1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-26 10:03:40 +03:00

62402 Commits

Author SHA1 Message Date
Jan Macku
9779079b53 ci: Add names to steps in labeler workflow
This makes it easier to see what step failed/was skipped in the GitHub
Actions UI. It also makes future debugging easier.
2023-02-08 22:37:10 +09:00
Fabian Gurtner
11c0f0659e hwdb: Add HP Envy x360 Convertible 15-cn0xxx to existing entry 2023-02-08 11:01:36 +00:00
Luca Boccassi
398dc7d39b core: imply DeviceAllow=/dev/tpmrm0 with LoadCredentialEncrypted
If the device access policy is restricted, add implicitly access to the TPM
if at least one encrypted credential needs to be loaded.

Fixes https://github.com/systemd/systemd/issues/26042
2023-02-08 10:59:55 +00:00
Luca Boccassi
b0fc23fae5 cryptenroll: do not implicitly verify with default tpm policy signature
If it was not requested to use a tpm2 signature file when enrolling, do
not fallback to the default /run/systemd/tpm2-pcr-signature.json as it
likely will be unrelated if it exists.

Fixes https://github.com/systemd/systemd/issues/25435
2023-02-08 10:58:57 +00:00
msizanoen1
500cd2e83b unit: always return 1 in log_kill
This ensures that cg_kill_items returns the correct value to let the
manager know that a process was killed.
2023-02-08 11:33:54 +01:00
Zbigniew Jędrzejewski-Szmek
ef9962212a
Merge pull request #26328 from yuwata/udev-worker-set-process-name
udev: set worker process name
2023-02-08 08:57:05 +01:00
Lennart Poettering
9eba03c7b1 journal: minor modernizations 2023-02-07 19:36:47 +00:00
Luca Boccassi
b4cdd8792e
Merge pull request #26337 from poettering/journal-display-ts
logs-show: rename "ts" paramater/variable to "display_ts"
2023-02-07 19:36:27 +00:00
Luca Boccassi
19995b8121
Merge pull request #26336 from poettering/journal-etoomanyrefs
journal: print nicer log message when limit of open journal files during display is hit
2023-02-07 19:35:56 +00:00
Luca Boccassi
2a0e9089cc
Merge pull request #26335 from keszybz/dns-not-found
resolve: adjust message for NXDOMAIN lookup result
2023-02-07 19:33:07 +00:00
drosdeck
2f2d948293 Fix Positivo-vaio VJPW12F11X key toggle touchpad 2023-02-07 16:31:50 +01:00
Zbigniew Jędrzejewski-Szmek
c820bd413e
Merge pull request #26338 from jamacku/fix-labeling
ci: Fix automatic removing of labels when PR is closed
2023-02-07 16:27:06 +01:00
Jan Macku
de95bb2a98 ci: remove if: github.event.issue.pull_request from labeler.yml
`github.event.issue.pull_request` is an object, not a boolean.
This is the root cause of why the step that is supposed to remove labels
is always skipped. Having this condition in place is not necessary since
the workflow is run on the `pull_request_target` event.
2023-02-07 16:00:49 +01:00
Lennart Poettering
4e30b87d94 logs-show: rename "ts" paramater/variable to "display_ts"
When displaying log data we deal with two kind of timestamps: the one we
use for display (typically the source timestamp if available), and the
one we use internally (typically the reception timestamp of journald).

The user-facing output modes generally use the display timestamp, the
ones intended for further processing (i.e. json + export outputs) do
not, and directly query the timestamps of the entry, ignoring the
source. This gets a bit confusing, since it's not always clear why we
use which timestamp where. Let's address that by renaming the generic
"ts" parameter/variable to "display_ts" to emphasize that the stored
timestamp are "corrected" timestamps for display only.

No real code change, just some renaming.
2023-02-07 15:52:22 +01:00
Jan Macku
d709b92ef1 ci: fix missing quotes in labeler.yml 2023-02-07 15:39:37 +01:00
Lennart Poettering
2fbfdb1edc update TODO 2023-02-07 15:12:07 +01:00
Lennart Poettering
763c46defa journal: print a useful error message if we hit the journal file open limit
See: #20921
2023-02-07 15:12:07 +01:00
Zbigniew Jędrzejewski-Szmek
bbb86efa7c resolve: adjust message for NXDOMAIN lookup result
Previously, we reported:
  nx.example.org: resolve call failed: 'nx.example.org' not found
But the call did succeed, and in fact all communication with the upstream
servers was successful, and we got an authoritative negative answer.
So instead of saying that the call fail, just say that the host doesn't exist:
  nx.example.org: Name 'nx.example.org' not found

I wanted to keep the prefix of "<name>: ", to keep the output uniform. But
it'd look a bit strange to say "<name>: <name> not found", so I added "Name "
to make the output more readable. (Another option would be to not display
the error string received from resolved, but that seems risky: even if right
now resolved uses just one message format, it could start doing something else
in the future, so it's better to display the error as received.)

Fixes #26233.
2023-02-07 14:49:58 +01:00
Zbigniew Jędrzejewski-Szmek
03e80572a7 resolve: define normal macros for BUS_ERROR_DNS error codes
This result is identical after cpp is done, so we don't save anything
by not having the usual macros. And with the usual macros it's easier to
grep and code-crossreferencing works better.
2023-02-07 14:49:58 +01:00
Yu Watanabe
f3f2d02e97 tree-wide: set FORK_RLIMIT_NOFILE_SAFE flag
No functional changes, just refactoring.
2023-02-07 14:39:49 +09:00
Yu Watanabe
e955a7f460 udevd: configure a child process name for worker processes
This effectively reverts commit ff86c92e3043f71fc801cf687600a480ee8f6778,
and re-apply 49f3ee7e74c714f55aab395c080b1099fc17f7fd.

The change was dropped due to the process name was not correctly logged,
but the issue was fixed by dd15e4cb57129b915e01495e113696bfe0b70214.
Let's set the child process name again.
2023-02-07 14:38:55 +09:00
Yu Watanabe
8586e8ab84
Merge pull request #26324 from yuwata/argv-util-update-short-name
argv-util: also update short invocation name
2023-02-07 12:08:07 +09:00
Yu Watanabe
5746c82968
Merge pull request #26322 from keszybz/log-errno-fix
Log errno fix
2023-02-07 12:07:45 +09:00
Yu Watanabe
e7ced42d24
Merge pull request #26321 from keszybz/flex-arrays
Enable new compiler diagnostics for invalid array accesses
2023-02-07 12:07:21 +09:00
Yu Watanabe
14690c230d
Merge pull request #26320 from keszybz/operator-whitespace
Drop whitespace after shell redirection operators
2023-02-07 12:06:49 +09:00
Topi Miettinen
8ad6e519d5 NEWS: fix typo 2023-02-07 05:39:30 +09:00
Lennart Poettering
1c904337a2 update TODO 2023-02-06 15:02:59 +01:00
Yu Watanabe
dd15e4cb57 argv-util: also update program_invocation_short_name
Our logging uses program_invocation_short_name. Without this patch,
logs from forked client may become broken; spuriously truncated or
the short invocation name is not completely shown in the log.
2023-02-06 22:51:20 +09:00
Yu Watanabe
577a0fd59b test: use notice log level to make easily filter out logs from PID1 2023-02-06 22:50:03 +09:00
Zbigniew Jędrzejewski-Szmek
3156024532 meson: enable -Wzero-length-bounds
This will warn if fake flexible arrays are re-introduced. I'm not using
-Werror=… because we may still get warnings when compiling against old kernel
headers. We can crank this up to error later.
2023-02-06 12:09:55 +01:00
Zbigniew Jędrzejewski-Szmek
fc5688375c meson: enable -Warray-bounds and -fstrict-flex-arrays
-fstrict-flex-arrays means that the compiler doesn't have to assume that any
trailing array is a flex array. I.e. unless the array is declared without a
specified size, only indices in the declared range are valid.

-Warray-bounds turns on the warnings about out-of-bounds array accesses.
-Warray-bounds=2 does some more warnings, with higher false positive rate. But
it doesn't seem to yield any false positives in our codebase, so enable it.

clang supports -Warray-bounds, but not -Warray-bounds=2.
gcc supports both.
gcc-13 supports -fstrict-flex-arrays.

See https://people.kernel.org/kees/bounded-flexible-arrays-in-c for a long
discussion of use in the kernel.
2023-02-06 12:09:55 +01:00
Zbigniew Jędrzejewski-Szmek
f41e4b82a4 shared/json: avoid use of fake flex array 2023-02-06 12:09:55 +01:00
Zbigniew Jędrzejewski-Szmek
da8587b24e sd-journal: avoid use of fake flex arrays
I tried to use DECLARE_FLEX_ARRAY like the kernel does, but it does not work
for anonymous structs (they cannot be declared inline), so an open-coded
version is used.
2023-02-06 12:04:16 +01:00
Zbigniew Jędrzejewski-Szmek
03f5e501b6 repart: silence bogus gcc warning
[2/3] Compiling C object systemd-repart.p/src_partition_repart.c.o
../src/partition/repart.c: In function ‘context_open_copy_block_paths’:
../src/partition/repart.c:5194:41: warning: ‘devno’ may be used uninitialized [-Wmaybe-uninitialized]
 5194 |                         source_fd = r = device_open_from_devnum(S_IFBLK, devno, O_RDONLY|O_CLOEXEC|O_NONBLOCK, &opened);
      |                                         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../src/partition/repart.c:5188:31: note: ‘devno’ was declared here
 5188 |                         dev_t devno;
      |                               ^~~~~

This is with gcc-13.0.1-0.2.fc38.x86_64, -O2. I'm pretty sure the code
is correct. I also tried adding some asserts where errno is used for the return
value, but that didn't help. I think resolve_copy_blocks_auto() is just too long
for gcc to understand.
2023-02-06 10:24:57 +01:00
Zbigniew Jędrzejewski-Szmek
375ffdba43 repart: fix invalid errno in log 2023-02-06 10:24:56 +01:00
Zbigniew Jędrzejewski-Szmek
c8b960af14 shared/linux: fix fake flexible array in struct autofs_dev_ioctl
The kernel still hasn't fixed this in kernel-headers-6.2.0-0.rc6.git0.1.fc38.x86_64.
2023-02-06 10:19:52 +01:00
Zbigniew Jędrzejewski-Szmek
d42add3c17 sd-network: stop using fake flexible array 2023-02-06 10:19:52 +01:00
Zbigniew Jędrzejewski-Szmek
99d4dfd184 shared/linux: update kernel headers
The kernel was updated to not use fake flex arrays with zero size.
Updating should allow -fstrict-flex-arrays to be used.

Headers pulled from kernel-headers-6.2.0-0.rc6.git0.1.fc38.x86_64.

Note that this is not a straighforward copy: our files have local modifications
(listed in README) that need to be preserved.
2023-02-06 10:19:08 +01:00
Zbigniew Jędrzejewski-Szmek
1e8f5f79e1 docs/CODING_STYLE: add sentence about redirection operators 2023-02-06 09:19:04 +01:00
Zbigniew Jędrzejewski-Szmek
397c27097b tools: replace multi-line echo by <<EOF 2023-02-06 09:19:04 +01:00
Zbigniew Jędrzejewski-Szmek
7a17e41dcf test: drop whitespace after shell redirection operators
(The one case that is left unchanged is '< <(subcommand)'.)

This way, the style with no gap was already dominant. This way, the reader
immediately knows that ' < ' is a comparison operator and ' << ' is a shift.

In a few cases, replace custom EOF replacement by just EOF. There is no point
in using someting like "_EOL" unless "EOF" appears in the text.
2023-02-06 09:19:04 +01:00
Zbigniew Jędrzejewski-Szmek
ecf4be2952 NEWS: adjust commas, avoid double negative
Also adjust text wrapping in a few spots.
2023-02-06 09:07:42 +01:00
Darrell Kavanagh
6823b5bb99 Add hwdb sensor entry for Lenovo IdeaPad Duet 3 10IGL5 (82AT). 2023-02-06 11:54:33 +09:00
Takashi Sakamoto
e478f8c04c hwdb: ieee1394-unit-function: add MOTU 896 mk3 Hybrid
This commit adds hwdb entry for MOTU 896 mk3 Hybrid.

Reference: https://lore.kernel.org/alsa-devel/63DF98FE.2060604@gmx.de/
2023-02-06 11:53:25 +09:00
Jan Macku
4dab1eb952 ci: Fix Development Freeze Automation
Due to the limitation of `GITHUB_TOKEN` when running workflows from forks,
it's required to split the `development_freeze` workflow in two.

* First workflow will run on the `pull_request` trigger and save the PR
number in the artifact. This workflow is running with read-only permissions
on `GITHUB_TOKEN`.
* Second workflow will get triggered on `workflow_run`. It will be run
directly in the `systemd/systemd` context and can get permission to be
able to create comments on PR.

GITHUB_TOKEN limitations:

* https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

GitHub Security Labs Article - How to correctly and safely overcome GITHUB_TOKEN limitations:

* https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
2023-02-03 14:03:39 +00:00
Simon Brand
45ab6f2a37 man: correct path for systemd-pcrphase 2023-02-03 12:51:57 +09:00
Yu Watanabe
bbcce4f8d7 NEWS: fix typo 2023-02-03 02:07:17 +09:00
Lennart Poettering
f9fdbd54ea update NEWS v253-rc2 2023-02-02 17:44:10 +01:00
Luca Boccassi
12850a7f2e
Merge pull request #26302 from bluca/rc2
Update hwdb for rc2
2023-02-02 16:30:13 +00:00
Luca Boccassi
75438b2a13 NEWS: fix typo 2023-02-02 14:51:02 +00:00