IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
...
uint8_t c;
struct trie_node *child;
for (p = 0; (c = trie->strings->buf[node->prefix_off + p]); p++) {
_cleanup_free_ struct trie_node *new_child = NULL;
_cleanup_free_ char *s = NULL;
ssize_t off;
if (c == search[i + p])
continue;
...
When '®' is present in search, c is 194, search[i + p] is -62, c is not equal
to search[i + p], but c should be equal to search[i + p].
(cherry picked from commit b53a80966e8a2d68b66bf1b47c2ee633a71fad49)
(cherry picked from commit 3cc2aa3998aa179a726c8637dfd66a01fabb5246)
We might need a lot of fds on large systems, hence raise RLIMIT_NOFILE
to what the service manager allows us, which is quite a lot these days.
udev already sets FORK_RLIMIT_NOFILE_SAFE when forking of chilren, thus
ensuring that forked off processes get their RLIMIT_NOFILE soft limit
reset to 1K for compat with crappy old select().
Replaces: #29298Fixes: #28583
(cherry picked from commit 1617424ce76d797d081dd6cb1082b954c4d2bf38)
(cherry picked from commit c98a24bdbdb830a5081d5ec972d62d08547d7255)
- Add synopsis to `--discover` and `--validate` options.
- `-l` is for `--list`, not for `--mtree`.
(cherry picked from commit a0582220f5fe4927487bbfd4d56d2c1abd964e4a)
(edited to remove --validate for v253, where it doesn't exist)
(cherry picked from commit 44b29d93c39d826d69734dbab88b94ad56d529b4)
This fixes sd_bus_error_add_map and man/sd_uid_get_state
(cherry picked from commit 0ee42394374db269fc85f9cdbe5d7249fee541b3)
(cherry picked from commit 0144678b04c2193bf89e0666e7c0e9f5dce19ffa)
It is defined later in the same file
(cherry picked from commit d511acdf8257389a4b670c120717e5b6bc224986)
(cherry picked from commit b283661e01dbb5f2de166e0e25bdc01bf0dde4b1)
On slower/overloaded systems it may take a bit for the swtpm socket
to show up:
I: Started swtpm as PID 189419 with state dir /tmp/tmp.pWqUutuGUj
I: Configured emulated TPM2 device tpm-spapr
+ tee /var/tmp/systemd-test-TEST-70-TPM2_1/console.log
+ timeout --foreground 1200 /bin/qemu-system-ppc64le -smp 4 ...
qemu-system-ppc64le: -chardev socket,id=chrtpm,path=/tmp/tmp.pWqUutuGUj/sock: Failed to connect to '/tmp/tmp.pWqUutuGUj/sock': No such file or directory
E: qemu failed with exit code 1
Spotted regularly in the ppc64le cron job and in some Ubuntu CI/CentOS CI
pr runs [0].
[0] https://github.com/systemd/systemd/pull/29183#issuecomment-1721727927
(cherry picked from commit 18c3ffbfcc2d4d6d1a4680092123e510945f7a78)
(cherry picked from commit 2171f689b8596458e21ac75766326431c7d151cc)
We can't do anything about them anyway, and most importantly this seems
to alleviate systemd/systemd-centos-ci#660, which should make the CIs
a bit less angry (at least until the issue is addressed properly).
(cherry picked from commit 3a89904e45cbbd96fb1c5d0768de5e5fcdaaa508)
(cherry picked from commit af7d007f897818068965a6500798815cc1335b72)
Available since https://github.com/systemd/systemd/commit/3d5f0bfe
(cherry picked from commit cb5f21de197c7c2c291637d9234a9373d8b0aee4)
(cherry picked from commit 3e10a49d34654fd1bb6b6b87e5ce540075b535df)
The kernel loads the DTB from EFI before ExitBootServices():
https://github.com/torvalds/linux/blob/v6.5/drivers/firmware/efi/libstub/fdt.c#L245
DTBs can map and assign arbitrary memory ranges. The kernel refuses
to load one from the dtb= kernel command line parameter when secure
boot is enabled, as it's not safe. Let's do the same for type 1
entries, as they are unverified.
This only affects arm64 and riscv64, firmwares do not support DTB
on x86.
(cherry picked from commit 4b4d612d860a4acbbc22bc64a32637c0eb792cee)
(cherry picked from commit c1404fff32d439a726e972daa34470c863465577)
Before c43ff248f94266cfc93e300a2d3d163ed805e55b, the following line in
60-drm.rules also sets ID_PATH for all pci, usb, and platform devices:
===
ACTION!="remove", SUBSYSTEM=="drm", SUBSYSTEMS=="pci|usb|platform", IMPORT{builtin}="path_id"
===
Unfortunately, some existing rules rely on the unexpected behavior.
To keep the backward compatibility, let's set ID_PATH for them.
Fixes#28411.
(cherry picked from commit 6636b2b6bf07def544dcb4faefe161d27a532692)
No need to disable arch completely, let's just disable keyring checking
to get CI working again for now.
(cherry picked from commit 16173ab1aa0e8d1032fa477178efe5957a47e5e4)
(cherry picked from commit 93bb992079fd34352d17768b743047c4f9a8248a)
When running on non-native userland architecture via systemd-nspawn
and qemu-user-static QEMU-emulator, clone() with CLONE_NEWNS fails with
EINVAL.
Fixes#28901.
[zjs: add a comment in the code]
(cherry picked from commit 468018703ce1c0f123240fb6ba9b8b0b90f12930)
(cherry picked from commit 0e25a211d40d62caeb90cae92c138e9331554513)
Currently, we mount via file descriptors using /proc/self/fd. This
works, but it means that in /proc/mounts and various other files,
the source of the mount will be listed as /proc/self/fd/xxx. For other
software that parses these files, /proc/self/fd/xxx doesn't mean anything,
or worse, it means the completely wrong thing, as it will refer to one of
their own file descriptors instead.
Let's improve the situation by using /proc/pid/fd instead. This allows
processes parsing /proc/mounts to do the right thing more often than not.
One scenario where even this doesn't work if when containers are involved,
as with the pid namespace unshared, even /proc/pid/fd will mean the wrong
thing, but it's no worse than /proc/self/fd which will always means the wrong
thing.
This also doesn't work if we mount via file descriptor and then exit, as the pid will
be gone, but it does work as long as the process that did the mount is alive, which
makes it useful for systemd-dissect --with for example if the program we run in the
image wants to parse /proc/mounts.
(cherry picked from commit 4419735822d72744dad1c76a57463561b332897a)
(cherry picked from commit 8046167dc2d6d7ad62a447991efcd0404d784180)
Otherwise, we get redefinition errors if <net/if.h> is included later
on by another header.
(cherry picked from commit 2af02e61657aa513aa7b6df7fd1a04b13f853cef)
(cherry picked from commit 49a3ecd71d700dc2d914bfee70dd93275b698ae7)
f2fs is actively maintained upstream, and popular in certain device
categories (phones, embedded), so allow-list by default.
Fixes https://github.com/systemd/systemd/issues/29026
(cherry picked from commit ee6cf8eaf1770d9a32e6f80bb9d37b64c838e230)
(cherry picked from commit f38b883b030031a79205f0d559906e18567706df)
- Rename the argument for storing the sender address,
- allow to call it with NULL for ret_xyz,
- reduce needless copy of timestamp when the message does not have
timestamp.
(cherry picked from commit 512116383215c2f61172dd20e45871ff5d16c030)
(cherry picked from commit 811edcef2d7593b45bc8e683e50a580763ebf447)
When icmp6_receive() fails, then the source address is not initialized yet.
(cherry picked from commit 4674f407b2a96baaed4c8226342bccb313463717)
(cherry picked from commit 9dec95c8c50dc0057454363affe02b9114d14055)
If there are no "ManagedOOMSwap" entries to monitor, then the event source
can be completely disabled. This scenario appears to be common and avoiding
the wake-ups can save idle energy consumption.
This was discovered while using Sysprof for various GNOME 45 performance
tuning. systemd-oomd goes from waking up a few times a second to no
wake-ups helping keep a laptop in deep(er) sleep.
Signed-off-by: Christian Hergert <chergert@redhat.com>
(cherry picked from commit b63beb4d283438be2b0f5c62757ab0db7dee8d65)
(cherry picked from commit 08d0b94e363cba14c8176bc2279070dcea020fd4)
The type of a file descriptor is `int`, not `pid_t`. This should not
have any effects on API consumers as `pid_t` is already typedef'd as
`int` on all glibc-based systems.
(cherry picked from commit 904b8bb5a8da4aa0257f7730e4fbaa7ba7c67742)
(cherry picked from commit 6f83ab7d70f0e6f2023bc07f0a0a02ea2e8257b5)
session_leave_vt may be called after the VT device was hung up, which
will cause vt_release to fail with -EIO. This is known to cause an issue
with GNOME 44 on Fedora where gdm-session-worker sometimes freezes when
trying to switch to VT 1 after a `loginctl terminate-user` operation.
Fix this by reopening the VT in session_leave_vt if we get an -EIO.
(cherry picked from commit 99d4ad71b72045d6352ba221105843fc6b600717)
(cherry picked from commit 1bfe066deb43792f6e5d33ce6d2e92b7a42c4e23)
Chronyd and similar time services, when using PTP devices, may need
the BindsTo/After directives to ensure the devices are available
before starting. Tag PTP devices with systemd to allow for wider
adoption.
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
(cherry picked from commit 23cbe90d7db6b569ae2fc18ad88f99f8ef505593)
(cherry picked from commit e3a69bdbc03c90864cc39116e45e149fa37de2f4)
See documentation at: https://manpages.debian.org/testing/pkgconf/pkg.m4.7.en.html
Without this the macro was not always correctly resolved so the correct command was not used in the rest of the snippet.
(cherry picked from commit c91d636fadc07169641e8a96a2c60083a15e0f77)
(cherry picked from commit 01841ae82935bdd4f8b01af800f5c53c0fb2adbe)
We might inherit a max rlim value that's larger than the kernel's
maximum (nr_open). This will cause setrlimit() to fail as the given
maximum is larger than the kernel's maximum. To get around this,
let's limit the max rlim we pass to rlimit() to the value of nr_open.
Should fix#28965
(cherry picked from commit f470dafddcd688c3ea6031d4bbcbf934fd094711)
(cherry picked from commit a980b83fe07521e4654d68331c31db3a4459412c)
This currently makes unit_file_get_default() fail if the default
target is transient which shouldn't make us fail to get the default
unit.
(cherry picked from commit 3c1c52f2c9e67fe60b36325be7292ff0baaf808b)
(cherry picked from commit a6bd20e3de03109c81134838f9da587570af3cae)
Sometimes its useful to keep a trailing slash in the path so let's
add path_simplify_full() and a flag to do just that.
(cherry picked from commit 4541d045b2cc2834add853f06293d4474ac403e4)
(cherry picked from commit ff45789ea3323d2c2526ed76d06a0f7625d778df)
Setting USEC_INFINITY to timer event source should not cause any
problem. But, disabling timer event source should be preferable.
[zjs: simplify the call to sd_event_source_set_enabled()]
(cherry picked from commit 57d2b6a96f997c23bed37d74c6da087fb06081d2)
(cherry picked from commit 6b1346f1f01fbe384a7c828db4d7dee4921e483c)
exec_child() is supposed to set *exit_status when returning failure.
Unfortunately, we didn't do that in two cases. The result would be:
- a bogus error message "Failed at step SUCCESS spawning foo: …",
- a bogus success exit status.
Bugs introduced in 390902012c5177b6b01bc634b2e9c704073d9e7d and
ad21e542b20f0fb292d1958d3a759bf3403522c2.
The code is reworked to add some asserts and not set exit_status in the caller
so that it's clearer (also to the compiler) that it needs to be set.
(cherry picked from commit 5fa01ac0369f0f225ab1e1f90f6b7058cc4deaaf)
(cherry picked from commit 063d67fe3255128da75d0e8ccd5afeb5c07699ff)
The logic around checking PKCS11 tokens (used by systemd-cryptenroll) contains a bug.
The code is checking the flags field of a pkcs11 token_info structure against a set of flags defined for the pkcs11 slot_info structure. This PR changes the check so that the correct structure's flag field is being checked.
(Reference to the PKCS#11 spec:http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html, section CK_SLOT_INFO).
(cherry picked from commit 5007942477ecfb69702f542cb6770ea4b5bc1e57)
(cherry picked from commit 117fa69b71a8e39f663135c88f78a2412d87c4df)
Follow-up for f1f331a252d22c15f37d03524cce967664358c5c
(cherry picked from commit 031a399d87de5a47d395bb12b70e112c83b02c3f)
(cherry picked from commit f2fad1523986d9385a670a51f0332031dfe2f07e)
This change makes sure a data copy using copy_bytes() does not exceed the
max_bytes value when using COPY_HOLES and max_bytes stops before the next
data section.
(cherry picked from commit c2dfcbd48e780e49bfc11f1c34077f6c98891e40)
(cherry picked from commit 7bfe3c6215b03973016aa0931b16628253d7b985)
On openSUSE with BTRFS, /root has to be mounted as dedicated subvolume to avoid
restoring it when a rollback of the system happens.
(cherry picked from commit 487ae08b85048f86e72e86d6c601d4c558b6cb8a)
(cherry picked from commit 5c3fa0cfeea1907d2d71bb6dfadc94f661ce3e40)
We must go through finish, to undo the destruction of the final elements
of the iovw properly.
(cherry picked from commit 946dc7c635f050129896d1515c08a81504af2421)
(cherry picked from commit 10304c278755823605655b21c8dbb96f2b58b7e6)
This is a follow-up for #28596.
I think the suggestion to use Type=exec uses too strong wording:
Type=exec has non-trivial drawbacks over Type=simple, and they deserve
to be mentioned.
Hence drop the <emphasis> and turn this around so that Type=exec is
*recommended*, but Type=simple is not expressly discouraged, because
there are plenty reasons to use it.
Add a brief discussion where Type=simple might be preferable.
Also, fix the outright unruth that Type=exec was the "simplest and
fastest", because it certainly is a lot, but not that.
(cherry picked from commit e5e900edcd3b245499379201072cbb69346e9798)
(cherry picked from commit 045ff3b47a2f6611e079cfdaf330366239b38c98)
