IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
gcc 13 -Wenum-int-mismatch reminds us that enum != int
(cherry picked from commit e14afe31c3)
(cherry picked from commit ba5f7915d2)
(cherry picked from commit 85ad47e172)
Fixes gcc 13 -Wenum-int-mismatch which are enabled by default.
(cherry picked from commit aa70dd624b)
(cherry picked from commit b1b7667a44)
(cherry picked from commit ecb0b018d2)
This reverts commit 64f0e53851.
On Wed, Dec 21, 2022 at 06:19:08PM +0100, Marius Schwarz wrote:
> That patch made things worse and is disfunctional for both, usb drive and
> password.
>
> No idea if more patches are needed, but this build does not unlock a drive
> at all, if usb is configured.
(cherry picked from commit 253cc95c64)
In both cases, the json string is short, so we can print it, which is useful
for diagnosing invalid data in packages. But we need escape non-printable
characters.
https://bugzilla.redhat.com/show_bug.cgi?id=2152685
I went over the rest of the codebase, and it seems that other calls to
json_parse() don't have this problem.
(cherry picked from commit c5966ab5bf)
(cherry picked from commit 57ab4e2d47)
(cherry picked from commit 6208326afb)
When the user starts a program which elevates its permissions via setuid,
setgid, or capabilities set on the file, it may access additional information
which would then be visible in the coredump. We shouldn't make the the coredump
visible to the user in such cases.
Reported-by: Matthias Gerstner <mgerstner@suse.de>
This reads the /proc/<pid>/auxv file and attaches it to the process metadata as
PROC_AUXV. Before the coredump is submitted, it is parsed and if either
at_secure was set (which the kernel will do for processes that are setuid,
setgid, or setcap), or if the effective uid/gid don't match uid/gid, the file
is not made accessible to the user. If we can't access this data, we assume the
file should not be made accessible either. In principle we could also access
the auxv data from a note in the core file, but that is much more complex and
it seems better to use the stand-alone file that is provided by the kernel.
Attaching auxv is both convient for this patch (because this way it's passed
between the stages along with other fields), but I think it makes sense to save
it in general.
We use the information early in the core file to figure out if the program was
32-bit or 64-bit and its endianness. This way we don't need heuristics to guess
whether the format of the auxv structure. This test might reject some cases on
fringe architecutes. But the impact would be limited: we just won't grant the
user permissions to view the coredump file. If people report that we're missing
some cases, we can always enhance this to support more architectures.
I tested auxv parsing on amd64, 32-bit program on amd64, arm64, arm32, and
ppc64el, but not the whole coredump handling.
(cherry picked from commit 3e4d0f6cf9)
(cherry picked from commit 9b75a3d050)
(cherry picked from commit efca5283dc)
If udevd broadcasts a processed device with huge amount of properties,
then clients cannot receive the device.
Fixes#24987.
(cherry picked from commit efbd4b3ca8)
(cherry picked from commit cf21555d6d)
Previously, interfaces are partially reconfigured in a spurious way.
Let's use the same way as `networkctl reconfigure`.
Hopefully fixes#14987 and #24997.
(cherry picked from commit a39a9ac806)
(cherry picked from commit 7eefd2fbb7)
Previously, ata_id might not be able to retrieve attributes correctly,
and properties from usb_id were used as a fallback. See issue #24921
and PR #24923. To keep backward compatibility, still we need to create
symlinks based on USB serial.
Fixes#25179.
(cherry picked from commit 479da1107a)
(cherry picked from commit b61fcaca1b)
When reboot is invoked, the -p/--poweroff option is intentionally
ignored. Update the man page to reflect this exception.
(cherry picked from commit 6dfaeac370)
(cherry picked from commit c339e8d71b)
Note that -O0 is deliberately filtered out as we have to compile with at
least -O1 due to #24202.
Fixes: #24323
(cherry picked from commit 7aa4762ce2)
(cherry picked from commit 23d66a03de)
In https://github.com/containers/podman/issues/16107, starting of a transient
slice unit fails because there's a "global" drop-in
/usr/lib/systemd/user/slice.d/10-oomd-per-slice-defaults.conf (provided by
systemd-oomd-defaults package to install some default oomd policy). This means
that the unit_is_pristine() check fails and starting of the unit is forbidden.
It seems pretty clear to me that dropins at any other level then the unit
should be ignored in this check: we now have multiple layers of drop-ins
(for each level of the cgroup path, and also "global" ones for a specific
unit type). If we install a "global" drop-in, we wouldn't be able to start
any transient units of that type, which seems undesired.
In principle we could reject dropins at the unit level, but I don't think that
is useful. The whole reason for drop-ins is that they are "add ons", and there
isn't any particular reason to disallow them for transient units. It would also
make things harder to implement and describe: one place for drop-ins is good,
but another is bad. (And as a corner case: for instanciated units, a drop-in
in the template would be acceptable, but a instance-specific drop-in bad?)
Thus, $subject.
While at it, adjust the message. All the conditions in unit_is_pristine()
essentially mean that it wasn't loaded (e.g. it might be in an error state),
and that it doesn't have a fragment path (now that drop-ins are acceptable).
If there's a job for it, it necessarilly must have been loaded. If it is
merged into another unit, it also was loaded and found to be an alias.
Based on the discussion in the bugs, it seems that the current message
is far from obvious ;)
Fixes https://github.com/containers/podman/issues/16107,
https://bugzilla.redhat.com/show_bug.cgi?id=2133792.
(cherry picked from commit 1f83244641)
(cherry picked from commit 98a45608c4)
Not not IN_SET(…) is just too much for my poor brain. Let's invert
the expression to make it easier to undertand.
(cherry picked from commit b146a7345b)
(cherry picked from commit 228cd82d2c)
Semi-quoting https://github.com/systemd/systemd/issues/25057:
clang-16 has made the choice to turn on -Werror=implicit-function-declaration,implicit-int.
(See Gentoo's tracker bug https://bugs.gentoo.org/870412).
Added in commit 132c73b57a, systemd now does a
check to see if libatomic is needed with some compile/link tests with e.g.
__atomic_exchange_1, but the tests don't provide a prototype for
__atomic_exchange_1 so with clang-16 the test fails, breaking the build.
Let's simplify things by linking to libatomic unconditionally if it is found
and seems to work. If actually unneeded, it might be dropped via --as-needed.
This seems to work with gcc and clang.
declare_dependency() is used instead of cc.find_library(), because the latter
picks up a symlink in gcc private directory (e.g.
/usr/lib/gcc/x86_64-redhat-linux/12/libatomic.so), and we don't want that.
Fixes#25057.
(cherry picked from commit 96f8c63601)
(cherry picked from commit d61ccd0252)
We would deadlock when passing the data back from the forked-off process that
was doing backtrace generation back to the coredump parent. This is because we
fork the child and wait for it to exit. The child tries to write too much data
to the output pipe, and and after the first 64k blocks on the parent because
the pipe is full. The bug surfaced in Fedora because of a combination of four
factors:
- 87707784c7 was backported to v251.5, which
allowed coredump processing to be successful.
- 1a0281a3eb was NOT backported, so the output
was very verbose.
- Fedora has the ELF package metadata available, so a lot of output can be
generated. Most other distros just don't have the information.
- gnome-calendar crashes and has a bazillion modules and 69596 bytes of output
are generated for it.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2135778.
The code is changed to try to write data opportunistically. If we get partial
information, that is still logged. In is generally better to log partial
backtrace information than nothing at all.
(cherry picked from commit 076b807be4)
(cherry picked from commit 087cbfd936)
It is useful to distinguish if json_parse_file() got no input or invalid input.
Use different return codes for the two cases.
(cherry picked from commit 87a16eb8b5)
(cherry picked from commit ab587aaf8e)
Let's document that "." is a bad choice of character when naming
interfaces. Let's also document the hard restrictions we make when
naming interfaces.
Result of the mess that is #25052.
(cherry picked from commit 8f598a4635)
(cherry picked from commit d1066f33b5)
They didn't actually change API between major versions, so let's
support the previous version as well so we can add CentOS 8 Stream
back to CI.
(cherry picked from commit 3f5225d7f3)
(cherry picked from commit e2a07cdac6)
The BUS_DEFINE_PROPERTY_GET_GLOBAL macro requires a value as third
argument, so we need to call manager_is_on_external_power(). Otherwise
the function pointer is interpreted as a boolean and always returns
true:
```
$ busctl get-property org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager OnExternalPower
b true
$ /lib/systemd/systemd-ac-power --verbose
no
```
Thanks: Helmut Grohne <helmut@subdivi.de>
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021644
(cherry picked from commit 63168cb517)
(cherry picked from commit 3028e05955)
PID 1 is not allowed to do nss lookups because this may take a long time or
even deadlock.
While at it, the comparisons are reordered to do the "easy" comparisons which
only require a string comparison first. Delay parsing of the UID until it is
really necessary. The result is the same, because we know that "root" and
"nobody" parse as valid.
(cherry picked from commit 734f96b849)
(cherry picked from commit 5da595db39)
This also moves the check for writable paths from test-execute to TEST-34.
Closes#10337.
(cherry picked from commit f01f70a9a3)
(cherry picked from commit 40053e60f5)
The very basic functinality of StateDirectory= or friends is creating
specified directories. That should work if one entry is a subdirectory
of another. However, it does not when combined with DynamicUser=yes.
To support such case, this adds ExecDirectoryItem.only_create flag, and
if it is set PID1 only create private directory, and not create the symlink
to the private directory.
Fixes#24783.
(cherry picked from commit a2ab603cc4)
(cherry picked from commit 0ba2e4bb69)
Follow-up for 211a3d87fb.
Previously, although ExecDirectoryItem.symlinks is strv, it always
contains at most one symlink.
(cherry picked from commit 564e5c9878)
(cherry picked from commit 1de3cb97ee)
Even if a bonding master interface has carrier, the underlying slave
interfaces may not. In such a case, sending solicitation fails with
-ENOBUS. Here, let's unconditionally ignore errors, as anyway we will
send a solicitation later.
Fixes#24717.
(cherry picked from commit 852bf93826)
(cherry picked from commit d7b83b9986)
We would fail with an assert in sd_bus_message_enter_container() afterwards.
(cherry picked from commit 5475e963c5)
(cherry picked from commit e0ba044985)
In general, log_syntax_internal() must keep errno unchanged. But the
call to log_syntax_callback() was added outside of the block protected
by PROTECT_ERRNO.
(cherry picked from commit 6b7834fe5d)
(cherry picked from commit 40742ac74f)
Those may go via the PC speaker, which is annoying and unexpected.
Most people have it off, so this doesn't work reliably anyway, so we can
disable it without much loss.
Fixes#23520.
(cherry picked from commit ef3458cd5d)
(cherry picked from commit 3e38c39600)
Before Debian switched to systemd, `shutdown now` would reset the system into
single user mode, doing roughly the equivalent of `telinit 1`.
Now, systemd's `shutdown` command does not behave that way; it defaults to
`poweroff` which might be confusing for users (like me) used to the previous
method.
Because I don't use the command often, I keep being stumped by this behavior,
and every time I look at the `shutdown(1)` manpage, I don't understand why I
can't find what I am looking for. This patch should make sure that people like
me find their way back to some sort of reason.
Maybe the *proper* way to fix this would be to restore the more classic
behavior, but I'm definitely not going to climb that hill. Besides, I clearly
remember the time I found out about the `shutdown` command and was *really*
confused when it brought me back to a command-line prompt. That was really
counter-intuitive and I find that change to actually be a good thing. So I'm
not proposing to change this behavior, merely document it better.
I originally added this to the `-P` option but it was suggested adding a new
`COMPATIBILITY` section instead, where other such issues could be added.
The `COMPATIBILITY` section is not actually officially documented. `man(1)`
talks about a `CONFORMING TO` section, but `shutdown(1)` is not
POSIX (`shutdown(2)` is, of course), so there's no actual standard on how this
should work.
The other option I considered was to add a `BUGS` section, but that seemed to
inflammatory, and definitely counter-productive.
(cherry picked from commit 9aafd310cc)
(cherry picked from commit 78a8e938e4)
Currently, even if `--discard=no` is passed to `systemd-repart`, the
`context_discard_gap_after()` function still runs normally, discarding
e.g. all blocks between the GPT and the start of the first partition.
This can lead to issues on some embedded devices, where this space
holds the bootloader and shouldn't be modified (creating a protective
partition there is not always possible due to the specifics of the boot
process of some ARM-based SoC's).
This commit ensures passing `--discard=no` would be enough to ensure
the bootloader isn't wiped in such cases.
Signed-off-by: Arnaud Ferraris <arnaud.ferraris@gmail.com>
(cherry picked from commit 5113436b05)
(cherry picked from commit 4abc5b2cfe)
This is useful for systems which don't have any fsck.
We already skip emitting the fsck dependency when the fsck.$fstype helper
is missing, but fstab-generator doesn't necessarily know the fstype when
handling the root= parameter.
Previously, systemd-fsck was started for these mounts and then exited
immediately because it couldn't find the fsck.$fstype helper.
(cherry picked from commit 1355672437)
(cherry picked from commit 73db7d9932)