IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The TPM code expects a description unless the PCR index indicates that
no measurements have to take place. The assert was preempting this
check from happening.
Fixes: #26428
(cherry picked from commit f92428eae5)
Debian/Ubuntu use /usr/lib/<triplet> instead of /usr/lib64, so configure it
accordingly. This is especially important for cryptsetup token plugins,
as cryptsetup comes from the distro and is configured to look into those
directories.
(cherry picked from commit bbb40c4e6f)
If UDP is blocked on the system (e.g. by iptables or BPF), the kernel will
return EPERM on some or all of the system calls (connect, sendmsg, etc.).
In this case, try to fall back to TCP, which hopefully will not be blocked.
(cherry picked from commit 3dd6336ad0)
Salt was added in v253. We are not checking whether it was actually found
(non-zero size), so when an old tpm+pin enrollment is opened things go boom.
For good measure, check both the buffer and the size in both places.
Assertion 'saltlen > 0' failed at src/shared/tpm2-util.c:2490, function tpm2_util_pbkdf2_hmac_sha256(). Aborting.
__WORDSIZE does not seem to be documented anywhere, and is probably
meant to be used internally by glibc headers.
In systemd, it was only being used in warning messages. We can avoid
using it by rewording the messages slightly.
Fixes a build error with musl libc.
Bug: https://bugs.gentoo.org/894430
At almost all places if diskseq is not supported we encode this as
diskseq zero. But in two places we got the check for that wrong,
assuming it was UINT64_MAX.
Fix that.
This allows us to install everything in the same dnf command instead
of having to use a prepare script to run dnf from within the image.
This is a hack until mkosi supports release specific dropin files.
Let's make sure we're testing unprivileged builds properly. Usage
of SourceFileTransfer= and SourceFileTransferFinal= are removed as
they were dropped by mkosi. SourceFileTransfer=mount is now the
default in mkosi so behavior for the build script is unchanged. We
stop copying sources in the final image until mkosi adds support
for virtiofs.
This is just a workaround. Once we drop gnu-efi, the arm build system
for EFI binaries should be changed to use the arm-none-eabi toolchain,
which should not exhibit this behavior.