IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The kernel loads the DTB from EFI before ExitBootServices():
https://github.com/torvalds/linux/blob/v6.5/drivers/firmware/efi/libstub/fdt.c#L245
DTBs can map and assign arbitrary memory ranges. The kernel refuses
to load one from the dtb= kernel command line parameter when secure
boot is enabled, as it's not safe. Let's do the same for type 1
entries, as they are unverified.
This only affects arm64 and riscv64, firmwares do not support DTB
on x86.
(cherry picked from commit 4b4d612d86)
(cherry picked from commit c1404fff32)
(cherry picked from commit 7844c655be)
Fixes a regression caused by ab3aed4a03.
I thought the commit does not cause any severe regression. However,
drivers for network interfaces may be loaded later. So, we should wait
if no network interface is found.
Fixes#27822.
(cherry picked from commit 2f96a29c2c)
(cherry picked from commit abbd24e8a5)
Previously, when neither '--any' nor '--interface' options specified,
at least one of the interfaces must be in configured state.
This patch makes wait-online exit with success even if all interfaces
are in unmanaged state.
This may break backward compatibility in a rare situation. But in most
cases, this typically not change anything, as at least one interface
is managed by networkd.service when it is enabled.
This is mostly for making wait-online gracefully handle the case that
networkd.service and wait-online.service are enabled by mistake. In such
situation, all interfaces are typically not managed.
Fixes#25813.
(cherry picked from commit ab3aed4a03)
Before c43ff248f9, the following line in
60-drm.rules also sets ID_PATH for all pci, usb, and platform devices:
===
ACTION!="remove", SUBSYSTEM=="drm", SUBSYSTEMS=="pci|usb|platform", IMPORT{builtin}="path_id"
===
Unfortunately, some existing rules rely on the unexpected behavior.
To keep the backward compatibility, let's set ID_PATH for them.
Fixes#28411.
(cherry picked from commit 6636b2b6bf)
(cherry picked from commit 971ff12380)
Currently, we mount via file descriptors using /proc/self/fd. This
works, but it means that in /proc/mounts and various other files,
the source of the mount will be listed as /proc/self/fd/xxx. For other
software that parses these files, /proc/self/fd/xxx doesn't mean anything,
or worse, it means the completely wrong thing, as it will refer to one of
their own file descriptors instead.
Let's improve the situation by using /proc/pid/fd instead. This allows
processes parsing /proc/mounts to do the right thing more often than not.
One scenario where even this doesn't work if when containers are involved,
as with the pid namespace unshared, even /proc/pid/fd will mean the wrong
thing, but it's no worse than /proc/self/fd which will always means the wrong
thing.
This also doesn't work if we mount via file descriptor and then exit, as the pid will
be gone, but it does work as long as the process that did the mount is alive, which
makes it useful for systemd-dissect --with for example if the program we run in the
image wants to parse /proc/mounts.
(cherry picked from commit 4419735822)
(cherry picked from commit 8046167dc2)
(cherry picked from commit edf4a86f3d)
Otherwise, we get redefinition errors if <net/if.h> is included later
on by another header.
(cherry picked from commit 2af02e6165)
(cherry picked from commit 49a3ecd71d)
(cherry picked from commit 299e6cd33b)
- Rename the argument for storing the sender address,
- allow to call it with NULL for ret_xyz,
- reduce needless copy of timestamp when the message does not have
timestamp.
(cherry picked from commit 5121163832)
(cherry picked from commit 811edcef2d)
(cherry picked from commit bd96e3ace7)
When icmp6_receive() fails, then the source address is not initialized yet.
(cherry picked from commit 4674f407b2)
(cherry picked from commit 9dec95c8c5)
(cherry picked from commit 9f545c1aea)
If there are no "ManagedOOMSwap" entries to monitor, then the event source
can be completely disabled. This scenario appears to be common and avoiding
the wake-ups can save idle energy consumption.
This was discovered while using Sysprof for various GNOME 45 performance
tuning. systemd-oomd goes from waking up a few times a second to no
wake-ups helping keep a laptop in deep(er) sleep.
Signed-off-by: Christian Hergert <chergert@redhat.com>
(cherry picked from commit b63beb4d28)
(cherry picked from commit 08d0b94e36)
(cherry picked from commit 6a163f1557)
session_leave_vt may be called after the VT device was hung up, which
will cause vt_release to fail with -EIO. This is known to cause an issue
with GNOME 44 on Fedora where gdm-session-worker sometimes freezes when
trying to switch to VT 1 after a `loginctl terminate-user` operation.
Fix this by reopening the VT in session_leave_vt if we get an -EIO.
(cherry picked from commit 99d4ad71b7)
(cherry picked from commit 1bfe066deb)
(cherry picked from commit c70dc59688)
Chronyd and similar time services, when using PTP devices, may need
the BindsTo/After directives to ensure the devices are available
before starting. Tag PTP devices with systemd to allow for wider
adoption.
Signed-off-by: Chris Patterson <cpatterson@microsoft.com>
(cherry picked from commit 23cbe90d7d)
(cherry picked from commit e3a69bdbc0)
(cherry picked from commit e94ddb830b)
We might inherit a max rlim value that's larger than the kernel's
maximum (nr_open). This will cause setrlimit() to fail as the given
maximum is larger than the kernel's maximum. To get around this,
let's limit the max rlim we pass to rlimit() to the value of nr_open.
Should fix#28965
(cherry picked from commit f470dafddc)
(cherry picked from commit a980b83fe0)
(cherry picked from commit 30ce78cb1a)
This currently makes unit_file_get_default() fail if the default
target is transient which shouldn't make us fail to get the default
unit.
(cherry picked from commit 3c1c52f2c9)
(cherry picked from commit a6bd20e3de)
(cherry picked from commit d651df3ab8)
Sometimes its useful to keep a trailing slash in the path so let's
add path_simplify_full() and a flag to do just that.
(cherry picked from commit 4541d045b2)
(cherry picked from commit ff45789ea3)
(cherry picked from commit c1b5f5b081)
Setting USEC_INFINITY to timer event source should not cause any
problem. But, disabling timer event source should be preferable.
[zjs: simplify the call to sd_event_source_set_enabled()]
(cherry picked from commit 57d2b6a96f)
(cherry picked from commit 6b1346f1f0)
(cherry picked from commit 6d25022e36)
exec_child() is supposed to set *exit_status when returning failure.
Unfortunately, we didn't do that in two cases. The result would be:
- a bogus error message "Failed at step SUCCESS spawning foo: …",
- a bogus success exit status.
Bugs introduced in 390902012c and
ad21e542b2.
The code is reworked to add some asserts and not set exit_status in the caller
so that it's clearer (also to the compiler) that it needs to be set.
(cherry picked from commit 5fa01ac036)
(cherry picked from commit 063d67fe32)
(cherry picked from commit 33d1a10c6d)
The logic around checking PKCS11 tokens (used by systemd-cryptenroll) contains a bug.
The code is checking the flags field of a pkcs11 token_info structure against a set of flags defined for the pkcs11 slot_info structure. This PR changes the check so that the correct structure's flag field is being checked.
(Reference to the PKCS#11 spec:http://docs.oasis-open.org/pkcs11/pkcs11-base/v2.40/os/pkcs11-base-v2.40-os.html, section CK_SLOT_INFO).
(cherry picked from commit 5007942477)
(cherry picked from commit 117fa69b71)
(cherry picked from commit c03d5f1ddb)
This change makes sure a data copy using copy_bytes() does not exceed the
max_bytes value when using COPY_HOLES and max_bytes stops before the next
data section.
(cherry picked from commit c2dfcbd48e)
(cherry picked from commit 7bfe3c6215)
(cherry picked from commit b923225dec)
On openSUSE with BTRFS, /root has to be mounted as dedicated subvolume to avoid
restoring it when a rollback of the system happens.
(cherry picked from commit 487ae08b85)
(cherry picked from commit 5c3fa0cfee)
(cherry picked from commit c0a45a591c)
We must go through finish, to undo the destruction of the final elements
of the iovw properly.
(cherry picked from commit 946dc7c635)
(cherry picked from commit 10304c2787)
(cherry picked from commit 3a25191361)
Kernel patch [1] fixed bugs in rfkill handling on MSI Wind U100. Now
that the HW rfkill reports the correct state, and the SW rfkill is
controllable from userspace, it's necessary to mute KEY_WLAN and
KEY_BLUETOOTH generated on HW rfkill state changes. Otherwise, the
userspace will react to these keys and toggle the SW rfkill as well,
which is not desired, because the user may end up with non-functional
radios if HW and SW rfkills are out of sync.
Blocking these keycodes doesn't impair user experience, because the
desktop environment can still react to HW rfkill events and act
accordingly (for example, show notifications).
While at it, use "unknown" instead of "reserved" to mute keys, to avoid
the "atkbd serio0: Unknown key pressed" flood in dmesg.
[1]: https://lore.kernel.org/all/20230721145423.161057-1-maxtram95@gmail.com/
(cherry picked from commit fa8216e206)
(cherry picked from commit 208a21833b)
(cherry picked from commit 883aab2e80)
Otherwise, we silently ignore the received packet and that makes hard to
debug issue.
(cherry picked from commit 809da721f0)
(cherry picked from commit 7483f75fa6)
(cherry picked from commit 132229d87a)
If emergency.target is started while initrd-parse-etc.service/start is queued,
the initrd-parse-etc job did not get canceled. In parallel to the emergency
units, it eventually runs the service, which starts initrd-cleanup.service,
which in turn isolates initrd-switch-root.target. This stops the emergency
units and effectively starts the initrd boot process again, which likely
fails again like the initial attempt. The system is thus stuck in an endless
loop, never really reaching emergency.target.
With this conflict added, starting emergency.target automatically cancels
initrd-parse-etc.service/start, avoiding the loop.
(cherry picked from commit 327cd2d3db)
(cherry picked from commit 72da03631a)
(cherry picked from commit 23b5306412)
The systemctl completion previously made use of PREFIX as a pattern
argument to list-unit-files and list-units. This had the problem of
erroneously filtering the results that were stored in the cache, and
erroneously filtering results that might have been requested according
to the users configuration (e.g. _correct completer, certain
matcher-lists or tag-orders, etc.).
Unfortunately, the runtime of list-unit-files increases when no pattern
argument is provided, and systemctl show, used to filter those units,
can become unacceptably slow when provided with too many units to
describe.
Let's re-introduce the pattern argument to list-unit-files and
list-units where necessary in order to alleviate these bottlenecks
without poisining the cache. A 'use-pattern' style is introduced that
may be used to disable this behavior if it is undesired. We can still
expect that certain completions, like `systemctl start <TAB>` will be
slow, like before. To fix this we will need systemd to learn a more
efficient way of filtering the units than parsing systemctl show.
(cherry picked from commit 2cbda74862)
(cherry picked from commit dfc0445cb8)
(cherry picked from commit 7ca3cae97b)
The systemctl invocations used for these completions match the ones used
for the _sys_really_all_units parameter, so we should really just use
the cached parameter rather than recomputing the result.
(cherry picked from commit c8e2cd79c1)
(cherry picked from commit 9814972198)
(cherry picked from commit f664081482)
The tty user is not guaranteed to exist, so let's remove the dependency
from the test.
(cherry picked from commit a1fedc613f)
(cherry picked from commit 865f0d6e76)
(cherry picked from commit a99dfdca88)
We already handle the case where /etc/machine-id is empty. Let's make
sure we also handle the case where /etc/machine-id is "uninitialized".
(cherry picked from commit 5dd814d7cd)
(cherry picked from commit faaa0ee5e9)
(cherry picked from commit d0a3467f47)
c18f4eb9e9 made it possible to use --force with various verbs, by
going through the newer D-Bus methods. Except it didn't, as it regressed
during PR review refactorings, and nobody noticed because there were no
tests for it. Fix it, and add tests.
Follow-up for c18f4eb9e9
(cherry picked from commit bdfa3f3a5c)
(cherry picked from commit 0f27d7b9f9)
(cherry picked from commit 8f3ec30c46)
for device unit job timeouts
Follow-up for #24044
(cherry picked from commit 83d373d213)
(cherry picked from commit a5e5d6d64e)
(cherry picked from commit 4d79082c00)
