IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The pkcs11 cryptsetup token module is a bit different from the tpm2 +
fido2 ones: it asks for the PIN itself, rather than bubbling up a
request to get a PIN. That's because it might need multiple, and because
we don't want to destroy a the pkcs11 session half-way and thus risk
increasing pin counters.
Hence, we sometimes ask for PINs from our code, rather than let the
libcryptsetup caller do that. So far we didn't pass the AskPasswordFlags
field down into the module though. Fix that.
Fixes: #28665
(cherry picked from commit a758a128709cbcd99eddd1de6ea0e9846b9ce2eb)
(cherry picked from commit d1e542ca9c2124fe6fa1f49f3d23b4d0336a442e)
mkosi detects whether /dev/kvm is available and uses it if it is. But
some GHA hosts have it, but it's broken and not supported, so we need
to explicitly disable it.
(cherry picked from commit c13e6c720d17a336021a8bd28c5ff5818e61deb6)
(cherry picked from commit b4b04547a73b2d90e33dfa78a2b5c12c05f6e851)
If we receive a query via the two stubs we store the original packet
instead of just the question object. Hence when we send monitor info to
subscribed clients we need to extract its question and also include it
in the returned data.
Fixes: #29580
(cherry picked from commit ae55c9c0aed1578efd981a9fe79135112e643575)
(cherry picked from commit bb8f26f07d0828245b7987b3cb7b48ab6df3a9ee)
The explicit value here is not so important.
Let's chop off the higher bits.
Fixes the issue reported at
https://github.com/systemd/systemd/pull/29802#issuecomment-1788637950.
(cherry picked from commit 4314abf6d4e612e33c53909339931f2bd4cc0c29)
(cherry picked from commit 0175e2ea6e5fc44c7e2953f3f50775a12dbd6b58)
If one sets the SystemMaxUse=64G by the current documentation would expect that each files size would be around 1/8 of this value (8G), althought if the SystemMaxFileSize is not explicit set, it has a max of 128M per file.
(cherry picked from commit d397191b6d3001c2920e15e3ce3c9e7a31c66436)
(cherry picked from commit 83bc13e77ae5e27e420ca3e1e3b4da7c1c2e17cc)
Let's unconditionally drop privileges before submitting the coredump log
message.
Let's make the codepaths where we acquired a coredump and where we
didn't more alike: let's drop privs in both cases.
This is not only safer, but means that the coredump messages are always
accessible by the owner of the aborted process.
(cherry picked from commit c8e9476386fa9218720db0aada03c67dc89720b1)
(cherry picked from commit f0c9378e89025e83d860fe852ced3d657cd298de)
Let's not claim a process dumped core if that was disabled via resource
limits.
While we are at it, switch from stack to heap allocation for the log
message, as it includes a stack trace which can be arbitrarily large.
Fixes: #28559
(cherry picked from commit 6fea39bacc53de2b14f12b434d4a4907cbf554a2)
(cherry picked from commit 8e3ebafd05974e24d17f9aadded6fea75c043315)
Let's wait until the child is fully done with mounting it's own
instances of procfs/sysfs before we destroy our fully visible copies of
it.
This borrows heavily from Christian Brauners fix#29521, but splits the
place + sync into two steps so that the child payload is not started
before the parent has destroyed the procfs instance.
Alternative to: #29521Fixes: #28157
(cherry picked from commit 1a8d781495c91c3bf62bf87190af4470a44ba8a5)
(cherry picked from commit 99d80a28eeb9943d0386934217c865441cc26c04)
Prompted by #29500.
(cherry picked from commit 2b43c5cb7a7771feff9556685925de0adf9414f2)
(cherry picked from commit 3e60339229f4843c4facf08092c8eca795de1b7b)
It confuses users when they cannot find respective environment variables
with config that is supposes for (x)inetd activated service only.
Fix: #29670
(cherry picked from commit 788b7e7630669a47c54c6f3299af14db26ca7fe0)
(cherry picked from commit 136dc1c818aab93301032664931765f6285d0ba8)
The actual default is 2^15 and that is also 32b kernels default.
Fix the value, mention 32b and do not talk about default which may
depend on nr_cpus.
Fix: #29607
(cherry picked from commit 761791bcf83219f44fc799a2e4326121486817b4)
(cherry picked from commit 02eb3ed7059fb2ee1c7e45bbc62dedbc6cb805aa)
When running with --build-dir= we need to copy over udev rules from
$BUILD_DIR/udev.d/ and $SOURCE_TREE/udev.d/ to make stuff work as
expected.
(cherry picked from commit 33b0e0c09a438fd565b6c4d059bd14cc9651c40b)
(cherry picked from commit 359fed84eea82238a7ccdf5eb76d635afefdcaa4)
When testing the secureboot enroll feature, it can be hard to distinguish without
using the QMP API of QEMU whether we are in a hang situation of the UEFI firmware.
Making it clear that we reached the `ResetSystem` can be helpful towards that need.
(cherry picked from commit b9a0a13f7ad71896c8382968e492a94922b0d744)
(cherry picked from commit 2962ffd0b2a21c1603ccab266830f1fd402e806f)
The extra space was actually screwing up deserialization:
~# systemd-run --wait --pipe -p SocketBindAllow=any true
Running as unit: run-u167.service
Finished with result: exit-code
Main processes terminated with: code=exited/status=234
Service runtime: 1ms
CPU time consumed: 0
~# journalctl -b -p err
...
Oct 27 16:39:15 arch systemd-executor[5983]: Failed to deserialize: Invalid argument
Let's not do that by default and introduce a simple wrapper which
inserts the space after each item only when necessary.
(cherry picked from commit b0bb3be130e241178646df0b5c5f02ed661651d4)
(cherry picked from commit 14fbb396eecfcd120329e4cd74edc1bc009c1837)
After logind receives the SIGRTMIN signal from the kernel, it will execute
manager_vt_switch---session_leave_vt---session_device_pause_all,The device
permissions of the session are removed here;under normal circumstances, the
tty value read from /sys/class/tty/tty0/active changes and switchesto a new
session,give the new session resume device permissions.
But under abnormal circumstances (such as switching quickly on a device using
wayland; and sometimes the kernel will suddenly send a SIGRTMIN signal, but
nothing changes),In these cases, logind does not give session resume device
permission, causing the device to have a black screen and suspended animation.
(cherry picked from commit 2f1d1140101268e69204ec62dd9abb8ead4b48c8)
(cherry picked from commit ca4f72f46009ce249d6c265b2a0fba67e7b72ad8)
mcopy will set the modification time of created directories to the mtime
of the source directories but converts it to the timezone of the host.
This behavior is identical to Windows / DOS:
> The FAT file system stores time values based on the local time of the computer.
-- https://learn.microsoft.com/en-us/windows/win32/sysinfo/file-times
To achieve reproducible builds, mcopy should be invoked with TZ=UTC.
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
(cherry picked from commit b2942c76adc5bb6a3e073aa5cee57834ee3a9813)
(cherry picked from commit a79a2997ecfdd271d8845c762764469bb553519f)
Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
(cherry picked from commit 4947de275a5553399854cc748f4f13e4ae2ba069)
(cherry picked from commit 6b9297be80c4d98f014cf8d2d2fb3db644b16d5e)
The systemd-tmpfiles binary will report a fatal error if /tmp is not owned
either by root, or by the current user:
Detected unsafe path transition /tmp (owned by nobody) →
/tmp/test-systemd-tmpfiles.a8qc6n18 (owned by berrange)
during canonicalization of
tmp/test-systemd-tmpfiles.a8qc6n18/test-content.7chd7rdi
When doing development inside a 'toolbox' container (which is required
on a Fedora SilverBlue distro), /tmp is owned by 'nobody', because it
has been passed through from the host and host UID 0 gets mapped to
UID 65536 by usernamespaces. This triggers the unsafe path transition
error message.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 8473ece90e53040931c880bcbff623f1a5c037cd)
(cherry picked from commit c7482035e3cefbfae2a1cc4b4529ebb705d67531)
On rpm-ostree distributions like Fedora SilverBlue /home (and various
other well known locations) are symlinks to somewhere beneath /var.
The path_is_encrypted() method uses O_NOFOLLOW and as a result will
return ELOOP on /home. This causes test-blockdev-util to abort.
Add ELOOP to the ignorable set of errnos for testing.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit 6aa77f9284070229f73063e15cb4b4aa59cb6020)
(cherry picked from commit 1fcf8b5c8d217621d080fb41005f49e0608fa014)
Hopefully fixes many Coverity issues.
(cherry picked from commit 9e15e24bdbc695fe4fb65155b4e3bf73db34152b)
(cherry picked from commit c63cd5d55ed95bdda1512baf67d549d8a5d7d91f)
So we don't crash on invalid options:
$ build/systemd-random-seed --foo
Segmentation fault (core dumped)
(cherry picked from commit dd741b8893f28ec75fae9648c9e26c2fc887a781)
(cherry picked from commit b83e9fdf7cc8c925c5c7dcfd44ae8b2d6ace9bc8)
This seems to be the only place where rm_rf_children() is called with a
possibly used fd, which is then passed through to rm_rf_children_impl().
This also fixes#29606.
(Tested on Fedora rawhide with kernel 6.5.6-300.fc39.x86_64.)
(cherry picked from commit e3b84b105e632731352776fd619bbbea4d223b35)
(cherry picked from commit 02b14e74b79cff5f37a8b9984215829bb2837b21)
modprobe treats "-" and "_" interchangeably, thereby avoiding frequent
errors because some module names contain dashes and others underscores.
Because modprobe@.service unescapes the instance name, an attempt to
start "modprobe@dm-crypt.service" will run "modprobe -abq dm/crypt",
which is doomed to fail. "modprobe@dm_crypt.service" will work as
expected. Thus unescaping the instance name has surprising side effects.
Use "%i" instead.
(cherry picked from commit bf25cf6c49253e922524dfa0e7960f554838f18b)
(cherry picked from commit c98d0130dc8efd826cd85020337353cdbe644bb4)
Currently needed by test-dhcp-server unit test, af_packet is not built-in on
openSUSE distributions.
(cherry picked from commit a1af99df8e29ffb55b0c698eeda2c9bf795fc0e1)
(cherry picked from commit db2193609e554732c0288ccf27d5e58083f9219c)
We have a test where we compare the results from nftw() and our own
resurce_dit_at(). nftw() skips a dangling symlink when running under mkosi and
the test fails. I don't understand why nftw() does that, but in our code we
don't need to test and care about the details of nftw(), which we don't use,
outside of the one test, so let's just skip symlinks in the test.
Closes#29603.
(cherry picked from commit 974959e6f6352b76355b76ab550c0e729b2a8c21)
(cherry picked from commit 7db0b4c8df422fafa245f7ab0833b0ec764174ad)
We read properties of the unit, hence it shouldn't be GC'ed as long as
we run. Hence, let's just set AddRef unconditionally for the units we
create.
(cherry picked from commit 49a510eba29c78f4b7dc1c39391314a48eb8833b)
(cherry picked from commit 8326f9e378333ae01f686086bb1fd4d300d7c99b)
As systemd-journal-upload deals mostly with remote servers, add
some failsafes to its unit to restart on failures.
```
[Service]
Restart=on-failure
RestartSteps=10
RestartMaxDelaySec=60
```
(cherry picked from commit c08bec1587e102dd0435969e422288d69431e92c)
(cherry picked from commit fe0bf9f61913d70739359268134cbd10e375fe93)
When DHCP server is not running, sending force-renew command triggers
assertion.
(cherry picked from commit d311f5e277ae3609e661415b6c429fe3cd25e40b)
(cherry picked from commit 2cd9de1bbd76fc8a4f8cc0b10ea7cbb78fe0db1d)
We already do in the same way for sd-dhcp-client and friends.
(cherry picked from commit 39ba10f19e7d384ad48aaad9ff6c0b3c3e6bbef1)
(cherry picked from commit a7117e29f59fa6a81eb7025ec446b95c6b35f91a)
Follow-up for fc35a9f8d1632c4e7a279228f869bfc77d8f5b9c.
Fixes the issue https://github.com/systemd/systemd/pull/29472#issuecomment-1759092138.
(cherry picked from commit 9bd91e34aaf7c759617d4763853e55f419c06ffe)
(cherry picked from commit f453cbc5162eca42c415b8dc2325a7d734aca3e5)
There's really no point in logging about one of the most common cases we
have: that no BPF-LSM policy was installed for a specific unit.
(cherry picked from commit 58f1bd9b4ab889d0378a236d759649d4b45395f9)
(cherry picked from commit 86a85cb2b56f582c3a1e09d17a7f544bad0c23a7)
Let's show which fds are closed as part of the left-over fd set logic on
daemon reload/reexec cycles.
This is useful to debug accidentally unclaimed fds.
(cherry picked from commit 91a6447607635802ac2278b7997cde687e2549a4)
(cherry picked from commit b4cdf320554f122700e9d12c81dccf2c7565860b)
