1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-24 21:34:08 +03:00
Commit Graph

60470 Commits

Author SHA1 Message Date
Luca Boccassi
61938b3c8d
Merge pull request #25039 from mrc0mmand/test-tewaks
A couple of minor tweaks for recent CI fails
2022-10-17 21:52:00 +02:00
Zbigniew Jędrzejewski-Szmek
725a28fe77
Merge pull request #24992 from yuwata/sd-device-monitor-receive-buffer
sd-device-monitor: dynamically allocate receive buffer
2022-10-17 20:49:18 +02:00
Lennart Poettering
15f9a1525f man: add missing reference to systemd-pcrphase-sysinit.service 2022-10-17 17:12:45 +02:00
Luca Boccassi
7a329f2bac
Merge pull request #25036 from keszybz/plurals
Remove usage of "noun(s)" in messages and docs
2022-10-17 17:12:16 +02:00
David Edmundson
9739bcfd85 xdg-autostart-service: Add comments to tilde expansion, use path_join()
Follow-ups for https://github.com/systemd/systemd/pull/24658
2022-10-17 16:42:39 +02:00
Daan De Meyer
f87338fa26 Update TODO 2022-10-17 16:10:42 +02:00
Daan De Meyer
0aa1d40649 mkosi: Switch to Fedora 37
Official release date is close so let's switch mkosi CI to it already.
2022-10-17 16:02:16 +02:00
Zbigniew Jędrzejewski-Szmek
02df2981b5 meson: drop repeated output in error message 2022-10-17 15:10:53 +02:00
Zbigniew Jędrzejewski-Szmek
0923b4253c tree-wide: replace "plural(s)" by "plurals"
(s) is just ugly with a vibe of DOS. In most cases just using the normal plural
form is more natural and gramatically correct.

There are some log_debug() statements left, and texts in foreign licenses or
headers. Those are not touched on purpose.
2022-10-17 15:10:53 +02:00
Frantisek Sumsal
c0c03d9ce1 test: use SIGKILL to kill the container if necessary
TEST-69 uses a Python wrapper around the systemd-nspawn call, which on
error calls the `spawn.terminate()` method. However, with no arguments
it will only use SIGHUP and SIGINT signals - this might leave a stuck
container around, causing fails if the test is run again. With `force=True`
SIGKILL is used as well (if necessary).
2022-10-17 15:00:12 +02:00
Yu Watanabe
69363f13b5 test: add test for large uevent message 2022-10-17 21:52:35 +09:00
Yu Watanabe
efbd4b3ca8 sd-device-monitor: dynamically allocate receive buffer
If udevd broadcasts a processed device with huge amount of properties,
then clients cannot receive the device.

Fixes #24987.
2022-10-17 21:49:08 +09:00
Frantisek Sumsal
e6bd46a62c test: drop one layer of escaping 2022-10-17 14:38:00 +02:00
Frantisek Sumsal
6f255fe191 test: ignore gcov errors in TEST-34
TEST-34 complains in `test_check_writable` when running with gcov, as
the build directory tree is not writable with DynamicUser=true. As I had
no luck with $GCOV_PREFIX and other runtime gcov configuration, let's
just ignore the gcov errors for this test.
2022-10-17 14:31:25 +02:00
Lennart Poettering
714c586943 cryptsetup: drop redundant parens/drop ternary op
A ternary op is a bit weird to use if we end up assigning a variable to
itself in one of the branches. Hence use a plain if check.
2022-10-17 13:52:54 +02:00
Zbigniew Jędrzejewski-Szmek
c39d018774
Merge pull request #24919 from anitazha/varlinkserialize
varlink/pid1 fixes for systemd-oomd (addresses #20330)
2022-10-17 13:44:28 +02:00
Zbigniew Jędrzejewski-Szmek
70427ec553
Merge pull request #24986 from keszybz/news-systemd-measure
NEWS: rework the description of systemd-measure a bit again
2022-10-17 13:24:07 +02:00
Lennart Poettering
8d9295bbf5 pcrphase: fix --help text
We don't take a command, we just take a "word" which we'll extend into
PCR 11.
2022-10-17 12:39:33 +02:00
Lennart Poettering
047273e6e8 pcrphase: add two additional phases
This adds two more phases to the PCR boot phase logic: "sysinit" +
"final".

The "sysinit" one is placed between sysinit.target and basic.target.
It's good to have a milestone in this place, since this is after all
file systems/LUKS volumes are in place (which sooner or later should
result in measurements of their own) and before services are started
(where we should be able to rely on them to be complete).

This is particularly useful to make certain secrets available for
mounting secondary file systems, but making them unavailable later.

This breaks API in a way (as measurements during runtime will change),
but given that the pcrphase stuff wasn't realeased yet should be OK.
2022-10-17 12:09:43 +02:00
Quentin Deslandes
961549ab41 tests: add nspawn's rootidmap integration test
Add integration test to testsuite-13.sh to ensure rootidmap option map
user IDs as expected.
2022-10-17 12:01:50 +02:00
Luca Boccassi
42fadfb168
Merge pull request #24938 from msizanoen1/journald-harden-clock-jump
journald: harden against forward clock jumps before unclean shutdown
2022-10-17 12:00:02 +02:00
Luca Boccassi
6d4f55f3eb
Merge pull request #25003 from DaanDeMeyer/mkosi-fixes
mkosi: Add Centos Stream 8 back to CI
2022-10-17 11:36:55 +02:00
Lennart Poettering
c868e95ebb update TODO 2022-10-17 11:21:00 +02:00
Daan De Meyer
71205f972b mkosi: Add Centos Stream 8 back to CI
We can build all of systemd's features again on CentOS Stream 8, so
let's add it back to CI.
2022-10-17 08:45:57 +02:00
Daan De Meyer
6afeac1dd6 mkosi: Make sure bpf-framework works on CentOS Stream 8 as well 2022-10-17 08:45:48 +02:00
Daan De Meyer
afd22e3219 README: Fix libbpf minimum version
This didn't get properly updated as part of #24511
2022-10-17 08:45:16 +02:00
Daan De Meyer
3632e90c85 mkosi: Reenable bpf-framework
This got changed by mistake by #24511. Since we still support the
same libbpf version, we can keep this enabled everywhere.
2022-10-17 08:45:16 +02:00
Daan De Meyer
3f5225d7f3 qrcode-util: Add support for libqrencode 3.0
They didn't actually change API between major versions, so let's
support the previous version as well so we can add CentOS 8 Stream
back to CI.
2022-10-17 08:45:16 +02:00
Jan Janssen
d388f3d723 stub: Fix booting with old kernels
This fixes a regression introduced in e1636807 that removed setting this
value as it seemingly was not used by the kernel and would actively
break above 4G boots. But old kernels (4.18 in particular) will not boot
properly if it is not filled out by us.
The original issue was using the truncated value to then jump into the
kernel entry point, which we do not do anymore. So setting this value
again on newer kernels is fine.
2022-10-17 08:43:01 +02:00
Lennart Poettering
235ae69cbe gpt-auto: rename all functions that operate on a DissectedPartition object add_partition_xyz()
The function for handling regular mounts based on DissectedPartition
objects is called add_partition_mount(), so let's follow this scheme for
all other functions that handle them, too. This nicely separates out the
low-level functions (which get split up args) from the high-level
functions (which get a DissectedPartition object): the latter are called
add_partition_xyz() the former just add_xyz().

This makes naming a bit more systematic. No change in behaviour.
2022-10-17 08:07:58 +02:00
Lennart Poettering
e8ede6f57e generator: modernize generator_open_unit_file() 2022-10-17 08:06:55 +02:00
Lennart Poettering
06648fa991 gpt-auto-generator: use our usual ret_xyz parameter naming 2022-10-17 08:05:05 +02:00
Lennart Poettering
346a4e3db8 man: mention that pcrphase also measures into PCR 11 2022-10-17 08:02:53 +02:00
Lennart Poettering
b6fd88a511 cryptsetup: use errno-flavoured logging where we have an errno 2022-10-17 08:02:03 +02:00
Lennart Poettering
75b1d269cb tpm2-util: fix parameter name 2022-10-17 08:00:04 +02:00
msizanoen1
5bc787fa53 journal: fix indentation in managed_journal_file_open_reliably 2022-10-16 21:07:33 +07:00
msizanoen1
383d9155a2 journald: harden against forward clock jumps before unclean shutdown
Try harder to inherit the sequence number and ID from the old journal
file before rotating it away.

This helps the libsystemd journal file selection code make better decisions
even in the face of massive incorrect forward clock jumps prior to an
unclean shutdown.
2022-10-16 21:07:33 +07:00
Celeste Liu
09925036cf seccomp: add riscv_flush_icache to allow list
This system call is harmless because it only enforces ordering between stores
and instruction cache fetch.

fixed #24991
Related: https://github.com/felixonmars/archriscv-packages/issues/1840

Signed-off-by: Celeste Liu <CoelacanthusHex@gmail.com>
2022-10-16 12:40:00 +02:00
Yu Watanabe
3e15bed410 udev: drop unused source file
Follow-up for 5bbcfbaa11.
2022-10-15 20:41:23 +09:00
Lennart Poettering
c8428d2d06 seccomp: drop per arch conditionalization in filter groups
We list plenty of arch-specific syscalls in our filter groups, treat the
s390 syscalls the same.

We handle gracefully anyway if some syscall doesn't exist locally on the
kernel or arch, let's rely on it. This has the benefit that
"systemd-analyze" will comprehensively tell you the syscalls filtered on
any arch for any arch.

And less conditionalization is good anyway.
2022-10-15 00:00:16 +02:00
Pyfisch
b45b4f5008 Update list of partition type identifiers
Include verity sig partition identifiers.
List all supported CPU architectures.
2022-10-14 22:29:43 +02:00
Pyfisch
ba4a5eff6e Document two systemd-repart options in man page
Note --private-key and --certificate options for configuring
verity signature partitions in the listing of options.

Adjust one error message referring to the --certificate option.
2022-10-14 22:00:43 +02:00
Lennart Poettering
924a329a00 update TODO 2022-10-14 21:07:29 +02:00
Thomas Blume
d72f4a3897 basic/mountpoint-util: skip dependency on quota services for some filesystems 2022-10-14 20:57:30 +02:00
Luca Boccassi
d2be5f641d
Merge pull request #25002 from poettering/install-type-fix
install: make InstallChangeType enum a proper enum
2022-10-14 20:56:44 +02:00
Anita Zhang
284212893b core: only allow systemd-oomd to use SubscribeManagedOOMCGroups
Attempt to address
https://github.com/systemd/systemd/issues/20330#issuecomment-1210028422.

Summary of the comment: Unprivileged users can potentially cause a denial of
service during systemd-oomd unit subscriptions by spamming requests to
SubscribeManagedOOMCGroups. As systemd-oomd.service is the only unit that
should be accessing this method, add a check on the caller's unit name to deter
them from successfully using this method.
2022-10-14 09:57:59 -07:00
Anita Zhang
008798e90c core: serialize/deserialize varlink sockets for pid1
Fixes #20330
2022-10-14 09:54:05 -07:00
Yu Watanabe
f6e88aac2c elf-util: drop assertion for metadata in report_module_metadata()
Fixes a bug introduced by 1a0281a3eb.

Fixes RHBZ#2134741 (https://bugzilla.redhat.com/show_bug.cgi?id=2134741).
2022-10-14 18:08:11 +02:00
msizanoen1
417cbcd6be shared/logs-show: do not overwrite journal time in export format with source timestamps
Using _SOURCE_{MONOTONIC,REALTIME}_TIMESTAMP in place of the results of
sd_journal_get_{monotonic,realtime}_usecs in export formats might cause
internal inconsistency of realtime timestamp values within a journal export,
violating the export file format and causing systemd-journal-remote to
mass-generate journal files.

Fix this by using the real journal timestamps for
__{REALTIME,MONOTONIC}_TIMESTAMP.
2022-10-14 18:05:04 +02:00
Zbigniew Jędrzejewski-Szmek
1485925d2d man: reword some awkward sentences 2022-10-14 15:56:58 +02:00