd8b9c46116d1)
(cherry picked from commit 85ca1588c07059cac6f45f22b4a712cf37c6604c)
(cherry picked from commit 59aad95fe9732184a5225fe1380fe7d9873b56c6)
(cherry picked from commit 35451a32043504013eed5725c8be46b36ccdf71a)
(cherry picked from commit 3736e21341500d98d878b84a34cc5b9d7cd9125f)
(cherry picked from commit 0672a43dd27dd4cd4f9b6188be2c51a572628b84)
(cherry picked from commit 43a62081fd551c9bef358eef33d9cee6c15621ca)
This is VFAT world after all.
(cherry picked from commit 764faf60400bafb1764b728aafe0dcf4cbf07364)
(cherry picked from commit 18143edf3e582d6b8c2933f5c181c9b29146023a)
(cherry picked from commit 04cd06e2f679376e932a1b1424bdffb326f607d6)
(cherry picked from commit 71da938d378d2dbf2bf1a6e1de6b07392901d22e)
Symlink created by Alias will use the value as the file name.
(cherry picked from commit 3f0e7fd4fd1d20e3f4be18f485c76d25ce10f41b)
(cherry picked from commit a68188e985d29e46cfa6eb2e17419fad90f0b287)
(cherry picked from commit 4b8ce6a18720c2347063b6d681e5a1dac560b6c0)
(cherry picked from commit e8566d7bbfc4f269835ecbcc8c7960e025cdbd2b)
When watching a given pathspec, systemd unconditionally installs
IN_ATTRIB watches to track the link count of the resolved file. This
way, we are notified if the watched path disappears, even if the
resolved file inode is not removed.
Similarly, systemd installs inotify watches on each parent directory, to
be notified when the specified path appears. However, for these watches
IN_ATTRIB is an unnecessary addition to the mask. In inotify, IN_ATTRIB
on a directory is emitted whenever the attributes of any child changes,
which, for many paths, has the potential to cause a high number of
spurious wakeups in systemd. Let's remove IN_ATTRIB from the mask when
installing watches on the parent directories of the specified path.
(cherry picked from commit 8bf8c7d83dcffffa55b5f534fb98db6b01315dc1)
(cherry picked from commit fa2b2da1466ff225363c1a0492b1b43c1d01dd8a)
(cherry picked from commit 2818d5a0d679f5205b5a369c8be0b9dfdf9e39eb)
(cherry picked from commit e9db26769ad1e6f6ebb34a5cc0c457b9df0bb932)
(cherry picked from commit bffd3c52ad7113f21523568120d84326151f4600)
(cherry picked from commit ab11d7e177378704859703f4821784462c8966a5)
(cherry picked from commit 4b05dc62f17397c9ec22b05cf0b041eaee2afec7)
(cherry picked from commit 82080d648bad12b27d97e70c9352444316df2b5b)
The newest kconfig enabling DB-verified dm-verity images is queued
for 6.11:
https://patchwork.kernel.org/project/dm-devel/patch/20240617220037.594792-1-luca.boccassi@gmail.com/
(cherry picked from commit a79b6dc0706dd5fe76ec56b3308b402c133ead23)
(cherry picked from commit c32f71aa1420b05711fa0593ddcffbeb76f272ab)
(cherry picked from commit d34f0dec5327ab9c2fc6da3135c640aa5ba473b1)
(cherry picked from commit 03d97a42c3b3a0a4c695479c2b95340b2a2c1d32)
If the io.systemd.DynamicUser or io.systemd.Machine files exist,
but nothing is listening on them, the nss-systemd module returns
ECONNREFUSED and systemd-sysusers fails to creat the user/group.
This is problematic when ran by packaging scripts, as the package
assumes that after this has run, the user/group exist and can
be used. adduser does not fail in the same situation.
Change sysusers to print a loud warning but otherwise continue
when NSS returns an error.
(cherry picked from commit fc9938d6f8e7081df5420bf88bf98f683b1391c0)
(cherry picked from commit abba1e6bc29b7e07354ca23906c6f485ba245a1a)
(cherry picked from commit 0f518750a44dc4b2987ecc0cea4b3d848ac46ee9)
(cherry picked from commit dffa62c85fb644c649f68b2c8f02b1d8440d2a9d)
The XDG base dir spec adopted ~/.local/state/ as a thing a while back,
and we updated our docs in b4d6bc63e602048188896110a585aa7de1c70c9b, but
forgot to to update the table at the bottom to fully reflect the update.
Fix that.
(cherry picked from commit 72a6296b16a75d4e26eec972f2999e69c9967b9d)
(cherry picked from commit df1ed3fbe2d03e9c1d0eed7d836c5aa541f4fb52)
(cherry picked from commit 15352fa22315cd76582ae33a63d065c808b9e958)
(cherry picked from commit 083380e814ac5dc773a849315702d0707088aa8b)
