IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
In config_parse_socket_listen(), we have checked the path is absolute,
however we have not in the dbus method.
(cherry picked from commit 4de2b47bdec8bbb7df78678a152f18281b20e7b5)
If the boot ID cannot be obtained, let's first fallback to the machine
ID, and if still cannot, then let's use 0.
Otherwise, no timer event source cannot be triggered.
Fixes#26549.
(cherry picked from commit 6d2326e036ceed30f9ccdb0266713c10a44dcf6c)
Only service and scope units have RuntimeMaxUSec bus property.
To suppress the "Until:" field for other unit types, the entry must be
initialized with USEC_INFINITY.
Fixes#26473.
(cherry picked from commit b59052be261523721a86caf4ef820e63f03e26a4)
I'm not sure what "suffix" was meant by this comment, but the file has the usual suffix.
The file was added with the current name back in c4708f132381e4bbc864d5241381b5cde4f54878.
Maybe an earlier version of the patch did something different.
(cherry picked from commit 9c7188547cd53dddd635c86c8ef5655290541966)
An rpminspect test in Fedora/RHEL is flagging our stub files as having an
executable stack. The check is correct:
$ readelf --wide --program-headers build/src/boot/efi/linuxx64.elf.stub | rg -i stack
GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RWE 0x10
It seems to be just an omission in the linker script… None of the objects that
are linked into the stub are marked as requiring an executable stack:
$ readelf --wide --sections build/src/boot/efi/*.c.o \
/usr/lib/gnuefi/x64/libgnuefi.a \
/usr/lib/gnuefi/x64/libefi.a \
/usr/lib/gcc/x86_64-redhat-linux/12/libgcc.a \
| rg '.note.GNU-stack.*X'
(nothing)
On aarch64 we end up with a nonexecutable stack, but on ia32 and x64 we get one,
so this might be just a matter of defaults in the linker. It doesn't matter
greatly, but let's mark the stack as non-executable to avoid the warning.
Note: '-Wl,-z' is not needed, things work with just '-z'.
(cherry picked from commit 1eca770933e49a1be16e40bfbaefc0f75af81781)
Before this commit, battery_is_low() returns
true if there's no battery on the system.
It's now modified to check if the system is
on AC power first, and returns false early
if that's the case.
Fixes#26492
(cherry picked from commit e0b3a70fabb871bf55678e9e177445b1df2aee88)
When running in a container, like podman, docker or so, creating new mount
namespace may be disabled.
Fixes#26474.
Fixes RHBZ#2165004 (https://bugzilla.redhat.com/show_bug.cgi?id=2165004).
(cherry picked from commit a2275dcb9d48925f8192f44ec371710ce812bfce)
r and R take globs, so let's name the argument appropriately in the tl;dr listing.
Also, use 'clean-up' in the file name where it represents the verb "clean up",
and other minor spelling adjustments.
(cherry picked from commit 164297cd9a410fdd9ca3c068da4d80d74916cf18)
Let's skip parsing of some irrelevant information that we don't use
to speed up building UKIs with large initrds from +-15s to less than
1s.
(cherry picked from commit c87ff622101b82bae7f4c96b59218c7380927375)
systemctl disable some.service fails to acquire interactive permission
because the DisableUnitFilesWithFlagsAndInstallInto method isn't permitted
(cherry picked from commit d668ba131c72e85e50abdb05f189b3e07e1d378f)
There is a double free of unit_name when an instance is used, causing
systemctl --user edit service@instance to abort.
(cherry picked from commit fe5cb7a7aec49cdc77d02e109dde81293e4566a0)
Previously, we skip the entries before arg_lines
unconditionally, which doesn't behave correctly
when used with --grep. After this commit, when
a pattern is specified, we don't skip the entries
early, but rely on the count of the lines shown
to tell us when to stop. To achieve that we would
have to search backwards instead.
Fixes#25147
(cherry picked from commit db4691961ca52759fe6645d0fddb659ee4299ac2)
Follow-up for 504d0acf61c8472bc93c2a927e858074873b2eaf.
The function may be called with non-NULL salt and salt_size == 0.
(cherry picked from commit 8c2264abb9c16bc2933f95be299f15ee66c21181)
The TPM code expects a description unless the PCR index indicates that
no measurements have to take place. The assert was preempting this
check from happening.
Fixes: #26428
(cherry picked from commit f92428eae53685f372775e8cb0f0f4c249f02724)
Debian/Ubuntu use /usr/lib/<triplet> instead of /usr/lib64, so configure it
accordingly. This is especially important for cryptsetup token plugins,
as cryptsetup comes from the distro and is configured to look into those
directories.
(cherry picked from commit bbb40c4e6f45dd0929c59e719310239b11edc040)
If UDP is blocked on the system (e.g. by iptables or BPF), the kernel will
return EPERM on some or all of the system calls (connect, sendmsg, etc.).
In this case, try to fall back to TCP, which hopefully will not be blocked.
(cherry picked from commit 3dd6336ad0cb40e928745404ed72c41e4ac9c39e)
Salt was added in v253. We are not checking whether it was actually found
(non-zero size), so when an old tpm+pin enrollment is opened things go boom.
For good measure, check both the buffer and the size in both places.
Assertion 'saltlen > 0' failed at src/shared/tpm2-util.c:2490, function tpm2_util_pbkdf2_hmac_sha256(). Aborting.
__WORDSIZE does not seem to be documented anywhere, and is probably
meant to be used internally by glibc headers.
In systemd, it was only being used in warning messages. We can avoid
using it by rewording the messages slightly.
Fixes a build error with musl libc.
Bug: https://bugs.gentoo.org/894430
