IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
When reexecuting system let's put our arguments carrying deserialization
info first followed by any existing arguments to make sure they get
parsed in case we get weird stuff from the kernel cmdline (like --).
See: https://github.com/systemd/systemd/issues/28184
(cherry picked from commit 06afda6b38d5d730fca3c65449096425933272bc)
(cherry picked from commit 884ab38057dca70b8779c85884f4646057e80921)
(cherry picked from commit 163be31d380fbdcb56ec06c09e81774840df90dc)
(cherry picked from commit 894f4417640286fa350203d70d858e11e261a3e0)
(cherry picked from commit c8c43dc3a73f3a183821b49a47cd259782629b80)
(cherry picked from commit 6ec548485d8ffa6a94b0bf41a12fadcba14a39a3)
Oracle Cloud sends malformed DHCPv6 replies that have an invalid
byte at the end, which cannot be parsed as an option code.
networkd currently can cope with the invalid option (it is ignored),
but the whole packet is ignored altogether because of the additional
null at the end.
It's better to be liberal in what we accept and actually assign an
address, given that the reply contains a valid IA_NA.
Fixes#28183.
(cherry picked from commit 81b7335912ce901c61b923218bcdf06a4fdcea07)
(cherry picked from commit a11a0011a8dea392f157407c144a2a54d8e1c223)
(cherry picked from commit 983f418d98b1a6de330a543dcd26d786e9d45246)
(cherry picked from commit cc8fdd5d307a620700d4729d74143ca434f0707c)
(cherry picked from commit f08c49b33e3ecba9f034dfd3e045b1ef455845a6)
(cherry picked from commit 75d007b618c6a84bc0d2f0912b5ef60eb09efdf0)
(Does not change a single word, just rebreaks a bunch of paragraphs
matching our current line breaking rules)
(cherry picked from commit fa1d34825a9b410275e716b9b70f4fca02c71ba9)
(cherry picked from commit ed87814cdf10581728ad56c8012a1141f5fda289)
(cherry picked from commit 4a54e90a123b370b359ffe972169f6b0d9c7a3eb)
So we're able to detect memory leaks in our NSS modules.
An example after introducing a memory leak in nss-myhostname.c:
testsuite-71.sh[2881]: =================================================================
testsuite-71.sh[2881]: ==2880==ERROR: LeakSanitizer: detected memory leaks
testsuite-71.sh[2881]: Direct leak of 2 byte(s) in 1 object(s) allocated from:
testsuite-71.sh[2881]: #0 0x7fa28907243b in strdup (/usr/lib64/libasan.so.8.0.0+0x7243b)
testsuite-71.sh[2881]: #1 0x7fa286a7bc10 in gethostname_full ../src/basic/hostname-util.c:67
testsuite-71.sh[2881]: #2 0x7fa286a74af9 in gethostname_malloc ../src/basic/hostname-util.h:24
testsuite-71.sh[2881]: #3 0x7fa286a756f4 in _nss_myhostname_gethostbyname4_r ../src/nss-myhostname/nss-myhostname.c:79
testsuite-71.sh[2881]: #4 0x7fa288f17588 in getaddrinfo (/lib64/libc.so.6+0xf4588)
testsuite-71.sh[2881]: #5 0x7fa2890a4d93 in __interceptor_getaddrinfo.part.0 (/usr/lib64/libasan.so.8.0.0+0xa4d93)
testsuite-71.sh[2881]: #6 0x55a54b2b7159 in ahosts_keys_int.part.0 (/usr/bin/getent.orig+0x4159)
testsuite-71.sh[2881]: SUMMARY: AddressSanitizer: 2 byte(s) leaked in 1 allocation(s).
(cherry picked from commit 2b5e786005d8854600bb43335fd0c4067ce8da08)
(cherry picked from commit 5a29fbba6cdfdb098a9b1ed1ce60ecdbd62f12ac)
(cherry picked from commit 7d667e534151d174565c4b002951316d56f16247)
(cherry picked from commit 228459f5d7da200537895edf82260a79e6e99947)
(cherry picked from commit 178fe977637812735727d080617e8297759d1050)
(cherry picked from commit 746e52c0aef3b479d0e0d5b09dddce1d21932d7c)
Let's make sure that if we load one program we don't prematurely fail,
and continue with the others still.
(cherry picked from commit f81450f2415f8fd77fc8edb3b4baab966aefa9fd)
(cherry picked from commit 9e1e09066a1ada29f63d95d41a01044cd6ac1633)
(cherry picked from commit f84603fc2134990061026f2d08a50783ab7eaf7a)
(cherry picked from commit d512831a3ec93f6f29ccb21cb68f416114270840)
(cherry picked from commit 4592af1d7772390060eba9c75e62fb47a14d4648)
(cherry picked from commit 798e6da867a1749f662755ea1391a539efffa62a)
Prompted by #28015.
(cherry picked from commit 9f4522591e4be076bf309e23b9cec9dddfc99e29)
(cherry picked from commit 750a0c01a2c40b9168dc6211601a31032b89c2d9)
(cherry picked from commit 0f5c453e3fecccd02dd7bd27db349af06d750a53)
on Rawhide at the moment yum is a symlink to dnf5 which is a binary.
(cherry picked from commit 4b95d5effd788ae660691e01144130e432e2f021)
(cherry picked from commit 134e55ef49cd7c6f8b5ebc0a004c8812fe2372eb)
(cherry picked from commit 0fa562530d5c96c0ca00bb5a1e51925cd4c8807b)
The partition seems not to work on Ubuntu for some reason, use a
swap file instead
(cherry picked from commit f434f182ccfd17a214e4b07cec033318e6c4f7b2)
(cherry picked from commit 39459a5d8065ea5ce45dbca39561bd078d801aa0)
(cherry picked from commit 79bfbb0163bd587057e7d5af74b4c1ea97f2a1f4)
The test fails on my machine, running Debian stable, because
testsuite-55-testbloat.service just swaps and never goes over the
limit, so it's not killed. Use 'stress' instead which seems to be
able to overwhelm the swap too.
(cherry picked from commit 937e82cb7d82dbdbd287d82f4708f15d6032eb9f)
(cherry picked from commit 9654140f342df74b8572da1fa4d5969f3d9b4617)
(cherry picked from commit cad0dba2f824ebc26eb44f674955e3cfe9ef2e35)
(cherry picked from commit 191b891bf1b01c1041509b951d9d797ceacb181d)
(cherry picked from commit 69298e3b65b142a40800e3073a0dfbb59288eadf)
(cherry picked from commit 45a5ca8dc5812ed1dad2d7af78bbcd5c43dd8cd6)
(cherry picked from commit dc7e580e64a80e982619fb099ef736cd2379f92a)
(cherry picked from commit b9990ee4a73332b4254c0b24e2807919be0d7ea3)
(cherry picked from commit 140cb87e06798399c5f7a6fa97367f848f916cc4)
If the client never specified the address family, and IPv6 is off in the
kernel, then look only for A, never for AAAA RRs.
Fixes: #23951
(cherry picked from commit 0438aa57751559295fee86d1c1f176486e518455)
(cherry picked from commit 4e3ae43282c0ae47b6affad44554421f0c9b9b1f)
(cherry picked from commit d3763dafca3e4fa3def71096b306809897f042c5)
As hitting an ASan/UBSan error in PID1 results in a crash (and a kernel
panic when running under qemu), we usually lose the stack trace which
makes debugging quite painful. Let's mitigate this by forwarding the
stack trace to multiple places - namely to a file and the syslog.
(cherry picked from commit 88c98cb2614a2893ec2ae7197a1f234b579da7a7)
(cherry picked from commit 68c7905d9ca67548961be83812f76973995aaa0a)
(cherry picked from commit e58874f2e37269e9e451cba82d6438e111cb0766)
(cherry picked from commit 3965f173eae4701a014113cfaf4a28a6bb63bed7)
(cherry picked from commit d0b2fdd513fbb113b5d18fc5fa60f99ae9aa9093)
(cherry picked from commit 78b9ca34ec820b0aff65b9568dacaadfbc58b1fb)
(cherry picked from commit 3ef0103f2265a68e32847deaf84588c2fa711f3a)
(cherry picked from commit 36cf2b76a5f8b945b1ee1480ad442e213fce421b)
(cherry picked from commit 6ab62ade813cce957eb8b8fe17052774493bddcb)
These requests might come in during lookup floods very quickly, since
multiple worker processes might detect that things should be scaled up
at the same time. Hence, let's substantially raise the limit so that it
doesn't get hit in real-life scenarios and acts more like a safety net.
(cherry picked from commit c659d0f55ee5854e40dbaccc20ad0e8da176b271)
(cherry picked from commit 7906d46c5ed9e13ef0292946ced58bdcd897f553)
(cherry picked from commit 3f897557b6e8bf7916e4bbeed47eba88f1805ee0)
(cherry picked from commit 4638e18593bba844e063da1397e2d628c6ad469b)
(cherry picked from commit c0dbec1c9759a41ea254f168f02cf74402cff9f8)
(cherry picked from commit 40a447386f99cc456e98884ceafc51f2ef1cbe1b)
The function sd_id128_get_boot_app_specific is the app specific variant of
sd_id128_get_boot.
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
(cherry picked from commit 173d47f7881137a5994a3e3b918169b6c759deaf)
(cherry picked from commit 3c891618b781d23a4aeb9ccee9590df2bb2da3cf)
(cherry picked from commit 08c8bb3acf07e53e7cce4cf871b671eb3e15e0dd)
Commit cd621954ed643c6ee0d869132293e26056a48826 probably forgot to fix the lua
implementation.
(cherry picked from commit e538927918fea3bae0cd1e78563d9b8983c56cea)
(cherry picked from commit 6b7970912bb20d9a8e3779466e8ced95cf8deb97)
(cherry picked from commit aa8abd40c1ad3773baabdb75e24d2eb00ee62b56)
Indeed when iterating over all the PT_LOAD segment of the core dump
while trying to look for the elf headers of a given module, we iterate
over them all and try to use the first one for which we can parse a
package metadata, but the start address is never taken into account,
so absolutely nothing guarantees we actually parse the right ELF header
of the right module we are currently iterating on.
This was tested like this:
- Create a core dump using sleep on a fedora 37 container, with an
explicit LD_PRELOAD of a library having a valid package metadata:
podman run -t -i --rm -v $(pwd):$(pwd) -w $(pwd) fedora:37 bash -x -c \
'LD_PRELOAD=libreadline.so.8 sleep 1000 & SLEEP_PID="$!" && sleep 1 && kill -11 "${SLEEP_PID}" && mv "core.${SLEEP_PID}" the-core'
- Then from a fedora 38 container with systemd installed, the resulting
core dump has been passed to systemd-coredump with and without this
patch. Without this patch, we get:
Module /usr/bin/sleep from rpm bash-5.2.15-3.fc38.x86_64
Module /usr/lib64/libtinfo.so.6.3 from rpm coreutils-9.1-8.fc37.x86_64
Module /usr/lib64/libc.so.6 from rpm coreutils-9.1-8.fc37.x86_64
Module /usr/lib64/libreadline.so.8.2 from rpm coreutils-9.1-8.fc37.x86_64
Module /usr/lib64/ld-linux-x86-64.so.2 from rpm coreutils-9.1-8.fc37.x86_64
While with this patch we get:
Module /usr/bin/sleep from rpm bash-5.2.15-3.fc38.x86_64
Module /usr/lib64/libtinfo.so.6.3 from rpm ncurses-6.3-5.20220501.fc37.x86_64
Module /usr/lib64/libreadline.so.8.2 from rpm readline-8.2-2.fc37.x86_64
So the parsed package metadata reported by systemd-coredump when the module
files are not found on the host (ie the case of crash inside a container) are
now correct. The inconsistency of the first module in the above example
(sleep is indeed not provided by the bash package) can be ignored as it
is a consequence of how this was tested.
In addition to this, this also fixes the performance issue of
systemd-coredump in case of the crashing process uses a large number of
shared libraries and having no package metadata, as reported in
https://sourceware.org/pipermail/elfutils-devel/2023q2/006225.html.
(cherry picked from commit 21a2c735e2bfdc3bfdc42f894d6e3d00f4a38dcd)
(cherry picked from commit 3be0f12277d33d37946532d8f09d8c9c10e893a4)
(cherry picked from commit 310722d3be79ddbbe034d258099716b764f043d8)
If we run in a container we should show info about the container, not
the host.
(cherry picked from commit e7932afe1bb91412c8ff26dba46513605199196e)
(cherry picked from commit 75e96639a6e56b51a7df50f7b4da6ac6caffba8b)
(cherry picked from commit a6f68be6490b160b5db5c9fc16fc62e309779229)
This reverts commit ff32060f2ed37b68dc26256b05e2e69013b0ecfe.
This change is incorrect as we don't want to mark the PID as invalid but
only mark it as dead.
The change in question also breaks user level socket activation for
`podman.service` as the termination of the main `podman system service`
process is not properly handled, causing any application accessing the
socket to hang.
This is because the user-level `podman.service` unit also hosts two
non-main processes: `rootlessport` and `rootlessport-child` which causes
the `cgroup_good` check to still succeed.
The original submitter of this commit is recommended to find another
more correct way to fix the cgroupsv1 issue on CentOS 8.
(cherry picked from commit f29f0877c5abfd03060838d1812ea6fdff3b0b37)
(cherry picked from commit 34e834f496338fdc2a8a8cc771cba4082079cf9a)
bus_wait_for_jobs_new() can fail for various reasons.
(cherry picked from commit b2544bb6e851dabdde106539ba14b86cf4cfa5cb)
(cherry picked from commit 620cab2d4c8223200616abfbbfe8348325e6fe9a)
(cherry picked from commit 6272d0506e6bdb98a6c380a236bef7623a66dbde)
(cherry picked from commit 730bdfed8173d508d4202b0bee957ab70b1e16a1)
(cherry picked from commit b16d01b484a418ec037ac15195cc502d7dadb084)
(cherry picked from commit 36ce0edc5033c0dd2417312ea0c2928a41d3eb88)
(cherry picked from commit 5811490a3f3802c3e4980efe0b7e2d3105d3c505)
(cherry picked from commit 07523a0ea4ba84b48fbc052c9c2bc882b0594cd0)
(cherry picked from commit 6c0712d79fed09b477c66f994ea25c430a97585e)
If the backing storage is LUKS2 on a block device, auto resize mode
is enabled, and disk size is not specified, resize the partition to
the maximum expandable size.
Fixes: #22255, #23967
(cherry picked from commit 5bfc4de6343905743d973834554b49cb60183481)
(cherry picked from commit d682e0975f56f0114a81d8fa7a8f94b0ad8a88a2)
(cherry picked from commit aca5356f6869bbf6a5d42d667bda1b8b6a2e941c)
Necessary (unfortunately) for curl on C8S.
(cherry picked from commit 033601b79ae00784bfaab9ea91fe70ecff83d645)
(cherry picked from commit aaa436c2d7dd9f35b030df46afd48482460ec50a)
(cherry picked from commit 54afbbe343b4dbc903707c63e1ef77481a4f7719)
When trying to log, if we fail we try to close the journal FD. If
it is bad, safe_close() will fail and assert, which will try to log,
which will fail, which will try to close the journal FD...
Infinite recursion looks very pretty live in gdb, but let's avoid
that by immediately invalidating the journal FD before closing it.
(cherry picked from commit 40cdb3b756abbeb66091b8e9f1a3d38308456828)
(cherry picked from commit 228bfcf041e89f09c798af864a93543f9d43ec05)
(cherry picked from commit f62c831ba704119194ecd6aabaaee0ecb8edf559)
(cherry picked from commit 6acbb3f2fb234d9903c15571472d95afee9d08c1)
(cherry picked from commit 3cbc30f3096aa880d57fd7f7a8960fa7f7958085)
(cherry picked from commit d0bdac53cb370f5d64cd271ee29314fc6b3d0ca6)
Make sure configuration is ephemeral if the image is reused
(cherry picked from commit 565b13f8b2895a2656fac677fe4ed3f6344e66b2)
(cherry picked from commit 622c1774508f3f1434b0b732860f76972460030f)
(cherry picked from commit 38677da70062e1440e2a1ddd8640ef9170f13584)
Otherwise, queries may be passed to unexpected DNS servers.
(cherry picked from commit 5063f027ef669a934133465b875fd68f0b4d6794)
(cherry picked from commit a1ea2159afd3f2c0cdd1f9edad8cbee9fffe1abe)
(cherry picked from commit 6ad5e86ff1637240b794203a7d3a7e68e2d492e7)
From changelog of dnsmasq v2.87:
====
Note in manpage the change in behaviour of -address. This behaviour
actually changed in v2.86, but was undocumented there. From 2.86 on,
(eg) --address=/example.com/1.2.3.4 ONLY applies to A queries. All other
types of query will be sent upstream. Pre 2.86, that would catch the
whole example.com domain and queries for other types would get
a local NODATA answer. The pre-2.86 behaviour is still available,
by configuring --address=/example.com/1.2.3.4 --local=/example.com/
====
(cherry picked from commit 55f9d72a5daa3d6f707878c0a50f856543c7de27)
(cherry picked from commit eff4610088526ead6a448195156d86033335755e)
(cherry picked from commit 3068157e3aae6397b158049da1a8cecf3f6feddd)
Also, use 'yes' or 'no' for boolean options.
(cherry picked from commit 77725adedddf079bd5b9b68d7597a3644e0b8ebe)
(cherry picked from commit 67a4b8a53016d7fdb8c2f2e229decde488184add)
(cherry picked from commit a59a4bf79aa9c0fde07f0da5d6ef566364828008)
(cherry picked from commit eeb88ea41d7f3c62a7cc72224a3aebb9e03565ad)
(cherry picked from commit 11d575859ca2f9f8bfebbc5e15ef38147f1f9d92)
(cherry picked from commit 0e951a2ce64460fafd2c2758338e5749019a76f0)
(cherry picked from commit 8df6874927b80f212b080f70e856ead38f7497f4)
(cherry picked from commit fb871465fa6f9f909ddc8ba6e5a0a73410e42079)
(cherry picked from commit a8e3b1e85757444de51890fb2d882c8bea681fa5)
This is still necessary when running with clang's ASan, as it uses an
external binary to symbolize the stack traces.
Follow-up to ba79e8c2ccd.
(cherry picked from commit 3bba91ef44f58ed98ed46c76fbf16db21cef5c25)
(cherry picked from commit c35624663b8f332c81fd0f712dec60966340f435)
(cherry picked from commit 051eb9db38bee4457b1417282c747c81bfa15dcf)
This makes a bond or bridge interface in the degraded-carrier state but has a routable address
handled as routable operational state.
If the carrier is degraded but the address state is routable then the operational state should be
seen as routable and not degraded because that may be the case for bonds if some of the links are down,
but when that happens the bond as whole is still routable.
This also makes operational state to degraded if address state is degraded even if the link state is
degraded-carrier.
Fixes#22713.
(cherry picked from commit cf4dbd84ac31bbfcab905bc02bf03f67acca7413)
(cherry picked from commit 20607d7e0c7ff730bcd461344f3a861f660039ca)
(cherry picked from commit 84887588c379f046fec9e5750524ff4da79486fb)
Guard the coverage-related shenanigans from g++ when building the one
C++ unit test we have, so we don't have to make it C++ compatible:
[1573/2109] Compiling C++ object test-bus-vtable-cc.p/src_libsystemd_sd-bus_test-bus-vtable-cc.cc.o
FAILED: test-bus-vtable-cc.p/src_libsystemd_sd-bus_test-bus-vtable-cc.cc.o
ccache c++ -Itest-bus-vtable-cc. ... -c ../src/libsystemd/sd-bus/test-bus-vtable-cc.cc
In file included from <command-line>:
../src/basic/coverage.h:17:15: error: ‘_Noreturn’ does not name a type
17 | static inline _Noreturn void _coverage__exit(int status) {
| ^~~~~~~~~
../src/basic/coverage.h:46:29: error: conflicting declaration of ‘int _coverage_execveat(int, const char*, char* const*, char* const*, int)’ with ‘C’ linkage
46 | #define execveat(d,p,a,e,f) _coverage_execveat(d, p, a, e, f)
| ^~~~~~~~~~~~~~~~~~
../src/basic/coverage.h:34:19: note: previous declaration with ‘C++’ linkage
34 | static inline int _coverage_execveat(
| ^~~~~~~~~~~~~~~~~~
../src/basic/coverage.h:46:29: error: declaration of ‘int _coverage_execveat(int, const char*, char* const*, char* const*, int) noexcept’ has a different exception specifier
46 | #define execveat(d,p,a,e,f) _coverage_execveat(d, p, a, e, f)
| ^~~~~~~~~~~~~~~~~~
../src/basic/coverage.h:34:19: note: from previous declaration ‘int _coverage_execveat(int, const char*, char* const*, char* const*, int)’
34 | static inline int _coverage_execveat(
| ^~~~~~~~~~~~~~~~~~
../src/basic/coverage.h:58:24: error: conflicting declaration of ‘int _coverage_execvpe(const char*, char* const*, char* const*)’ with ‘C’ linkage
58 | #define execvpe(f,a,e) _coverage_execvpe(f, a, e)
| ^~~~~~~~~~~~~~~~~
../src/basic/coverage.h:48:19: note: previous declaration with ‘C++’ linkage
48 | static inline int _coverage_execvpe(
| ^~~~~~~~~~~~~~~~~
../src/basic/coverage.h:58:24: error: declaration of ‘int _coverage_execvpe(const char*, char* const*, char* const*) noexcept’ has a different exception specifier
58 | #define execvpe(f,a,e) _coverage_execvpe(f, a, e)
| ^~~~~~~~~~~~~~~~~
../src/basic/coverage.h:48:19: note: from previous declaration ‘int _coverage_execvpe(const char*, char* const*, char* const*)’
48 | static inline int _coverage_execvpe(
| ^~~~~~~~~~~~~~~~~
[1582/2109] Compiling C object test-event.p/src_libsystemd_sd-event_test-event.c.o
ninja: build stopped: subcommand failed.
(cherry picked from commit 9352db7abb3734477dbafdf649612598984d3829)
(cherry picked from commit a4056f851d787b79b35165d540b573585738a97d)
(cherry picked from commit eb3884f16b670712e2e84cf142240c5cd1aca53e)
Apparently there are two µ symbols, accept both when parsing.
One is the greek small letter mu (μ) the other is the micro sign (µ).
Unicode recommendation considers both equivalent, and says use of greek
small letter mu is preferred. See:
https://www.unicode.org/reports/tr25
Hence accept both when parsing.
Inspired by: #28029
(cherry picked from commit d0a6d7c4d1285d6af2be299a466c964f0c5991a2)
(cherry picked from commit 6c15c278ecbc834af3feafb9f7b0fc7fdb9377a9)
(cherry picked from commit 38b1a2988a0fa928b28a90e9350490cc918a45f1)
Extracted from #25523 by Lennart.
(cherry picked from commit 1b6e11f58d55082030100baffcba98a3890f10f9)
(cherry picked from commit ce529ddd44374988169116fe03e12150f72b80c7)
(cherry picked from commit ab8f3b2ad751b9adc80c7706dd2a2676ead2eb61)
This is a rework of #24764 by Cristian Rodríguez
<crodriguez@owncloud.com>, which stalled.
Instead of assigning -1 we'll use a macro defined to INT_MAX however.
(cherry picked from commit 768fcd779fbb9fd86932da4bef031260b88da210)
(cherry picked from commit fec335082f59ec9e86cc2dd20a5e4001e6a71d9b)
(cherry picked from commit f8e8ff5126a7c4a0549b04a99ccf0c0212ccf8ba)
Just in case we are on a flimsy filesystem/disk
(cherry picked from commit 7d812d7ca1c8b377d8da0f10549e91e9887619c3)
(cherry picked from commit 0c1ea7c67732086be70f918572ffd105a74f9a57)
(cherry picked from commit 5c8bf1b04cf396db9c92028c0eddfb833121c804)
